BugTraq Mode:
(Page 2 of 1580)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[slackware-security] mozilla-thunderbird (SSA:2015-016-03) 2015-01-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-016-03)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[ MDVSA-2015:027 ] kernel 2015-01-16
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:027
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1381

Facebook Security ID: 221374210

Vulnerability Magazine: http://magazine.vulnerability-db.com/?q=articles/20

[ more ]  [ reply ]
File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1403

Release Date:
=============
2015-01-15

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16
admin (at) evolution-sec (dot) com [email concealed] (admin evolution-sec com)
Document Title:
===============
Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability

References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1356

Release Date:
=============
2015-01-14

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1406

Release Date:
=============
2015-01-14

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
VeryPhoto v3.0 iOS - Command Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1401

Release Date:
=============
2015-01-13

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1408

Release Date:
=============
2015-01-15

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
[SECURITY] [DSA 3129-1] rpm security update 2015-01-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3129-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2015

[ more ]  [ reply ]
Alienvault OSSIM/USM Command Execution Vulnerability 2015-01-15
Peter Lapp (lappsec gmail com)
Details
=======

Product: Alienvault OSSIM/USM
Vulnerability: Command Execution
Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed]
CVE: None assigned
Vulnerable Versions: <=4.14.X
Fixed Version: 4.15.0

Summary
=======

Alienvault OSSIM is an open source SIEM solution designed to collect
and correlate log data.

[ more ]  [ reply ]
[ MDVSA-2015:025 ] mpfr 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:025
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:024 ] libsndfile 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:024
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:026 ] untrf 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:026
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:023 ] libvirt 2015-01-15
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:023
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3128-1] linux security update 2015-01-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3128-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
January 15, 2015

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:01.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3127-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 14, 2015

[ more ]  [ reply ]
Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23244
Product: Simple Security WordPress Plugin
Vendor: MyWebsiteAdvisor
Vulnerable Version(s): 1.1.5 and probably prior
Tested Version: 1.1.5
Advisory Publication: December 17, 2014 [without technical details]
Vendor Notification: December 17, 2014
Public Disclosure: January 14,

[ more ]  [ reply ]
MS14-080 CVE-2014-6365 Code 2015-01-14
DiéyÇ? (dieyu dieyu org)
The attached file is exactly the code that I sent to
Microsoft Security Response Center "MSRC"
(Screenshot pictures are deleted)

Technical details were said in this post:
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense"
(So I don't repeat here)

The attached file is 4124 bytes.
The attac

[ more ]  [ reply ]
AusCERT2015 Call for Papers: closes 18th January 2015-01-14
AusCERT (auscert auscert org au)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

AusCERT2015 Call for Presentations and Tutorials deadline extended by one week:
closes 18th January

By popular request we are extending the deadline for submission to the
AusCERT2015 Call for Presentations and Tutorials by one week only. The Cal

[ more ]  [ reply ]
[security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-01-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04540692

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04540692
Version: 1

HPSBGN03233 r

[ more ]  [ reply ]
[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update 2015-01-13
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3123-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
January 13, 2015

[ more ]  [ reply ]
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability 2015-01-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1369

Release Date:
=============
2015-01-06

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1400

Release Date:
=============
2015-01-12

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
[security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information 2015-01-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04537915

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04537915
Version: 1

HPSBMU03230 re

[ more ]  [ reply ]
SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150113-2 >
=======================================================================
title: Cross-Site Request Forgery
product: Kodi/XBMC
vulnerable version: XBMC/Kodi <=14
fixed version: no fixed version available

[ more ]  [ reply ]
SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150113-1 >
=======================================================================
title: Privilege Escalation & XSS & Missing Authentication
product: Ansible Tower
vulnerable version: <=2.0.2
fixed version: >=2.0.5

[ more ]  [ reply ]
CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13
Gordon Sim (gsim apache org)
Apache Software Foundation - Security Advisory

Apache Qpid's qpidd can be crashed by authenticated user

CVE-2015-0203 CVS: 5.2

Severity: Moderate

Vendor:

The Apache Software Foundation

Versions Affected:

Apache Qpid's qpidd up to and including version 0.30

Description:

Certain u

[ more ]  [ reply ]
SEC Consult SA-20150113-0 :: Multiple critical vulnerabilities in all snom desktop IP phones 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150113-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: snom IP phones
vulnerable version: all firmware versions <8.7.5.15, all firmware branche

[ more ]  [ reply ]
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13
DiéyÇ? (dieyu dieyu org)
Origin:
Visit https://technet.microsoft.com/library/security/ms14-080
Go to "Acknowledgments" part and search for "CVE-2014-6365"
It says "Dieyu" - that's me.

Technical Details:
"Internet Explorer XSS Filter Bypass Vulnerability" is done by...
1. Inject "a href" link into target page.
(Not script,

[ more ]  [ reply ]
(Page 2 of 1580)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus