BugTraq Mode:
(Page 8 of 1616)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-05-21
pan vagenas gmail com
# Exploit Title: WordPress WP Membership plugin [Stored XSS]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4039

========

[ more ]  [ reply ]
[SECURITY] [DSA 3266-1] fuse security update 2015-05-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3266-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 21, 2015

[ more ]  [ reply ]
Webgrind XSS vulnerability 2015-05-21
hyp3rlinx gmail com
Credits: John Page ( hyp3rlinx )
Domains: hyp3rlinx.altervista.org

Source:
http://hyp3rlinx.altervista.org/advisories/AS-WEBGRIND0520.txt

Vendor:
https://github.com/jokkedk/webgrind

Product:
Webgrind is a Xdebug Profiling Web Frontend in PHP.

Advisory Information:
==============================

[ more ]  [ reply ]
CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) 2015-05-21
Julian Reschke (julian reschke greenbytes de)
Dear readers,

we just fixed a recently reported vulnerability in Apache Jackrabbit's
WebDAV module; see

- the attached CVE report

- patches for all currently maintained Jackrabbit branches

We just released Jackrabbit 2.10.1 (see below) and we'll get to the
other branches shortly. Check the CVE

[ more ]  [ reply ]
CVE for Apple's ECDHE-ECDSA SecureTransport bug? 2015-05-20
Jeffrey Walton (noloader gmail com)
Does anyone know if Apple's ECDHE-ECDSA SecureTransport bug was
assigned a CVE? It affected OS X and iOS.

Effectively, the bug was an implementation error that cause
interoperability failures. To mostly counter it, the cipher suites had
to be disabled, which resulted in a loss of security. If the p

[ more ]  [ reply ]
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update 2015-05-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3261-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 20, 2015

[ more ]  [ reply ]
[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities 2015-05-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04679309

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04679309
Version: 1

HPSBUX03333 SS

[ more ]  [ reply ]
[security bulletin] HPSBUX03334 SSRT102000 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-05-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04679334

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04679334
Version: 1

HPSBUX03334 SS

[ more ]  [ reply ]
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1456

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
========

[ more ]  [ reply ]
Stored XSS in WP Photo Album Plus WordPress Plugin 2015-05-20
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23257
Product: WP Photo Album Plus WordPress Plugin
Vendor: J.N. Breetvelt
Vulnerable Version(s): 6.1.2 and probably prior
Tested Version: 6.1.2
Advisory Publication: April 29, 2015 [without technical details]
Vendor Notification: April 29, 2015
Vendor Patch: April 29, 2015
Publi

[ more ]  [ reply ]
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1498

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
[SECURITY] [DSA 3265-1] zendframework security update 2015-05-20
David Prévot (david tilapin org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3265-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ David Prévot
May 20, 2015

[ more ]  [ reply ]
ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19
akashchavan0708 gmail com
========================================================================
=================
CSRF Vulnerability in ManageEngine EventLog Analyzer Version :10.0, Build Number : 10001
========================================================================
=================


. contents:: Table Of Conte

[ more ]  [ reply ]
Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-19
metacom27 gmail com
A local dll injection vulnerability has been discovered in the official Staff-FTP v3.04 software.
The issue allows local attackers to inject code to vulnerable libraries to compromise the process or to gain higher access privileges.

The windows software is vulnerable to dll hijacking attacks. The v

[ more ]  [ reply ]
[SECURITY] [DSA 3263-1] proftpd-dfsg security update 2015-05-19
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3263-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
May 19, 2015

[ more ]  [ reply ]
Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Staff FTP v3.04 Software - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1499

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1496

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
[SECURITY] [DSA 3264-1] icedove security update 2015-05-19
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3264-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 19, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow 2015-05-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04594015

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04594015
Version: 1

HPSBGN03286 re

[ more ]  [ reply ]
APPLE-SA-2015-05-19-1 Watch OS 1.0.1 2015-05-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-05-19-1 Watch OS 1.0.1

Watch OS 1.0.1 is now available and addresses the following:

Certificate Trust Policy
Available for: Apple Watch Sport, Apple Watch,
and Apple Watch Edition
Impact: Update to the certificate trust policy
Descript

[ more ]  [ reply ]
[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access 2015-05-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

UPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04649315
Version: 1

HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release

[ more ]  [ reply ]
[SECURITY] [DSA 3175-2] kfreebsd-9 security update 2015-05-18
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3175-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 18, 2015

[ more ]  [ reply ]
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-19
metacom27 gmail com
Technical Details & Description:
================================
A local dll injection vulnerability has been discovered in the official Wise-FTP v8.0.2 software.
The issue allows local attackers to inject code to vulnerable libraries to compromise the process or to gain higher access privileges.

[ more ]  [ reply ]
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1494

Release Date:
=============
2015-05-13

Vulnerability Laboratory ID (VL-ID):
========================

[ more ]  [ reply ]
[SECURITY] [DSA 3262-1] xen security update 2015-05-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3262-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 18, 2015

[ more ]  [ reply ]
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1494

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Wireless Photo Transfer v3.0 iOS - File Include Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wireless Photo Transfer v3.0 iOS - File Include Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1492

Release Date:
=============
2015-05-12

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
CRUCMS Crucial Networking - SQL Injection Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
CRUCMS Crucial Networking - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1497

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2015-137-01) 2015-05-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-137-01)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability 2015-05-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability

CVE Identifier: CVE-2015-0540

Severity Rating: CVSSv2 Base Score: 8.0 (AV:N/AC:L/Au:S/C:P/I:P/A:C)

Affected products:

? EMC Document Sciences xPression 4.2

? EMC D

[ more ]  [ reply ]
(Page 8 of 1616)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus