BugTraq Mode:
(Page 2 of 1545)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20140716-0 >
=======================================================================
title: Multiple SSRF vulnerabilities
product: Alfresco Community Edition
vulnerable version

[ more ]  [ reply ]
SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20140716-1 >
=======================================================================
title: Remote Code Execution via CSRF
product: OpenVPN Access Server "Desktop Client"
vulne

[ more ]  [ reply ]
KL-001-2014-001 : Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation 2014-07-15
KoreLogic Disclosures (disclosures korelogic com)
Title: Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2014-001
Publication Date: 07.15.2014
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-001.txt

1. Vulnerability Details

Affected Vendor: Oracle
Affected Product: VirtualBox

[ more ]  [ reply ]
[security bulletin] HPSBMU03072 SSRT101644 rev.1 - HP Data Protector, Remote Execution of Arbitrary Code 2014-07-15
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04373818

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04373818
Version: 1

HPSBMU03072 SS

[ more ]  [ reply ]
Node Browserify RCE vuln (<= 4.2.0) 2014-07-15
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk)
Hello,

Discovered an RCE vuln in Browserify <=4.2.0.

Maintainer patched upstream just 4 hours after responsible disclosure
yesterday, now fixed as of 4.2.1.

Summary and POC found here:
http://iops.io/blog/browserify-rce-vulnerability/

Cal

[ more ]  [ reply ]
[security bulletin] HPSBGN03068 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information 2014-07-15
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04368264

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04368264
Version: 1

HPSBGN03068 re

[ more ]  [ reply ]
Ruxcon 2014 Final Call For Presentations 2014-07-15
cfp ruxcon org au
Ruxcon 2014 Call For Presentations
Melbourne, Australia, October 11th-12th
CQ Function Centre

http://www.ruxcon.org.au

The Ruxcon team is pleased to announce the Final Call For Presentations for Ruxcon 2014.

This year the conference will take place over the weekend of the 11th and 12th of October

[ more ]  [ reply ]
[security bulletin] HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information 2014-07-14
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04369484

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04369484
Version: 1

HPSBHF02913 re

[ more ]  [ reply ]
[security bulletin] HPSBST03039 rev.1 - HP StoreVirtual 4000 Storage and StoreVirtual VSA, Remote Disclosure of Information, Elevation of Privilege 2014-07-14
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04281279

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04281279
Version: 1

HPSBST03039 re

[ more ]  [ reply ]
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability 2014-07-14
Egidio Romano (research karmainsecurity com)
-----------------------------------------------------------------
OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability
-----------------------------------------------------------------

[-] Software Link:

http://www.opencart.com/

[-] Affected Versions:

Version 1.5.6.4 and prior ver

[ more ]  [ reply ]
[ MDVSA-2014:138 ] asterisk 2014-07-11
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:138
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 2978-1] libxml2 security update 2014-07-11
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2978-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 11, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2977-1] libav security update 2014-07-11
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2977-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 11, 2014

[ more ]  [ reply ]
[slackware-security] php (SSA:2014-192-01) 2014-07-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2014-192-01)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.3

[ more ]  [ reply ]
[ MDVSA-2014:137 ] apache-mod_wsgi 2014-07-11
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:137
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:136 ] samba 2014-07-11
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:136
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2976-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
July 10, 2014

[ more ]  [ reply ]
Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1137

Release Date:
=============
2014-07-08

Vulnerability Laboratory ID (VL-ID

[ more ]  [ reply ]
Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1136

Video: http://www.vulnerability-lab.com/get_content.php?id=1279

Release Date:
=============

[ more ]  [ reply ]
[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:135
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:134
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20140710-1 >
=======================================================================
title: Multiple high risk vulnerabilities in Shopizer webshop
product: Shopizer
vulnerable version: 1.1.5 and below
fixed version: v

[ more ]  [ reply ]
[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:133
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
SEC Consult SA-20140710-3 :: Design Issue / Password Disclosure in WAGO-I/O-SYSTEM with CODESYS V2.3 WebVisu 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20140710-3 >
=======================================================================
title: Design Issue / Password Disclosure
product: All WAGO-I/O-SYSTEMs which provide a CODESYS V2.3 WebVisu
vulnerable version: Systems w

[ more ]  [ reply ]
SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20140710-2 >
=======================================================================
title: Multiple critical vulnerabilites
product: Schrack MICROCONTROL emergency light system
vulnerable version: before 1.7.0 (937)

[ more ]  [ reply ]
SEC Consult SA-20140710-0 :: Multiple critical vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20140710-0 >
=======================================================================
title: Multiple critical vulnerabilities in Shopizer webshop
product: Shopizer
vulnerable v

[ more ]  [ reply ]
[security bulletin] HPSBMU03070 rev.1 - HP Cloud Service Automation, OpenSSL Vulnerability, Unauthorized Access, Disclosure of Information 2014-07-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04368546

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04368546
Version: 1

HPSBMU03070 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03069 rev.1 - HP Software Operation Orchestration, OpenSSL Vulnerability, SSL/TLS, Remote Code Execution, Denial of Service (DoS), Disclosure of Information 2014-07-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04368523

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04368523
Version: 1

HPSBMU03069 re

[ more ]  [ reply ]
[SECURITY] [DSA 2975-1] phpmyadmin security update 2014-07-09
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2975-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
July 09, 2014

[ more ]  [ reply ]
Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products

Advisory ID: cisco-sa-20140709-struts2

Revision 1.0

For Public Release 2014 July 9 16:00 UTC (GMT)

+---------------------------------------------------------------------

Su

[ more ]  [ reply ]
(Page 2 of 1545)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus