BugTraq Mode:
(Page 6 of 1609)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[oCERT-2015-003] MySQL SSL/TLS downgrade 2015-04-29
Andrea Barisani (lcars ocert org)

#2015-003 MySQL SSL/TLS downgrade

Description:

The MySQL project is an open source relational database management system.

A vulnerability has been reported concerning the impossibility for MySQL users
(with any major stable version) to enforce an effective SSL/TLS connection
that would be immune

[ more ]  [ reply ]
Multiple Vulnerabilities in TheCartPress WordPress plugin 2015-04-29
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23254
Product: TheCartPress WordPress plugin
Vendor: TheCartPress team
Vulnerable Version(s): 1.3.9 and probably prior
Tested Version: 1.3.9
Advisory Publication: April 8, 2015 [without technical details]
Vendor Notification: April 8, 2015
Public Disclosure: April 29, 2015
Vulner

[ more ]  [ reply ]
CSRF & XSS Wing FTP Server Admin <= v4.4.5 2015-04-28
apparitionsec gmail com
Wing FTP Server Admin 4.4.5 - CSRF & Cross Site Scripting Vulnerabilities

Release Date:
=============
2015-04-28

Source:
====================================
http://hyp3rlinx.altervista.org/advisories/AS-WFTP0328.txt

Common Vulnerability Scoring System:
====================================
Ove

[ more ]  [ reply ]
PayPal Inc Bug Bounty #114 - JDWP Remote Code Execution Vulnerability 2015-04-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc Bug Bounty #114 - JDWP Remote Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1474

Video: http://www.vulnerability-lab.com/get_content.php?id=1474

Vulnerability Magazine: http://

[ more ]  [ reply ]
SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability 2015-04-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1359

Release Date:
=============
2015-04-23

Vulnerability Laboratory ID (VL-ID):
=====

[ more ]  [ reply ]
[CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities 2015-04-27
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: InFocus IN3128HD Projector Multiple Vulnerabilities
Advisory ID: CORE-2015-0008
Advisory URL: http://www.coresecurity.com/advisories/infocus-in3128hd-projector-multip
le-vulnerabilities
Date published: 2015-04-27
Date of last update: 2015-04-22
Vendors contacted: InFoc

[ more ]  [ reply ]
[ MDVSA-2015:212 ] java-1.7.0-openjdk 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:212
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Open-Xchange Security Advisory 2015-04-27 2015-04-27
Martin Heiland (martin heiland lists open-xchange com)
Product: Open-Xchange Server 6 / OX AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 35982 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version: 7.6.1
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.6.1-rev2

[ more ]  [ reply ]
[ MDVSA-2015:211 ] glusterfs 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:211
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:210 ] qemu 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:210
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Elasticsearch vulnerability CVE-2015-3337 2015-04-27
Kevin Kluge (kevin elastic co)
Summary:
All Elasticsearch versions prior to 1.5.2 and 1.4.5 are vulnerable to a directory traversal attack that allows an attacker to retrieve files from the server running Elasticsearch. This vulnerability is not present in the initial installation of Elasticsearch. The vulnerability is exposed

[ more ]  [ reply ]
[ MDVSA-2015:209 ] php 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:209
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:208 ] setup 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:208
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:207 ] perl-Module-Signature 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:207
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:206 ] asterisk 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:206
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:205 ] tor 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:205
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:204 ] librsync 2015-04-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:204
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3238-1] chromium-browser security update 2015-04-27
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3238-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
April 26, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3237-1] linux security update 2015-04-26
Ben Hutchings (benh debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3237-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Ben Hutchings
April 26, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3236-1] libreoffice security update 2015-04-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3236-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 25, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3235-1] openjdk-7 security update 2015-04-24
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3235-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 24, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3234-1] openjdk-6 security update 2015-04-24
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3234-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 24, 2015

[ more ]  [ reply ]
[security bulletin] HPSBHF03272 rev.1 - HP Servers with NVidia GPU Computing Driver running Windows Server 2008, Elevation of Privilege 2015-04-24
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04579346

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04579346
Version: 1

HPSBHF03272 re

[ more ]  [ reply ]
[security bulletin] HPSBPI03315 rev.1 - HP Capture and Route Software, Remote Information Disclosure 2015-04-24
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04633710

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04633710
Version: 1

HPSBPI03315 re

[ more ]  [ reply ]
WordPress 4.2 stored XSS 2015-04-27
Jouko Pynnonen (jouko iki fi)
OVERVIEW
==========

Current versions of WordPress are vulnerable to a stored XSS. An
unauthenticated attacker can inject JavaScript in WordPress comments.
The script is triggered when the comment is viewed.

If triggered by a logged-in administrator, under default settings the
attacker can leverage

[ more ]  [ reply ]
[SECURITY] [DSA 3233-1] wpa security update 2015-04-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3233-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
April 24, 2015

[ more ]  [ reply ]
4k ULTRA HIGH DEFINITION Satellite Security Research - DVB-S2X Security Evaluation Draft Notes - Advanced Information Security Corporation 2015-04-24
Nicholas Lemonias. (lem nikolas googlemail com)
Author: Nicholas Lemonias

Advisory Date: 23/4/2015

4k Satellite Security Research - DVB-S2X Standard Evaluation Notes
# . . . . . . .
# . . . . . ______
# . . .

[ more ]  [ reply ]
Encaps PHP/Flash Gallery 2.3.22s Database Puffing Up Exploit 2015-04-24
ZoRLu Bugrahan (zorlu milw00rm com)
Hi guys,

#ref: http://www.milw00rm.com/exploits/5179

#!/usr/bin/perl -w
#Title : Encaps PHP/Flash Gallery 2.3.22s Database Puffing Up Exploit
#Vendor : http://www.encaps.net
#Download : http://sourceforge.net/projects/encapsnet/files/
#Author : ZoRLu / zorlu (at) milw00rm (dot) com [email concealed]
#Website : milw0

[ more ]  [ reply ]
Incorrect handling of self signed certificates in OpenFire XMPP Server 2015-04-24
Simon Waters (simon waters surevine com)
Incorrect handling of self signed certificates in OpenFire XMPP Server

Affected software: OpenFire XMPP server
Affected versions: 3.9.3 and earlier
Vulnerabilities addressed: CVE-2014-3451, CVE-2015-2080

Openfire is a real time collaboration (RTC) server licensed under the Open Source Apache Lice

[ more ]  [ reply ]
SSH Network Security Assessment utility - Zeppelin - -=[Advanced Information Security Corp]=- 2015-04-24
lem nikolas gmail com
#!/bin/bash
#
################################################
# -=[Advanced Information Security Corp]=- ##
################################################
# Keeping things simple!
#
#
# An adjacent SSH Network Security Assessment utility - Zeppelin v1
#
# This is proprietary sou

[ more ]  [ reply ]
(Page 6 of 1609)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus