BugTraq Mode:
(Page 16 of 1724)  < Prev  11 12 13 14 15 16 17 18 19 20 21  Next >
[slackware-security] pidgin (SSA:2017-074-01) 2017-03-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] pidgin (SSA:2017-074-01)

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+----------------------

[ more ]  [ reply ]
Path Traversal Remote File Disclosure 2017-03-16
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL
-REMOTE-FILE-ACCESS.txt
[+] ISR: ApparitionSec

Vendor:
=====================
mobaxterm.mobatek.net

Product:
============

[ more ]  [ reply ]
CVE-2017-0045 Windows DVD Maker XML External Entity File Disclosure 2017-03-16
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTER
NAL-ENTITY-FILE-DISCLOSURE.txt
[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
=================
Windows

[ more ]  [ reply ]
Microsoft Edge Fetch API allows setting of arbitrary request headers 2017-03-14
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Microsoft Edge Fetch API allows setting of arbitrary request headers
------------------------------------------------------------------------

Yorick Koster, January 2017

--------------------------------------------------------

[ more ]  [ reply ]
Joomla com_virtuemart Component - 'id' Parameter Sql Injection Vulnerability 2017-03-14
iedb team gmail com
Joomla com_virtuemart component version 1.6 suffers from a remote SQL injection vulnerability.
tested on 1.6
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@

[ more ]  [ reply ]
Joomla com_kunena Component - 'id' Parameter Sql Injection Vulnerability 2017-03-14
iedb team gmail com
Joomla com_sngevents component version 1.5 suffers from a remote SQL injection vulnerability.
tested on 1.2
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@

[ more ]  [ reply ]
Joomla com_sngevents Component - 'id' Parameter Sql Injection Vulnerability 2017-03-14
iedb team gmail com
Joomla com_sngevents component version 1.5 suffers from a remote SQL injection vulnerability.
tested on 1.5
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@

[ more ]  [ reply ]
Joomla com_fidecalendar Component - 'aid' Parameter Sql Injection Vulnerability 2017-03-14
iedb team gmail com
Joomla com_fidecalendar component version 1.5 suffers from a remote SQL injection vulnerability.
tested on 1.5
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@

[ more ]  [ reply ]
Joomla com_registrationpro Component - 'did' Parameter Sql Injection Vulnerability 2017-03-14
iedb team gmail com
Joomla com_registrationpro component version 1.x suffers from a remote SQL injection vulnerability.
tested on 1.2 and all version
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_easyblog Component - 'id' Parameter Sql Injection Vulnerability 2017-03-14
iedb team gmail com
Joomla com_easyblog component version 1.4 suffers from a remote SQL injection vulnerability.
tested on 1.* and all version
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@

[ more ]  [ reply ]
Atlassian - March 2017 - Bamboo, Crowd and HipChat Server - Critical Security Advisory 2017-03-14
David Black (dblack atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the following advisory pages:

* Bamboo - https://confluence.atlassian.com/x/_slDN
* Crowd - https://confluence.atlassian.com/x/PMpDN
* HipChat Server - https://confluence.atlassian.com/x/lj1LN

CVE ID:

* CVE-2017-5638.

Produc

[ more ]  [ reply ]
[SECURITY] [DSA 3808-1] imagemagick security update 2017-03-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3808-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 13, 2017

[ more ]  [ reply ]
Joomla com_carocci Component - 'isbn' Parameter Sql Injection Vulnerability 2017-03-12
iedb team gmail com
Joomla com_carocci component version 1.4 suffers from a remote SQL injection vulnerability.
tested on 1.4
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @

[ more ]  [ reply ]
Joomla com_kide Component - 'view' Parameter Sql Injection Vulnerability 2017-03-12
iedb team gmail com
Joomla com_kide component version 1.5 suffers from a remote SQL injection vulnerability.
tested on 1.x
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@

[ more ]  [ reply ]
Joomla com_eventlist Component - 'id' Parameter Sql Injection Vulnerability 2017-03-12
iedb team gmail com
Joomla com_eventlist component version 1.5 suffers from a remote SQL injection vulnerability.
tested on 1.x
tnks.
Amir - Iedb.ir - IrIsT.Ir - Xssed.Ir

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@

[ more ]  [ reply ]
[security bulletin] HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities 2017-03-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbux
03706en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbux03706en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBHF03711 rev.1 - HPE 2620 Series Network Switches, Remote Cross Site Request Forgery (CSRF) 2017-03-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03711en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03711en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege 2017-03-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03707en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03707en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBHF03716 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Remote Authentication Bypass 2017-03-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03716en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03716en_us

Version: 1

HP

[ more ]  [ reply ]
CVE-2016-10143: Vulnerability to read arbitrary files in "Tiki Wiki" 2017-03-10
Leon Zhao 7 gmail com
Credits
===============
Zhao Liang, Huawei Weiran Labs

Vendor:
===============
Tiki

Product:
========================
Tiki Wiki CMS

The Tiki Wiki CMS Groupware project (aka TikiWiki or Tiki) is an open source initiative that releases and maintains a powerful OpenSource Content Management System

[ more ]  [ reply ]
[SECURITY] [DSA 3805-1] firefox-esr security update 2017-03-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3805-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 08, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03714 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Local Arbitrary File Download 2017-03-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03714en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03714en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3804-1] linux security update 2017-03-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3804-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 08, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03713 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution 2017-03-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03713en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03713en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBGN03712 rev.1 - HPE LoadRunner and Performance Center, Remote Code Execution 2017-03-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03712en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03712en_us

Version: 1

HP

[ more ]  [ reply ]
SEC Consult SA-20170308-0 :: Multiple vulnerabilities in Navetti PricePoint 2017-03-08
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170308-0 >
=======================================================================
title: Multiple vulnerabilities
product: Navetti PricePoint
vulnerable version: 4.6.0.0
fixed version: 4.7.0.0 or higher
CV

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2017-066-01) 2017-03-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2017-066-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in GoAhead 2017-03-08
Pierre Kim (pierre kim sec gmail com)
Hello,

Please find a text-only version below sent to security mailing lists.

The complete version on analysing the security of "Wireless IP Camera
(P2P) WIFICAM cameras and vulnerabilities in GoAhead" is posted here:
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html

=== text

[ more ]  [ reply ]
[security bulletin] HPESBHF03710 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Multiple Remote Vulnerabilities 2017-03-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03710en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03710en_us

Version: 1

HP

[ more ]  [ reply ]
(Page 16 of 1724)  < Prev  11 12 13 14 15 16 17 18 19 20 21  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus