BugTraq Mode:
(Page 13 of 1620)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Staff FTP v3.04 Software - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1499

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1496

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
[SECURITY] [DSA 3264-1] icedove security update 2015-05-19
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3264-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 19, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow 2015-05-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04594015

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04594015
Version: 1

HPSBGN03286 re

[ more ]  [ reply ]
APPLE-SA-2015-05-19-1 Watch OS 1.0.1 2015-05-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-05-19-1 Watch OS 1.0.1

Watch OS 1.0.1 is now available and addresses the following:

Certificate Trust Policy
Available for: Apple Watch Sport, Apple Watch,
and Apple Watch Edition
Impact: Update to the certificate trust policy
Descript

[ more ]  [ reply ]
[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access 2015-05-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

UPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04649315
Version: 1

HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release

[ more ]  [ reply ]
[SECURITY] [DSA 3175-2] kfreebsd-9 security update 2015-05-18
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3175-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 18, 2015

[ more ]  [ reply ]
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-19
metacom27 gmail com
Technical Details & Description:
================================
A local dll injection vulnerability has been discovered in the official Wise-FTP v8.0.2 software.
The issue allows local attackers to inject code to vulnerable libraries to compromise the process or to gain higher access privileges.

[ more ]  [ reply ]
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1494

Release Date:
=============
2015-05-13

Vulnerability Laboratory ID (VL-ID):
========================

[ more ]  [ reply ]
[SECURITY] [DSA 3262-1] xen security update 2015-05-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3262-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 18, 2015

[ more ]  [ reply ]
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1494

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Wireless Photo Transfer v3.0 iOS - File Include Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wireless Photo Transfer v3.0 iOS - File Include Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1492

Release Date:
=============
2015-05-12

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
CRUCMS Crucial Networking - SQL Injection Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
CRUCMS Crucial Networking - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1497

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2015-137-01) 2015-05-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-137-01)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability 2015-05-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability

CVE Identifier: CVE-2015-0540

Severity Rating: CVSSv2 Base Score: 8.0 (AV:N/AC:L/Au:S/C:P/I:P/A:C)

Affected products:

? EMC Document Sciences xPression 4.2

? EMC D

[ more ]  [ reply ]
[SECURITY] [DSA 3261-1] libmodule-signature-perl security update 2015-05-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3261-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 15, 2015

[ more ]  [ reply ]
[SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine 2015-05-15
Security Explorations (contact security-explorations com)

Hello All,

Security Explorations decided to release technical details as well as
accompanying Proof of Concept codes (three complete GAE Java sandbox
escapes) for security issues identified in Google App Engine for Java
after initial Issues 1-31 [1] have been addressed by the company. All
relevant

[ more ]  [ reply ]
phpMyAdmin 4.4.6 Man-In-the-Middle API Github 2015-05-14
submit cxsec org
phpMyAdmin 4.4.6 Man-In-the-Middle to API Github (CVE-2015-3903)
Author: Maksymilian Arciemowicz from https://cxsecurity.com
Issue type: CWE-295

Source URL:
http://cxsecurity.com/issue/WLB-2015050095

--- Description ---
As we can read

CURLOPT_SSL_VERIFYPEER option.
http://curl.haxx.se/libcurl/c/C

[ more ]  [ reply ]
[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass 2015-05-14
Mark Thomas (markt apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2014-7810 Security Manager Bypass

Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected:
- - Apache Tomcat 8.0.0-RC1 to 8.0.15
- - Apache Tomcat 7.0.0 to 7.0.57
- - Apache Tomcat 6.0.0 to 6.0.43

Description:
Malicious web

[ more ]  [ reply ]
SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2) 2015-05-14
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150514-0 >
=======================================================================
title: Multiple vulnerabilities
product: Loxone Smart Home
vulnerable version: Firmware version <6.4.5.12
fixed version: 6.4.5.12

[ more ]  [ reply ]
Sidu 5.2 Admin XSS Vulnerability 2015-05-14
apparitionsec gmail com
Affected Vendor:
www.topnew.net/sidu/

Credits: John Page ( hyp3rlinx )
Domains: hyp3rlinx.altervista.org

Source:
http://hyp3rlinx.altervista.org/advisories/AS-SIDU0513.txt

Product:
Sidu version 5.2 is a web based database front-end administration tool.

Advisory Information:
==================

[ more ]  [ reply ]
Certificate trust vulnerability in Websense Content Gateway 2015-05-14
Steve Shockley (steve shockley shockley net)
SUMMARY
Websense Content Gateway proxy explicitly trusts compromised certificate
authorities

Affected versions: Content Gateway 7.8.x
Not affected: Content Gateway 7.7.x, 8.0

DESCRIPTION
Websense Content Gateway is a filtering web proxy and content inspection
application based on a modified Inkt

[ more ]  [ reply ]
Server buffer overflow in Pure Faction <= 3.0c 2015-05-13
soulsgetnothing hotmail comtyg*
Application: Pure Faction
http://www.purefaction.org
Versions: <= 3.0c
Platforms: Windows
Bug: server buffer overflow
Risk: highly critical
Exploitation: remote and automatic (requires attacker to have joined server)
Date: 13 Mar 2015
Author: soulsgetnothing
e-mail: soulsgetnothing (at) hotmail (dot

[ more ]  [ reply ]
[SECURITY] [DSA 3260-1] iceweasel security update 2015-05-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3260-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 13, 2015

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software 2015-05-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software

Advisory ID: cisco-sa-20150513-tc

Revision 1.0

For Public Release 2015 May 13 16:00 UTC (GMT)

+------------------------------------------------------------

[ more ]  [ reply ]
[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities 2015-05-13
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: SAP LZC/LZH Compression Multiple Vulnerabilities
Advisory ID: CORE-2015-0009
Advisory URL: http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-
vulnerabilities
Date published: 2015-05-12
Date of last update: 2015-05-12
Vendors contacted: SAP
Release

[ more ]  [ reply ]
Web India Solutions CMS 2015 - SQL Injection Vulnerability 2015-05-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Web India Solutions CMS 2015 - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1495

Release Date:
=============
2015-05-13

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
[SECURITY] [DSA 3259-1] qemu security update 2015-05-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3259-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 13, 2015

[ more ]  [ reply ]
Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250 2015-05-13
Onur Yilmaz (onur netsparker com)
Information
--------------------
Advisory by Netsparker.
Name: Multiple XSS Vulnerabilities in Concrete5
Affected Software : Concrete5
Affected Versions: 5.7.3.1 and possibly below
Vendor Homepage : https://www.concrete5.org
Vulnerability Type : Cross-site Scripting
Severity : Important
CVE-ID: CVE-

[ more ]  [ reply ]
Cisco Security Advisory: Command Injection Vulnerability in Multiple Cisco TelePresence Products 2015-05-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Command Injection Vulnerability in Multiple Cisco TelePresence Products

Advisory ID: cisco-sa-20150513-tp

Revision 1.0

For Public Release 2015 May 13 16:00 UTC (GMT)

+-----------------------------------------------------

[ more ]  [ reply ]
(Page 13 of 1620)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus