BugTraq Mode:
(Page 4 of 1693)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting 2016-08-18
bugtraq nerz syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-050
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: Persistent Cross-Site Scripting (CWE-79)
Ri

[ more ]  [ reply ]
[SYSS-2016-048] QNAP QTS - OS Command Injection 2016-08-18
bugtraq nerz syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-048
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: H

[ more ]  [ reply ]
[SYSS-2016-053] QNAP QTS - Arbitrary File Overwrite 2016-08-18
bugtraq nerz syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-053
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: Arbitrary file overwrite (CWE-23)
Risk Level: High
Solution St

[ more ]  [ reply ]
[SYSS-2016-052] QNAP QTS - OS Command Injection 2016-08-18
bugtraq nerz syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-052
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status

[ more ]  [ reply ]
Telus Actiontec T2200H Modem Input Validation Flaw Allows Elevated Shell Access 2016-08-18
Andrew Klaus (andrewklaus gmail com)
### Device Details
Vendor: Actiontec (Telus Branded)
Model: T2200H (but likely affecting other similar models of theirs)
Affected Firmware: T2200H-31.128L.03
Device Manual: http://static.telus.com/common/cms/files/internet/telus_t2200h_user_manu
al.pdf
Reported: November 2015
Status: Fixed on T2200

[ more ]  [ reply ]
[SECURITY] [DSA 3650-1] libgcrypt20 security update 2016-08-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3650-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 17, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3649-1] gnupg security update 2016-08-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3649-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 17, 2016

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability 2016-08-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20160817-asa-snmp

Revision: 1.0

For Public Release: 2016 August 17 18:45 UTC (GMT)
+--------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Firepower Management Center Remote Command Execution Vulnerability 2016-08-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Firepower Management Center Remote Command Execution Vulnerability

Advisory ID: cisco-sa-20160817-fmc

Revision 1.0

For Public Release: 2016 August 17 16:00 GMT

Summary
=======

+--------------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory:Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability 2016-08-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20160817-apic

Revision 1.0

Published: 2016 August 17 16:00 GMT
+------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Firepower Management Center Privilege Escalation Vulnerability 2016-08-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Firepower Management Center Privilege Escalation Vulnerability

Advisory ID: cisco-sa-20160817-firepower

Revision 1.0:

For Public Release: 2016 August 17 16:00 GMT

Summary
=======

A vulnerability in the web-based GUI of Cisco Firepower Manag

[ more ]  [ reply ]
[SYSS-2016-067] NetIQ Access Manager (iManager) - Temporary Second Order Cross-Site Scripting (CWE-79) 2016-08-17
Micha Borrmann (micha borrmann syss de)
Advisory ID: SYSS-2016-067
Product: Access Manager iManager
Manufacturer: NetIQ
Affected Version(s): 2.7.7.5, 2.7.7.6
Tested Version(s): 2.7.7.5
Vulnerability Type: Temporary Second Order Cross-Site Scripting (CWE-79)
Risk Level: Low
Solution Status: Fixed
Solution Date: 2016-07
Public Disclosure: 2

[ more ]  [ reply ]
[ERPSCAN-16-023] Potential backdoor via hardcoded system ID 2016-08-16
ERPScan inc (erpscan online gmail com)
Application: SAP АBAP BASIS

Versions Affected: SAP АBAP BASIS 7.4

Vendor URL: http://SAP.com

Bugs: Hardcoded credentials

Sent: 01.02.2016

Reported:

[ more ]  [ reply ]
[ERPSCAN-16-022] SAP Hybris E-commerce Suite VirtualJDBC â?? Default Credentials 2016-08-16
ERPScan inc (erpscan online gmail com)
Application: SAP Hybris E-commerce Suite

Versions Affected: SAP Hybris E-commerce Suite 5.1.0.3

Vendor URL: http://sap.com

Bugs: Default credentials

Sent:

[ more ]  [ reply ]
Lepton CMS PHP Code Injection 2016-08-16
hyp3rlinx lycos com
[+] Credits: John Page (HYP3RLINX)

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/LEPTON-PHP-CODE-INJECTION.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.lepton-cms.org

Product:
=================================
Lepton CMS 2.2.0 / 2

[ more ]  [ reply ]
Lepton CMS Archive Directory Traversal 2016-08-16
hyp3rlinx lycos com
[+] Credits: John Page (HYP3RLINX)

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/LEPTON-ARCHIVE-DIRECTORY-TRAV
ERSAL.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.lepton-cms.org

Product:
=================================
Lepton CMS

[ more ]  [ reply ]
[security bulletin] HPSBHF03441 rev.1 - HPE ilO 3 and iLO 4 and iLO 4 mRCA, Remote Multiple Vulnerabilities 2016-08-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05236950

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05236950
Version: 1

HPSBHF03441 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03634 rev.1 - HPE Enterprise Solution Sizers and Storage Sizer running Smart Update, Remote Arbitrary Code Execution 2016-08-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05237578

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05237578
Version: 1

HPSBGN03634 r

[ more ]  [ reply ]
[security bulletin] HPSBST03629 rev.1 - HP StoreFabric B-series Switches, Remote Disclosure of Privileged Information 2016-08-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05236212

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05236212
Version: 1

HPSBST03629 r

[ more ]  [ reply ]
Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

-------------------------------------------------------------

[ more ]  [ reply ]
Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

-------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Link Library WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Link Library WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------------------------------------------------

A

[ more ]  [ reply ]
Ajax Load More Local File Inclusion vulnerability 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Ajax Load More Local File Inclusion vulnerability
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------------------------------------------------

Abstr

[ more ]  [ reply ]
Cross-Site Scripting/Cross-Site Request Forgery in Peter's Login Redirect WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting/Cross-Site Request Forgery in Peter's Login
Redirect WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery vulnerability in Email Users WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery vulnerability in Email Users WordPress Plugin
------------------------------------------------------------------------

Julien Rentrop, July 2016

------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Google Maps WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Google Maps WordPress Plugin
------------------------------------------------------------------------

Julien Rentrop, July 2016

------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows deleting of images 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows
deleting of images
------------------------------------------------------------------------

Umit Aksu, July 2016

---------------------------------------------

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in Photo Gallery WordPress Plugin 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in Photo Gallery WordPress
Plugin
------------------------------------------------------------------------

Umit Aksu, July 2016

--------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows adding of images 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows
adding of images
------------------------------------------------------------------------

Umit Aksu, July 2016

-----------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows deleting of galleries 2016-08-15
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows
deleting of galleries
------------------------------------------------------------------------

Umit Aksu, July 2016

------------------------------------------

[ more ]  [ reply ]
(Page 4 of 1693)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus