BugTraq Mode:
(Page 14 of 1569)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >
Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)
hope that it will help promote public safety. This advisory comes with
absolutely NO WARRANTY; not even the implied warranty of merchantability or
fitness for a particular purpose. Neither Virtual Security Research, LLC nor
the author accepts any liability for any direct, indirect, or consequentia

[ more ]  [ reply ]
[SECURITY] [DSA 3028-1] icedove security update 2014-09-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3028-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 17, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3027-1] libav security update 2014-09-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3027-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 17, 2014

[ more ]  [ reply ]
APPLE-SA-2014-09-17-2 Apple TV 7 2014-09-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-09-17-2 Apple TV 7

Apple TV 7 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker can obtain WiFi credentials
Description: An attacker could have impersonated a W

[ more ]  [ reply ]
APPLE-SA-2014-09-17-1 iOS 8 2014-09-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-09-17-1 iOS 8

iOS 8 is now available and addresses the following:

802.1X
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker can obtain WiFi credentials
Description: An attac

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in MODX Revolution 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23229
Product: MODX Revolution
Vendor: MODX
Vulnerable Version(s): 2.3.1-pl and probably prior
Tested Version: 2.3.1-pl
Advisory Publication: August 20, 2014 [without technical details]
Vendor Notification: August 20, 2014
Vendor Patch: September 11, 2014
Public Disclosure: Septe

[ more ]  [ reply ]
Path Traversal in webEdition 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23227
Product: webEdition
Vendor: webEdition e.V.
Vulnerable Version(s): 6.3.8.0 (SVN-Revision: 6985) and probably prior
Tested Version: 6.3.8.0 (SVN-Revision: 6985)
Advisory Publication: August 6, 2014 [without technical details]
Vendor Notification: August 6, 2014
Vendor Patch

[ more ]  [ reply ]
MIUI Torch Open Vulnerability 2014-09-17
vuln nipc org cn
MIUI Torch Open Vulnerability
I. Summary
com.android.systemui is the corresponding package of MiuiSystemUI.apk, a MIUI system application that manages user

interface and other functions. When started by NFC tag, the torch in NFC mobile phone will be open automatically.
------------------------

[ more ]  [ reply ]
MIUI Wifi Connection Message Vulnerability 2014-09-17
vuln nipc org cn
MIUI Wifi Connection Message Vulnerability

I. Summary
Wifi Connection Message is written to a NFC tag, which can be touched by a NFC mobile phone for connecting wireless AP

automatically. A logic flaw has been found in MIUI that is a Android ROM. The flaw can be used to turn on wifi, with the

h

[ more ]  [ reply ]
Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC) 2014-09-17
vuln nipc org cn
I. Summary
Bluetooth Pairing Packet is written to a NFC tag, which can be touched by a NFC mobile phone for bluetooth pairing. A logic flaw has been found in some

versions of Andorid mobile phone. The flaw can cause NFC phones'bluetooth turned on, regardless of whether the pairing succeeds or not.

[ more ]  [ reply ]
[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Delphi and C++ Builder VCL library Heap Buffer Overflow

1. *Advisory Information*

Title: Delphi and C++ Builder VCL library Heap Buffer Overflow
Advisory ID: CORE-2014-0006
Advisory URL:
http://www.coresecurity.com/advisories/del

[ more ]  [ reply ]
[SECURITY] [DSA 3026-1] dbus security update 2014-09-16
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3026-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
September 16, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3025-1] apt security update 2014-09-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3025-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 16, 2014

[ more ]  [ reply ]
USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability 2014-09-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1316

Release Date:
=============
2014-09-15

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Osclass Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-6280 2014-09-16
Onur Yilmaz (onur netsparker com)
Information
------------
Advisory by Netsparker.
Name: XSS Vulnerability in OsClass
Affected Software : OsClass
Affected Versions: 3.4.1 and possibly below
Vendor Homepage : http://osclass.org/
Vulnerability Type : Cross-site Scripting
Severity : Critical
CVE-ID: CVE-2014-6280
Netsparker Advisory Re

[ more ]  [ reply ]
Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308 2014-09-16
Onur Yilmaz (onur netsparker com)
Information
-----------
Advisory by Netsparker.
Name : LFI Vulnerability in OsClass
Affected Software : OsClass
Affected Versions: 3.4.1 and possibly below
Vendor Homepage : http://osclass.org/
Vulnerability Type : Local File Inclusion
Severity : Critical
CVE-ID: CVE-2014-6308
Netsparker Advisory Re

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:19.tcp 2014-09-16
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:19.tcp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities

EMC Identifier: ESA-2014-091

CVE Identifier: CVE-2014-4621, CVE-2014-4622

Severity Rating: CVSS v2 Base Score: See below for individual scores for eac

[ more ]  [ reply ]
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 2014-09-15
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1319

Release Date:
=============
2014-09-11

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)
CALL FOR PAPERS AND TUTORIALS

PASSWORDS'14
passwordscon.org

The 7th International Conference on Passwords
8-10 December 2014
Trondheim,Norway

The P

[ more ]  [ reply ]
Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)
Product: OX App Suite
Vendor: Open-Xchange GmbH

Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.6.0 and earlier
Vulnerable component: frontend
Fixed version: 7.4.2-rev33, 7.6.0-rev16
Report confidence: Confirmed
Solution status: Fixed by Vendor
Vendor notification: 2014-07-

[ more ]  [ reply ]
Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)
PRODUCT DESCRIPTION

The Aztech ADSL family of modems/routes are shipped to residential and SOHO users that desires speed from 150-300mbps rate. This modem/router also supports IEEE802.11b/g/n as a Wireless LAN Access point. The vulnerable model numbers are: DSL5018EN (1T1R) (Shipped with Globe Tele

[ more ]  [ reply ]
Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com
A fix is now avaiable from vendor site

link: http://www.rejetto.com/hfs/download

[ more ]  [ reply ]
[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04426586

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04426586
Version: 1

HPSBOV03099 re

[ more ]  [ reply ]
HttpFileServer 2.3.x Remote Command Execution 2014-09-12
danielelinguaglossa gmail com
Affected software: http://sourceforge.net/projects/hfs/
Version : 2.3x
# Exploit Title: HttpFileServer 2.3.x Remote Command Execution
# Google Dork: intext:"httpfileserver 2.3"
# Date: 11-09-2014
# Remote: Yes
# Exploit Author: Daniele Linguaglossa
# Vendor Homepage: http://rejetto.com/
# Software L

[ more ]  [ reply ]
[SECURITY] [DSA 3024-1] gnupg security update 2014-09-11
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3024-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
Septem

[ more ]  [ reply ]
[SECURITY] [DSA 3023-1] bind9 security update 2014-09-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3023-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 11, 2014

[ more ]  [ reply ]
NEW VMSA-2014-0009 VMware NSX and vCNS product updates address a critical information disclosure vulnerability 2014-09-11
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2014-0009
Synopsis: VMware NSX and vCNS product updates address a critical
information disclosure v

[ more ]  [ reply ]
Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland 2014-09-11
jackie sdiwc info
The International Conference on Semantic Web Business and Innovation
(SWBI2015)

The University of Applied Sciences and Arts Western Switzerland (HES-SO
Valais-Wallis)
October 7-9, 2015
http://sdiwc.net/conferences/swbi2015/

All registered papers will be included in SDIWC Digital Library.
=======

[ more ]  [ reply ]
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1317

Release Date:
=============
2014-09-10

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
(Page 14 of 1569)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus