BugTraq Mode:
(Page 14 of 1680)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >
op5 v7.1.9 Remote Command Execution 2016-04-06
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/OP5-REMOTE-CMD-EXECUTION.txt

Vendor:
============
www.op5.com

Product:
===========
op5 v7.1.9

op5 Monitor is a software product for server, Network monitoring and management

[ more ]  [ reply ]
CA20160405-01: Security Notice for CA API Gateway 2016-04-05
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20160405-01: Security Notice for CA API Gateway

Issued: April 5, 2016
Last Updated: April 5, 2016

CA Technologies Support is alerting customers to a Medium risk
vulnerability with CA API Gateway (formerly known as Layer7 API
Gateway). A vulnerabil

[ more ]  [ reply ]
[SECURITY] [DSA 3543-1] oar security update 2016-04-05
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3543-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
April 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3542-1] mercurial security update 2016-04-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3542-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 05, 2016

[ more ]  [ reply ]
Apple iOS 9.3.1 (iPhone 6S & iPhone Plus) - (3D Touch) Passcode Bypass Vulnerability 2016-04-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Apple iOS 9.3.1 (iPhone 6S & iPhone Plus) - (3D Touch) Passcode Bypass
Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1814

Release Date:
=============
2016-04-05

Vulnerability Laboratory ID (VL-ID):
==

[ more ]  [ reply ]
[SECURITY] [DSA 3541-1] roundcube security update 2016-04-05
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3541-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
April 05, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03569 rev.1 - HPE OneView for VMware vCenter (OV4VC), Remote Disclosure of Information 2016-04-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05068681

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05068681
Version: 1

HPSBGN03569 r

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2016-095-01) 2016-04-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2016-095-01)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit 2016-04-04
lists (at) exploits4coins (dot) com [email concealed] (lists exploits4coins com)
## Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit ##

This particular vulnerability makes it possible to force a Stratum Mining
Pool to accept "invalid" shares by the thousands for each mining pool
round. It is possible to make pure money from this vulnerability. The
exploit is real but

[ more ]  [ reply ]
ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability 2016-04-04
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability

EMC Identifier: ESA-2016-034

CVE Identifier: CVE-2016-0888

Severity Rating: CVSS v3 Base Score: 8.8(AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected products:

? Documentum D

[ more ]  [ reply ]
[SE-2012-01] Broken security fix in IBM Java 7/8 2016-04-04
Security Explorations (contact security-explorations com) (1 replies)

Hello All,

Those concerned about security of IBM Java [1] may find this post
interesting.

We discovered that a fix for a security vulnerability (Issue 67)
[2] we reported to the company in May 2013 didn't address the
problem properly.

This is the 6th instance of a broken patch we encountered fro

[ more ]  [ reply ]
Re: [SE-2012-01] Broken security fix in IBM Java 7/8 2016-04-05
Security Explorations (contact security-explorations com)
CVE-2016-2191: optipng: invalid write 2016-04-04
Hans Jerry Illikainen (hji dyntopia com)
An invalid write may occur in optipng before version 0.7.6 while
processing bitmap images due to `crt_row' being (inc|dec)remented
without any boundary checking when encountering delta escapes.

optipng-0.7.5/src/pngxtern/pngxrbmp.c:
,----
| 210 static size_t
| 211 bmp_read_rows(png_bytepp begin_row

[ more ]  [ reply ]
ManageEngine Password Manager Pro Multiple Vulnerabilities 2016-04-04
Sebastian Perez (s3bap3 gmail com)
[Systems Affected]
Product : ManageEngine Password Manager Pro
Company : ZOHO Corp.
Build Number : 8.1 to 8.3 and probably earlier versions
Affected Versions : 8102 to 8302 and probably earlier versions

[Product Description]
Password Manager Pro is a secure vault for storing and man

[ more ]  [ reply ]
FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability 2016-04-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename)
Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1687

Fortinet PSIRT ID: 1624561

Release Date:
=============
2016-04-04

[ more ]  [ reply ]
Techsoft Web Solutions CMS 2016 Q2 - SQL Injection Web Vulnerability 2016-04-04
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
Techsoft Web Solutions CMS (2016 Q2) - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1810

Release Date:
=============
2016-04-04

Vulnerability Laboratory ID (VL-ID):
===============

[ more ]  [ reply ]
Wordpress Scoreme Theme - Client Side Cross Site Scripting Web Vulnerability 2016-04-04
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
Wordpress Scoreme Theme - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1808

Release Date:
=============
2016-04-01

Vulnerability Laboratory ID (VL-ID):
=========

[ more ]  [ reply ]
Bugcrowd CSV injection vulnerability 2016-04-04
Hack Ex (hackexfan gmail com)
Description:

A vulnerability in the file upload feature allows attackers to send
malicious csv files. By using the Microsoft Excel DDE function an
attacker can launch arbritary commands on the victims system.

Many companies don't allow xslx or docx files to be uploaded by
security testers, because

[ more ]  [ reply ]
[SECURITY] [DSA 3540-1] lhasa security update 2016-04-03
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3540-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
April 03, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3539-1] srtp security update 2016-04-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3539-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 02, 2016

[ more ]  [ reply ]
Open-Xchange Security Advisory 2016-04-02 2016-04-02
Martin Heiland (martin heiland lists open-xchange com)
Product: Open-Xchange Server 6 / OX AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 44409 (Bug ID)
Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.8.0 and earlier
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version

[ more ]  [ reply ]
[security bulletin] HPSBGN03565 rev.1 - HPE Virtualization Performance Viewer, Local Denial of Service (DoS) 2016-04-02
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05068676

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05068676
Version: 1

HPSBGN03565 r

[ more ]  [ reply ]
[slackware-security] mercurial (SSA:2016-092-01) 2016-04-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mercurial (SSA:2016-092-01)

New mercurial packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+-----------------------

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-092-02) 2016-04-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-092-02)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.6.2

[ more ]  [ reply ]
[security bulletin] HPSBHF03431 rev.3 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2016-04-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04920918

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04920918
Version: 3

HPSBHF03431 r

[ more ]  [ reply ]
[security bulletin] HPSBUX03561 rev.1 - HPE HP-UX using Apache Tomcat, Remote Access Restriction Bypass, Arbitrary Code Execution, Execution of Arbitrary Code With Privilege Elevation, Unauthorized Read Access to Files 2016-04-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05054964

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05054964
Version: 1

HPSBUX03561 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03567 rev.1 - HP Asset Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-04-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05064889

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05064889
Version: 1

HPSBGN03567 r

[ more ]  [ reply ]
[security bulletin] HPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files 2016-04-01
HP Security Alert (hp-security-alert hp com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c0505471
4

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05054714
Version: 1

HPSBGN3547 rev.1 - HP Devic

[ more ]  [ reply ]
APPLE-SA-2016-03-31-1 iBooks Author 2.4.1 2016-03-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-03-31-1 iBooks Author 2.4.1

iBooks Author 2.4.1 is now available and addresses the following:

iBooks Author
Available for: OS X Yosemite v10.10 or later
Impact: Parsing a maliciously crafted iBooks Author file may lead to
disclosure

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2016-0003 2016-03-31
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2016-0003
------------------------------------------------------------------------

Date reported : March 31, 2016
Advisory ID : WSA-2016-0003
Advisory

[ more ]  [ reply ]
(Page 14 of 1680)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus