BugTraq Mode:
(Page 10 of 1617)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Sidu 5.2 Admin XSS Vulnerability 2015-05-14
apparitionsec gmail com
Affected Vendor:
www.topnew.net/sidu/

Credits: John Page ( hyp3rlinx )
Domains: hyp3rlinx.altervista.org

Source:
http://hyp3rlinx.altervista.org/advisories/AS-SIDU0513.txt

Product:
Sidu version 5.2 is a web based database front-end administration tool.

Advisory Information:
==================

[ more ]  [ reply ]
Certificate trust vulnerability in Websense Content Gateway 2015-05-14
Steve Shockley (steve shockley shockley net)
SUMMARY
Websense Content Gateway proxy explicitly trusts compromised certificate
authorities

Affected versions: Content Gateway 7.8.x
Not affected: Content Gateway 7.7.x, 8.0

DESCRIPTION
Websense Content Gateway is a filtering web proxy and content inspection
application based on a modified Inkt

[ more ]  [ reply ]
Server buffer overflow in Pure Faction <= 3.0c 2015-05-13
soulsgetnothing hotmail comtyg*
Application: Pure Faction
http://www.purefaction.org
Versions: <= 3.0c
Platforms: Windows
Bug: server buffer overflow
Risk: highly critical
Exploitation: remote and automatic (requires attacker to have joined server)
Date: 13 Mar 2015
Author: soulsgetnothing
e-mail: soulsgetnothing (at) hotmail (dot

[ more ]  [ reply ]
[SECURITY] [DSA 3260-1] iceweasel security update 2015-05-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3260-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 13, 2015

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software 2015-05-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software

Advisory ID: cisco-sa-20150513-tc

Revision 1.0

For Public Release 2015 May 13 16:00 UTC (GMT)

+------------------------------------------------------------

[ more ]  [ reply ]
[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities 2015-05-13
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: SAP LZC/LZH Compression Multiple Vulnerabilities
Advisory ID: CORE-2015-0009
Advisory URL: http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-
vulnerabilities
Date published: 2015-05-12
Date of last update: 2015-05-12
Vendors contacted: SAP
Release

[ more ]  [ reply ]
Web India Solutions CMS 2015 - SQL Injection Vulnerability 2015-05-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Web India Solutions CMS 2015 - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1495

Release Date:
=============
2015-05-13

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
[SECURITY] [DSA 3259-1] qemu security update 2015-05-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3259-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 13, 2015

[ more ]  [ reply ]
Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250 2015-05-13
Onur Yilmaz (onur netsparker com)
Information
--------------------
Advisory by Netsparker.
Name: Multiple XSS Vulnerabilities in Concrete5
Affected Software : Concrete5
Affected Versions: 5.7.3.1 and possibly below
Vendor Homepage : https://www.concrete5.org
Vulnerability Type : Cross-site Scripting
Severity : Important
CVE-ID: CVE-

[ more ]  [ reply ]
Cisco Security Advisory: Command Injection Vulnerability in Multiple Cisco TelePresence Products 2015-05-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Command Injection Vulnerability in Multiple Cisco TelePresence Products

Advisory ID: cisco-sa-20150513-tp

Revision 1.0

For Public Release 2015 May 13 16:00 UTC (GMT)

+-----------------------------------------------------

[ more ]  [ reply ]
SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server 2015-05-13
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20150513-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: WSO2 Identity Server

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2015-132-04) 2015-05-13
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2015-132-04)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 3258-1] quassel security update 2015-05-12
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3258-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 12, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03330 rev.1 - HP Matrix Operating Environment (MOE) running glibc on Linux, Remote Disclosure of Information 2015-05-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04674742

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04674742
Version: 1

HPSBMU03330 r

[ more ]  [ reply ]
[slackware-security] mysql (SSA:2015-132-02) 2015-05-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mysql (SSA:2015-132-02)

New mysql packages are available for Slackware 14.0 to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/mysql-5.5.43-i486-1_slack

[ more ]  [ reply ]
[slackware-security] wpa_supplicant (SSA:2015-132-03) 2015-05-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] wpa_supplicant (SSA:2015-132-03)

New wpa_supplicant packages are available for Slackware 14.0, 14.1, and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patc

[ more ]  [ reply ]
[slackware-security] mariadb (SSA:2015-132-01) 2015-05-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mariadb (SSA:2015-132-01)

New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-

[ more ]  [ reply ]
[SECURITY] [DSA 3257-1] mercurial security update 2015-05-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3257-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 11, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03329 rev.1 - HP SDN VAN Controller, Remote Denial of Service (DoS), Distributed Denial of Service (DDoS) 2015-05-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04657823

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04657823
Version: 1

HPSBGN03329 re

[ more ]  [ reply ]
[oCERT-2015-006] dcraw input sanitization errors 2015-05-11
Andrea Barisani (lcars ocert org)

#2015-006 dcraw input sanitization errors

Description:

The dcraw photo decoder is an open source project for raw image parsing.

The dcraw tool, as well as several other projects re-using its code, suffers
from an integer overflow condition which lead to a buffer overflow. The
vulnerability conce

[ more ]  [ reply ]
[SECURITY] [DSA 3256-1] libtasn1-6 security update 2015-05-10
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3256-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 10, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3255-1] zeromq3 security update 2015-05-10
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3255-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 10, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3254-1] suricata security update 2015-05-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3254-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 09, 2015

[ more ]  [ reply ]
Sqlbuddy Path Traversal Vulnerability 2015-05-09
hyp3rlinx altervista org
Exploit Author: John Page (hyp3rlinx)
Website: hyp3rlinx.altervista.org/
Vendor Homepage: www.sqlbuddy.com
Version: 1.3.3

SQL Buddy is an open source web based MySQL administration application.

Advisory Information: ================== sqlbuddy suffers from directory traversal whereby a user can

[ more ]  [ reply ]
Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability 2015-05-09
apparitionsec gmail com
Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability.

Vendor:
http://www.sqlbuddy.com

Release Date:
=============
05-08-2015

Source:
====================================
http://hyp3rlinx.altervista.org/advisories/AS-SQLBUDDY0508.txt

Product:
===============================
sqlbuddy v

[ more ]  [ reply ]
[security bulletin] HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure 2015-05-08
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04657310

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04657310
Version: 1

HPSBGN03328 re

[ more ]  [ reply ]
Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities 2015-05-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1482

Release Date:
=============
2015-05-08

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
[ MDVSA-2015:232 ] libtasn1 2015-05-08
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:232
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3251-2] dnsmasq regression update 2015-05-07
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3251-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 07, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3253-1] pound security update 2015-05-07
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3253-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
May 07, 2015

[ more ]  [ reply ]
(Page 10 of 1617)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus