BugTraq Mode:
(Page 10 of 1704)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-dhcp1

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability

Advisory ID: cisco-sa-20161005-nxaaa

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+--------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-bgp

Revision 1.0

For Public Release 2016 October 5 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
===

[ more ]  [ reply ]
[security bulletin] HPSBGN03639 rev.1 - HPE KeyView, Remote Code Execution 2016-10-05
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052974
77

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05297477
Version: 1

HPSBGN03639 rev.1 - HPE KeyV

[ more ]  [ reply ]
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial of Service 2016-10-05
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial
of Service

Title: Cisco Firepower Threat Management Console Authenticated Denial of Service
Advisory ID: KL-001-2016-004
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-0

[ more ]  [ reply ]
KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials 2016-10-05
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL
Credentials

Title: Cisco Firepower Threat Management Console Hard-coded MySQL Credentials
Advisory ID: KL-001-2016-005
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-201

[ more ]  [ reply ]
[SECURITY] [DSA 3688-1] nss security update 2016-10-05
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3688-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3687-1] nspr security update 2016-10-05
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3687-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 05, 2016

[ more ]  [ reply ]
September 2016 - HipChat Plugin for various products - Critical Security Advisory 2016-10-06
David Black (dblack atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the following advisory pages:

* Bitbucket Server - https://confluence.atlassian.com/x/0QkcMg
* Confluence - https://confluence.atlassian.com/x/yIGbMg
* JIRA - https://confluence.atlassian.com/x/w4GbMg

CVE ID:
* CVE-2016-6668 - T

[ more ]  [ reply ]
ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities 2016-10-04
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities

EMC Identifier: ESA-2016-121

CVE Identifier: CVE-2016-6645, CVE-2016-6646

Severity Rating: CVSS v3 Base Score: See below for individual CVE

[ more ]  [ reply ]
ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability 2016-10-04
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability

EMC Identifier: ESA-2016-063

CVE Identifier: CVE-2016-0913

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:

[ more ]  [ reply ]
Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities 2016-10-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1942

Release Date:
=============
2016-10-04

Vulnerability Laboratory ID (VL-ID):
================

[ more ]  [ reply ]
AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit 2016-10-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1966

Release Date:
=============
2016-10-04

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
TeempIp XSS Cookie Theft 2016-10-03
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/TEEMIP-XSS-COOKIE-THEFT.txt

[+] ISR: ApparitionSec

Vendor:
===============
www.combodo.com

Product:
==============
TeemIp v2.0.2

Offer your customers a professional and eco

[ more ]  [ reply ]
[SECURITY] [DSA 3684-1] libdbd-mysql-perl security update 2016-10-03
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3684-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 03, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3681-2] wordpress regression update 2016-10-01
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3681-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
October 01, 2016

[ more ]  [ reply ]
CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-01
Dawid Golunski (dawid legalhackers com)
CVE: CVE-2016-1240
Vulnerability: Tomcat packaging on Debian-based distros - Local Root
Privilege Escalation
Affected packages: Tomcat 6/7/8 deb packages (up to 8.0.36-2)
Systems affected: Debian & Ubuntu & possibly others (using the
affected deb packages)

Discovered by:
Dawid Golunski (http://lega

[ more ]  [ reply ]
Multiple exposures in Sophos UTM 2016-09-30
Tim Schughart (t schughart prosec-networks com)
Hello @all,

together with my colleague we found two uncritical vulnerabilities you'll find below.

Product: Sophos UTM
Vendor: Sophos ltd.

Internal reference: ? (Bug ID)
Vulnerability type: Information Disclosure
Vulnerable version: 9.405-5, 9.404-5 and possible other versions affected (not test

[ more ]  [ reply ]
[SYSS-2016-060] Logitech M520 - Insufficient Verification of Data Authenticity (CWE-345) 2016-09-30
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-060
Product: M520 (Mouse of Wireless Combo MK520)
Manufacturer: Logitech
Affected Version(s): Model Y-R0012
Tested Version(s): Model Y-R0012
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)

[ more ]  [ reply ]
Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability 2016-09-29
Mike Kienenberger (mkienenb gmail com)
Clarification: The first line in this CVE [1] was a copy&paste error
during message composition and is not part of the CVE. This line can
make it sound as if CVE-2016-5019 is only an information disclosure
vulnerability rather than a deserialization attack vector. I
apologize for the confusion.

O

[ more ]  [ reply ]
Persistent XSS in Abus Security Center - CVSS 8.0 2016-09-29
Tim Schughart (t schughart prosec-networks com)
Hi@all,

Product: Abus Security Cams
Vendor:Abus Group

Internal reference: -
Vulnerability type: Cross Site Scripting
Vulnerable version: 0101a and possible other versions affected (not tested)
Vulnerable component: FTP
Report confidence: Confirmed
Solution status: Not fixed by Vendor, will n

[ more ]  [ reply ]
[security bulletin] HPSBGN03650 rev.1 - HPE Network Automation Software, Local Arbitrary File Modification 2016-09-29
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052817
39

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05281739
Version: 1

HPSBGN03650 rev.1 - HPE Netw

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability

Advisory ID: cisco-sa-20160928-smi

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+----------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities

Advisory ID: cisco-sa-20160928-msdp

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+---------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-ios-ikev1

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+--------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-esp-nat

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+------------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-cip

Revison: 1.0

For Public Release: 2016 September 28 16:00 GMT

+-------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-aaados

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+-----------------------------------------------

[ more ]  [ reply ]
[REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities 2016-09-28
Matteo Beccati (matteo beccati com)
========================================================================

Revive Adserver Security Advisory REVIVE-SA-2016-002
========================================================================

http://www.revive-adserver.com/security/revive-sa-2016-002
======================

[ more ]  [ reply ]
Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28
Pierre Kim (pierre kim sec gmail com)
Hello,

Please find a text-only version below sent to security mailing lists.

The complete version on analysing the security in Dlink 932B LTE
routers is posted here:
https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-v
ulnerabilities.html

=== text-version of the advisory w

[ more ]  [ reply ]
(Page 10 of 1704)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus