BugTraq Mode:
(Page 2 of 1556)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Reflected Cross-Site Scripting (XSS) in MODX Revolution 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23229
Product: MODX Revolution
Vendor: MODX
Vulnerable Version(s): 2.3.1-pl and probably prior
Tested Version: 2.3.1-pl
Advisory Publication: August 20, 2014 [without technical details]
Vendor Notification: August 20, 2014
Vendor Patch: September 11, 2014
Public Disclosure: Septe

[ more ]  [ reply ]
Path Traversal in webEdition 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23227
Product: webEdition
Vendor: webEdition e.V.
Vulnerable Version(s): 6.3.8.0 (SVN-Revision: 6985) and probably prior
Tested Version: 6.3.8.0 (SVN-Revision: 6985)
Advisory Publication: August 6, 2014 [without technical details]
Vendor Notification: August 6, 2014
Vendor Patch

[ more ]  [ reply ]
MIUI Torch Open Vulnerability 2014-09-17
vuln nipc org cn
MIUI Torch Open Vulnerability
I. Summary
com.android.systemui is the corresponding package of MiuiSystemUI.apk, a MIUI system application that manages user

interface and other functions. When started by NFC tag, the torch in NFC mobile phone will be open automatically.
------------------------

[ more ]  [ reply ]
MIUI Wifi Connection Message Vulnerability 2014-09-17
vuln nipc org cn
MIUI Wifi Connection Message Vulnerability

I. Summary
Wifi Connection Message is written to a NFC tag, which can be touched by a NFC mobile phone for connecting wireless AP

automatically. A logic flaw has been found in MIUI that is a Android ROM. The flaw can be used to turn on wifi, with the

h

[ more ]  [ reply ]
Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC) 2014-09-17
vuln nipc org cn
I. Summary
Bluetooth Pairing Packet is written to a NFC tag, which can be touched by a NFC mobile phone for bluetooth pairing. A logic flaw has been found in some

versions of Andorid mobile phone. The flaw can cause NFC phones'bluetooth turned on, regardless of whether the pairing succeeds or not.

[ more ]  [ reply ]
[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Delphi and C++ Builder VCL library Heap Buffer Overflow

1. *Advisory Information*

Title: Delphi and C++ Builder VCL library Heap Buffer Overflow
Advisory ID: CORE-2014-0006
Advisory URL:
http://www.coresecurity.com/advisories/del

[ more ]  [ reply ]
[SECURITY] [DSA 3026-1] dbus security update 2014-09-16
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3026-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
September 16, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3025-1] apt security update 2014-09-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3025-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 16, 2014

[ more ]  [ reply ]
USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability 2014-09-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1316

Release Date:
=============
2014-09-15

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Osclass Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-6280 2014-09-16
Onur Yilmaz (onur netsparker com)
Information
------------
Advisory by Netsparker.
Name: XSS Vulnerability in OsClass
Affected Software : OsClass
Affected Versions: 3.4.1 and possibly below
Vendor Homepage : http://osclass.org/
Vulnerability Type : Cross-site Scripting
Severity : Critical
CVE-ID: CVE-2014-6280
Netsparker Advisory Re

[ more ]  [ reply ]
Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308 2014-09-16
Onur Yilmaz (onur netsparker com)
Information
-----------
Advisory by Netsparker.
Name : LFI Vulnerability in OsClass
Affected Software : OsClass
Affected Versions: 3.4.1 and possibly below
Vendor Homepage : http://osclass.org/
Vulnerability Type : Local File Inclusion
Severity : Critical
CVE-ID: CVE-2014-6308
Netsparker Advisory Re

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:19.tcp 2014-09-16
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:19.tcp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities

EMC Identifier: ESA-2014-091

CVE Identifier: CVE-2014-4621, CVE-2014-4622

Severity Rating: CVSS v2 Base Score: See below for individual scores for eac

[ more ]  [ reply ]
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 2014-09-15
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1319

Release Date:
=============
2014-09-11

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)
CALL FOR PAPERS AND TUTORIALS

PASSWORDS'14
passwordscon.org

The 7th International Conference on Passwords
8-10 December 2014
Trondheim,Norway

The P

[ more ]  [ reply ]
Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)
Product: OX App Suite
Vendor: Open-Xchange GmbH

Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.6.0 and earlier
Vulnerable component: frontend
Fixed version: 7.4.2-rev33, 7.6.0-rev16
Report confidence: Confirmed
Solution status: Fixed by Vendor
Vendor notification: 2014-07-

[ more ]  [ reply ]
Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)
PRODUCT DESCRIPTION

The Aztech ADSL family of modems/routes are shipped to residential and SOHO users that desires speed from 150-300mbps rate. This modem/router also supports IEEE802.11b/g/n as a Wireless LAN Access point. The vulnerable model numbers are: DSL5018EN (1T1R) (Shipped with Globe Tele

[ more ]  [ reply ]
Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com
A fix is now avaiable from vendor site

link: http://www.rejetto.com/hfs/download

[ more ]  [ reply ]
[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04426586

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04426586
Version: 1

HPSBOV03099 re

[ more ]  [ reply ]
HttpFileServer 2.3.x Remote Command Execution 2014-09-12
danielelinguaglossa gmail com
Affected software: http://sourceforge.net/projects/hfs/
Version : 2.3x
# Exploit Title: HttpFileServer 2.3.x Remote Command Execution
# Google Dork: intext:"httpfileserver 2.3"
# Date: 11-09-2014
# Remote: Yes
# Exploit Author: Daniele Linguaglossa
# Vendor Homepage: http://rejetto.com/
# Software L

[ more ]  [ reply ]
[SECURITY] [DSA 3024-1] gnupg security update 2014-09-11
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3024-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
Septem

[ more ]  [ reply ]
[SECURITY] [DSA 3023-1] bind9 security update 2014-09-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3023-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 11, 2014

[ more ]  [ reply ]
NEW VMSA-2014-0009 VMware NSX and vCNS product updates address a critical information disclosure vulnerability 2014-09-11
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2014-0009
Synopsis: VMware NSX and vCNS product updates address a critical
information disclosure v

[ more ]  [ reply ]
Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland 2014-09-11
jackie sdiwc info
The International Conference on Semantic Web Business and Innovation
(SWBI2015)

The University of Applied Sciences and Arts Western Switzerland (HES-SO
Valais-Wallis)
October 7-9, 2015
http://sdiwc.net/conferences/swbi2015/

All registered papers will be included in SDIWC Digital Library.
=======

[ more ]  [ reply ]
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1317

Release Date:
=============
2014-09-10

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
Photorange v1.0 iOS - File Include Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Photorange v1.0 iOS - File Include Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1318

Release Date:
=============
2014-09-07

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PhotoSync v2.2 iOS - Command Inject Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1290

Release Date:
=============
2014-08-05

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
[SECURITY] [DSA 3021-2] file regression update 2014-09-10
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3021-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Luciano Bello
September 10, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3022-1] curl security update 2014-09-10
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3022-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
September 10, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3020-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Raphael Geissert
September 10, 2014

[ more ]  [ reply ]
(Page 2 of 1556)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus