BugTraq Mode:
(Page 1 of 1580)  1 2 3 4 5 6 7 8 9 10 11  Next >
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
========================================================================
========
[REWTERZ-20140103] - Rewterz - Security Advisory
========================================================================
========

Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability
Product: S

[ more ]  [ reply ]
REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
========================================================================
========
[REWTERZ-20140102] - Rewterz - Security Advisory
========================================================================
========

Title: ManageEngine ServiceDesk Plus User Enumeration Vulnerability
Product: ServiceDesk

[ more ]  [ reply ]
REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
========================================================================
========

[REWTERZ-20140101] - Rewterz - Security Advisory

========================================================================
========

Title: ManageEngine ServiceDesk SQL Injection Vulnerability
Product: ServiceDesk Plus

[ more ]  [ reply ]
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22
Hafez Kamal (aphesz hackinthebox org)
Hi guys - Happy New Year!

Just a reminder that the first selection round for submissions to HITB
Security Conference 2015 in Amsterdam is closing at the end of January!
That's T - 10 days and counting!!!

===

Date: 26th - 29th May 2015
Venue: De Beurs van Berlage
Event Website: http://conference.h

[ more ]  [ reply ]
PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PhotoSync 1.1.3 Android - Command Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1410

Release Date:
=============
2015-01-21

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Program-O v2.4.6 - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1414

Release Date:
=============
2015-01-21

Vulnerability Laboratory ID (VL-ID):
====================================
14

[ more ]  [ reply ]
CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1180-xss-eventsentry

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in EventSentry Web Reports Interface
Affected Software : EventSentry
Affected Versions: 3.1.0 and possibly below
Vendor Homepage : http://eventsentry.com/
Vulnerability Type : Cross-

[ more ]  [ reply ]
CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1179-xss-mango-automation-scada

Information
-----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in Mango Automation SCADA/HMI software
Affected Software : Mango Automation
Affected Versions: 2.4.0 and possibly below
Vendor Homepage : http://infiniteautomation.com/
V

[ more ]  [ reply ]
CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1178-xss-x-cart-ecommerce

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in X-CART e-Commerce software
Affected Software : X-Cart
Affected Versions: 5.1.8 and possibly below
Vendor Homepage : https://www.x-cart.com
Vulnerability Type : Cross-site Scr

[ more ]  [ reply ]
CVE-2015-1177-xss-exponent 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1177-xss-exponent

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in Exponent CMS
Affected Software : Exponent
Affected Versions: 2.3.2 and possibly below
Vendor Homepage : http://www.exponentcms.org/
Vulnerability Type : Cross-site Scripting
Severity

[ more ]  [ reply ]
SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP 2015-01-22
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150122-0 >
=======================================================================
title: Multiple critical vulnerabilities
products: Symantec Data Center Security: Server Advanced (SDCS:SA)
Symantec Cr

[ more ]  [ reply ]
CVE-2015-1176-xss-osticket 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1176-xss-osticket

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in osTicket Ticket system
Affected Software : osTicket
Affected Versions: 1.9.4 and possibly below
Vendor Homepage : http://osticket.com/
Vulnerability Type : Cross-site Scripting
Sever

[ more ]  [ reply ]
[slackware-security] samba (SSA:2015-020-01) 2015-01-21
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] samba (SSA:2015-020-01)

New samba packages are available for Slackware 14.1 and -current to
fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/samba-4.1.1

[ more ]  [ reply ]
Remote Desktop v0.9.4 Android - Multiple Vulnerabilities 2015-01-21
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Remote Desktop v0.9.4 Android - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1413

Release Date:
=============
2015-01-20

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
iExplorer 3.6.3 - DLL Hijacking Exploit itunesmobiledevice.dll 2015-01-21
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
iExplorer 3.6.3 - DLL Hijacking Exploit itunesmobiledevice.dll

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1415

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9600

CVE-ID:
=======
CVE-2014-9600

Release

[ more ]  [ reply ]
[RT-SA-2014-010] AVM FRITZ!Box Firmware Signature Bypass 2015-01-21
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: AVM FRITZ!Box: Firmware Signature Bypass

The signature check of FRITZ!Box firmware images is flawed. Malicious
code can be injected into firmware images without breaking the RSA
signature. The code will be executed either if a manipulated firmware
image is uploaded by the victim or if the

[ more ]  [ reply ]
PhotoSync v1.1.3 Android - Command Inject Vulnerability 2015-01-21
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PhotoSync v1.1.3 Android - Command Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1410

Release Date:
=============
2015-01-21

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
[oCERT-2015-001] JasPer input sanitization errors 2015-01-21
Andrea Barisani (lcars ocert org)

#2015-001 JasPer input sanitization errors

Description:

The JasPer project is an open source implementation for the JPEG-2000 codec.

The library is affected by an off-by-one error in a buffer boundary check in
jpc_dec_process_sot(), leading to a heap based buffer overflow, as well as
multiple un

[ more ]  [ reply ]
[security bulletin] HPSBUX03235 SSRT101750 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-01-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04550240

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04550240
Version: 1

HPSBUX03235 SS

[ more ]  [ reply ]
[SECURITY] [DSA 3134-1] sympa security update 2015-01-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3134-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
January 20, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3133-1] privoxy security update 2015-01-20
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3133-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 20, 2015

[ more ]  [ reply ]
ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities 2015-01-20
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities

EMC Identifier: ESA-2015-004

CVE Identifier: CVE-2015-0513, CVE-2015-0514, CVE-2015-0515, CVE-2015-0516, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-20

[ more ]  [ reply ]
CVE-2015-1175-xss-prestashop 2015-01-20
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1175-xss-prestashop

Information
â??â??â??â??â??â??â??
Advisory by Octogence.
Name: Reflected XSS Vulnerability in prestashop ecommerce software
Affected Software : Prestashop
Affected Versions: 1.6.0.9 and possibly below
Vendor Homepage : https://www.prestashop.com/

Vulnerability Type :

[ more ]  [ reply ]
[SECURITY] [DSA 3132-1] icedove security update 2015-01-19
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3132-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 19, 2015

[ more ]  [ reply ]
MSA-2015-01: Wordpress Plugin Pixabay Images Multiple Vulnerabilities 2015-01-19
Advisories (advisories mogwaisecurity de)
Mogwai Security Advisory MSA-2015-01
----------------------------------------------------------------------
Title: WP Pixarbay Images Multiple Vulnerabilities
Product: Pixarbay Images (Wordpress Plugin)
Affected versions: 2.3
Impact: high
Remote:

[ more ]  [ reply ]
[SECURITY] [DSA 3131-1] xdg-utils security update 2015-01-19
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3131-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
January 18, 2015

[ more ]  [ reply ]
CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability 2015-01-18
Riley Baird (BM-2cVqnDuYbAU5do2DfJTrN7ZbAJ246S4Xix bitmessage ch)
CVE-2015-1032

A cross-site scripting vulnerability in the "Kiwix" zim file reader was
discovered by Emmanuel Engelhart on 31 October 2014, and was reported on
Sourceforge here: http://sourceforge.net/p/kiwix/bugs/763/

This vulnerability does not affect most users of the program, only those
using t

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2015-016-04) 2015-01-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2015-016-04)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2015-016-02) 2015-01-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2015-016-02)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[slackware-security] freetype (SSA:2015-016-01) 2015-01-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] freetype (SSA:2015-016-01)

New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+------------------------

[ more ]  [ reply ]
(Page 1 of 1580)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus