BugTraq Mode:
(Page 14 of 1575)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >
[CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability 2014-10-16
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability

1. **Advisory Information**

Title: SAP Netweaver Enqueue Server Trace Pattern Denial of Service
Vulnerability
Advisory ID: CORE-2014-0007
Advisory URL: ht

[ more ]  [ reply ]
[SECURITY] [DSA 3053-1] openssl security update 2014-10-16
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3053-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
October 16, 2014

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability 2014-10-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20120126-ironport

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis
co-sa-20120126-ironport

Revision 2.0

Last U

[ more ]  [ reply ]
[SECURITY] [DSA 3052-1] wpa security update 2014-10-16
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3052-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
October 15, 2014

[ more ]  [ reply ]
[security bulletin] HPSBMU03126 rev.1 - HP Operations Manager (formerly OpenView Communications Broker), Remote Cross-site Scripting (XSS) 2014-10-15
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04472444

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04472444
Version: 1

HPSBMU03126 re

[ more ]  [ reply ]
[security bulletin] HPSBHF03125 rev.1 - HP Next Generation Firewall (NGFW) running Bash Shell, Remote Code Execution 2014-10-15
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04471538

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04471538
Version: 1

HPSBHF03125 re

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2014-288-01) 2014-10-15
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2014-288-01)

New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
Bypassing blacklists based on IPy 2014-10-15
Nicolas Grégoire (nicolas gregoire agarri fr)

IPy is a Python "class and tools for handling of IPv4 and IPv6 addresses
and networks" (https://github.com/haypo/python-ipy). This library is
sometimes used to implement blacklists forbidding internal, private or
loopback addresses.

Using octal encoding (supported by urllib2), it is possible to by

[ more ]  [ reply ]
[SECURITY] [DSA 3051-1] drupal7 security update 2014-10-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3051-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 15, 2014

[ more ]  [ reply ]
Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability 2014-10-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

Advisory ID: cisco-sa-20141015-poodle

Revision 1.0

For Public Release 2014 October 15 17:30 UTC (GMT)

+--------------------------------------------

[ more ]  [ reply ]
Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability 2014-10-15
Stefan Horst (stefan horst sektioneins de)
SektionEins GmbH
www.sektioneins.de

-= Security Advisory =-

Advisory: Drupal - pre-auth SQL Injection Vulnerability
Release Date: 2014/10/15
Last Modified: 2014/10/15
Author: Stefan Horst [stefan.horst[at]sektioneins.de]
Applic

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software 2014-10-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software

Advisory ID: cisco-sa-20141015-vcs

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis
co-sa-20141015-

[ more ]  [ reply ]
Cisco Security Advisory: Cisco TelePresence MCU Software Memory Exhaustion Vulnerability 2014-10-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco TelePresence MCU Software Memory Exhaustion Vulnerability

Advisory ID: cisco-sa-20141015-mcu

Revision 1.0

For Public Release 2014 October 15 16:00 UTC (GMT)

+-----------------------------------------------------------

[ more ]  [ reply ]
SEC Consult SA-20141015-0 :: Potential Cross-Site Scripting in ADF Faces 2014-10-15
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20141015-0 >
=======================================================================
title: Potential Cross-Site Scripting
product: ADF Faces
vulnerable version: 12.1.2.0

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in MaxButtons WordPress Plugin 2014-10-15
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23237
Product: MaxButtons WordPress plugin
Vendor: Max Foundry
Vulnerable Version(s): 1.26.0 and probably prior
Tested Version: 1.26.0
Advisory Publication: September 24, 2014 [without technical details]
Vendor Notification: September 24, 2014
Vendor Patch: October 2, 2014
Public

[ more ]  [ reply ]
Multiple Cross-Site Scripting (XSS) in WP Google Maps WordPress Plugin 2014-10-15
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23236
Product: WP Google Maps WordPress plugin
Vendor: WP Google Maps
Vulnerable Version(s): 6.0.26 and probably prior
Tested Version: 6.0.26
Advisory Publication: September 24, 2014 [without technical details]
Vendor Notification: September 24, 2014
Vendor Patch: September 29, 2

[ more ]  [ reply ]
Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability 2014-10-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1129

PayPal Security UID: TM13a2uL

Release Date:
=============
2014-10-14

Vulnerabilit

[ more ]  [ reply ]
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities 2014-10-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1303

Release Date:
=============
2014-10-13

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability 2014-10-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=940
http://www.vulnerability-lab.com/get_content.php?id=1274

Release Date:
=============
2014-10-02

Vulnerabil

[ more ]  [ reply ]
PayPal Inc BB #98 MOS - Persistent Settings Vulnerability 2014-10-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc BB #98 MOS - Persistent Settings Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=983

Release Date:
=============
2014-10-13

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
[SECURITY] [DSA 3049-1] wireshark security update 2014-10-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3049-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 14, 2014

[ more ]  [ reply ]
[SE-2014-01] Breaking Oracle Database through Java exploits (details) 2014-10-14
Security Explorations (contact security-explorations com)

Hello All,

Oracle Oct 2014 CPU addresses 22 security issues affecting Java VM
implementation embedded in Oracle Database software.

We have published details of the fixed issues and a description of
some privilege elevation techniques abusing a complete Java security
sandbox bypass condition for g

[ more ]  [ reply ]
two browser mem disclosure bugs (CVE-2014-1580 and CVE-something-or-other) 2014-10-14
Michal Zalewski (lcamtuf coredump cx)
First of all, CVE-2014-1580 (MSFA 2014-78) is a bug that caused
Firefox prior to version 33 (released today) to leak bits of
uninitialized memory when rendering certain types of truncated images
onto <canvas>.

Mozilla's advisory is here:
https://www.mozilla.org/security/announce/2014/mfsa2014-78.ht

[ more ]  [ reply ]
LiveZilla 5.3.0.7 Security Issue 2014-10-14
sourav infosec gmail com
I had reported few xss issues on LiveZilla 5.3.0.7 . They fixed it properly and informed me. Now latest build is 5.3.0.8 / 2014-09-25.

http://changelog.livezilla.net/

Can you help me regarding CVE. I can send you the vulnerability details.

[ more ]  [ reply ]
[security bulletin] HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage (SMH), Remote Cross-Site Request Forgery 2014-10-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04476799

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04476799
Version: 1

HPSBUX03139 SS

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-10-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco Unified Communications Domain Manager

Advisory ID: cisco-sa-20140702-cucdm

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis
co-sa-20140702-cucdm

Revision 3.0

Last Updated 2014 October 13 15:5

[ more ]  [ reply ]
[security bulletin] HPSBGN03138 rev.1 - HP Operations Analytics running Bash Shell, Remote Code Execution 2014-10-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04475942

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04475942
Version: 1

HPSBGN03138 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03133 rev.1 - HP Enterprise Maps Virtual Appliance running Bash Shell, Remote Code Execution 2014-10-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04475347

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04475347
Version: 1

HPSBMU03133 r

[ more ]  [ reply ]
Reminder: Passwords14 CFP + registration announcement 2014-10-13
Per Thorsheim (per thorsheim net)
The Passwords conference was launched in 2010 as a response to the lack
of robustness and usability of current personal authentication practices
and solutions. Annual participation has doubled over the past three
years. Venue: NTNU campus, Trondheim, Norway.

1. CFP
Our CFP closes on October 27. We

[ more ]  [ reply ]
PayPal Inc BB #96 - Persistent Tags Vulnerability 2014-10-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc BB #96 - Persistent Tags Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=954

PayPal Security UID: apf87gW

Release Date:
=============
2014-10-08

Vulnerability Laboratory ID (VL-ID):
========

[ more ]  [ reply ]
(Page 14 of 1575)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus