BugTraq Mode:
(Page 10 of 1598)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Vulnerability in the Dropbox SDK for Android (CVE-2014-8889) 2015-03-11
Roee Hay (roeeh il ibm com)
Hi,

We have recently discovered a vulnerability in the Dropbox SDK for
Android. This vulnerability may enable theft of sensitive information
from apps that use the vulnerable Dropbox SDK both locally by malware
and also remotely by using drive-by exploitation techniques.

The vulnerability is ident

[ more ]  [ reply ]
[SECURITY] [DSA 3182-1] libssh2 security update 2015-03-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3182-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
March 11, 2015

[ more ]  [ reply ]
Community Gallery - Srored Corss-Site Scripting vulnerability 2015-03-11
ITAS Team (itas team itas vn)
#Vulnerability title: Community Gallery - Srored Corss-Site Scripting
vulnerability
#Product: Community Gallery
#Vendor: https://www.woltlab.com
#Affected version: Community Gallery 2.0 before 12/10/2014
#Download link:
https://www.woltlab.com/purchase/?products[]=com.woltlab.gallery
#Fixed version:

[ more ]  [ reply ]
[SECURITY] [DSA 3177-1] mod-gnutls security update 2015-03-10
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3177-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
March 10, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3181-1] xen security update 2015-03-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3181-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
March 10, 2015

[ more ]  [ reply ]
[security bulletin] HPSBUX03281 SSRT101968 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2015-03-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04583581

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04583581
Version: 1

HPSBUX03281 SS

[ more ]  [ reply ]
ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities 2015-03-10
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities

CVE Identifier: CVE-2015-0235, CVE-2015-0524, CVE-2015-0525

Severity Rating: CVSSv2 Base Score: See below for individual scores for each CVE

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Product 2015-03-10
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Product

Advisory ID: cisco-sa-20150310-ssl

Revision: 1.0

For Public Release 2015 March 10 16:00 UTC (GMT)

+--------------------------------------------------------------------

Summ

[ more ]  [ reply ]
[ MDVSA-2015:057 ] kernel 2015-03-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:057
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Reflected cross-site scripting(XSS) Vulnerability in Manage Engine AD Audit Manager Plus Admin Panel(Build 6270) 2015-03-10
harish ramadoss helpag com
#####################################
Title:- Reflected cross-site scripting(XSS) Vulnerability in Manage Engine AD Audit Manager Plus Admin Panel(Build 6270)
Author: Harish Ramadoss - Help AG Middle East
Vendor: ZOHO Corp
Product: Manage Engine AD Audit Manager Plus
Version: All versions below Bui

[ more ]  [ reply ]
ProjectSend r561 - SQL injection vulnerability 2015-03-10
ITAS Team (itas team itas vn)
#Vulnerability title: ProjectSend r561 - SQL injection vulnerability
#Product: ProjectSend r561
#Vendor: http://www.projectsend.org/
#Affected version: ProjectSend r561
#Download link: http://www.projectsend.org/download/67/
#Fixed version: N/A
#Author: Le Ngoc Phi (phi.n.le () itas vn) & ITAS Team

[ more ]  [ reply ]
Cisco Security Advisory: Row Hammer Privilege Escalation Vulnerability 2015-03-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Row Hammer Privilege Escalation Vulnerability

Advisory ID: cisco-sa-20150309-rowhammer

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis
co-sa-20150309-rowhammer

Revision 1.1

Last Updated 2015 March 9 22:59 UTC (GMT)

For Pub

[ more ]  [ reply ]
Multiple Vulnerabilities with Kguard Digital Video Recorders 2015-03-09
Federick Joe P Fajardo (fjpfajardo ph ibm com)
MULTIPLE VULNERABILITIES WITH KGUARD DIGITAL VIDEO RECORDERS, February 10,
2015

PRODUCT DESCRIPTION

The Kguard SHA104 & SHA108 are 4ch/8ch H.264 DVRs designed for economical
application. It's stylish & streamlines hardware design and excellent
performance can be fast moving, competitive and an

[ more ]  [ reply ]
tcpdump 4.7.2 remote crashes 2015-03-09
Michael Richardson (mcr sandelman ca)

Hi, please find tcpdump 4.7.2 source code at:
http://www.ca.tcpdump.org/beta/tcpdump-4.7.2.tar.gz
http://www.ca.tcpdump.org/beta/tcpdump-4.7.2.tar.gz.sig
(there is also a matching libpcap)

To validate the source code with the "make check" you need to have
libpcap-4.7.2 or the geneve te

[ more ]  [ reply ]
APPLE-SA-2015-03-09-4 Xcode 6.2 2015-03-09
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-03-09-4 Xcode 6.2

Xcode 6.2 is now available and addresses the following:

subversion
Available for: OS X Mavericks v10.9.4 or later
Impact: Multiple vulnerabilities in Apache Subversion
Description: Multiple vulnerabilities existed in

[ more ]  [ reply ]
APPLE-SA-2015-03-09-3 Security Update 2015-002 2015-03-09
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-03-09-3 Security Update 2015-002

Security Update 2015-002 is now available and addresses the
following:

iCloud Keychain
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able
to execute

[ more ]  [ reply ]
APPLE-SA-2015-03-09-2 AppleTV 7.1 2015-03-09
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-03-09-2 AppleTV 7.1

AppleTV 7.1 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker with a privileged network position may intercept
SSL/TLS connections
Descriptio

[ more ]  [ reply ]
APPLE-SA-2015-03-09-1 iOS 8.2 2015-03-09
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-03-09-1 iOS 8.2

iOS 8.2 is now available and addresses the following:

CoreTelephony
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A remote attacker can cause a device to unexpectedl

[ more ]  [ reply ]
[ MDVSA-2015:056 ] rpm 2015-03-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:056
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBGN03277 rev.1 - HP Virtualization Performance Viewer, Remote Execution of Code, Denial of Service (DoS) and Other Vulnerabilities 2015-03-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04582466

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04582466
Version: 1

HPSBGN03277 re

[ more ]  [ reply ]
MongoDB BSON Handling Remote Denial of Service Vulnerability 2015-03-06
noreply-secresearch fortinet com
MongoDB BSON Handling Remote Denial of Service Vulnerability
March 06, 2015

Summary:
========

Fortinet's FortiGuard Labs has discovered a remote denial of service
vulnerability in MongoDB. It allows remote attackers to launch a denial of
service attack without providing any authentication credenti

[ more ]  [ reply ]
[security bulletin] HPSBUX03235 SSRT101750 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-03-06
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04550240

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04550240
Version: 3

HPSBUX03235 SS

[ more ]  [ reply ]
H2HC 12th Edition - Call for Papers 2015-03-06
Rodrigo Rubira Branco \(BSDaemon\) (rodrigo kernelhacking com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CALL FOR PAPERS - Hackers 2 Hackers Conference 12th edition

The call for papers for H2HC 12th edition is now open. H2HC is a hacker
conference taking place in Sao Paulo, Brazil, from 22 to 27 October 2015.

[ - Introduction - ]

For the twelveth conse

[ more ]  [ reply ]
ocPortal 9.0.16 Multiply XSS Vulnerabilities 2015-03-08
dennis veninga gmail com
# Exploit Title: ocPortal 9.0.16 Multiply XSS Vulnerabilities
# Google Dork: "Copyright (c) ocPortal 2011 "
# Date: 26-2-2015
# Exploit Author: Dennis Veninga
# Vendor Homepage: http://ocportal.com/
# Vendor contacted: 22-2-2015
# Fix: http://ocportal.com/site/news/view/security_issues/xss-vulnerabi

[ more ]  [ reply ]
Betster (PHP Betoffice) Authentication Bypass and SQL Injection 2015-03-06
prathan ptr gmail com
<?php
/*

,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ X

[ more ]  [ reply ]
[security bulletin] HPSBHF03279 rev.1 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code 2015-03-05
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04583185

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04583185
Version: 1

HPSBHF03279 re

[ more ]  [ reply ]
[security bulletin] HPSBPI03107 rev.2 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access 2015-03-06
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04451722

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04451722
Version: 2

HPSBPI03107 re

[ more ]  [ reply ]
[slackware-security] samba (SSA:2015-064-01) 2015-03-05
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] samba (SSA:2015-064-01)

New samba packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/samba-4.1.17

[ more ]  [ reply ]
[SECURITY] [DSA 3180-1] libarchive security update 2015-03-05
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3180-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
March 05, 2015

[ more ]  [ reply ]
Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin 2015-03-05
kingkaustubh me com
Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin

. contents:: Table Of Content

Overview

Title :Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin
Author: Kaustubh G. Padwad, Rohit Kumar.
Plugin Homepage: https://yoast.com/wordpress/plugins/google-analytic

[ more ]  [ reply ]
(Page 10 of 1598)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus