BugTraq Mode:
(Page 13 of 1675)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
FreeBSD Security Advisory FreeBSD-SA-16:14.openssh 2016-03-16
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:14.openssh Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow 2016-03-16
CORE Advisories Team (advisories coresecurity com) (1 replies)
1. Advisory Information

Title: FreeBSD Kernel amd64_set_ldt Heap Overflow
Advisory ID: CORE-2016-0005
Advisory URL: http://www.coresecurity.com/content/freebsd-kernel-amd64_set_ldt-heap-ov
erflow
Date published: 2016-03-16
Date of last update: 2016-03-14
Vendors contacted: FreeBSD
Release mode: Coor

[ more ]  [ reply ]
Re: [FD] [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow 2016-03-16
jungle Boogie (jungleboogie0 gmail com)
[security bulletin] HPSBGN03558 rev.1 - ArcSight ESM and ESM Express, Remote Disclosure of Sensitive Information 2016-03-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05048753

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05048753
Version: 1

HPSBGN03558 r

[ more ]  [ reply ]
[SECURITY] [DSA 3518-1] spip security update 2016-03-16
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3518-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 16, 2016

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) Vulnerability in Litecart CMS 2016-03-16
rsrathoreravi gmail com
Product: Litecart CMS
Vendor: Litecart
Vendor Homepage: https://www.litecart.net/
Vulnerable Versions: 1.3.4 and probably prior
Tested Version: 1.3.4
Issue Reported: Feb 24, 2016
Vendor Fix: Feb 28, 2016
Public Disclosure: June 25, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
Risk Level: M

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2016-075-02) 2016-03-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2016-075-02)

New seamonkey packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/seam

[ more ]  [ reply ]
[slackware-security] git (SSA:2016-075-01) 2016-03-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] git (SSA:2016-075-01)

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases 2016-03-15
Romain Manni-Bucau (rmannibucau apache org)
The Apache Team Team is pleased to announce the availability of:

Apache TomEE 7.0.0-M3 and 1.7.4

When downloading, please verify signatures using the KEYS file available at:
http://www.apache.org/dist/tomee

Maven artifacts are also available in the central Maven repository.

The releases are prim

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing 2016-03-15
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

this multipart post does not require a MIME-compliant MUA.-)

Part 0:
~~~~~~~

On Windows 7 (other versions of Windows not tested for this
vulnerability, but are likely vulnerable too) all executable
installers/self-extractors based on Microsoft's SFXCAB [*]
load and execute a rogue CryptDl

[ more ]  [ reply ]
[security bulletin] HPSBGN03556 rev.1 - ArcSight ESM and ESM Express, Remote Arbitrary File Download, Local Arbitrary Command Execution 2016-03-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05048452

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05048452
Version: 1

HPSBGN03556 r

[ more ]  [ reply ]
Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) 2016-03-15
vdronov redhat com
CVE-2016-2188 was assigned to this security flaw. Please, use it in the public communications regarding this flaw, thank you.

[ more ]  [ reply ]
Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) 2016-03-15
vdronov redhat com
CVE-2016-2186 was assigned to this security flaw. Please, use it in the public communications regarding this flaw, thank you.

[ more ]  [ reply ]
Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) 2016-03-15
vdronov redhat com
CVE-2016-2185 was assigned to this security flaw. Please, use it in the public communications regarding this flaw, thank you.

[ more ]  [ reply ]
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) 2016-03-15
vdronov redhat com
CVE-2016-2184 was assigned to this security flaw. Please, use it in the public communications regarding this flaw, thank you.

[ more ]  [ reply ]
Re: OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences 2016-03-15
vdronov redhat com
CVE-2016-3139 was assigned to this flaw, please, use it in the related communications,
http://seclists.org/oss-sec/2016/q1/623

This security flaw is specific for Red Hat Enterprise Linux 7 (RHEL7).

[ more ]  [ reply ]
Re: OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference 2016-03-15
vdronov redhat com
CVE-2016-3140 was assigned to this flaw, please, use it in the related communications,
http://seclists.org/oss-sec/2016/q1/624

[ more ]  [ reply ]
Re: OS-S 2016-08 Linux mct_u232 Nullpointer Dereference 2016-03-15
vdronov redhat com
CVE-2016-3136 was assigned to this flaw, please, use it in the related communications,
see http://seclists.org/oss-sec/2016/q1/620

[ more ]  [ reply ]
Re: OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference 2016-03-15
vdronov redhat com
CVE-2016-3137 was assigned to this flaw, please, use it in the related communications,
see http://seclists.org/oss-sec/2016/q1/621

[ more ]  [ reply ]
Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference 2016-03-15
vdronov redhat com
CVE-2016-3138 was assigned to this flaw, please, use it in the related communications,
see http://seclists.org/oss-sec/2016/q1/622

[ more ]  [ reply ]
[security bulletin] HPSBMU03377 rev.2 - HP Release Control running RC4, Remote Disclosure of Information 2016-03-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04743784

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04743784
Version: 2

HPSBMU03377 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03373 rev.2 - HP Release Control running TLS, Remote Disclosure of Information 2016-03-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04740527

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04740527
Version: 2

HPSBGN03373 r

[ more ]  [ reply ]
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability 2016-03-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1781

Release Date:
=============
2016-03-07

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability 2016-03-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1781

Release Date:
=============
2016-03-14

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
ChitaSoft (Web-Application) - SQL Injection Vulnerability 2016-03-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ChitaSoft (Web-Application) - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1782

Release Date:
=============
2016-03-14

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Reflected Cross-Site Scripiting in CuteEditor 2016-03-14
adrmm outlook com
# Exploit Title: Reflected Cross-Site Scripiting in CuteEditor
# Google Dork: inurl:/CuteSoft_Client/CuteEditor/ Template.aspx
# Date: 2016/03/14
# CVSS Score: 5.8
# CVSS v2 Vector (AV:N/AC:M/Au:N/C:P/I:P/A:N)
# CVSS https://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=(AV:N/AC:L/Au:
N/C:P/I:N/A

[ more ]  [ reply ]
ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability 2016-03-14
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability

EMC Identifier: ESA-2016-012

CVE Identifier: CVE-2016-0886

Severity Rating: CVSS v3 Base Score: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected products:

? E

[ more ]  [ reply ]
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) 2016-03-14
amaris redhat com
This was assigned CVE-2016-2184, the same for:

http://seclists.org/bugtraq/2016/Mar/88
http://seclists.org/bugtraq/2016/Mar/89

[ more ]  [ reply ]
(Page 13 of 1675)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus