BugTraq Mode:
(Page 9 of 1675)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability 2016-04-07
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1813

Release Date:
=============
2016-04-05

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Eight Webcom CMS (2016 Q2) - SQL Injection Vulnerability 2016-04-07
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
Eight Webcom CMS (2016 Q2) - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1811

Release Date:
=============
2016-04-05

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
Quicksilver HQ VoHo Concept4E CMS v1.0 - Multiple SQL Injection Web Vulnerabilities 2016-04-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Quicksilver HQ VoHo Concept4E CMS v1.0 - Multiple SQL Injection Web
Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1816

Release Date:
=============
2016-04-06

Vulnerability Laboratory ID (VL-ID):
===

[ more ]  [ reply ]
Virtual Freer v1.58 - Client Side Cross Site Scripting Vulnerability 2016-04-07
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
Virtual Freer v1.58 - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1812

Release Date:
=============
2016-04-06

Vulnerability Laboratory ID (VL-ID):
=================

[ more ]  [ reply ]
Techsoft WS CMS (2016 Q2) - SQL Injection Web Vulnerability 2016-04-07
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
Techsoft WS CMS (2016 Q2) - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1810

Release Date:
=============
2016-04-04

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
[security bulletin] HPSBST03568 rev.1 - HP XP7 Command View Advanced Edition Suite including Device Manager and Hitachi Automation Director (HAD), Remote Server-Side Request Forgery (SSRF) 2016-04-06
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05073670

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05073670
Version: 1

HPSBST03568 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03569 rev.2 - HPE OneView for VMware vCenter (OV4VC), Remote Disclosure of Information 2016-04-06
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05068681

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05068681
Version: 2

HPSBGN03569 r

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability 2016-04-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20160406-remcode

Revision 1.0

For Public Release 2016 April 6 16:00 UTC (GMT)

+--------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability 2016-04-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability

Advisory ID: cisco-sa-20160406-privauth

Revision 1.0

For Public Release 2016 April 6 16:00 UTC (GMT)

+----------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability 2016-04-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service
Vulnerability

Advisory ID: cisco-sa-20160406-cts2

Revision 1.0

For Public Release 2016 April 6 16:00 UTC (GMT)

+--------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability 2016-04-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability

Advisory ID: cisco-sa-20160406-ucs

Revision 1.0

For Public Release 2016 April 06 16:00 GMT (UTC)

+---------------------------------------------------------------------

Summ

[ more ]  [ reply ]
Cisco Security Advisory: Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability 2016-04-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability

Advisory ID: cisco-sa-20160406-cts1

Revision 1.0

For Public Release 2016 April 6 16:00 UTC (GMT)

+---------------------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability 2016-04-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability

Advisory ID: cisco-sa-20160406-cts

Revision 1.0

For Public Release 2016 April 6 16:00 UTC (GMT)

+--------------------------------------------------------------

[ more ]  [ reply ]
CVE-2016-3672 - Unlimiting the stack not longer disables ASLR 2016-04-06
Hector Marco-Gisbert (hecmargi upv es)
Hi everyone,

We have fixed an old and very known weakness in the Linux ASLR implementation.

The weakness allowed any user able to running 32-bit applications in a x86
machine disable the ASLR by setting the RLIMIT_STACK resource to unlimited.

This is a very old trick to disable ASLR, but unfortun

[ more ]  [ reply ]
SQL Injection in SocialEngine 2016-04-06
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23286
Product: SocialEngine
Vendor: Webligo
Vulnerable Version(s): 4.8.9 and probably prior
Tested Version: 4.8.9
Advisory Publication: December 21, 2015 [without technical details]
Vendor Notification: December 21, 2015
Public Disclosure: April 6, 2016
Vulnerability Type: SQL In

[ more ]  [ reply ]
[slackware-security] subversion (SSA:2016-097-01) 2016-04-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] subversion (SSA:2016-097-01)

New subversion packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pack

[ more ]  [ reply ]
op5 v7.1.9 Remote Command Execution 2016-04-06
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/OP5-REMOTE-CMD-EXECUTION.txt

Vendor:
============
www.op5.com

Product:
===========
op5 v7.1.9

op5 Monitor is a software product for server, Network monitoring and management

[ more ]  [ reply ]
CA20160405-01: Security Notice for CA API Gateway 2016-04-05
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20160405-01: Security Notice for CA API Gateway

Issued: April 5, 2016
Last Updated: April 5, 2016

CA Technologies Support is alerting customers to a Medium risk
vulnerability with CA API Gateway (formerly known as Layer7 API
Gateway). A vulnerabil

[ more ]  [ reply ]
[SECURITY] [DSA 3543-1] oar security update 2016-04-05
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3543-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
April 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3542-1] mercurial security update 2016-04-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3542-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 05, 2016

[ more ]  [ reply ]
Apple iOS 9.3.1 (iPhone 6S & iPhone Plus) - (3D Touch) Passcode Bypass Vulnerability 2016-04-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Apple iOS 9.3.1 (iPhone 6S & iPhone Plus) - (3D Touch) Passcode Bypass
Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1814

Release Date:
=============
2016-04-05

Vulnerability Laboratory ID (VL-ID):
==

[ more ]  [ reply ]
[SECURITY] [DSA 3541-1] roundcube security update 2016-04-05
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3541-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
April 05, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03569 rev.1 - HPE OneView for VMware vCenter (OV4VC), Remote Disclosure of Information 2016-04-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05068681

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05068681
Version: 1

HPSBGN03569 r

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2016-095-01) 2016-04-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2016-095-01)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit 2016-04-04
lists (at) exploits4coins (dot) com [email concealed] (lists exploits4coins com)
## Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit ##

This particular vulnerability makes it possible to force a Stratum Mining
Pool to accept "invalid" shares by the thousands for each mining pool
round. It is possible to make pure money from this vulnerability. The
exploit is real but

[ more ]  [ reply ]
ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability 2016-04-04
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability

EMC Identifier: ESA-2016-034

CVE Identifier: CVE-2016-0888

Severity Rating: CVSS v3 Base Score: 8.8(AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected products:

? Documentum D

[ more ]  [ reply ]
[SE-2012-01] Broken security fix in IBM Java 7/8 2016-04-04
Security Explorations (contact security-explorations com) (1 replies)

Hello All,

Those concerned about security of IBM Java [1] may find this post
interesting.

We discovered that a fix for a security vulnerability (Issue 67)
[2] we reported to the company in May 2013 didn't address the
problem properly.

This is the 6th instance of a broken patch we encountered fro

[ more ]  [ reply ]
Re: [SE-2012-01] Broken security fix in IBM Java 7/8 2016-04-05
Security Explorations (contact security-explorations com)
CVE-2016-2191: optipng: invalid write 2016-04-04
Hans Jerry Illikainen (hji dyntopia com)
An invalid write may occur in optipng before version 0.7.6 while
processing bitmap images due to `crt_row' being (inc|dec)remented
without any boundary checking when encountering delta escapes.

optipng-0.7.5/src/pngxtern/pngxrbmp.c:
,----
| 210 static size_t
| 211 bmp_read_rows(png_bytepp begin_row

[ more ]  [ reply ]
(Page 9 of 1675)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus