BugTraq Mode:
(Page 12 of 1620)  < Prev  7 8 9 10 11 12 13 14 15 16 17  Next >
CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] 2015-05-26
pan vagenas gmail com
# Exploit Title: WordPress Free Counter Plugin [Stored XSS]
# Date: 2015/05/25
# Exploit Author: Panagiotis Vagenas
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://www.free-counter.org
# Software Link: https://wordpress.org/plugins/free-counter/
# Version: 1.1
# Tested on: WordPr

[ more ]  [ reply ]
[SECURITY] [DSA 3273-1] tiff security update 2015-05-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3273-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 25, 2015

[ more ]  [ reply ]
Synology Photo Station multiple Cross-Site Scripting vulnerabilities 2015-05-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Synology Photo Station multiple Cross-Site Scripting vulnerabilities
------------------------------------------------------------------------

Han Sahin, May 2015

----------------------------------------------------------------

[ more ]  [ reply ]
Reflected Cross-Site Scripting in Synology DiskStation Manager 2015-05-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Reflected Cross-Site Scripting in Synology DiskStation Manager
------------------------------------------------------------------------

Han Sahin, May 2015

----------------------------------------------------------------------

[ more ]  [ reply ]
Command injection vulnerability in Synology Photo Station 2015-05-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Command injection vulnerability in Synology Photo Station
------------------------------------------------------------------------

Han Sahin, May 2015

------------------------------------------------------------------------

Ab

[ more ]  [ reply ]
[SECURITY] [DSA 3265-2] zendframework regression update 2015-05-24
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3265-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 24, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3272-1] ipsec-tools security update 2015-05-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3272-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 23, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3271-1] nbd security update 2015-05-23
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3271-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 23, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03325 rev.1 - HP SiteScope, Remote Elevation of Privilege 2015-05-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04688784

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04688784
Version: 1

HPSBGN03325 re

[ more ]  [ reply ]
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability 2015-05-22
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: Sendio ESP Information Disclosure Vulnerability
Advisory ID: CORE-2015-0010
Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure
-vulnerability
Date published: 2015-05-22
Date of last update: 2015-05-22
Vendors contacted: Sendio
Releas

[ more ]  [ reply ]
[SECURITY] [DSA 3270-1] postgresql-9.4 security update 2015-05-22
Christoph Berg (myon debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3270-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Christoph Berg
May 22, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3268-1] ntfs-3g security update 2015-05-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3268-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 22, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service (DoS), Execution of Arbitrary Code 2015-05-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

UPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04685037
Version: 1

HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service
(DoS),

Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be act

[ more ]  [ reply ]
[SECURITY] [DSA 3267-1] chromium-browser security update 2015-05-22
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3267-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
May 22, 2015

[ more ]  [ reply ]
CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] 2015-05-21
pan vagenas gmail com
# Exploit Title: WordPress WP Membership plugin [Privilege escalation]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4038

[ more ]  [ reply ]
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-05-21
pan vagenas gmail com
# Exploit Title: WordPress WP Membership plugin [Stored XSS]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4039

========

[ more ]  [ reply ]
[SECURITY] [DSA 3266-1] fuse security update 2015-05-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3266-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 21, 2015

[ more ]  [ reply ]
Webgrind XSS vulnerability 2015-05-21
hyp3rlinx gmail com
Credits: John Page ( hyp3rlinx )
Domains: hyp3rlinx.altervista.org

Source:
http://hyp3rlinx.altervista.org/advisories/AS-WEBGRIND0520.txt

Vendor:
https://github.com/jokkedk/webgrind

Product:
Webgrind is a Xdebug Profiling Web Frontend in PHP.

Advisory Information:
==============================

[ more ]  [ reply ]
CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) 2015-05-21
Julian Reschke (julian reschke greenbytes de)
Dear readers,

we just fixed a recently reported vulnerability in Apache Jackrabbit's
WebDAV module; see

- the attached CVE report

- patches for all currently maintained Jackrabbit branches

We just released Jackrabbit 2.10.1 (see below) and we'll get to the
other branches shortly. Check the CVE

[ more ]  [ reply ]
CVE for Apple's ECDHE-ECDSA SecureTransport bug? 2015-05-20
Jeffrey Walton (noloader gmail com)
Does anyone know if Apple's ECDHE-ECDSA SecureTransport bug was
assigned a CVE? It affected OS X and iOS.

Effectively, the bug was an implementation error that cause
interoperability failures. To mostly counter it, the cipher suites had
to be disabled, which resulted in a loss of security. If the p

[ more ]  [ reply ]
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update 2015-05-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3261-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 20, 2015

[ more ]  [ reply ]
[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities 2015-05-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04679309

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04679309
Version: 1

HPSBUX03333 SS

[ more ]  [ reply ]
[security bulletin] HPSBUX03334 SSRT102000 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-05-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04679334

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04679334
Version: 1

HPSBUX03334 SS

[ more ]  [ reply ]
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1456

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
========

[ more ]  [ reply ]
Stored XSS in WP Photo Album Plus WordPress Plugin 2015-05-20
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23257
Product: WP Photo Album Plus WordPress Plugin
Vendor: J.N. Breetvelt
Vulnerable Version(s): 6.1.2 and probably prior
Tested Version: 6.1.2
Advisory Publication: April 29, 2015 [without technical details]
Vendor Notification: April 29, 2015
Vendor Patch: April 29, 2015
Publi

[ more ]  [ reply ]
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1498

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
[SECURITY] [DSA 3265-1] zendframework security update 2015-05-20
David Prévot (david tilapin org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3265-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ David Prévot
May 20, 2015

[ more ]  [ reply ]
ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19
akashchavan0708 gmail com
========================================================================
=================
CSRF Vulnerability in ManageEngine EventLog Analyzer Version :10.0, Build Number : 10001
========================================================================
=================


. contents:: Table Of Conte

[ more ]  [ reply ]
Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-19
metacom27 gmail com
A local dll injection vulnerability has been discovered in the official Staff-FTP v3.04 software.
The issue allows local attackers to inject code to vulnerable libraries to compromise the process or to gain higher access privileges.

The windows software is vulnerable to dll hijacking attacks. The v

[ more ]  [ reply ]
[SECURITY] [DSA 3263-1] proftpd-dfsg security update 2015-05-19
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3263-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
May 19, 2015

[ more ]  [ reply ]
(Page 12 of 1620)  < Prev  7 8 9 10 11 12 13 14 15 16 17  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus