BugTraq Mode:
(Page 10 of 1593)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability 2015-02-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1432

Facebook Security ID: 10202805822321483

Video: https://www.youtube.com/watch?v=SAr2AGLrBkQ

Vulnerability M

[ more ]  [ reply ]
Multiple Vulnerabilities in my little forum 2015-02-11
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23248
Product: my little forum
Vendor: http://mylittleforum.net/
Vulnerable Version(s): 2.3.3 and probably prior
Tested Version: 2.3.3
Advisory Publication: January 14, 2015 [without technical details]
Vendor Notification: January 14, 2015
Vendor Patch: February 8, 2015
Public Di

[ more ]  [ reply ]
Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin 2015-02-11
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23249
Product: Easing Slider WordPress Plugin
Vendor: Easing Slider
Vulnerable Version(s): 2.2.0.6 and probably prior
Tested Version: 2.2.0.6
Advisory Publication: January 21, 2015 [without technical details]
Vendor Notification: January 21, 2015
Vendor Patch: January 22, 2015
Pu

[ more ]  [ reply ]
[SECURITY] [DSA 3159-1] ruby1.8 security update 2015-02-10
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3159-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
February 10, 2015

[ more ]  [ reply ]
[ MDVSA-2015:043 ] otrs 2015-02-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:043
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:041 ] cabextract 2015-02-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:041
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:040 ] zarafa 2015-02-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:040
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:042 ] clamav 2015-02-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:042
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBMU03246 rev.1 - HP Insight Control for Linux Central Management Server Pre-boot Execution Environment running Bash Shell, Multiple Vulnerabilities 2015-02-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04558068

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04558068
Version: 1

HPSBMU03246 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03245 rev.1 - HP Insight Control server deployment Linux Preboot Execution Environment running Bash Shell, Multiple Vulnerabilities 2015-02-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04556845

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04556845
Version: 1

HPSBMU03245 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03255 rev.1 - HP OpenCall Media Platform (OCMP) running SSLv3, Remote Denial of Service (DoS),Disclosure of Information 2015-02-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04566948

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04566948
Version: 1

HPSBGN03255 r

[ more ]  [ reply ]
[ MDVSA-2015:039 ] glibc 2015-02-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:039
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page 2015-02-10
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics
Page

During a penetration test, RedTeam Pentesting discovered that the IBM
Endpoint Manager Relay Diagnostics page allows anybody to persistently
store HTML and JavaScript code that is executed when the page is opene

[ more ]  [ reply ]
Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC 2015-02-10
saman j l33t gmail com
#!/usr/bin/env python
########################################################################
##################
# Exploit Title: MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC
# Date Discovered: 09-02-2015
# Exploit Author: Samandeep Singh (@samanL33T )
# Vulnerable Software: Moo player 1.3.0
# Soft

[ more ]  [ reply ]
[security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information 2015-02-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04562179

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04562179
Version: 1

HPSBGN03251 re

[ more ]  [ reply ]
[SECURITY] [DSA 3158-1] unrtf security update 2015-02-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3158-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 09, 2015

[ more ]  [ reply ]
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling 2015-02-09
Mark Thomas (markt apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-0227 Request Smuggling

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
- - Apache Tomcat 8.0.0-RC1 to 8.0.8
- - Apache Tomcat 7.0.0 to 7.0.54
- - Apache Tomcat 6.0.0 to 6.0.41

Description:
It was possible to cr

[ more ]  [ reply ]
Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) 2015-02-09
bhdresh gmail com
Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072)

Host below files on webserver (attacker.com) and share the exploit link with victims,

exploit.php --- exploit link (Share with victim)

redirect.php --- Script to redirect on target page (target page should not contain X-Frame-Options or it

[ more ]  [ reply ]
Radexscript CMS 2.2.0 - SQL Injection vulnerability 2015-02-09
ITAS Team (itas team itas vn)
#Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability
#Vendor: http://redaxscript.com/
#Product: Radexscript CMS
#Software link: http://redaxscript.com/download/releases
#Affected version: Redaxscript 2.2.0
#Fixed version: Redaxscript 2.3.0
#CVE ID: CVE-2015-1518
#Author: Pham Ki

[ more ]  [ reply ]
[SECURITY] [DSA 3156-1] liblivemedia security update 2015-02-07
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3156-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
February 07, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3154-2] ntp security update 2015-02-07
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3154-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 07, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03252 rev.1 - HP AppPulse Active running SSLv3, Remote Disclosure of Information 2015-02-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04565853

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04565853
Version: 1

HPSBGN03252 re

[ more ]  [ reply ]
[SECURITY] [DSA 3157-1] ruby1.9.1 security update 2015-02-09
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3157-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
February 09, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03216 rev.2 - HP Service Manager running SSLv3, Multiple Remote Vulnerabilities 2015-02-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04512909

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04512909
Version: 2

HPSBMU03216 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03254 rev.1 - HP Service Health Analyzer running SSLv3, Remote Disclosure of Information 2015-02-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04565856

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04565856
Version: 1

HPSBGN03254 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03224 rev.1 - HP LoadRunner and Performance Center, Load Generator Virtual Machine Images, running Windows, Remote Elevation of Privilege 2015-02-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04526330

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04526330
Version: 1

HPSBMU03224 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03253 rev.1 - HP Business Process Insight (BPI) running SSLv3, Remote Disclosure of Information 2015-02-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04565855

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04565855
Version: 1

HPSBGN03253 re

[ more ]  [ reply ]
(Page 10 of 1593)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus