BugTraq Mode:
(Page 2 of 1570)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[ MDVSA-2014:217 ] clamav 2014-11-20
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:217
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:216
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Advantech WebAccess Stack-based Buffer Overflow

1. *Advisory Information*

Title: Advantech WebAccess Stack-based Buffer Overflow
Advisory ID: CORE-2014-0010
Advisory URL:
http://www.coresecurity.com/advisories/advantech-webAcces

[ more ]  [ reply ]
[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Advantech AdamView Buffer Overflow

1. *Advisory Information*

Title: Advantech AdamView Buffer Overflow
Advisory ID: CORE-2014-0008
Advisory URL:
http://www.coresecurity.com/advisories/advantech-adamView-buffer-overflo
w
Date publ

[ more ]  [ reply ]
[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Advantech EKI-6340 Command Injection

1. *Advisory Information*

Title: Advantech EKI-6340 Command Injection
Advisory ID: CORE-2014-0009
Advisory URL:
http://www.coresecurity.com/advisories/advantech-eki-6340-command-inject
ion
Dat

[ more ]  [ reply ]
CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM

CVE: CVE-2014-7137

Vendor: Dolibarr ERP & CRM

Product: Dolibarr ERP & CRM

Affected version: 3.5.3

Fixed version: 3.6.1

Reported by: Jerzy Kramarz

Details:

SQL injection has been found and confirmed within the software as

[ more ]  [ reply ]
[SECURITY] [DSA 3074-2] php5 regression update 2014-11-19
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3074-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
November 19, 2014

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in Simple Email Form Joomla Extension 2014-11-19
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23241
Product: Simple Email Form Joomla Extension
Vendor: Doug Bierer
Vulnerable Version(s): 1.8.5 and probably prior
Tested Version: 1.8.5
Advisory Publication: October 29, 2014 [without technical details]
Vendor Notification: October 29, 2014
Public Disclosure: November 19, 2014

[ more ]  [ reply ]
[ MDVSA-2014:215 ] gnutls 2014-11-19
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:215
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3074-1] php5 security update 2014-11-18
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3074-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
November 18, 2014

[ more ]  [ reply ]
[ MDVSA-2014:213 ] curl 2014-11-18
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:213
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:214 ] dbus 2014-11-18
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:214
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed
OLSR payload

1. Background

tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attac

[ more ]  [ reply ]
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed
Geonet payload

1. Background

tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is att

[ more ]  [ reply ]
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
Steffen Bauch (mail steffenbauch de)
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload

1. Background

tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attached.

2. Summary

[ more ]  [ reply ]
[security bulletin] HPSBMU03183 rev.2 - HP Server Automation and Server Automation Virtual Appliance, running SSL, Remote Disclosure of Information 2014-11-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04497090

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04497090
Version: 2

HPSBMU03183 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03072 rev.3 - HP Data Protector, Remote Execution of Arbitrary Code 2014-11-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04373818

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04373818
Version: 3

HPSBMU03072 re

[ more ]  [ reply ]
APPLE-SA-2014-11-17-3 Apple TV 7.0.2 2014-11-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-11-17-3 Apple TV 7.0.2

Apple TV 7.0.2 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker with a privileged network position may cause an
unexpected application te

[ more ]  [ reply ]
APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1

OS X 10.10.1 is now available and addresses the following:

CFNetwork
Available for: OS X Yosemite v10.10
Impact: Website cache may not be fully cleared after leaving private
browsing
Description: A priva

[ more ]  [ reply ]
APPLE-SA-2014-11-17-1 iOS 8.1.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-11-17-1 iOS 8.1.1

iOS 8.1.1 is now available and addresses the following:

CFNetwork
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Website cache may not be fully cleared after leavin

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-320-01) 2014-11-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-320-01)

New mozilla-thunderbird packages are available for Slackware 14.1 to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[SECURITY] [DSA 3073-1] libgcrypt11 security update 2014-11-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3073-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 16, 2014

[ more ]  [ reply ]
[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information 2014-11-14
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04501908

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04501908
Version: 1

HPSBGN03192 re

[ more ]  [ reply ]
CVE-2014-8683 XSS in Gogs Markdown Renderer 2014-11-14
Timo Schmid (tschmid ernw de)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

XSS in Gogs Markdown Renderer
=============================
Researcher: Timo Schmid <tschmid (at) ernw (dot) de [email concealed]>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the

[ more ]  [ reply ]
CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs 2014-11-14
Timo Schmid (tschmid ernw de)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Unauthenticated SQL Injection in Gogs repository search
=======================================================
Researcher: Timo Schmid <tschmid (at) ernw (dot) de [email concealed]>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written

[ more ]  [ reply ]
Re: CVE-2014-8732 2014-11-13
cert it nrw de
We successfully contacted the author. He is currently working on patching the issue in the next version.

[ more ]  [ reply ]
Re: CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-13
cert it nrw de
We successfully contacted the author. He is currently working on patching the issue in the next version.

[ more ]  [ reply ]
[security bulletin] HPSBMU03182 rev.1 - HP Server Automation running Bash Shell, Remote Code Execution 2014-11-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04497042

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04497042
Version: 1

HPSBMU03182 re

[ more ]  [ reply ]
[SECURITY] [DSA 3050-3] iceweasel security update 2014-11-12
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3050-3 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 12, 2014

[ more ]  [ reply ]
Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] 2014-11-12
Programa STIC (stic fundacionsadosky org ar)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fundación Dr. Manuel Sadosky - Programa STIC Advisory
www.fundacionsadosky.org.ar

Prey Anti-Theft for Android missing SSL certificate validation

1. *Advisory Information*

Title: Prey Anti-Theft for Android missing SSL certificate validation
Adviso

[ more ]  [ reply ]
(Page 2 of 1570)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus