BugTraq Mode:
(Page 15 of 1672)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >
[SYSS-2015-071] perfact::mpa - Cross-Site Request Forgery 2016-02-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-071
Product(s): perfact::mpa
Manufacturer: PerFact Innovation GmbH & Co. KG
Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2
Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2
Vu

[ more ]  [ reply ]
[SYSS-2015-072] perfact::mpa - Insecure Direct Object References 2016-02-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-072
Product(s): perfact::mpa
Manufacturer: PerFact Innovation GmbH & Co. KG
Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2
Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2
Vu

[ more ]  [ reply ]
[SYSS-2015-073] perfact::mpa - URL Redirection to Untrusted Site 2016-02-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-073
Product(s): perfact::mpa
Manufacturer: PerFact Innovation GmbH & Co. KG
Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2
Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2
Vu

[ more ]  [ reply ]
Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability 2016-02-29
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1772

Release Date:
=============
2016-02-29

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability 2016-02-29
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1771

Release Date:
=============
2016-02-29

Vulnerability Laboratory ID (VL-ID):
==============

[ more ]  [ reply ]
[SECURITY] [DSA 3495-1] xymon security update 2016-02-29
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3495-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
February 29, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3498-1] drupal7 security advisory 2016-02-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3498-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 28, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3499-1] pillow security update 2016-02-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3499-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 28, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3496-1] php-horde-core security update 2016-02-28
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3496-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
February 28, 2016

[ more ]  [ reply ]
Call For Papers - CISTI 2016 Workshops - Deadline March 15 2016-02-28
Maria Lemos (marialemos72 gmail com)
------------------------------------------------------------------------
-----
CISTI'2016 Workshops
Gran Canaria, Canary Islands, Spain
June 15 - 18, 2016
http://www.aisti.eu/cisti2016/index.php/es/xpto
------------------------------------------------------------------------
-----

Introduction
-----

[ more ]  [ reply ]
[SECURITY] [DSA 3497-1] php-horde security update 2016-02-28
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3497-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
February 28, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3494-1] cacti security update 2016-02-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3494-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
February 27, 2016

[ more ]  [ reply ]
Re: Symantec EP DOS 2016-02-27
hyp3rlinx lycos com
*** Be aware "Gerado Sanchez" is re-posting and stealing vulnerability reports work/credits as his own, he is also using similar nicknames, emails etc.

ORIGINAL Symantec EP DOS POST from "hyp3rlinx" is found here dated Jul 08 2015.
http://www.securityfocus.com/archive/1/535958

[ more ]  [ reply ]
[slackware-security] libssh (SSA:2016-057-01) 2016-02-26
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libssh (SSA:2016-057-01)

New libssh packages are available for Slackware 14.0, 14.1, and -current to
fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/li

[ more ]  [ reply ]
[security bulletin] HPSBGN03549 rev.1 - HP IceWall Products using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-02-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05008367

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05008367
Version: 1

HPSBGN03549 r

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 27): Cygwin's installers allow arbitrary (remote) code execution WITH escalation of privilege 2016-02-26
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

Cygwin's setup-x86.exe loads and executes UXTheme.dll
(on Windows XP also ClbCatQ.dll) and some more DLLs from its
"application directory".

For software downloaded with a web browser the application
directory is typically the user's "Downloads" directory: see
<https://insights.sei.cmu.edu/

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 28): Google's Chrome cleanup tool allows arbitrary (remote) code execution WITH escalation of privilege 2016-02-26
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

Google's software_removal_tool.exe alias Chrome Cleanup Tool loads
and executes several DLLs from its "application directory" during
runtime:

* Windows XP:
SetupAPI.dll, NTMarta.dll, ClbCatQ.dll, SRClient.dll, UXTheme.dll,
RASAPI32.dll, HNetCfg.dll, IPHlpAPI.dll, RASAdHlp.dll, XPSP2Res

[ more ]  [ reply ]
Zimbra Cross-Site Scripting vulnerabilities 2016-02-25
pxli fortinet com
Recently Zimbra Collaboration 8.6 Patch 5 was released. It fixed two Cross-Site Scripting vulnerabilities discovered by Fortinet's FortiGuard Labs.

More details can be found at
https://community.zimbra.com/collaboration/f/1884/t/1140919
http://www.fortiguard.com/advisory/fortinet-discovers-zimbra-c

[ more ]  [ reply ]
WordPress plugin wp-ultimate-exporter SQL injection vulnerability 2016-02-25
Henri Salo (henri nerv fi)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

After reading bugtraq post[1] I noticed additional vulnerability from WordPress
plugin wp-ultimate-exporter[2]. Versions 1.0 and 1.1 are affected of SQL
injection vulnerability without authentication.

1: http://seclists.org/bugtraq/2016/Feb/172
2: http

[ more ]  [ reply ]
APPLE-SA-2016-02-25-1 Apple TV 7.2.1 2016-02-25
Apple Product Security (product-security-noreply lists apple com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-02-25-1 Apple TV 7.2.1

Apple TV 7.2.1 is now available and addresses the following:

bootp
Available for: Apple TV (3rd Generation)
Impact: A malicious Wi-Fi network may be able to determine networks
a device has previously accessed

[ more ]  [ reply ]
[SECURITY] [DSA 3492-1] gajim security update 2016-02-25
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3492-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
February 25, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3493-1] xerces-c security update 2016-02-25
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3493-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
February 25, 2016

[ more ]  [ reply ]
CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-25
Cantor, Scott (cantor 2 osu edu) (1 replies)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input

Severity: Critical

Vendor: The Apache Software Foundation

Versions Affected: Apache Xerces-C XML Parser library versions
prior to V3.1.3

Description: The Xerces-C XML parser mish

[ more ]  [ reply ]
RE: CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-26
Shivaprasad Sadashivappa (Shivaprasad S trianz com)
[SECURITY] [DSA 3491-1] icedove security update 2016-02-24
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3491-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 24, 2016

[ more ]  [ reply ]
JSN PowerAdmin Joomla! Extension - Remote Command Execution Via CSRF and XSS vulnerabilities 2016-02-24
Ratio Sec (ratiosec gmail com)
---------------------------------------------------------
RatioSec Research Security Advisory RS-2016-001
---------------------------------------------------------

JSN PowerAdmin Joomla! Extension Remote Command Execution Via CSRF and
XSS vulnerabilities
--------------------------------------------

[ more ]  [ reply ]
WordPress User Submitted Posts Plugin [Persistent XSS] 2016-02-24
Panagiotis Vagenas (pan vagenas gmail com)
* Exploit Title: WordPress User Submitted Posts Plugin [Persistent XSS]
* Discovery Date: 2016-02-10
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: https://plugin-planet.com/
* Software Link: https://wordpress.org/plugins/user-submitted-posts/
*

[ more ]  [ reply ]
[SECURITY] [DSA 3490-1] websvn security update 2016-02-24
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3490-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
February 23, 2016

[ more ]  [ reply ]
Belkin N150 Router Multiple XSS Vulnerability 2016-02-24
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : Belkin N150 Home Router
#Exploit Author : Rahul Pratap Singh
#Home page Link : http://www.belkin.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Version : F9K1009 v1
#Firmware : 1.00.09
#Date : 24/Feb/2016

â?? Vulnerability/BUG Report :

â??â??â??â??â?

[ more ]  [ reply ]
Import Woocommerce XSS Vulnerability 2016-02-24
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : Import Woocommerce
#Exploit Author : Rahul Pratap Singh
#Version : 1.0.1
#Home page Link : https://wordpress.org/plugins/import-woocommerce/
#Website : 0x62626262.wordpress.com <http://0x62626262.wordpress.com/>
#Linkedin : https://in.linkedin.com/in/rahulpratapsing

[ more ]  [ reply ]
(Page 15 of 1672)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus