BugTraq Mode:
(Page 8 of 1620)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >
[CVE-2015-3188] Apache Storm remote code execution vulnerability 2015-06-20
P. Taylor Goetz (ptgoetz apache org)
CVE-2015-3188: Apache Storm remote code execution vulnerability

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache Storm 0.10.0-beta

Description:
The UI daemon in Apache Storm 0.10.0-beta allows remote users to run
arbitrary code as the user running the web ser

[ more ]  [ reply ]
Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1473

EIBBP-31541

Release Date:
=============
2015-06-15

Vulnerability Laboratory ID (V

[ more ]  [ reply ]
Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1457

eBay Inc. Bug Bounty Program ID: EIBBP-31603

Video: https://www.youtube.com/watch?v=WffsHd8pibE

Re

[ more ]  [ reply ]
Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1460

Video: http://www.vulnerability-lab.com/get_content.php?id=1526

View Video: https://www.yo

[ more ]  [ reply ]
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1522

Release Date:
=============
2015-06-16

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1501

Release Date:
=============
2015-06-19

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
[SECURITY] [DSA 3292-1] cinder security update 2015-06-19
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3292-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
June 19, 2015

[ more ]  [ reply ]
DUO Security push Timing Attack 2015-06-18
jpierini paysw com
DUO ?push? Timing Attack

PSC Risk Assessment
CVSS 7.3, (AV:N/AC:L/Au:M/C:C/I:N/A:C/E:F/RL:ND/RC:ND)

Description
Duo ?push? authentications are susceptible to a low-profile timing-based attack that permits an intruder to steal an authenticated session from an end-user accessing Duo-protected resour

[ more ]  [ reply ]
[SECURITY] [DSA 3291-1] drupal7 security update 2015-06-18
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3291-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
June 18, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3290-1] linux security update 2015-06-18
Ben Hutchings (benh debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3290-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Ben Hutchings
June 18, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03338 rev.1 - HP Service Manager running RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04687922

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04687922
Version: 1

HPSBGN03338 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03350 rev.1 - HP SiteScope Using RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04708650

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04708650
Version: 1

HPSBGN03350 re

[ more ]  [ reply ]
VCE3570: VCE Vision(TM) Intelligent Operations Cryptographic and Cleartext Vulnerabilities 2015-06-17
VCE - PSIRT (VCEPSIRT vce com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

VCE3570: VCE Vision(TM) Intelligent Operations Cryptographic and Cleartext Vulnerabilities

CVE Identifier: CVE-2015-4056, CVE-2015-4057

Severity Rating: CVSSv2 Base Score: See below for individual scores for each CVE

Affected products:

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in SearchBlox 2015-06-17
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23256
Product: SearchBlox
Vendor: SearchBlox Software, Inc.
Vulnerable Version(s): 8.2 and probably prior
Tested Version: 8.2
Advisory Publication: April 22, 2015 [without technical details]
Vendor Notification: April 22, 2015
Vendor Patch: May 26, 2015
Public Disclosure: June 17

[ more ]  [ reply ]
OS Command Injection in Vesta Control Panel 2015-06-17
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23261
Product: Vesta Control Panel
Vendor: http://vestacp.com
Vulnerable Version(s): 0.9.8 and probably prior
Tested Version: 0.9.8
Advisory Publication: May 20, 2015 [without technical details]
Vendor Notification: May 20, 2015
Vendor Patch: June 3, 2015
Public Disclosure: June

[ more ]  [ reply ]
ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities 2015-06-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities

EMC Identifier: ESA-2015-043

CVE Identifier: CVE-2014-3566, CVE-2014-0098, CVE-2014-0231, CVE-2014-0226, CVE-2013-1862, CVE-2012-3499, CVE-2015-0526, CVE-2013-256

[ more ]  [ reply ]
ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability 2015-06-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability

EMC Identifier: ESA-2015-106

CVE Identifier: CVE-2015-0546

Severity Rating: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Affe

[ more ]  [ reply ]
BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability 2015-06-16
d4rkr0id gmail com
# Exploit Title: BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability
# Date: 2015/06/16
# Vendor Homepage: http://blackcat-cms.org/
# Software Link: http://blackcat-cms.org/temp/packetyzer/blackcatcms_2fo3PXdKj1.zip
# Version: v1.1.1
# Tested on: Centos 6.5,PHP 5.4.41
# Category: webapps

* D

[ more ]  [ reply ]
[SECURITY] [DSA 3289-1] p7zip security update 2015-06-15
Ben Hutchings (benh debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3289-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Ben Hutchings
June 15, 2015

[ more ]  [ reply ]
WebdesignJiNi Cms Sql Injection Vulnerability 2015-06-14
iedb team gmail com
Sql Injection Vulnerability in WebdesignJiNi Cms in All Version

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @

[ more ]  [ reply ]
Productsurf Cms Sql Injection Vulnerability 2015-06-14
iedb team gmail com
Sql Injection Vulnerability in Productsurf Cms All Version

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @@

[ more ]  [ reply ]
[SECURITY] [DSA 3252-2] sqlite3 security update 2015-06-14
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3252-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
June 14, 2015

[ more ]  [ reply ]
[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager 2015-06-15
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: SQL Injection in TYPO3 Extension Akronymmanager

An SQL injection vulnerability in the TYPO3 extension "Akronymmanager"
allows authenticated attackers to inject SQL statements and thereby read
data from the TYPO3 database.

Details
=======

Product: sb_akronymmanager
Affected Versions: <=

[ more ]  [ reply ]
[SECURITY] [DSA 3287-1] openssl security update 2015-06-13
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3287-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
June 13, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3288-1] libav security update 2015-06-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3288-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2015

[ more ]  [ reply ]
Buffer Overflow in My Wifi Router Software 2015-06-13
sudson08 gmail com
Hi there,

I have seen a buffer overflow in My Wifi Router software version 1.0

The link of the software is available :- http://mywifirouter.software.informer.com/1.0/

Exploit :- After running the software you will see two places to enter details i.e "Hotspot Name" and "Password".

To exploit thi

[ more ]  [ reply ]
[SECURITY] [DSA 3286-1] xen security update 2015-06-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3286-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3285-1] qemu-kvm security update 2015-06-12
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3285-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 13, 2015

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2015-162-01) 2015-06-11
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2015-162-01)

New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:10.openssl 2015-06-12
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:10.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
(Page 8 of 1620)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus