BugTraq Mode:
(Page 4 of 1593)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Command injection vulnerability in network diagnostics tool of Websense Appliance Manager 2015-03-18
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Command injection vulnerability in network diagnostics tool of Websense
Appliance Manager
------------------------------------------------------------------------

Han Sahin, September 2014

-------------------------------------

[ more ]  [ reply ]
Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view 2015-03-18
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Websense Email Security vulnerable to persistent Cross-Site Scripting in
audit log details view
------------------------------------------------------------------------

Han Sahin, September 2014

-------------------------------

[ more ]  [ reply ]
Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting 2015-03-18
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Websense Data Security DLP incident Forensics Preview is vulnerable to
Cross-Site Scripting
------------------------------------------------------------------------

Han Sahin, September 2014

-----------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3195-1] php5 security update 2015-03-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3195-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
March 18, 2015

[ more ]  [ reply ]
Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security 2015-03-17
Nicholas Lemonias. (lem nikolas googlemail com)
-=[ Advanced Information Security Corporation ]=-

------------------------------------------------------------------------

Author: Nicholas Lemonias
Type: Security Audit Notes
Date: 17/3/2015
Email: lem.nikolas (at) gmail (dot) com
Audit: OpenSSL v1.0.2 (22nd of January, 2015 Release)
-----

[ more ]  [ reply ]
APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 2015-03-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4

Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and
address the following:

WebKit
Impact: Visiting a maliciously crafted website may lead to an
unexpected application

[ more ]  [ reply ]
[SECURITY] [DSA 3194-1] libxfont security update 2015-03-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3194-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
March 17, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3193-1] tcpdump security update 2015-03-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3193-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
March 17, 2015

[ more ]  [ reply ]
[security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash, Remote Denial of Service (DoS), Code Execution, Disclosure of Information 2015-03-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04595951

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04595951
Version: 1

HPSBHF03293 re

[ more ]  [ reply ]
[SECURITY] [DSA 3192-1] checkpw security update 2015-03-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3192-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
March 17, 2015

[ more ]  [ reply ]
[security bulletin] HPSBST03298 rev.1 - HP XP Service Processor Software for Windows, Multiple Vulnerabilities 2015-03-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04600552

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04600552
Version: 1

HPSBST03298 re

[ more ]  [ reply ]
[SECURITY] [DSA 3191-1] gnutls26 security update 2015-03-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3191-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
March 15, 2015

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 31): UAC is for binary planting 2015-03-15
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the exploit shown here should be well-known to every
Windows administrator, developer or QA engineer.

In Microsoft's own terms it doesn't qualify as security
vulnerability since UAC is a security feature, not a
security boundary.

Preconditions:

* a user running as "protected Administrat

[ more ]  [ reply ]
[SECURITY] [DSA 3189-1] libav security update 2015-03-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3189-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
March 15, 2015

[ more ]  [ reply ]
[SE-2014-02] Google App Engine Java security sandbox bypasses (details) 2015-03-16
Security Explorations (contact security-explorations com)

Hello All,

Details of our SE-2014-02 project have been released to the public.
A technical writeup and accompanying Proof of Concept codes can be
found at the following location:

http://www.security-explorations.com/en/SE-2014-02-details.html

In case of Google App Engine for Java, its first laye

[ more ]  [ reply ]
[SECURITY] [DSA 3190-1] putty security update 2015-03-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3190-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
March 15, 2015

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 30): on exploitable Win32 functions 2015-03-15
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

since Microsoft won't -- despite (hopefully not only) my constant
nagging and quite some bug reports about unquoted command lines
for more than a dozen years now -- fix the BRAINDEAD behaviour
of Windows' CreateProcess*() functions to play try&error instead
of returning on error to their ca

[ more ]  [ reply ]
[SECURITY] [DSA 3188-1] freetype security update 2015-03-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3188-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
March 15, 2015

[ more ]  [ reply ]
Defense in depth -- the Mozilla way: return and exit codes are dispensable 2015-03-15
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

since some time Mozilla Firefox and Thunderbird for Windows come with
a "maintenance service" (running privileged under the SYSTEM account):
<https://support.mozilla.org/en-US/kb/what-mozilla-maintenance-service>

The maintenanceservice_installer.exe (which is extracted into the
resp. inst

[ more ]  [ reply ]
[SECURITY] [DSA 3187-1] icu security update 2015-03-15
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3187-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
March 15, 2015

[ more ]  [ reply ]
[ MDVSA-2015:061 ] qemu 2015-03-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:061
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:060 ] yaml 2015-03-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:060
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:059 ] nss 2015-03-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:059
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Serendipity CMS - XSS Vulnerability in Version 2.0 2015-03-13
edric smarterbitbybit com
Serendipity CMS - XSS Vulnerability in Version 2.0

----------------------------------------------------------------

Product Information:

Software: Serendipity CMS
Tested Version: 2.0, released 23.1.2015
Vulnerability Type: Cross-Site Scripting (CWE-79)
Download link: http://www.s9y.org/12.html
De

[ more ]  [ reply ]
[ MDVSA-2015:058 ] kernel 2015-03-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:058
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Jolla Phone tel URI Spoofing 2015-03-13
NSO Research (nso-research sotiriu de)

______________________________________________________________________
-------------------------- NSOADV-2015-001 ---------------------------

Jolla Phone tel URI Spoofing
______________________________________________________________________
___________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3186-1] nss security update 2015-03-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3186-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
March 13, 2015

[ more ]  [ reply ]
Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities 2015-03-12
Rehan Ahmed (knight_rehan hotmail com)
Product: OpenCms
Vendor: Alkacon Software
Vulnerable Version(s): 9.5.1 and probably prior
Tested Version: 9.5.1
Vendor Notification: Mar 05, 2015 (https://github.com/alkacon/opencms-core/issues/304)
Vendor Patch: Not Yet (No Specific Time-line)
Public Disclosure: Mar 12, 2015
Vulnerability Type: Cro

[ more ]  [ reply ]
[security bulletin] HPSBMU03262 rev.1 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) 2015-03-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04571956

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04571956
Version: 1

HPSBMU03262 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03283 rev.1 - HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows, Remote Disclosure of Information, Denial of Service (DoS) 2015-03-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04587108

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04587108
Version: 1

HPSBMU03283 r

[ more ]  [ reply ]
(Page 4 of 1593)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus