BugTraq Mode:
(Page 3 of 1679)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Cisco EPC 3928 Multiple Vulnerabilities 2016-06-08
patryk bogdan secorda com
# Title: Cisco EPC 3928 Multiple Vulnerabilities
# Vendor: http://www.cisco.com/
# Vulnerable Version(s): Cisco Model EPC3928 DOCSIS 3.0 8x4 Wireless Residential Gateway
# CVE References: CVE-2015-6401 / CVE-2015-6402 / CVE-2016-1328 / CVE-2016-1336 / CVE-2016-1337
# Author: Patryk Bogdan from Secor

[ more ]  [ reply ]
[SECURITY] [DSA 3598-1] vlc security update 2016-06-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3598-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 07, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03623 rev.1 - HPE Universal CMDB, Remote Disclosure of Sensitive Information 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164813

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164813
Version: 1

HPSBGN03623

[ more ]  [ reply ]
[security bulletin] HPSBGN03622 rev.1 - HPE UCMDB, Universal Discovery, and UCMDB Configuration Manager using Apache Commons Collection, Remote Code Executon 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164408

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164408
Version: 1

HPSBGN03622

[ more ]  [ reply ]
[security bulletin] HPSBGN03621 rev.1 - HPE Universal CMDB using OpenSSL, Remote Disclosure of Sensitive Information 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164821

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164821
Version: 1

HPSBGN03621

[ more ]  [ reply ]
[CVE-2016-0392] IBM GPFS / Spectrum Scale Command Injection 2016-06-07
john fitzpatrick mwrinfosecurity com
###[IBM GPFS / Spectrum Scale Command Injection]###

A command injection vulnerability in GPFS / Spectrum Scale allows attackers to escalate privileges to root

* Product: IBM GPFS / Spectrum Scale
* Severity: High
* CVE Reference: CVE-2016-0392
* Type: Command injection
* Author: John Fitzpatrick (

[ more ]  [ reply ]
[SECURITY] [DSA 3597-1] expat security update 2016-06-07
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3597-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
June 07, 2016

[ more ]  [ reply ]
Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability 2016-06-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1855

Release Date:
=============
2016-06-06

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
Microsoft Education - Code Execution Vulnerability 2016-06-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Microsoft Education - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1669

MSRC Case: 32314
TRK: 0001002809

Research Article: http://www.kieranclaessens.be/uncategorized/microsoft-educatio

[ more ]  [ reply ]
Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload Vulnerability 2016-06-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1854

Release Date:
=============
2016-06-07

Vulnerability Laboratory ID (VL-ID):
====================

[ more ]  [ reply ]
Mapbox (API) - Filter Bypass & Persistent Vulnerability 2016-06-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Mapbox (API) - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1787

ID: #119802

Release Date:
=============
2016-06-06

Vulnerability Laboratory ID (VL-ID):
==================

[ more ]  [ reply ]
[security bulletin] HPSBGN03620 rev.1 - HPE Helion OpenStack using OpenSSL and QEMU, Remote Unauthorized Data Access 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164862

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164862
Version: 1

HPSBGN03620 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03619 rev.1 - HPE Discovery and Dependency Mapping Inventory (DDMi) using Java Deserialization, remote Code Execution 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164819

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164819
Version: 1

HPSBGN03619 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03442 rev.2 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05028479

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05028479
Version: 2

HPSBGN03442 r

[ more ]  [ reply ]
Re: rConfig, the open source network device configuration management tool, Vulnerable to Local File Inclusion 2016-06-06
Gregory Pickett (gpickett71 yahoo com)
rConfig v3.1.1 introduced whitelisting. This is how to get past that. :)

Greg

Verification of Vulnerability (for v3.1.1)
===================
The following steps can be carried out in duplicating this vulnerability.

Step 1:
Enter the following into your browser address bar:

http://<SERVER>/l

[ more ]  [ reply ]
[SECURITY] [DSA 3596-1] spice security update 2016-06-06
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3596-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 06, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3595-1] mariadb-10.0 security update 2016-06-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3595-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3548-3] samba regression update 2016-06-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3548-3 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3594-1] chromium-browser security update 2016-06-04
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3594-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
June 04, 2016

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:24.ntp 2016-06-04
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:24.ntp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[slackware-security] ntp (SSA:2016-155-01) 2016-06-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ntp (SSA:2016-155-01)

New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[security bulletin] - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER 2016-06-03
HP Security Alert (hp-security-alert hp com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c0515855
5

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05158555
Version: 1

HPSBHF3548 - Linux Kernel F

[ more ]  [ reply ]
[security bulletin] HPSBUX03616 SSRT110128 rev.2 - HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access 2016-06-03
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05162399

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05162399
Version: 2

HPSBUX03616 S

[ more ]  [ reply ]
[Announce] CVE-2016-4437: Apache Shiro information disclosure vulnerability 2016-06-03
Brian Demers (bdemers apache org)
Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
1.0.0-incubating - 1.2.4

Description:
A default cipher key is used for the "remember me" feature when not
explicitly configured. A request that included a specially crafted
request parameter could be used to execute ar

[ more ]  [ reply ]
Notilus v2012 R3 - SQL injection 2016-06-03
alex_haynes outlook com
Exploit Title: Notilus SQL injection
Product: Notilus travel solution software
Vulnerable Versions: 2012 R3
Tested Version: 2012 R3
Advisory Publication: 03/06/2016
Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') [CWE-89]
CVE Reference: NONE
C

[ more ]  [ reply ]
[SECURITY] [DSA 3593-1] libxml2 security update 2016-06-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3593-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 02, 2016

[ more ]  [ reply ]
ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability 2016-06-02
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability

EMC Identifier: ESA-2016-060

CVE Identifier: CVE-2016-0908

Severity Rating: CVSS v3 Base Score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected products:

? EMC

[ more ]  [ reply ]
Zoho OpManager < v12 2016-06-02
d_fens redbrick dcu ie
Reported these 27/08/2015 these were eventually fixed in version 12 because the entire application is based on emberjs now. There are no CVEs for these issues assigned nor is there any acknowledgement of the issues in any patches. Therefore only version 12 fixes these.

Multiple stored and reflected

[ more ]  [ reply ]
[security bulletin] HPSBMU03607 rev.1 - HPE BladeSystem c-Class Virtual Connect (VC) Firmware, Remote Denial of Service (DoS), Disclosure of Information, Cross-Site Request Forgery (CSRF) 2016-06-02
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05157667

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05157667
Version: 1

HPSBMU03607 r

[ more ]  [ reply ]
SEC Consult SA-20160602-0 :: Multiple critical vulnerabilities in Ubee EVW3226 Advanced wireless voice gateway 2016-06-02
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20160602-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Ubee EVW3226 Advanced wireless voice gateway
vulnerable version: Firmware EVW3226_1.0.20

[ more ]  [ reply ]
(Page 3 of 1679)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus