BugTraq Mode:
(Page 13 of 1709)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
[SECURITY] [DSA 3709-1] libxslt security update 2016-11-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3709-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 08, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03670 rev.1 - HPE Business Service Management (BSM) using Java Deserialization, Remote Code Execution 2016-11-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053274
47

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05327447

Version: 1

HPSBGN03670 rev.1

[ more ]  [ reply ]
URL Redirection Vulnerability In Verint Impact 360 2016-11-08
sanehsingh controlcase com
URL Redirection Vulnerability In Verint Impact 360

Overview
========

* Title : URL Redirection Vulnerability In Verint Impact 360
* Author: Sanehdeep Singh
* Plugin Homepage: http://www.verint.com
* Severity: Medium
* Version Affected: 11.1
* Version patched: Patches available. Contact Vendor

De

[ more ]  [ reply ]
Cross-Site Scripting in Calendar WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Calendar WordPress Plugin
------------------------------------------------------------------------

Remco Vermeulen, July 2016

------------------------------------------------------------------------

Abs

[ more ]  [ reply ]
Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress
Plugin
------------------------------------------------------------------------

Burak Kelebek, October 2016

----------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-------------------------------------------------------

[ more ]  [ reply ]
Cross Site Scripting Vulnerability In Verint Impact 360 2016-11-08
sanehsingh controlcase com
Overview
========

* Title : Cross Site Scripting Vulnerability In Verint Impact 360
* Author: Sanehdeep Singh
* Plugin Homepage: http://www.verint.com
* Severity: Medium
* Version Affected: 11.1
* Version patched: Patches available. Contact Vendor

Description
===========

About the Product
=====

[ more ]  [ reply ]
[SECURITY] [DSA 3707-1] openjdk-7 security update 2016-11-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3707-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 07, 2016

[ more ]  [ reply ]
[CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow 2016-11-07
Pedro Ribeiro (pedrib gmail com)
tl;dr

A stack bof in several Dlink routers, which can be exploited by an
unauthenticated attacker in the LAN. There is no patch as Dlink did not
respond to CERT's requests. As usual, a Metasploit module is in the
queue (see [9] below) and should hopefully be integrated soon.

The interesting thing

[ more ]  [ reply ]
[security bulletin] HPSBGN03643 rev.1 - HPE KeyView using Filter SDK, Remote Code Execution 2016-11-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053258
36

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05325836

Version: 1

HPSBGN03643 rev.1

[ more ]  [ reply ]
Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1931

Release Date:
=============
2016-11-07

Vulnerability Laboratory ID (VL-ID):
==================

[ more ]  [ reply ]
Edusson (Robotdon) - Client Side Cross Site Scripting Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Edusson (Robotdon) BB - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1871

Release Date:
=============
2016-11-04

Vulnerability Laboratory ID (VL-ID):
================

[ more ]  [ reply ]
Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1870

Release Date:
=============
2016-11-03

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
iedb team gmail com
Cross-Site Scripting in Faraznet Cms Version 4.x

###########################

# Faraznet Cms Cross-Site Scripting Vulnerability

###########################

#####################################

# Iranian Exploit DataBase And Security Team - iedb.ir

# Title : Faraznet Cms Cross-Site Scripting V

[ more ]  [ reply ]
Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
iedb team gmail com
Cross-Site Scripting in Faraznet Cms Version 4.x

###########################

# Faraznet Cms Cross-Site Scripting Vulnerability

###########################

#####################################

# Iranian Exploit DataBase And Security Team - iedb.ir

# Title : Faraznet Cms Cross-Site Scripting V

[ more ]  [ reply ]
WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow 2016-11-05
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFF
ER-OVERFLOW.txt

[+] ISR: Apparition Security

Vendor:
============
www.labf.com

Product:
================
WinaXe v7.7 FTP

The X W

[ more ]  [ reply ]
Axessh 4.2.2 Denial Of Service 2016-11-05
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt

[+] ISR: ApparitionSec

Vendor:
============
www.labf.com

Product:
=============
Axessh 4.2.2

Axessh is a SSH client. It is a supe

[ more ]  [ reply ]
Rapid PHP Editor CSRF Remote Command Execution 2016-11-05
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/RAPID-PHP-EDITOR-REMOTE-CMD-E
XEC.txt

[+] ISR: Apparition Security

Vendor:
======================
www.rapidphpeditor.com

Product:
==============================

[ more ]  [ reply ]
[security bulletin] HPSBGN03656 rev.1 - HPE Network Node Manager i (NNMi) Software using Java Deserialization, Remote Arbitrary Code Execution and Cross-Site Scripting 2016-11-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053258
23

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05325823

Version: 1

HPSBGN03656 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBGN03657 rev.1 - HPE Network Node Manager i (NNMi) Software, Local Code Execution 2016-11-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053258
11

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05325811

Version: 1

HPSBGN03657 rev.1

[ more ]  [ reply ]
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution 2016-11-04
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution

Title: Sophos Web Appliance Remote Code Execution
Advisory ID: KL-001-2016-009
Publication Date: 2016.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt

1. Vulnerability Details

Affected Vend

[ more ]  [ reply ]
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation 2016-11-04
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation

Title: Sophos Web Appliance Privilege Escalation
Advisory ID: KL-001-2016-008
Publication Date: 2016.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-008.txt

1. Vulnerability Details

Affected Vendor

[ more ]  [ reply ]
MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) 2016-11-04
Dawid Golunski (dawid legalhackers com)
CVE-2016-6664 / (Oracle)CVE-2016-5617
Vulnerability: MySQL / MariaDB / PerconaDB - Root Privilege Escalation

Discovered by:
Dawid Golunski
@dawid_golunski
https://legalhackers.com

MySQL-based databases including MySQL, MariaDB and PerconaDB are affected
by a privilege escalation vulnerability whic

[ more ]  [ reply ]
[security bulletin] HPSBUX03665 rev.1 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection 2016-11-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247
59

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759

Version: 1

HPSBUX03665 rev.1

[ more ]  [ reply ]
Axessh 4.2.2 Denial Of Service 2016-11-04
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt

[+] ISR: ApparitionSec

Vendor:
============
www.labf.com

Product:
=============
Axessh 4.2.2

Axessh is a SSH client. It is a supe

[ more ]  [ reply ]
[security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS) 2016-11-02
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053211
07

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05321107

Version: 1

HPSBUX03664 SSRT11

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability

Advisory ID: cisco-sa-20161102-cms

Revision: 1.0

For Public Release 2016 November 2 16:00 UTC (GMT)

+-----------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20161102-tl1

Revision: 1.0

For Public Release 2016 November 2 16:00 UTC (GMT)

+-------------------------------------------

[ more ]  [ reply ]
Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the first
entry in that series.
The below information is also available on my blog at
http://blog.skylined.nl/20161101001.html. There you can find a repro
that triggered

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-305-04) 2016-11-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-305-04)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
(Page 13 of 1709)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus