BugTraq Mode:
(Page 15 of 1556)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >
Cross-Site Request Forgery (CSRF) in Kanboard 2014-07-02
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23217
Product: Kanboard
Vendor: http://kanboard.net/
Vulnerable Version(s): 1.0.5 and probably prior
Tested Version: 1.0.5
Advisory Publication: May 28, 2014 [without technical details]
Vendor Notification: May 28, 2014
Vendor Patch: June 30, 2014
Public Disclosure: July 2, 2014

[ more ]  [ reply ]
CVE-2014-3149 - Reflected Cross-Site Scripting (XSS) in "Invision Power IP.Board" 2014-07-01
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-3149
===================
"Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "Invision Power IP.Board" product

Vendor
===================
Invision Power Services Inc.

Product
===================
IP.Board
"IP.Board is the lead

[ more ]  [ reply ]
SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom 2014-07-01
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory 20140701-0
=======================================================================
title: Stored cross-site scripting vulnerabilities
product: EMC Documentum eRoom
vulnerable ver

[ more ]  [ reply ]
Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30
info fereidani com
Document Title:
======================
Kerio Control <= 8.3.1 Boolean-based blind SQL Injection

Primary Informations:
======================

Product Name: Kerio Control
Software Description: Kerio Control brings together multiple capabilities
including a network firewall and router, intrusion d

[ more ]  [ reply ]
ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities

EMC Identifier: ESA-2014-060

CVE Identifier: CVE-2014-2512

Severity Rating: CVSS v2 Base Score: 8 (AV:N/AC:L/Au:S/C:C/I:P/A:P)

Affected products:

? EMC Doc

[ more ]  [ reply ]
APPLE-SA-2014-06-30-4 Apple TV 6.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-06-30-4 Apple TV 6.1.2

Apple TV 6.1.2 is now available and addresses the following:

Apple TV
Available for: Apple TV 2nd generation and later
Impact: An application could cause the device to unexpectedly
restart
Description: A null po

[ more ]  [ reply ]
APPLE-SA-2014-06-30-3 iOS 7.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-06-30-3 iOS 7.1.2

iOS 7.1.2 is now available and addresses the following:

Certificate Trust Policy
Available for: iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Update to the certificate trust polic

[ more ]  [ reply ]
[security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information 2014-06-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04260637

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04260637
Version: 4

HPSBST03000 re

[ more ]  [ reply ]
APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 2014-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update
2014-003

OS X Mavericks 10.9.4 and Security Update 2014-003 are now available
and address the following:

Certificate Trust Policy
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7

[ more ]  [ reply ]
APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 2014-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5

Safari 6.1.5 and Safari 7.0.5 are now available and address the
following:

WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3
Impac

[ more ]  [ reply ]
SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS 2014-06-30
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20140630-0 >
=======================================================================
title: Multiple severe vulnerabilities
product: IBM Algorithmics RICOS
vulnerable version:

[ more ]  [ reply ]
ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities

EMC Identifier: ESA-2014-046

CVE Identifier: CVE-2014-2506, CVE-2014-2507, CVE-2014-2508

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected p

[ more ]  [ reply ]
ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability 2014-06-30
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability

EMC Identifier: ESA-2014-055

CVE Identifier: CVE-2014-2509

Severity Rating: CVSS v2 Base Score: 6.9 (AV:A/AC:M/Au:N/C:C/I:P/A:P)

Affected products:

? E

[ more ]  [ reply ]
[SECURITY] [DSA 2970-1] cacti security update 2014-06-29
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2970-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 29, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2969-1] libemail-address-perl security update 2014-06-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2969-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
June 27, 2014

[ more ]  [ reply ]
[security bulletin] HPSBMU03056 rev.1 - HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04349789

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04349789
Version: 1

HPSBMU03056 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04349897

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04349897
Version: 1

HPSBMU03057 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege 2014-06-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04352674

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04352674
Version: 1

HPSBMU03061 re

[ more ]  [ reply ]
[SECURITY] [DSA 2968-1] gnupg2 security update 2014-06-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2968-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
June 27, 2014

[ more ]  [ reply ]
[security bulletin] HPSBMU03058 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-06-26
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04351097

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04351097
Version: 1

HPSBMU03058 r

[ more ]  [ reply ]
CFP 1st International Conference on Information Systems Security and Privacy - ICISSP 2015 2014-06-26
calendarsites insticc org
Dear Sir/Madam,
I would like to know if it is possible to post in your website the following event:
Conference name:
1st International Conference on Information Systems Security and Privacy - ICISSP 2015

Venue:
ESEO, Angers, Loire Valley, France

Event date:
9 ? 11 February, 2015

Regular Papers
P

[ more ]  [ reply ]
[RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution 2014-06-26
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Python CGIHTTPServer File Disclosure and Potential Code
Execution

The CGIHTTPServer Python module does not properly handle URL-encoded
path separators in URLs. This may enable attackers to disclose a CGI
script's source code or execute arbitrary CGI scripts in the server's
docum

[ more ]  [ reply ]
[SECURITY] [DSA 2967-1] gnupg security update 2014-06-25
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2967-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
June 25, 2014

[ more ]  [ reply ]
CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Arbitrary Code Execution in G Data TotalProtection 2014
CVE: CVE-2014-3752
Vendor: G Data
Product: TotalProtection 2014
Affected version: v24.0.2.1
Fixed version: N/A
Reported by: Kyriakos Economou

Details:

G Data TotalProtection 2014 v24.0.2.1 and possibly earlier versions ar

[ more ]  [ reply ]
CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Multiple Cross Site Scripting in Sophos Antivirus
Configuration Console (Linux)
CVE: CVE-2014-2385
Vendor: Sophos
Product: Antivirus
Affected version: 9.5.1
Fixed version: 9.6.1
Reported by: Pablo Catalina

Details:

The Configuration Console of Sophos Antivirus 9.5.1 (Linux) do

[ more ]  [ reply ]
[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Endeca Latitude Cross-Site Scripting

RedTeam Pentesting discovered a Cross-Site Scripting (XSS)
vulnerability in Endeca Latitude. By exploiting this vulnerability an
attacker is able to execute arbitrary JavaScript code in the context
of other Endeca Latitude users.

Details
=======

Pro

[ more ]  [ reply ]
[RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Endeca Latitude Cross-Site Request Forgery

RedTeam Pentesting discovered a Cross-Site Request Forgery (CSRF)
vulnerability in Endeca Latitude. Using this vulnerability, an attacker
might be able to change several different settings of the Endeca
Latitude instance or disable it entirely.

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite 2014-06-25
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23215
Product: Storesprite
Vendor: Lamp Design Limited
Vulnerable Version(s): 7 and probably prior
Tested Version: 7
Advisory Publication: May 14, 2014 [without technical details]
Vendor Notification: May 14, 2014
Vendor Patch: June 19, 2014
Public Disclosure: June 25, 2014
Vuln

[ more ]  [ reply ]
NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25
\VMware Security Response Center\ (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2014-0007
Synopsis: VMware product updates address security vulnerabilities in
Apache Struts libra

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2014-175-05) 2014-06-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2014-175-05)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
(Page 15 of 1556)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus