BugTraq Mode:
(Page 7 of 1721)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
DefenseCode ThunderScan SAST Advisory: WordPress Huge-IT Video Gallery Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory
WordPress Huge-IT Video Gallery Plugin
Security Vulnerability

Advisory ID: DC-2017-01-009
Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection
vulnerability
Advisory URL: http://www.defensecode

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory
WordPress All In One Schema.org Rich Snippets Plugin
Security Vulnerability

Advisory ID: DC-2017-01-002
Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin
Security Vulnerability
Advis

[ more ]  [ reply ]
[SECURITY] [DSA 3861-1] libtasn1-6 security update 2017-05-24
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3861-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
May 24, 2017

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Heap-based Buffer Overflow Vulnerabilities 2017-05-23
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2016/05/22

Microsoft Windows Heap-based Buffer Overflow Vulnerabilities

======================================================================

Table of Contents

Affected Soft

[ more ]  [ reply ]
HPESBHF03744 rev.1 - HPE Intelligent Management Center (iMC) PLAT running OpenSSL, Remote Denial of Service (DoS) 2017-05-22
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03744en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03744en_us

Version: 1

[ more ]  [ reply ]
CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-22
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page aka HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/SECURE-AUDITOR-v3.0-DIRECTORY
-TRAVERSAL.txt
[+] ISR: ApparitionSec

Vendor:
====================
www.secure-bytes.com

Product:
=====================
S

[ more ]  [ reply ]
CVE-2017-9046 Pegasus "winpm-32.exe" v4.72 Mailto: Link Remote Code Execution 2017-05-22
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/PEGASUS-MAILTO-LINK-REMOTE-CO
DE-EXECUTION.txt
[+] ISR: APPARITIONSEC

Vendor:
=============
www.pmail.com

Product:
===========================
Pegasus

[ more ]  [ reply ]
CVE-2017-9046 Mantis Bug Tracker 1.3.10 / v2.3.0 CSRF Permalink Injection 2017-05-22
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page a.k.a hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-CSRF-PERMA
LINK-INJECTION.txt
[+] ISR: ApparitionSec

Vendor:
================
www.mantisbt.org

Product:
=========
Mantis Bug Trac

[ more ]  [ reply ]
May 2017 - SourceTree - Critical Security Advisory 2017-05-22
Atlassian (security atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/jW2xNQ .

CVE ID:

* CVE-2017-8768.

Product: SourceTree.

Affected SourceTree product versions:

* SourceTree for Mac 1.4.0 <= version < 2.5.1
* SourceTree for Windows 0.8

[ more ]  [ reply ]
CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-20
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page aka HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/SECURE-AUDITOR-v3.0-DIRECTORY
-TRAVERSAL.txt
[+] ISR: ApparitionSec

Vendor:
====================
www.secure-bytes.com

Product:
=====================
S

[ more ]  [ reply ]
[SECURITY] [DSA 3858-1] openjdk-7 security update 2017-05-19
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3858-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 19, 2017

[ more ]  [ reply ]
[SECURITY] CVE-2017-5657: Apache Archiva CSRF vulnerability for REST endpoints 2017-05-19
Martin (martin_s apache org)
CVE-2017-5657: Apache Archiva CSRF vulnerabilities for various REST endpoints

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Archiva 2.0.0 - 2.2.1
The unsupported versions 1.x are also affected.

Several REST service endpoints of Apache Archiva are not pro

[ more ]  [ reply ]
[SECURITY] [DSA 3853-1] bitlbee security update 2017-05-15
Sebastien Delafond (seb untangle com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3853-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
May 15, 2017

[ more ]  [ reply ]
Secunia Research: LibRaw "parse_tiff_ifd()" Memory Corruption Vulnerability 2017-05-15
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2017/05/11

LibRaw "parse_tiff_ifd()" Memory Corruption Vulnerability

======================================================================

Table of Contents

Affected Software

[ more ]  [ reply ]
PingID (MFA) - Reflected Cross-Site Scripting 2017-05-17
Advisories (advisories compass-security com)
#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: PingID (MFA) [1]
# Vendor: Ping Identity Corporation
# CSNC ID: CSNC-20

[ more ]  [ reply ]
[slackware-security] kdelibs (SSA:2017-136-02) 2017-05-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] kdelibs (SSA:2017-136-02)

New kdelibs packages are available for Slackware 13.37, 14.0, 14.1, 14.2,
and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patc

[ more ]  [ reply ]
[security bulletin] HPESBGN03748 rev.1 - HPE Cloud Optimizer, Remote Disclosure of Information 2017-05-18
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03748en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03748en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3856-1] deluge security update 2017-05-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3856-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 18, 2017

[ more ]  [ reply ]
Nextcloud/Owncloud - Reflected Cross Site Scripting in error pages 2017-05-15
Manuel Mancera (sinkmanu gmail com)
==================================================================
Nextcloud/Owncloud - Reflected Cross Site Scripting in error pages
==================================================================

Information
------------------------------------------------------------------
Name: Nextcloud/Own

[ more ]  [ reply ]
APPLE-SA-2017-05-15-6 iTunes 12.6.1 2017-05-15
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-05-15-6 iTunes 12.6.1

iTunes 12.6.1 is now available and addresses the following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple

[ more ]  [ reply ]
APPLE-SA-2017-05-15-4 watchOS 3.2.1 2017-05-15
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-05-15-4 watchOS 3.2.1

watchOS 3.2.1 is now available and addresses the following:

AVEVideoEncoder
Available for: All Apple Watch models
Impact: An application may be able to gain kernel privileges
Description: A memory corruption issu

[ more ]  [ reply ]
[security bulletin] HPESBHF03745 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-05-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03745en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03745en_us

Version: 1

HP

[ more ]  [ reply ]
Secunia Research: FLAC "read_metadata_vorbiscomment_()" Memory Leak Denial of Service Vulnerability 2017-05-15
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2017/05/11

FLAC "read_metadata_vorbiscomment_()" Memory Leak

Denial of Service Vulnerability

===========================================================

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: GOOGLE google-api-php-client Multiple Security Vulnerabilities 2017-05-11
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory
GOOGLE google-api-php-client
Multiple Security Vulnerabilities

Advisory ID: DC-2017-04-012
Advisory Title: google-api-php-client Multiple XSS Vulnerabilities
Advisory URL:
http://defensecode.com/advisories/DC-2017-04-012_go

[ more ]  [ reply ]
SEC Consult SA-20170511-0 :: Stack-based buffer overflow vulnerability in Guidance Software EnCase Forensic Imager 2017-05-11
SEC Consult Vulnerability Lab (research sec-consult com)
A blog post with additional information is available here:
http://blog.sec-consult.com/2017/05/chainsaw-of-custody-manipulating.htm
l

We have also released a video showing arbitrary code execution:
https://www.youtube.com/watch?v=1EngNIXSNQw

SEC Consult Vulnerability Lab Security Advisory < 201705

[ more ]  [ reply ]
DefenseCode WebScanner DAST Advisory: WordPress User Access Manager Plugin Security Vulnerability 2017-05-11
DefenseCode (defensecode defensecode com)

DefenseCode WebScanner DAST Advisory
WordPress User Access Manager Plugin
Security Vulnerability

Advisory ID: DC-2017-01-021
Advisory Title: WordPress User Access Manager Plugin Cross Site
Scripting vulnerability
Advisory URL:
http://www.defensecode

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Tracking Code Manager Plugin Multiple Security Vulnerabilities 2017-05-11
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory
WordPress Tracking Code Manager Plugin
Multiple Security Vulnerabilities

Advisory ID: DC-2017-01-020
Advisory Title: WordPress Tracking Code Manager Plugin Multiple
Vulnerabilities
Advisory URL:
http://www.defensecode.com/advi

[ more ]  [ reply ]
ESA-2017-017: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability 2017-05-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

EMC Identifier: ESA-2017-017: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability

CVE Identifier: CVE-2017-4978

Severity Rating: CVSS v3 Score: 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products:

RSA Ad

[ more ]  [ reply ]
ESA-2017-027: EMC Isilon OneFS NFS Export Upgrade Vulnerability 2017-05-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2017-027: EMC Isilon OneFS NFS Export Upgrade Vulnerability

EMC Identifier: ESA-2017-027

CVE Identifier: CVE-2017-4979

Severity Rating: CVSS v3 Base Score: 7.1 (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)

Affected products: The issue oc

[ more ]  [ reply ]
[CORE-2017-0001] - SAP SAPCAR Heap Based Buffer Overflow Vulnerability 2017-05-10
Core Security Advisories Team (advisories coresecurity com)
1. *Advisory Information*

Title: SAP SAPCAR Heap Based Buffer Overflow Vulnerability
Advisory ID: CORE-2017-0001
Advisory URL: http://www.coresecurity.com/advisories/sap-sapcar-
heap-based-buffer-overflow-vulnerability
Date published: 2017-05-10
Date of last update: 2017-05-10
Vendors contacted: SA

[ more ]  [ reply ]
(Page 7 of 1721)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus