BugTraq Mode:
(Page 7 of 1547)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
[RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Endeca Latitude Cross-Site Request Forgery

RedTeam Pentesting discovered a Cross-Site Request Forgery (CSRF)
vulnerability in Endeca Latitude. Using this vulnerability, an attacker
might be able to change several different settings of the Endeca
Latitude instance or disable it entirely.

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite 2014-06-25
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23215
Product: Storesprite
Vendor: Lamp Design Limited
Vulnerable Version(s): 7 and probably prior
Tested Version: 7
Advisory Publication: May 14, 2014 [without technical details]
Vendor Notification: May 14, 2014
Vendor Patch: June 19, 2014
Public Disclosure: June 25, 2014
Vuln

[ more ]  [ reply ]
NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25
\VMware Security Response Center\ (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2014-0007
Synopsis: VMware product updates address security vulnerabilities in
Apache Struts libra

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2014-175-05) 2014-06-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2014-175-05)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[slackware-security] samba (SSA:2014-175-04) 2014-06-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] samba (SSA:2014-175-04)

New samba packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/samba

[ more ]  [ reply ]
[slackware-security] bind (SSA:2014-175-01) 2014-06-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2014-175-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patch

[ more ]  [ reply ]
[slackware-security] gnupg (SSA:2014-175-02) 2014-06-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg (SSA:2014-175-02)

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
[slackware-security] gnupg2 (SSA:2014-175-03) 2014-06-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg2 (SSA:2014-175-03)

New gnupg2 packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pack

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:16.file 2014-06-24
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:16.file Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:15.iconv 2014-06-24
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:15.iconv Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[security bulletin] HPSBMU03053 rev.1 - HP Software Database and Middleware Automation, OpenSSL Vulnerability, Remote Unauthorized Access or Disclosure of Information 2014-06-24
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04347711

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04347711
Version: 1

HPSBMU03053 re

[ more ]  [ reply ]
[HITB-Announce] #HITB2014KUL round 1 CFP submission deadline in < 1 week 2014-06-24
Hafez Kamal (aphesz hackinthebox org)
The deadline to submit your papers for the the 12th and FINAL HITB
Security Conference in Malaysia is just around the corner! Paper
selection will be done in two rounds:

ROUND 1 DEADLINE: 30th June 2014
FINAL DEADLINE: 31st July 2014

HITBSecConf2014 - Malaysia takes place at Intercontinental Kuala

[ more ]  [ reply ]
[security bulletin] HPSBMU03051 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-24
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04345210

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04345210
Version: 1

HPSBMU03051 r

[ more ]  [ reply ]
Boolean algebra and CSS history theft 2014-06-24
Michal Zalewski (lcamtuf coredump cx)
OK, this is more fun than any immediate risk...

Those of you who follow web security topics probably remember that
until mid-2010, you could extract very substantial chunks of one's
browsing history by applying distinctive styling to thousands of
off-screen :visited links and then reading that info

[ more ]  [ reply ]
Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-06-23
Roee Hay (roeeh il ibm com)
Hi,

We have discovered a stack-based buffer overflow in the Android
KeyStore service which affects Android 4.3 and below. The issue was
patched in Android 4.4.

The vulnerability is identified as CVE-2014-3100.

More details are available at:

1. Blog post: http://ibm.co/1pbk4yH
2. Advisory: http:/

[ more ]  [ reply ]
[security bulletin] HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosur 2014-06-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04347622

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04347622
Version: 1

HPSBHF03052 re

[ more ]  [ reply ]
[SECURITY] [DSA 2966-1] samba security update 2014-06-23
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2966-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
June 23, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2965-1] tiff security update 2014-06-22
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2965-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
June 22, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2964-1] iodine security update 2014-06-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2964-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
June 21, 2014

[ more ]  [ reply ]
[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-18
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04337774

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04337774
Version: 1

HPSBOV03047 re

[ more ]  [ reply ]
Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1272

Release Date:
=============
2014-06-18

Vulnerability Laboratory ID (VL-ID):
===============

[ more ]  [ reply ]
Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=834

Release Date:
=============
2014-06-18

Vulnerability Laboratory ID (VL-ID):
=========

[ more ]  [ reply ]
Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23213
Product: web2Project
Vendor: http://web2project.net
Vulnerable Version(s): 3.1 and probably prior
Tested Version: 3.1
Advisory Publication: April 30, 2014 [without technical details]
Vendor Notification: April 30, 2014
Vendor Patch: May 1, 2014
Public Disclosure: June 18,

[ more ]  [ reply ]
SQL Injection in Dolphin 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23216
Product: Dolphin
Vendor: BoonEx
Vulnerable Version(s): 7.1.4 and probably prior
Tested Version: 7.1.4
Advisory Publication: May 21, 2014 [without technical details]
Vendor Notification: May 21, 2014
Vendor Patch: June 17, 2014
Public Disclosure: June 18, 2014
Vulnerability

[ more ]  [ reply ]
[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal 2014-06-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04341295

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04341295
Version: 1

HPSBMU03048 re

[ more ]  [ reply ]
[SECURITY] [DSA 2963-1] lucene-solr security update 2014-06-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2963-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 17, 2014

[ more ]  [ reply ]
[security bulletin] HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04336637

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04336637
Version: 2

HPSBUX03046 SS

[ more ]  [ reply ]
[SECURITY] [DSA 2962-1] nspr security update 2014-06-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2962-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 17, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2961-1] php5 security update 2014-06-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2961-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
June 16, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2950-2] openssl update 2014-06-16
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2950-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 16, 2014

[ more ]  [ reply ]
(Page 7 of 1547)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus