BugTraq Mode:
(Page 6 of 1587)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3153-1] krb5 security update 2015-02-03
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3153-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 03, 2015

[ more ]  [ reply ]
MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token 2015-02-03
Greg Hudson (ghudson mit edu)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MITKRB5-SA-2015-001

MIT krb5 Security Advisory 2015-001
Original release: 2015-02-03
Last update: 2015-02-03

Topic: Vulnerabilities in kadmind, libgssrpc, gss_process_context_token
VU#540092

CVE-2014-5352: gss_process_context_token() incorrectly free

[ more ]  [ reply ]
CVE-2015-1437 XSS In ASUS Router. 2015-02-03
kingkaustubh me com
#####################################
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router
Author: Kaustubh G. Padwad
Product: ASUS Router RT-N10 Plus
Firmware: 2.1.1.1.70
Severity: HIGH
Auth: Not requierd
CVE ID: CVE-2015-1437
# Description:
Vulnerable Parameter: flag=
# Vulne

[ more ]  [ reply ]
[SECURITY] [DSA 3152-1] unzip security update 2015-02-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3152-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 03, 2015

[ more ]  [ reply ]
CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability 2015-02-03
alex_haynes outlook com
Exploit Title: Landesk Management Suite Cross-Site scripting vulnerabilityProduct: Landesk Management Suite

Vulnerable Versions: 9.5 (possible previous versions), 9.6
Tested Version: 9.5
Advisory Publication: Feb 02, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-536

[ more ]  [ reply ]
[SECURITY] [DSA 3151-1] python-django security update 2015-02-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3151-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 03, 2015

[ more ]  [ reply ]
articleFR CMS 3.0.5 - Arbitrary File Upload 2015-02-03
Tien Tran Dinh (tien d tran itas vn)
#Vulnerability title: articleFR CMS 3.0.5 - Arbitrary File Upload
#Product: articleFR CMS
#Vendor: http://freereprintables.com
#Affected version: version 3.0.5
#Fixed version: N/A
#Author: Tran Dinh Tien (tien.d.tran (at) itas (dot) vn [email concealed]) & ITAS
Team (w

[ more ]  [ reply ]
articleFR CMS 3.0.5 - SQL injection vulnerability 2015-02-03
Tien Tran Dinh (tien d tran itas vn)
#Vulnerability title: articleFR CMS 3.0.5 - SQL injection vulnerability
#Product: articleFR
#Vendor: http://freereprintables.com
#Affected version: version 3.0.5
#Download link: https://github.com/articlefr/articleFR
#Fixed version: N/A
#CVE ID: CVE-2015-1364
#Author: Tran Dinh Tien (tien.d.tran@ita

[ more ]  [ reply ]
articleFR CMS 3.0.5 - XSS vulnerability 2015-02-03
Tien Tran Dinh (tien d tran itas vn)
#Vulnerability title: articleFR CMS 3.0.5 - XSS vulnerability
#Product: articleFR
#Vendor: http://freereprintables.com
#Affected version: version 3.0.5
#Download link: https://github.com/articlefr/articleFR
#Fixed version: N/A
#CVE ID: CVE-2015-1363
#Author: Tran Dinh Tien (tien.d.tran (at) itas (dot) vn [email concealed]) & IT

[ more ]  [ reply ]
[CVE-2014-9331] ManageEngine Desktop Central CSRF vulnerability to add an Admin user advisory 2015-02-02
mohamed idris helpag com
#####################################
Title:- Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Desktop Central 9 Allows adding an Admin User
Author: Mohamed Idris - Help AG Middle East
Vendor: ZOHO Corp
Advisory ID: hag20141205
Product: ManageEngine Desktop Central 9
Version: All vers

[ more ]  [ reply ]
[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04539443

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04539443
Version: 3

HPSBMU03232 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03237 rev.1 - HP Insight Remote Support v7 Clients running SSLv3, Remote Disclosure of Information 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04553458

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04553458
Version: 1

HPSBGN03237 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03247 rev.1 - HP IceWall SSO Dfw using glibc, Remote Execution of Abitrary Code 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04560440

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04560440
Version: 1

HPSBGN03247 re

[ more ]  [ reply ]
[SECURITY] [DSA 3149-1] condor security update 2015-02-02
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3149-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
February 02, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04553906

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04553906
Version: 1

HPSBMU03239 re

[ more ]  [ reply ]
[SECURITY] [DSA 3150-1] vlc security update 2015-02-02
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3150-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
February 02, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04552143

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04552143
Version: 1

HPSBMU03236 r

[ more ]  [ reply ]
Fork CMS 3.8.3 - XSS Vulnerability 2015-02-02
ITAS Team (itas team itas vn)
# Exploit Title: Fork CMS 3.8.3 - XSS Vulnerability
# Vendor: http://www.fork-cms.com
# Download link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released
# CVE ID: CVE-2014-9470
# Vulnerability: Cross-Site Scripting
# Affected version: Fork 3.8.3
# Fixed version: Fork 3.8

[ more ]  [ reply ]
Microweber 0.95 - SQL Injection Vulnerability 2015-02-02
ITAS Team (itas team itas vn)
# Exploit Title: Microweber 0.95 - SQL Injection Vulnerability
# Vendor: https://microweber.com/
# Download link: https://microweber.com/download
(https://github.com/microweber/microweber)
# CVE ID: CVE-2014-9464
# Vulnerability: SQL Injection
# Affected version: Version 0.95 b

[ more ]  [ reply ]
Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities 2015-02-02
ITAS Team (itas team itas vn)
# Exploit Title: Sefrengo CMS v1.6.1 - Multiple SQL Injection
Vulnerabilities
# Vendor: http://www.sefrengo.org/
# Download link: http://forum.sefrengo.org/index.php?showtopic=3368
(https://github.com/sefrengo-cms/sefrengo-1.x/tree/22c0d16bfd715631ed317
cc99
0785cce

[ more ]  [ reply ]
Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384 2015-01-31
Onur Yilmaz (onur netsparker com)
Information
------------
Advisory by Netsparker.
Name: XSS Vulnerability in Banner Effect Header
Affected Software : Banner Effect Header
Affected Versions: 1.2.7 and possibly below
Vendor Homepage : https://wordpress.org/plugins/banner-effect-header/
Vulnerability Type : Cross-site Scripting
Severi

[ more ]  [ reply ]
[SECURITY] [DSA 3148-1] chromium-browser end of life 2015-01-31
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3148-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
January 31, 2015

[ more ]  [ reply ]
Major Internet Explorer Vulnerability - NOT Patched 2015-01-31
David Leo (david leo deusen co uk)
Deusen just published code and description here:
http://www.deusen.co.uk/items/insider3show.3362009741042107/
which demonstrates the serious security issue.

Summary
An Internet Explorer vulnerability is shown here:
Content of dailymail.co.uk can be changed by external domain.

How To Use
1. Close t

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you 2015-01-31
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

on Windows, the command line an application receives can differ
from the command line the calling application supplies to
CreateProcess*().

The documentation of GetCommandLine()
<https://msdn.microsoft.com/en-us/library/ms683156.aspx> tells:

| Note The name of the executable in the comma

[ more ]  [ reply ]
[security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities 2015-01-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04530690

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04530690
Version: 2

HPSBOV03226 re

[ more ]  [ reply ]
[SECURITY] [DSA 3147-1] openjdk-6 security update 2015-01-30
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3147-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 30, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3146-1] requests security update 2015-01-30
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3146-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
January 30, 2015

[ more ]  [ reply ]
ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability 2015-01-30
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability

EMC Identifier: ESA-2015-006

CVE Identifier: CVE-2014-4632

Severity Rating: CVSSv2 Base Score: 7.9 (AV:A/AC:M/Au:N/C:C/I:C/A:C)

Affected products:

? EMC Avamar Dat

[ more ]  [ reply ]
[SECURITY] [DSA 3145-1] privoxy security update 2015-01-30
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3145-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
January 30, 2015

[ more ]  [ reply ]
(Page 6 of 1587)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus