BugTraq Mode:
(Page 13 of 1556)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
SEC Consult SA-20140710-0 :: Multiple critical vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20140710-0 >
=======================================================================
title: Multiple critical vulnerabilities in Shopizer webshop
product: Shopizer
vulnerable v

[ more ]  [ reply ]
[security bulletin] HPSBMU03070 rev.1 - HP Cloud Service Automation, OpenSSL Vulnerability, Unauthorized Access, Disclosure of Information 2014-07-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04368546

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04368546
Version: 1

HPSBMU03070 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03069 rev.1 - HP Software Operation Orchestration, OpenSSL Vulnerability, SSL/TLS, Remote Code Execution, Denial of Service (DoS), Disclosure of Information 2014-07-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04368523

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04368523
Version: 1

HPSBMU03069 re

[ more ]  [ reply ]
[SECURITY] [DSA 2975-1] phpmyadmin security update 2014-07-09
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2975-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
July 09, 2014

[ more ]  [ reply ]
Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products

Advisory ID: cisco-sa-20140709-struts2

Revision 1.0

For Public Release 2014 July 9 16:00 UTC (GMT)

+---------------------------------------------------------------------

Su

[ more ]  [ reply ]
Weak Local Database Credentials in Infoblox Network Automation 2014-07-09
nate depthsecurity com
Product: Network Automation
? NetMRI
? Switch Port Manager
? Automation Change Manager
? Security Device Controller

Vendor: InfoBlox
Vulnerable Version(s): 6.4.X.X-6.8.4.X
Tested Version: 6.8.2.11

Vendor Notification: May 12th, 2014
Public Disclosure: July 9th, 2014

Vulnerability Type: OS Comma

[ more ]  [ reply ]
OS Command Injection Infoblox Network Automation 2014-07-09
nate depthsecurity com
Product: Network Automation, licensed as:
? NetMRI
? Switch Port Manager
? Automation Change Manager
? Security Device Controller

Vendor: Infoblox
Vulnerable Version(s): 6.4.X.X-6.8.4.X
Tested Version: 6.8.2.11

Vendor Notification: May 12th, 2014
Vendor Patch Avail

[ more ]  [ reply ]
[ MDVSA-2014:132 ] libxfont 2014-07-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:132
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:131 ] file 2014-07-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:131
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:129 ] ffmpeg 2014-07-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:129
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:130 ] php 2014-07-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:130
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:128 ] iodine 2014-07-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:128
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:127 ] gnupg 2014-07-09
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:127
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Android NFC Service Denial of Service 2014-07-09
vuln nipc org cn
Android NFC Service Denial of Service

------------------------------------------------------------------
I. Summary

NFC Service is a process of Android OS for providing access to NFC functionality, allowing

applications to read NDEF message in NFC tags. A flaw has beend found in NFC Service impl

[ more ]  [ reply ]
CVE-2014-4331 OctavoCMS reflected XSS vulnerability 2014-07-09
andreu antonio gmail com
This proprietary content management software is vulnerable to reflected XSS on the file admin/viewer.php, src parameter.

Current release on their demo site is vulnerable, same as other few sites I could find.

PoC: http://demo.octavocms.com/admin/viewer.php?src=%22%3E%3C/img%3E%3Ch2%3ET
his%20is%20a

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco Unified Communications Domain Manager

Advisory ID: cisco-sa-20140702-cucdm

Revision 2.0

Last Updated 2014 July 8 21:14 UTC (GMT)

For Public Release 2014 July 2 16:00 UTC (GMT)

Summary
=======

Cisco Unified Comm

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:17.kmem 2014-07-08
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:17.kmem Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 2974-1] php5 security update 2014-07-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2974-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
July 08, 2014

[ more ]  [ reply ]
[security bulletin] HPSBMU03065 rev.1 - HP Operations Analytics, OpenSSL Vulnerability, SSL/TLS, Remote Code Execution, Denial of Service (DoS), Disclosure of Information 2014-07-08
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04363613

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04363613
Version: 1

HPSBMU03065 re

[ more ]  [ reply ]
[ MDVSA-2014:126 ] phpmyadmin 2014-07-08
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:126
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX 2014-07-08
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Runtime Linker Allows Privilege Escalation Via
Arbitrary File Writes in IBM AIX
CVE: CVE-2014-3074
Vendor: IBM
Product: AIX
Affected version: AIX 6.1 and 7.1 and VIOS 2.2.*
Reported by: Tim Brown

Details:
It has been identified that the runtime linker allows privilege
escalatio

[ more ]  [ reply ]
Abusing Oracle's CREATE DATABASE LINK Privilege for fun and Profit 2014-07-08
Sumit Siddharth (sid notsosecure com)
A small blog on how a web based SQLi can be abused to obtain privilege
escalation and ultimately remote code execution against Oracle Database:

http://www.notsosecure.com/blog/2014/07/08/abusing-oracles-create-databa
se-l
ink-privilege-for-fun-and-profit/

Thanks
Sid

Founder/Director
NotSoSecure

[ more ]  [ reply ]
[security bulletin] HPSBGN03050 rev.1 - HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-07-08
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04343424

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04343424
Version: 1

HPSBGN03050 re

[ more ]  [ reply ]
[SECURITY] [DSA 2973-1] vlc security update 2014-07-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2973-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 07, 2014

[ more ]  [ reply ]
ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability

EMC Identifier: ESA-2014-057

CVE Identifier: CVE-2014-2510

Severity Rating: CVSS v2 Base Score: 8 (AV:N/AC:L/Au:S/C:C/I:P/A:P)

Affected products:

[ more ]  [ reply ]
ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities 2014-07-07
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities

EMC Identifier: ESA-2014-064

CVE Identifier: CVE-2014-2513, CVE-2014-2514

Severity Rating: CVSS v2 Base Score: Refer below for scores for each CVE.

Affecte

[ more ]  [ reply ]
Photo Org WonderApplications v8.3 iOS - File Include Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Photo Org WonderApplications v8.3 iOS - File Include Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1277

Release Date:
=============
2014-07-04

Vulnerability Laboratory ID (VL-ID):
====================

[ more ]  [ reply ]
[SECURITY] CVE-2014-3503 Apache Syncope 2014-07-07
Francesco Chicchiriccò (ilgrosso apache org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-3503: Insecure Random implementations used to generate passwords in
Apache Syncope

Severity: Major

Vendor: The Apache Software Foundation

Versions Affected:

This vulnerability affects all versions of Apache Syncope 1.1.x prior to
1.1.8

[ more ]  [ reply ]
Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Yahoo! Bug Bounty #25 Flickr API - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1132

Release Date:
=============
2014-07-06

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability 2014-07-07
Vulnerability Lab (admin vulnerability-lab com)
Document Title:
===============
Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1050

PayPal Security UID: Pq115cey

Release Date:
=============
2014

[ more ]  [ reply ]
(Page 13 of 1556)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus