BugTraq Mode:
(Page 3 of 1609)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[oCERT-2015-006] dcraw input sanitization errors 2015-05-11
Andrea Barisani (lcars ocert org)

#2015-006 dcraw input sanitization errors

Description:

The dcraw photo decoder is an open source project for raw image parsing.

The dcraw tool, as well as several other projects re-using its code, suffers
from an integer overflow condition which lead to a buffer overflow. The
vulnerability conce

[ more ]  [ reply ]
[SECURITY] [DSA 3256-1] libtasn1-6 security update 2015-05-10
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3256-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 10, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3255-1] zeromq3 security update 2015-05-10
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3255-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 10, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3254-1] suricata security update 2015-05-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3254-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 09, 2015

[ more ]  [ reply ]
Sqlbuddy Path Traversal Vulnerability 2015-05-09
hyp3rlinx altervista org
Exploit Author: John Page (hyp3rlinx)
Website: hyp3rlinx.altervista.org/
Vendor Homepage: www.sqlbuddy.com
Version: 1.3.3

SQL Buddy is an open source web based MySQL administration application.

Advisory Information: ================== sqlbuddy suffers from directory traversal whereby a user can

[ more ]  [ reply ]
Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability 2015-05-09
apparitionsec gmail com
Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability.

Vendor:
http://www.sqlbuddy.com

Release Date:
=============
05-08-2015

Source:
====================================
http://hyp3rlinx.altervista.org/advisories/AS-SQLBUDDY0508.txt

Product:
===============================
sqlbuddy v

[ more ]  [ reply ]
[security bulletin] HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure 2015-05-08
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04657310

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04657310
Version: 1

HPSBGN03328 re

[ more ]  [ reply ]
Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities 2015-05-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1482

Release Date:
=============
2015-05-08

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
[ MDVSA-2015:232 ] libtasn1 2015-05-08
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:232
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3251-2] dnsmasq regression update 2015-05-07
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3251-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 07, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3253-1] pound security update 2015-05-07
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3253-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
May 07, 2015

[ more ]  [ reply ]
CSRF/XSS In Ad_Button Wordpress 2015-05-07
kingkaustubh me com
================================================================
CSRF/Stored XSS Vulnerability in Ad Buttons Plugin
================================================================

. contents:: Table Of Content

Overview
========

* Title :CSRF and Stored XSS Vulnerability in Ad Buttons Wordpress

[ more ]  [ reply ]
CSRF/XSS in embed-articles Wordpress Plugin 2015-05-07
kingkaustubh me com
======================================================
CSRF/Stored XSS Vulnerability in embed articles Plugin
======================================================

. contents:: Table Of Content

Overview
========

* Title :CSRF and Stored XSS Vulnerability in embed-articles Wordpress Plugin
* Au

[ more ]  [ reply ]
[security bulletin] HPSBUX03194 rev.1 - HP-UX running sendmail(1M), Remote Disclosure of Information 2015-05-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04506802

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04506802
Version: 1

HPSBUX03194 re

[ more ]  [ reply ]
Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability 2015-05-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1420

Release Date:
=============
2015-05-03

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
Album Streamer v2.0 iOS - Directory Traversal Vulnerability 2015-05-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Album Streamer v2.0 iOS - Directory Traversal Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1481

Release Date:
=============
2015-05-07

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Yahoo eMarketing Bug Bounty #31 - Cross Site Scripting Vulnerability 2015-05-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Yahoo eMarketing Bug Bounty #31 - Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1491

Yahoo Security ID (H1): #55395

Release Date:
=============
2015-05-07

Vulnerability Laborato

[ more ]  [ reply ]
Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429 2015-05-07
Onur Yilmaz (onur netsparker com)
Information
--------------------
Advisory by Netsparker.
Name: DOM XSS Vulnerability in Twenty Fifteen WordPress Theme
Affected Software : WordPress
Affected Versions: 4.2.1 and probably below
Vendor Homepage : https://wordpress.org/ and
https://wordpress.org/themes/twentyfifteen/
Vulnerability Type

[ more ]  [ reply ]
[ MDVSA-2015:231 ] perl-XML-LibXML 2015-05-07
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:231
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass 2015-05-07
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-018
Product: BullGuard Premium Protection
Vendor: BullGuard Ltd.
Affected Version(s): 15.0.297
Tested Version(s): 15.0.297
Vulnerability Type: Authentication Bypass Using an Alternate Path or
Channel (CWE-28

[ more ]  [ reply ]
[SYSS-2015-019] BullGuard Antivirus - Authentication Bypass 2015-05-07
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-019
Product: BullGuard Antivirus
Vendor: BullGuard Ltd.
Affected Version(s): 15.0.297
Tested Version(s): 15.0.297
Vulnerability Type: Authentication Bypass Using an Alternate Path or
Channel (CWE-288)
Risk L

[ more ]  [ reply ]
[SYSS-2015-017] BullGuard Internet Security - Authentication Bypass 2015-05-07
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-017
Product: BullGuard Internet Security
Vendor: BullGuard Ltd.
Affected Version(s): 15.0.297
Tested Version(s): 15.0.297
Vulnerability Type: Authentication Bypass Using an Alternate Path or
Channel (CWE-288

[ more ]  [ reply ]
F5 ASM JSON Profile Bypass 2015-05-06
Peter Lapp (lappsec gmail com)
Details
=======

Product: F5 BIG-IP Application Security Manager (ASM)
Vulnerability: Bypass
Author: Peter Lapp, lappsec () gmail com
CVE: None assigned
Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Should apply to all releases.
Fixed Version: None

Summary
=======

The F5 ASM is a web applicatio

[ more ]  [ reply ]
APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 2015-05-06
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6

Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and
address the following:

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite v

[ more ]  [ reply ]
[SE-2014-02] Some additional GAE Java security sandbox bypasses 2015-05-06
Security Explorations (contact security-explorations com)

Hello All,

Security Explorations released technical details and POC codes for
additional security vulnerabilities found in Google App Engine for
Java. All relevant materials can be found at our SE-2014-02 project
details page:

http://www.security-explorations.com/en/SE-2014-02-details.html

The a

[ more ]  [ reply ]
Alienvault OSSIM/USM Multiple Vulnerabilities 2015-05-06
Peter Lapp (lappsec gmail com)
Details
=======

Product: Alienvault OSSIM/USM
Vulnerability: Multiple Vulnerabilities (XSS, SQLi, Command Execution)
Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed]
CVE: None assigned
Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects
all previous versions as well.
Fixed Version: No fix ha

[ more ]  [ reply ]
[SECURITY] [DSA 3252-1] sqlite3 security update 2015-05-06
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3252-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 06, 2015

[ more ]  [ reply ]
CSRF/XSS In Ultimate Profile Builder by CMSLive Wordpress Plugin 2015-05-06
kingkaustubh me com
================================================================
CSRF/Stored XSS Vulnerability in Ultimate profile Builder Plugin
================================================================

. contents:: Table Of Content

Overview
========

* Title :CSRF and Stored XSS Vulnerability in Ultima

[ more ]  [ reply ]
CSRF/XSS In ClickBank ads Wordpress Plugin 2015-05-06
kingkaustubh me com
================================================================
CSRF/Stored XSS Vulnerability in ClickBank Ads V 1.7 Plugin
================================================================

. contents:: Table Of Content

Overview
========

* Title :CSRF and Stored XSS Vulnerability in ClickBank A

[ more ]  [ reply ]
CSRF/XSS In Manage Engine Asset Explorer 2015-05-06
kingkaustubh me com
========================================================================
=======
CSRF/Stored XSS Vulnerability in Manage Engine Asset Explorer
========================================================================
=======

. contents:: Table Of Content

Overview
========

* Title :CSRF/Stored XSS v

[ more ]  [ reply ]
(Page 3 of 1609)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus