BugTraq Mode:
(Page 13 of 1593)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
[SECURITY] [DSA 3146-1] requests security update 2015-01-30
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3146-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
January 30, 2015

[ more ]  [ reply ]
ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability 2015-01-30
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability

EMC Identifier: ESA-2015-006

CVE Identifier: CVE-2014-4632

Severity Rating: CVSSv2 Base Score: 7.9 (AV:A/AC:M/Au:N/C:C/I:C/A:C)

Affected products:

? EMC Avamar Dat

[ more ]  [ reply ]
[SECURITY] [DSA 3145-1] privoxy security update 2015-01-30
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3145-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
January 30, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3144-1] openjdk-7 security update 2015-01-29
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3144-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 29, 2015

[ more ]  [ reply ]
NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2015-0002
Synopsis: VMware vSphere Data Protection product update addresses a
certificate validatio

[ more ]  [ reply ]
Symantec Encryption Management Server < 3.2.0MP6 - Remote Command Injection 2015-01-30
Paul Craig (lists vantagepoint sg)
Vantage Point Security Advisory 2014-007
========================================

Title: Symantec Encryption Management Server - Remote Command Injection
ID: VP-2014-007
Vendor: Symantec
Affected Product: Symantec Encryption Gateway
Affected Versions: < 3.2.0 MP6
Product Website: http://www.symante

[ more ]  [ reply ]
Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29
kingkaustubh me com
#####################################
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router
Author: Kaustubh G. Padwad
Product: ASUS Router RT-N10 Plus
Firmware: 2.1.1.1.70
Severity: HIGH
Auth: Not requierd

# Description:
Vulnerable Parameter: flag=
# Vulnerability Class:
Cross Si

[ more ]  [ reply ]
Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29
kingkaustubh me com
#####################################
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router
Author: Kaustubh G. Padwad
Product: ASUS Router RT-N10 Plus
Firmware: 2.1.1.1.70
Severity: Medium
Auth: Requierd

# Description:
Vulnerable Parameter: flag=
# Vulnerability Class:
Cross Site

[ more ]  [ reply ]
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities 2015-01-29
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities

EMC Identifier: ESA-2015-002

CVE Identifier: CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2012-5885, CVE-2011-3389, CVE-2013-1767, CVE-2012-2137, CV

[ more ]  [ reply ]
Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385 2015-01-29
Onur Yilmaz (onur netsparker com)
Information
------------
Advisory by Netsparker
Name: XSS Vulnerability in Blubrry PowerPress
Affected Software : Blubrry PowerPress
Affected Versions: 6.0 and possibly below
Vendor Homepage : https://wordpress.org/plugins/powerpress/
Vulnerability Type : Cross-site Scripting
Severity : Important
CV

[ more ]  [ reply ]
CVE-2014-8779: SSH Host keys on Pexip Infinity 2015-01-29
giles pexip com
Summary
=======

The operating system used by Pexip Infinity does not create unique SSH
host keys on deployment of new Management and Conferencing Nodes, using
fixed host keys instead. Host keys are used to verify the identity of
the remote host when connecting to it over SSH. These keys are contain

[ more ]  [ reply ]
[The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360) 2015-01-28
Pedro Ribeiro (pedrib gmail com)
Hi,

This is part 12 of the ManageOwnage series. For previous parts, see [1].

This time we have an arbitrary file download, directory content
disclosure and blind SQL injection vulnerabilities in ManageEngine
OpManager, Applications Manager and IT360.

I've pushed two new Metasploit modules into th

[ more ]  [ reply ]
Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability 2015-01-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20150128-ghost

Revision 1.0

For Public Release 2015 January 28 22:30 UTC (GMT)

+---------------------------------------------------------

[ more ]  [ reply ]
AST-2015-001: File descriptor leak when incompatible codecs are offered 2015-01-28
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2015-001

Product Asterisk
Summary File descriptor leak when incompatible codecs are
offered

[ more ]  [ reply ]
[slackware-security] glibc (SSA:2015-028-01) 2015-01-28
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] glibc (SSA:2015-028-01)

New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
and 14.1 to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pack

[ more ]  [ reply ]
KL-001-2015-001 : Windows 2003 tcpip.sys Privilege Escalation 2015-01-29
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation

Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2015-001
Publication Date: 2015.01.28
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-201

[ more ]  [ reply ]
[SECURITY] [DSA 3143-1] virtualbox security update 2015-01-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3143-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 28, 2015

[ more ]  [ reply ]
[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8 2015-01-28
sven bsddaemon org
[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8

----------------------------------------------------------------

Product Information:

Software: Photo Gallery (Wordpress Plugin)
Tested Version: 1.2.8, released on 15.01.2015 and has over half a million downloads.
V

[ more ]  [ reply ]
[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8 2015-01-28
sven bsddaemon org
[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8

----------------------------------------------------------------

Product Information:

Software: Photo Gallery (Wordpress Plugin)
Tested Version: 1.2.8, released on 15.01.2015 and has over half a million

[ more ]  [ reply ]
[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability 2015-01-28
Amplia Security Advisories (advisories ampliasecurity com)
OS X Gatekeeper Bypass Vulnerability
Amplia Security - Amplia Security Research Advisory (AMPLIA-ARA100614)

Advisory ID: AMPLIA-ARA100614
Advisory URL:
http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerab
ility.html,
http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt
D

[ more ]  [ reply ]
NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues 2015-01-27
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2015-0001
Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion
updates address se

[ more ]  [ reply ]
Multiple vulnerabilities in MantisBT 2015-01-28
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23243
Product: MantisBT
Vendor: MantisBT Team
Vulnerable Version(s): 1.2.17 and probably prior
Tested Version: 1.2.17
Advisory Publication: December 3, 2014 [without technical details]
Vendor Notification: December 3, 2014
Vendor Patch: January 25, 2015
Public Disclosure: January

[ more ]  [ reply ]
Two XSS Vulnerabilities in SupportCenter Plus 2015-01-28
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23247
Product: SupportCenter Plus
Vendor: Zoho Corp.
Vulnerable Version(s): 7.9 and probably prior
Tested Version: 7.9
Advisory Publication: January 7, 2015 [without technical details]
Vendor Notification: January 7, 2015
Vendor Patch: January 23, 2015
Public Disclosure: January

[ more ]  [ reply ]
[CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities 2015-01-27
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

FreeBSD Kernel Multiple Vulnerabilities

1. *Advisory Information*

Title: FreeBSD Kernel Multiple Vulnerabilities
Advisory ID: CORE-2015-0003
Advisory URL: http://www.coresecurity.com/content/freebsd-kernel-multiple-vulnerabilit

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:03.sctp 2015-01-27
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:03.sctp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:02.kmem 2015-01-27
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:02.kmem Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001 2015-01-27
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001

OS X 10.10.2 and Security Update 2015-001 are now available and
address the following:

AFP Server
Available for: OS X Mavericks v10.9.5
Impact: A remote attacker may be able to determin

[ more ]  [ reply ]
APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 2015-01-27
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3

Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and
address the following:

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.1

[ more ]  [ reply ]
APPLE-SA-2015-01-27-2 iOS 8.1.3 2015-01-27
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-01-27-2 iOS 8.1.3

iOS 8.1.3 is now available and addresses the following:

AppleFileConduit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted afc command may allow

[ more ]  [ reply ]
APPLE-SA-2015-01-27-1 Apple TV 7.0.3 2015-01-27
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

Apple TV 7.0.3 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: A maliciously crafted afc command may allow access to
protected parts of the filesyst

[ more ]  [ reply ]
(Page 13 of 1593)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus