BugTraq Mode:
(Page 6 of 1700)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
mehta himanshu21 gmail com
Aloha,

Summary
Evernote contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to some DLL file is loaded by 'Evernote_6.1.2.2292.exe' improperly. And it allows an attacker to load th

[ more ]  [ reply ]
[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information 2016-10-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053075
89

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05307589
Version: 1

HPSBNS03661 rev.1 - NonStop

[ more ]  [ reply ]
Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/SNORT-DLL-HIJACK.txt

[+] ISR: ApparitionSec

Vendor:
=============
www.snort.org

Product:
===================
Snort v2.9.7.0-WIN32

Snort is an open-source, fre

[ more ]  [ reply ]
ZendStudio IDE v13.5.1 Privilege Escalation 2016-10-12
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ZEND-STUDIO-PRIVILEGE-ESCALAT
ION.txt

[+] ISR: ApparitionSec

Vendor:
============
www.zend.com

Product:
======================
ZendStudio IDE v13.5.1

Zend Stud

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability 2016-10-12
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Meeting Server Client Authentication Bypass Vulnerability

Advisory ID: cisco-sa-20161012-msc

Revision 1.0

For Public Release 2016 October 12 16:00 UTC (GMT)
Last Updated 2016 October 12 16:00 UTC (GMT)

+-------------------------------------

[ more ]  [ reply ]
Multiple Vulnerabilities in Plone CMS 2016-10-12
Sebastian Perez (s3bap3 gmail com)
[Product Description]
Plone is a free and open source content management system built on
top of the Zope application server. Plone is positioned as an
"Enterprise CMS" and is most commonly used for intranets and as part
of the web presence of large organizations

[Systems Affected]
Product

[ more ]  [ reply ]
[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities 2016-10-11
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c048196
35

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04819635
Version: 2

HPSBPV03516 rev.2 - HP VAN

[ more ]  [ reply ]
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1972

Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2016/10/10/facebook-api-v21
-hit-rfc6749-

[ more ]  [ reply ]
Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
admin (at) evolution-sec (dot) com [email concealed] (admin evolution-sec com)
Document Title:
===============
Contenido v4.9.11 - (Backend) Multiple XSS Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1928

Release Date:
=============
2016-10-10

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities 2016-10-11
Gergely Eberhardt (gergely eberhardt search-lab hu)
Avtech devices multiple vulnerabilities

--------------------------------------------------

Platforms / Firmware confirmed affected:
- Every Avtech device (IP camera, NVR, DVR) and firmware version. [4]
contains the list of confirmed firmware versions, which are affected.
- Product page: http://www

[ more ]  [ reply ]
SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT) 2016-10-11
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20161011-0 >
=======================================================================
title: XML External Entity Injection (XXE)
product: RSA Enterprise Compromise Assessment Tool (ECAT)
vulnerable version: 4.1.0.1
fix

[ more ]  [ reply ]
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-11
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-043
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient Protection against Re

[ more ]  [ reply ]
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-10
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-043
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient Protection against Re

[ more ]  [ reply ]
Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] 2016-10-10
Nightwatch Cybersecurity Research (research nightwatchcybersecurity com)
Original at:
https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-53
48-2/

Summary

Android devices can be crashed remotely forcing a halt and then a soft
reboot by a MITM attacker manipulating assisted GPS/GNSS data provided
by Qualcomm. This issue affects the open source code in A

[ more ]  [ reply ]
[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks 2016-10-10
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-068
Product: Wireless Keyboard Set LX901
Manufacturer: Fujitsu
Affected Version(s): Model No. GK900
Tested Version(s): Model No. GK900
Vulnerability Type: Cryptographic Issues (CWE-310)
Missing Protection aga

[ more ]  [ reply ]
[SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-10-10
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-033
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Insufficient Protection of Code (Firmware) and
Data (Cryptograph

[ more ]  [ reply ]
Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability 2016-10-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1850

Cyberoam ID: #1059276
Security ID: NCR-2064

Release Date:
=============
2016-10-04

Vulnerability Labor

[ more ]  [ reply ]
Clean Master v1.0 - Unquoted Path Privilege Escalation 2016-10-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Clean Master v1.0 - Unquoted Path Privilege Escalation

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1968

Release Date:
=============
2016-10-05

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-dhcp2

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+----------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-dhcp1

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability

Advisory ID: cisco-sa-20161005-nxaaa

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+--------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-bgp

Revision 1.0

For Public Release 2016 October 5 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
===

[ more ]  [ reply ]
[security bulletin] HPSBGN03639 rev.1 - HPE KeyView, Remote Code Execution 2016-10-05
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052974
77

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05297477
Version: 1

HPSBGN03639 rev.1 - HPE KeyV

[ more ]  [ reply ]
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial of Service 2016-10-05
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial
of Service

Title: Cisco Firepower Threat Management Console Authenticated Denial of Service
Advisory ID: KL-001-2016-004
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-0

[ more ]  [ reply ]
KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials 2016-10-05
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL
Credentials

Title: Cisco Firepower Threat Management Console Hard-coded MySQL Credentials
Advisory ID: KL-001-2016-005
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-201

[ more ]  [ reply ]
[SECURITY] [DSA 3688-1] nss security update 2016-10-05
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3688-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3687-1] nspr security update 2016-10-05
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3687-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 05, 2016

[ more ]  [ reply ]
September 2016 - HipChat Plugin for various products - Critical Security Advisory 2016-10-06
David Black (dblack atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the following advisory pages:

* Bitbucket Server - https://confluence.atlassian.com/x/0QkcMg
* Confluence - https://confluence.atlassian.com/x/yIGbMg
* JIRA - https://confluence.atlassian.com/x/w4GbMg

CVE ID:
* CVE-2016-6668 - T

[ more ]  [ reply ]
ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities 2016-10-04
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities

EMC Identifier: ESA-2016-121

CVE Identifier: CVE-2016-6645, CVE-2016-6646

Severity Rating: CVSS v3 Base Score: See below for individual CVE

[ more ]  [ reply ]
ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability 2016-10-04
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability

EMC Identifier: ESA-2016-063

CVE Identifier: CVE-2016-0913

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:

[ more ]  [ reply ]
(Page 6 of 1700)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus