Penetration Testing Mode:
(Page 2 of 639)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite - XXE injection
Advisory ID: [ERPSCAN-15-029]
Advisory URL: http://erpscan.com/advisories/erpscan-15-029-oracle-e-business-suite-xxe
-injection-vulnerability/
Date published: 21.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Cl

[ more ]  [ reply ]
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite XXE injection
Advisory ID: [ERPSCAN-15-028]
Advisory URL: http://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe
-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Clas

[ more ]  [ reply ]
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite Cross-site Scripting
Advisory ID: [ERPSCAN-15-027]
Advisory URL:http://erpscan.com/advisories/erpscan-15-027-oracle-e-business-suite
-cross-site-scripting-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFO

[ more ]  [ reply ]
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite SQL injection
Advisory ID: [ERPSCAN-15-026]
Advisory URL: http://erpscan.com/advisories/erpscan-15-026-oracle-e-business-suite-sql
-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Clas

[ more ]  [ reply ]
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite - Database user enumeration
Advisory ID: [ERPSCAN-15-025]
Advisory URL: http://erpscan.com/advisories/erpscan-15-025-oracle-e-business-suite-dat
abase-user-enumeration-vulnerability/
Date published:20.10.2015
Vendors contacted: Oracle

2. VULNER

[ more ]  [ reply ]
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS
service - Unauthorized Access

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver AS JAVA, probably others
Vendor URL: http://SAP.com
Bugs: Unauthorized access
Sent: 20.04.2013
Reported: 21.04.2013
Vendor response: 21.04.201

[ more ]  [ reply ]
t2'15: Challenge to be released 2015-09-19 10:00 EEST 2015-09-14
Tomi Tuominen (tomi tuominen t2 fi)
Hi,

After last yearâ??s t2 we spent the cold winter months browsing through online auctions for historical data processing equipment. Just like LinkedIn profiles revealing sensitive projects and inside information, old devices and mass storage units can be a treasure trove for the lucky.

The myste

[ more ]  [ reply ]
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver AS ABAP, probably others
Vendor URL: http://SAP.com
Bugs: Hardcoded credentials
Sent: 06.03.2014
Reported: 07.03.2014
Vendor response

[ more ]  [ reply ]
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-015] SAP NetWeaver AS ABAPâ??
Hardcoded Credentials

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver AS ABAP, probably others
Vendor URL: http://SAP.com
Bugs: Hardcoded credentials
Sent: 06.03.2014
Reported: 07.03.2014
Vendor response:

[ more ]  [ reply ]
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE
in Add Repository

Application: SAP Mobile Platform
Versions Affected: SAP Mobile Platform 3, probably others
Vendor URL: http://SAP.com
Bugs: XML External Entity
Sent: 13.03.2015
Reported: 14.03.2015
Vendor response:

[ more ]  [ reply ]
nullcon se7en CFP is open 2015-08-26
nullcon (nullcon nullcon net)
Dear Friends,

Welcome to nullcon se7en!

$git commit -a <sin>

<sin> := wrath | pride | lust | envy | greed | gluttony | sloth

nullcon is an annual security conference held in Goa, India. The focus
of the conference is to showcase the next generation of offensive and
defensive securi

[ more ]  [ reply ]
SpiderFoot 2.5.0 released 2015-08-04
Steve Micallef (steve binarypool com)
Hi all,

SpiderFoot 2.5.0 is now available, with more modules, added
functionality and bug fixes since 2.3.0 was last announced on this list.
SpiderFoot is an open source intelligence gathering / reconnaissance
tool utilising over 40 data sources and methods, all driven through a
snappy web UI.

[ more ]  [ reply ]
Arachni Framework v1.2 & WebUI v0.5.7.1 have been released (Web Application Security Scanner) 2015-07-16
Tasos Laskos (tasos laskos gmail com)
Hey folks,

There's a new version of Arachni, a modular and high-performance Web Application Security Scanner.

The highlights of this release are:

* Many optimizations to reduce RAM and CPU consumption.
* SSL interception for websites with HSTS.
* Support for tracking jQuery delegated events.
* Su

[ more ]  [ reply ]
Ruxcon 2015 Final Call For Presentations 2015-07-06
cfp ruxcon org au
Ruxcon 2015 Final Call For Presentations
Melbourne, Australia, October 24-25
CQ Function Centre

http://www.ruxcon.org.au

The Ruxcon team is pleased to announce the first round of Call For Presentations for Ruxcon 2015.

This year the conference will take place over the weekend of the 24th and 25th

[ more ]  [ reply ]
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE

Application: SAP Mobile Platform 2.3
Versions Affected: SAP Mobile Platform 2.3, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.14
Repor

[ more ]  [ reply ]
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console
ReadProfile Parameters - Information disclosure

Application: SAP Management Console
Versions Affected: SAP NW 7.4 Management Console, probably others
Vendor URL: http://SAP.com
Bugs: Info

[ more ]  [ reply ]
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS
in the module XeClient.Dll

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.2014
Reported:

[ more ]  [ reply ]
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-009] SAP Afaria 7 XcListener -
Missing authorization check

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: Missing authorization check
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16
- DoS

Application: SYBASE SQL Anywhere 12 and 16
Versions Affected: SYBASE SQL Anywhere 12 and 16, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE

Application: SAP Mobile Platform 3.0
Versions Affected: SAP Mobile Platform 3.0, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 29.12.2014

[ more ]  [ reply ]
new firmware security blog 2015-06-10
Blibbet (blibbet gmail com)
Hi,

I've recently started a blog focusing on firmware security and firmware
development, focusing mostly on UEFI, but also on BIOS, coreboot, and
other technologies. It focuses mostly on Intel, but also covers ARM. I
focus on Linux/Android/Chrome OS/FreeBSD, but also cover some MSFT/APPL
usage.

I'

[ more ]  [ reply ]
[HITB-Announce] FINAL CALL: HITB GSEC Call for Papers 2015-06-11
Hafez Kamal (aphesz hackinthebox org)
This is the FINAL CALL to submit your offensive and defensive talk
proposals to the inaugural Hack In The Box GSEC conference in Singapore!

Call for Papers: http://gsec.hitb.org/call-for-papers/
Event Website: http://gsec.hitb.org/sg2015/

HITB GSEC is a three-day security conference limited to 111

[ more ]  [ reply ]
t2'15: Call for Papers 2015 (Helsinki / Finland) 2015-06-01
Tomi Tuominen (tomi tuominen t2 fi)
#
# t2'15 - Call For Papers (Helsinki, Finland) - October 29 - 30, 2015
#

Why spend your valuable conference time in the longest lines you have seen in your life, getting a sun burn or totally lost in the canals with your rental boat, being deprived of chewing gum or waking up in Nong Palai without

[ more ]  [ reply ]
hardwear.io - Hardware Security Conference Call for Papers 2015-05-29
Hardwear Team (hw hardwear io)
Dear Hackers and Security Gurus,

hardwear is seeking innovative research on hardware security. If you
have done interesting research on attacks or mitigation on any
Hardware and want to showcase it to the security community, just
submit your research paper. Please find all the relevant details for

[ more ]  [ reply ]
c0c0n 2015 | The cy0ps c0n - CFP & CFW - Extended Deadline: 14 June, 2015 2015-06-01
c0c0n International Information Security Conference (c0c0n is-ra org)
c0c0n 2015 | The cy0ps c0n - CFP & CFW - Extended Deadline: 14 June, 2015

Thanks to everyone for all the paper submissions. The CFP Review Committee
will be evaluating the same for selection. Based on the requests received,
we are extending the CFP deadline to June 14, 2015 in the hope of receivin

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability 2015-05-27
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security AdvisoryONAPSIS-2015-007: SAP HANA Log Injection
Vulnerability

1. Impact on Business
=====================

Under certain conditions the SAP HANA XS engine is vulnerable to
arbitrary log
injection, allowing remote authenticated attack

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement 2015-05-27
Onapsis Research Labs (research onapsis com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory ONAPSIS-2015-006: SAP HANA Information
Disclosure via SQL IMPORT FROM statement

1. Impact on Business
=====================

Under certain conditions some SAP HANA Database commands could be
abused by a remote authenticated a

[ more ]  [ reply ]
(Page 2 of 639)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus