BugTraq Mode:
(Page 10 of 1684)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
[SECURITY] [DSA 3587-1] libgd2 security update 2016-05-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3587-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
May 27, 2016

[ more ]  [ reply ]
[CVE-2016-2175] Apache PDFBox XML External Entity vulnerability 2016-05-27
Andreas Lehmkuehler (lehmi apache org)
CVE-2016-2175: Apache PDFBox XML External Entity vulnerability

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache PDFBox 1.8.0 to 1.8.11
Apache PDFBox 2.0.0
Earlier, unsupported Apache PDFBox versions may be affected as well

Description:
Apache PDFBox parses di

[ more ]  [ reply ]
[CVE-2016-4434] Apache Tika XML External Entity vulnerability 2016-05-26
Tim Allison (tallison apache org)
CVE-2016-4434: Apache Tika XML External Entity vulnerability

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache Tika 0.10 to 1.12

Description:
Apache Tika parses XML within numerous file formats. In some instances[1], the initialization ofthe XML parser or

[ more ]  [ reply ]
ESA-2016-061: EMC Isilon OneFS SMB Signing Vulnerability 2016-05-26
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-061: EMC Isilon OneFS SMB Signing Vulnerability

EMC Identifier: ESA-2016-061

CVE Identifier: CVE-2016-0907

Severity Rating: CVSSv3 Base Score: 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected products:

EMC IsilonSD Edge One

[ more ]  [ reply ]
[security bulletin] HPSBGN03610 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-05-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05149345

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05149345
Version: 1

HPSBGN03610 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03611 rev.1 - HPE Matrix Operating Environment on Windows and Linux, Multiple Remote Vulnerabilities 2016-05-25
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05150888

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150888
Version: 1

HPSBMU03611

[ more ]  [ reply ]
[security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS) 2016-05-25
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05150736

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150736
Version: 1

HPSBMU03600

[ more ]  [ reply ]
[security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities 2016-05-25
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05150442

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150442
Version: 1

HPSBUX03606 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03601 rev.1 - HPE Insight Control server deployment using OpenSSL, Multiple Vulnerabilities 2016-05-25
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05150800

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150800
Version: 1

HPSBMU03601

[ more ]  [ reply ]
VMWare vSphere Web Client Flash XSS 2016-05-25
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/VMWARE-VSPHERE-FLASH-XSS.txt

[+] ISR: apparitionsec

Vendor:
===============
www.vmware.com

Product:
====================================
VMWare vSphere Web Cli

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability 2016-05-25
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20160525-ipv6

Revision 1.0

For Public Release 2016 May 25 16:00 UTC (GMT)

+----------------------------------------------------------------

[ more ]  [ reply ]
Open-Xchange Security Advisory 2016-05-25 2016-05-25
Martin Heiland (martin heiland lists open-xchange com)
Product: OX AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 44542 (Bug ID)
Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.8.0 and earlier
Vulnerable component: frontend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed versions: 7.6.2-rev40, 7.6.3-r

[ more ]  [ reply ]
[slackware-security] libarchive (SSA:2016-145-01) 2016-05-25
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libarchive (SSA:2016-145-01)

New libarchive packages are available for Slackware 14.1 and -current to
fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/l

[ more ]  [ reply ]
[security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information 2016-05-25
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05149290

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05149290
Version: 1

HPSBGN03605 r

[ more ]  [ reply ]
AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection 2016-05-23
mehmet ince invictuseurope com
1. ADVISORY INFORMATION
========================================
Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection
Application: AfterLogic WebMail Pro ASP.NET
Class: Sensitive Information disclosure
Remotely Exploitable: Yes
Versions Affected: AfterLogic WebMail

[ more ]  [ reply ]
[SECURITY] [DSA 3586-1] atheme-services security update 2016-05-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3586-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 23, 2016

[ more ]  [ reply ]
[RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections 2016-05-23
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: XenAPI for XenForo
Vendor URL: github.com/Contex/XenAPI
Type: SQL Injection [CWE-89]
Date found: 2016-05-20
Date published: 2016-05-23
CVSSv3 Score: 7.5 (AV:N/AC:L/

[ more ]  [ reply ]
[SECURITY] [DSA 3585-1] wireshark security update 2016-05-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3585-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 22, 2016

[ more ]  [ reply ]
[RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries 2016-05-21
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Postfix Admin
Vendor URL: sourceforge.net/projects/postfixadmin/
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2016-04-23
Date published: 2016-05-21
CVSSv3 S

[ more ]  [ reply ]
[slackware-security] curl (SSA:2016-141-01) 2016-05-20
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] curl (SSA:2016-141-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patc

[ more ]  [ reply ]
[security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution 2016-05-19
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05063986

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05063986
Version: 1

HPSBGN03564

[ more ]  [ reply ]
[SECURITY] [DSA 3584-1] librsvg security update 2016-05-19
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3584-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
May 19, 2016

[ more ]  [ reply ]
[ERPSCAN-16-011] SAP NetWeaver AS JAVA â?? SQL injection vulnerability 2016-05-19
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bugs: SQL injection

Send: 04.12.2015

Reported: 04.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2101079

A

[ more ]  [ reply ]
[ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability 2016-05-19
ERPScan inc (erpscan online gmail com)
Application:SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bugs: information disclosure

Sent: 15.09.2015

Reported: 15.09.2015

Vendor response: 16.09.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2256846

Author:

[ more ]  [ reply ]
TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4 2016-05-19
mandy madison-gurkha com
Madison Gurkha Security Advisory

Advisory: TYPO3 circumvent RemoveXSS.php cross site scripting using BASE64 encoding

1. DETAILS
----------
Product: Typo3 CMS
Vendor URL: typo3.org
Type: Cross-site Scripting[CWE-79]
Date found: 2016-03-09
Date published: 2016-05-19

2. AFFECTED VERSIONS
-----------

[ more ]  [ reply ]
[SECURITY] [DSA 3583-1] swift-plugin-s3 security update 2016-05-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3583-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 18, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information 2016-05-18
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05141083

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05141083
Version: 1

HPSBGN03602 r

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability 2016-05-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Web Security Appliance Connection Denial of Service Vulnerability

Advisory ID: cisco-sa-20160518-wsa4

Revision 1.0

For Public Release 2016 May 18 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=

[ more ]  [ reply ]
(Page 10 of 1684)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus