BugTraq Mode:
(Page 11 of 1569)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
BulletProof Security Wordpress v50.8 - POST Inject Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
BulletProof Security Wordpress v50.8 - POST Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1326

Release Date:
=============
2014-09-30

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway 2014-10-03
mirko casadei gmail com
########################################
#Vulnerability Title: DoS in ZyXEL SBG-3300 Security Gateway
#Date: 02/10/2014
#CVE-ID: CVE-2014-7278
#Product: ZyXEL SBG3300-N series
#Vendor: www.zyxel.com
#Affected Firmware: Latest version at the time of disclosure V1.00(AADY.4)C0 and below (tested)
#Patc

[ more ]  [ reply ]
CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway 2014-10-03
mirko casadei gmail com
########################################
#Vulnerability Title: Stored Server XSS in ZyXEL SBG-3300 Security Gateway
#Date: 02/10/2014
#CVE-ID: CVE-2014-7277
#Product: ZyXEL SBG3300-N series
#Vendor: www.zyxel.com
#Affected Firmware: Latest version at the time of disclosure V1.00(AADY.4)C0 and below

[ more ]  [ reply ]
[ MDVSA-2014:195 ] libvirt 2014-10-03
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:195
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2014-10-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03822422

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03822422
Version: 3

HPSBMU02895 SS

[ more ]  [ reply ]
[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2014-10-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04468121

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04468121
Version: 1

HPSBMU03118 r

[ more ]  [ reply ]
Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities 2014-10-02
Patrick Webster (patrick osisecurity com au)
Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra
Protect) Vulnerabilities
http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabiliti
es

Release Date:
02-Oct-2014

Software:
Ultra Electronics - Series A
http://en.wikipedia.org/wiki/NetillaOS_NetConnect_by_North

[ more ]  [ reply ]
[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04468293

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04468293
Version: 2

HPSBHF03119 re

[ more ]  [ reply ]
[ MDVSA-2014:194 ] phpmyadmin 2014-10-03
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:194
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Elasticsearch vulnerability CVE-2014-6439 2014-10-02
Jordan Sissel (jordan sissel elasticsearch com)
Summary:
Elasticsearch versions 1.3.x and prior have a default configuration for
CORS that allows an attacker to craft links that could cause a userâ??s
browser to send requests to Elasticsearch instances on their local network.
These requests could cause data loss or compromise.

We have been assig

[ more ]  [ reply ]
the other bash RCEs (CVE-2014-6277 and CVE-2014-6278) 2014-10-01
Michal Zalewski (lcamtuf coredump cx)
Good morning! This is kinda long.

== Background ==

If you are not familiar with the original bash function export
vulnerability (CVE-2014-6271), you may want to have a look at this
article:

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impac
t.html

Well, long story short: the

[ more ]  [ reply ]
[ MDVSA-2014:193 ] xerces-j2 2014-10-01
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:193
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:192 ] perl-Email-Address 2014-10-01
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:192
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3041-1] xen security update 2014-10-01
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3041-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 01, 2014

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in Textpattern 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23223
Product: Textpattern
Vendor: http://textpattern.com/
Vulnerable Version(s): 4.5.5 and probably prior
Tested Version: 4.5.5
Advisory Publication: July 9, 2014 [without technical details]
Vendor Notification: July 9, 2014
Vendor Patch: September 20, 2014
Public Disclosure: Oc

[ more ]  [ reply ]
Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23232
Product: Photo Gallery WordPress plugin
Vendor: http://web-dorado.com/
Vulnerable Version(s): 1.1.30 and probably prior
Tested Version: 1.1.30
Advisory Publication: September 10, 2014 [without technical details]
Vendor Notification: September 10, 2014
Vendor Patch: September

[ more ]  [ reply ]
FreePBX (All Versions) RCE 2014-10-01
rob thomas schmoozecom com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We would like to announce that a significant security vulnerability has been discovered in all current versions of FreePBX.

A CVE has been requested from Mitre, but has yet to be provided.

Further details as they come to hand will be available from ht

[ more ]  [ reply ]
NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

VMware Security Advisory

Advisory ID: VMSA-2014-0010
Synopsis: VMware product updates address critical Bash
security vulnerabilities
Issue date: 2014-09-30
Updated on: 2014-09-30 (Initial Advisory)
CVE numbers: CVE-2014-6271, CVE-201

[ more ]  [ reply ]
[security bulletin] HPSBHF03119 rev.1 - HP DreamColor Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04468293

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04468293
Version: 1

HPSBHF03119 re

[ more ]  [ reply ]
[SECURITY] [DSA 3040-1] rsyslog security update 2014-09-30
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3040-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/
September 30, 2014

[ more ]  [ reply ]
[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution 2014-09-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04467807

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04467807
Version: 1

HPSBGN03117 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2014-09-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04463322

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04463322
Version: 1

HPSBMU03112 r

[ more ]  [ reply ]
[security bulletin] HPSBST02958 rev.1 - HP MPIO Device Specific Module Manager, Local Execution of Arbitrary Code with Privilege Elevation 2014-09-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04048122

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04048122
Version: 1

HPSBST02958 r

[ more ]  [ reply ]
All In One Wordpress Firewall 3.8.3 - Persistent Vulnerability 2014-09-30
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
All In One Wordpress Firewall 3.8.3 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1325

Release Date:
=============
2014-09-29

Vulnerability Laboratory ID (VL-ID):
========================

[ more ]  [ reply ]
PayPal Inc Bug Bounty #71 PPM - Persistent Filter Vulnerability 2014-09-30
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc Bug Bounty #71 PPM - Persistent Filter Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=870

PayPal Security UID: Roc83bl

Release Date:
=============
2014-09-24

Vulnerability Laboratory ID (VL

[ more ]  [ reply ]
PayPal Inc Bug Bounty #59 - Persistent Mail Encoding Vulnerability 2014-09-30
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc Bug Bounty #59 - Persistent Mail Encoding Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=844

PayPal Security UID: CabdfGa

Release Date:
=============
2014-09-23

Vulnerability Laboratory ID

[ more ]  [ reply ]
London DEFCON - September 30th 2014 2014-09-30
Major Malfunction (majormal pirate-radio org)
Yes, that's tonight!

Apologies for the late notice - I've been travelling. A lot.

In the meantime, The Phoenix finished their refurb and is back up and
running, and looking pretty swanky, so I'm looking forward to seeing
what's new... Let's hope they haven't changed the beer! :)

We don't have a

[ more ]  [ reply ]
[slackware-security] bash (SSA:2014-272-01) 2014-09-29
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bash (SSA:2014-272-01)

New bash packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patc

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2014-271-03) 2014-09-29
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2014-271-03)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-271-02) 2014-09-29
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-271-02)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
(Page 11 of 1569)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus