BugTraq Mode:
(Page 9 of 1680)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities 2016-05-03
bhadresh patel helpag com
Title:
====

NetCommWireless HSPA 3G10WVE Wireless Router ? Multiple vulnerabilities

Credit:
======

Name: Bhadresh Patel
Company/affiliation: HelpAG
Website: www.helpag.com

CVE:
=====

CVE-2015-6023, CVE-2016-6024

Date:
====

03-05-2016 (dd/mm/yyyy)

Vendor:
======

NetComm Wireless is a leading

[ more ]  [ reply ]
CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection 2016-05-03
Timo Juhani Lindfors (timo lindfors iki fi)

CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection
--------------------------------------------------------------------

Affected products
=================

At least Zabbix Agent 1:3.0.1-1+wheezy from
http://repo.zabbix.com/zabbix/3.0/debian is vulnerable. Other versions
were not

[ more ]  [ reply ]
[slackware-security] mercurial (SSA:2016-123-01) 2016-05-02
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mercurial (SSA:2016-123-01)

New mercurial packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+----------------------

[ more ]  [ reply ]
ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities 2016-05-02
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities

EMC Identifier: ESA-2016-041

CVE Identifier: CVE-2016-0892, CVE-2016-0893, CVE-2016-0894, CVE-2016-0895

Severity Rating: CVSSv3 Base Score : Please view details below for individ

[ more ]  [ reply ]
[SECURITY] [DSA 3565-1] botan1.10 security update 2016-05-02
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3565-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
May 02, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3564-1] chromium-browser security update 2016-05-02
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3564-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
May 02, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3563-1] poppler security update 2016-05-01
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3563-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 01, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3562-1] tardiff security update 2016-05-01
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3562-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
May 01, 2016

[ more ]  [ reply ]
Exploit-DB Captcha Bypass 2016-05-01
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Exploit Author : Rahul Pratap Singh
#Home page Link : https://www.exploit-db.com/
#Website : https://0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 1/5/2016

----------------------------------------
Description:
-----------------------

[ more ]  [ reply ]
[slackware-security] subversion (SSA:2016-121-01) 2016-04-30
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] subversion (SSA:2016-121-01)

New subversion packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pack

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-120-02) 2016-04-29
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-120-02)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.6.2

[ more ]  [ reply ]
[slackware-security] ntp (SSA:2016-120-01) 2016-04-29
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ntp (SSA:2016-120-01)

New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution 2016-04-29
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04989404

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04989404
Version: 3

HPSBGN03547 r

[ more ]  [ reply ]
[SECURITY] [DSA 3561-1] subversion security update 2016-04-29
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3561-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 29, 2016

[ more ]  [ reply ]
SQL Injection in GLPI 2016-04-29
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23301
Product: GLPI
Vendor: INDEPNET
Vulnerable Version(s): 0.90.2 and probably prior
Tested Version: 0.90.2
Advisory Publication: April 8, 2016 [without technical details]
Vendor Notification: April 8, 2016
Vendor Patch: April 11, 2016
Public Disclosure: April 29, 2016
Vulnera

[ more ]  [ reply ]
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability 2016-04-29
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1839

Release Date:
=============
2016-04-29

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]
Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream 2016-04-28
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll

despite better knowledge and MULTIPLE bug/vulnerability reports
(see <https://bugzilla.mozilla.org/show_bug.cgi?id=811557>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=809373>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=579593>, ...)
Mozilla continues to ship Firefox and Thunderbird fo

[ more ]  [ reply ]
[security bulletin] HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote Denial of Service (DoS) 2016-04-28
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05087821

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05087821
Version: 1

HPSBUX03583 S

[ more ]  [ reply ]
CVE-2016-3078: php: integer overflow in ZipArchive::getFrom* 2016-04-28
Hans Jerry Illikainen (hji dyntopia com)
Details
=======

An integer wrap may occur in PHP 7.x before version 7.0.6 when reading
zip files with the getFromIndex() and getFromName() methods of
ZipArchive, resulting in a heap overflow.

php-7.0.5/ext/zip/php_zip.c
,----
| 2679 static void php_zip_get_from(INTERNAL_FUNCTION_PARAMETERS, int ty

[ more ]  [ reply ]
[SECURITY] [DSA 3560-1] php5 security update 2016-04-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3560-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 27, 2016

[ more ]  [ reply ]
CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS 2016-04-27
Tony Homer (tony-- apache org)
CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
Apache Cordova iOS contains 2 methods to bypass the URL access
restrictions provided by the whitelist. An attacker

[ more ]  [ reply ]
CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS 2016-04-27
Tony Homer (ajh158 gmail com)
CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
Apache Cordova iOS contains 2 methods to bypass the URL access
restrictions provided by the whitelist. An attacker

[ more ]  [ reply ]
CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS 2016-04-27
Tony Homer (tony-- apache org)
CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
An arbitrary plugin can be executed when a user clicks on a link.

Upgrade path:
Developers who are concerned a

[ more ]  [ reply ]
[SECURITY] [DSA 3559-1] iceweasel security update 2016-04-27
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3559-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
April 27, 2016

[ more ]  [ reply ]
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection 2016-04-27
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
------------------------------------------------------------------------

Han Sahin, November 2014

----------------------------------------------------------------

[ more ]  [ reply ]
Oracle Discoverer Viewer BI - Open Redirect Vulnerability 2016-04-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Oracle Discoverer Viewer BI - Open Redirect Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1667

Oracle ID: S0666670

Release Date:
=============
2016-04-26

Vulnerability Laboratory ID (VL-ID):
========

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2016-117-01) 2016-04-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-117-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 3558-1] openjdk-7 security update 2016-04-26
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3558-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
April 26, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3557-1] mysql-5.5 security update 2016-04-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3557-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 26, 2016

[ more ]  [ reply ]
(Page 9 of 1680)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus