BugTraq Mode:
(Page 1 of 1569)  1 2 3 4 5 6 7 8 9 10 11  Next >
CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com
CodeMeter Weak Service Permissions

Vendor Website : http://www.codemeter.com

INDEX
---------------------------------------
1. Background
2. Description
3. Affected Products
4. Vulnerability
5. Solution
6. Credit
7. Disclosure Timeline
8. CVE

1. BACKGROUND
--------

[ more ]  [ reply ]
Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
Larry W. Cashdollar (larry0 me com)
#!/bin/bash
#Larry W. Cashdollar, @_larry0
#Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4 plugin installed for any backups done on
#20141031 assumes the wordpress database is wordpress and the table prefix is wp_
#http://www.vapid.dhs.org/advisories/wordpress/plugins/w

[ more ]  [ reply ]
[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04396638

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04396638
Version: 2

HPSBUX03087 SS

[ more ]  [ reply ]
[ MDVSA-2014:224 ] krb5 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:224
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:223 ] wireshark 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:223
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:222 ] libvirt 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:222
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:221 ] php-smarty 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:221
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:220 ] qemu 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:220
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:219 ] srtp 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:219
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04347622

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04347622
Version: 2

HPSBHF03052 re

[ more ]  [ reply ]
[ MDVSA-2014:218 ] asterisk 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:218
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)
OVERVIEW
========

A security flaw in WordPress 3 allows injection of JavaScript into
certain text fields. In particular, the problem affects comment boxes
on WordPress posts and pages. These don't require authentication by
default.

The JavaScript injected into a comment is executed when the target

[ more ]  [ reply ]
AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-012

Product Asterisk
Summary Mixed IP address families in access control lists
may permit unwanted traffic.

[ more ]  [ reply ]
AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-013

Product Asterisk
Summary PJSIP ACLs are not loaded on startup
Nature of Advisory Unauthorized Access

[ more ]  [ reply ]
AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-015

Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service

[ more ]  [ reply ]
AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-016

Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service

[ more ]  [ reply ]
AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-017

Product Asterisk
Summary Permission escalation through ConfBridge
actions/dialplan functions

[ more ]  [ reply ]
AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-018

Product Asterisk
Summary AMI permission escalation through DB dialplan
function

[ more ]  [ reply ]
AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-014

Product Asterisk
Summary High call load may result in hung channels in
ConfBridge.

[ more ]  [ reply ]
Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn
Vulnerability title: Multiple SQL Injection in SP Client Document Manager plugin
Plugin: SP Client Document Manager
Vendor: http://smartypantsplugins.com
Product: https://wordpress.org/plugins/sp-client-document-manager/
Affected version: version 2.4.1 and previous version
Fixed version: N/A
Google

[ more ]  [ reply ]
[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3075-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 20, 2014

[ more ]  [ reply ]
CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
phi n le itas vn
Vulnerability title: Code Injection in Wordpress CM Download Manager plugin
CVE: CVE-2014-8877
Plugin: CM Download Manager plugin
Vendor: CreativeMinds - https://www.cminds.com/
Product: https://wordpress.org/plugins/cm-download-manager/
Affected version: 2.0.0 and previous version
Fixed version: 2

[ more ]  [ reply ]
[ MDVSA-2014:217 ] clamav 2014-11-20
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:217
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:216
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Advantech WebAccess Stack-based Buffer Overflow

1. *Advisory Information*

Title: Advantech WebAccess Stack-based Buffer Overflow
Advisory ID: CORE-2014-0010
Advisory URL:
http://www.coresecurity.com/advisories/advantech-webAcces

[ more ]  [ reply ]
[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Advantech AdamView Buffer Overflow

1. *Advisory Information*

Title: Advantech AdamView Buffer Overflow
Advisory ID: CORE-2014-0008
Advisory URL:
http://www.coresecurity.com/advisories/advantech-adamView-buffer-overflo
w
Date publ

[ more ]  [ reply ]
[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Advantech EKI-6340 Command Injection

1. *Advisory Information*

Title: Advantech EKI-6340 Command Injection
Advisory ID: CORE-2014-0009
Advisory URL:
http://www.coresecurity.com/advisories/advantech-eki-6340-command-inject
ion
Dat

[ more ]  [ reply ]
CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM

CVE: CVE-2014-7137

Vendor: Dolibarr ERP & CRM

Product: Dolibarr ERP & CRM

Affected version: 3.5.3

Fixed version: 3.6.1

Reported by: Jerzy Kramarz

Details:

SQL injection has been found and confirmed within the software as

[ more ]  [ reply ]
[SECURITY] [DSA 3074-2] php5 regression update 2014-11-19
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3074-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
November 19, 2014

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in Simple Email Form Joomla Extension 2014-11-19
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23241
Product: Simple Email Form Joomla Extension
Vendor: Doug Bierer
Vulnerable Version(s): 1.8.5 and probably prior
Tested Version: 1.8.5
Advisory Publication: October 29, 2014 [without technical details]
Vendor Notification: October 29, 2014
Public Disclosure: November 19, 2014

[ more ]  [ reply ]
(Page 1 of 1569)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus