BugTraq Mode:
(Page 10 of 1588)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
VeryPhoto v3.0 iOS - Command Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1401

Release Date:
=============
2015-01-13

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1408

Release Date:
=============
2015-01-15

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
[SECURITY] [DSA 3129-1] rpm security update 2015-01-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3129-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2015

[ more ]  [ reply ]
Alienvault OSSIM/USM Command Execution Vulnerability 2015-01-15
Peter Lapp (lappsec gmail com)
Details
=======

Product: Alienvault OSSIM/USM
Vulnerability: Command Execution
Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed]
CVE: None assigned
Vulnerable Versions: <=4.14.X
Fixed Version: 4.15.0

Summary
=======

Alienvault OSSIM is an open source SIEM solution designed to collect
and correlate log data.

[ more ]  [ reply ]
[ MDVSA-2015:025 ] mpfr 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:025
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:024 ] libsndfile 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:024
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:026 ] untrf 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:026
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:023 ] libvirt 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:023
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3128-1] linux security update 2015-01-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3128-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
January 15, 2015

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:01.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3127-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 14, 2015

[ more ]  [ reply ]
Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23244
Product: Simple Security WordPress Plugin
Vendor: MyWebsiteAdvisor
Vulnerable Version(s): 1.1.5 and probably prior
Tested Version: 1.1.5
Advisory Publication: December 17, 2014 [without technical details]
Vendor Notification: December 17, 2014
Public Disclosure: January 14,

[ more ]  [ reply ]
MS14-080 CVE-2014-6365 Code 2015-01-14
DiéyÇ? (dieyu dieyu org)
The attached file is exactly the code that I sent to
Microsoft Security Response Center "MSRC"
(Screenshot pictures are deleted)

Technical details were said in this post:
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense"
(So I don't repeat here)

The attached file is 4124 bytes.
The attac

[ more ]  [ reply ]
AusCERT2015 Call for Papers: closes 18th January 2015-01-14
AusCERT (auscert auscert org au)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

AusCERT2015 Call for Presentations and Tutorials deadline extended by one week:
closes 18th January

By popular request we are extending the deadline for submission to the
AusCERT2015 Call for Presentations and Tutorials by one week only. The Cal

[ more ]  [ reply ]
[security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-01-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04540692

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04540692
Version: 1

HPSBGN03233 r

[ more ]  [ reply ]
[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update 2015-01-13
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3123-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
January 13, 2015

[ more ]  [ reply ]
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability 2015-01-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1369

Release Date:
=============
2015-01-06

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1400

Release Date:
=============
2015-01-12

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
[security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information 2015-01-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04537915

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04537915
Version: 1

HPSBMU03230 re

[ more ]  [ reply ]
SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150113-2 >
=======================================================================
title: Cross-Site Request Forgery
product: Kodi/XBMC
vulnerable version: XBMC/Kodi <=14
fixed version: no fixed version available

[ more ]  [ reply ]
SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150113-1 >
=======================================================================
title: Privilege Escalation & XSS & Missing Authentication
product: Ansible Tower
vulnerable version: <=2.0.2
fixed version: >=2.0.5

[ more ]  [ reply ]
CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13
Gordon Sim (gsim apache org)
Apache Software Foundation - Security Advisory

Apache Qpid's qpidd can be crashed by authenticated user

CVE-2015-0203 CVS: 5.2

Severity: Moderate

Vendor:

The Apache Software Foundation

Versions Affected:

Apache Qpid's qpidd up to and including version 0.30

Description:

Certain u

[ more ]  [ reply ]
SEC Consult SA-20150113-0 :: Multiple critical vulnerabilities in all snom desktop IP phones 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150113-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: snom IP phones
vulnerable version: all firmware versions <8.7.5.15, all firmware branche

[ more ]  [ reply ]
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13
DiéyÇ? (dieyu dieyu org)
Origin:
Visit https://technet.microsoft.com/library/security/ms14-080
Go to "Acknowledgments" part and search for "CVE-2014-6365"
It says "Dieyu" - that's me.

Technical Details:
"Internet Explorer XSS Filter Bypass Vulnerability" is done by...
1. Inject "a href" link into target page.
(Not script,

[ more ]  [ reply ]
[security bulletin] HPSBOV03228 rev.1 - HP OpenVMS running Bash Shell, Remote Code Execution 2015-01-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04533737

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04533737
Version: 1

HPSBOV03228 re

[ more ]  [ reply ]
[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-13
Peter Lapp (lappsec gmail com)
Edit: Corrected the date in the timeline from 01/12/14 to 01/12/15.

Details
=======

Product: F5 BIG-IP Application Security Manager (ASM)
Vulnerability: Cross Site Scripting
Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed]
CVE: None assigned
Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5

[ more ]  [ reply ]
Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-12
Peter Lapp (lappsec gmail com)
Details
=======

Product: F5 BIG-IP Application Security Manager (ASM)
Vulnerability: Cross Site Scripting
Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed]
CVE: None assigned
Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5.x.
Fixed Version: 11.6

Summary
=======

The F5 ASM is a web applica

[ more ]  [ reply ]
[SECURITY] [DSA 3126-1] php5 security update 2015-01-12
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3126-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
January 12, 2015

[ more ]  [ reply ]
Corel Software DLL Hijacking 2015-01-12
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Corel Software DLL Hijacking

1. *Advisory Information*

Title: Corel Software DLL Hijacking
Advisory ID: CORE-2015-0001
Advisory URL:
http://www.coresecurity.com/advisories/corel-software-dll-hijacking
Date published: 2015-01-12

[ more ]  [ reply ]
CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
RedTeam Pentesting GmbH (release redteam-pentesting de)
The Tapatalk Plugin com.tapatalk.wbb4 for WoltLab Burning Board 4.0 prior to
version 1.1.2 allowed to redirect users to arbitrary URLs. This was possible by
specifying the target URL in the URL parameter board_url in URLs like the
following:

http://www.example.com/mobiquo/smartbanner/welcome.php?bo

[ more ]  [ reply ]
(Page 10 of 1588)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus