BugTraq Mode:
(Page 4 of 1562)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=705

Release Date:
=============
2014-09-26

Vulnerability Laboratory ID (VL-ID):
=================

[ more ]  [ reply ]
[SECURITY] [DSA 3045-1] qemu security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3045-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 04, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3046-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
October 05, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3044-1] qemu-kvm security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3044-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 04, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3042-1] exuberant-ctags security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3042-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 04, 2014

[ more ]  [ reply ]
[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code 2014-10-03
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04471546

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04471546
Version: 1

HPSBHF03124 re

[ more ]  [ reply ]
PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=869
http://vulnerability-db.com/magazine/articles/2014/09/30/paypal-inc-patc
hed-sev

[ more ]  [ reply ]
HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1329

Release Date:
=============
2014-10-02

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
BulletProof Security Wordpress v50.8 - POST Inject Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
BulletProof Security Wordpress v50.8 - POST Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1326

Release Date:
=============
2014-09-30

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway 2014-10-03
mirko casadei gmail com
########################################
#Vulnerability Title: DoS in ZyXEL SBG-3300 Security Gateway
#Date: 02/10/2014
#CVE-ID: CVE-2014-7278
#Product: ZyXEL SBG3300-N series
#Vendor: www.zyxel.com
#Affected Firmware: Latest version at the time of disclosure V1.00(AADY.4)C0 and below (tested)
#Patc

[ more ]  [ reply ]
CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway 2014-10-03
mirko casadei gmail com
########################################
#Vulnerability Title: Stored Server XSS in ZyXEL SBG-3300 Security Gateway
#Date: 02/10/2014
#CVE-ID: CVE-2014-7277
#Product: ZyXEL SBG3300-N series
#Vendor: www.zyxel.com
#Affected Firmware: Latest version at the time of disclosure V1.00(AADY.4)C0 and below

[ more ]  [ reply ]
[ MDVSA-2014:195 ] libvirt 2014-10-03
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:195
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2014-10-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03822422

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03822422
Version: 3

HPSBMU02895 SS

[ more ]  [ reply ]
[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2014-10-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04468121

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04468121
Version: 1

HPSBMU03118 r

[ more ]  [ reply ]
Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities 2014-10-02
Patrick Webster (patrick osisecurity com au)
Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra
Protect) Vulnerabilities
http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabiliti
es

Release Date:
02-Oct-2014

Software:
Ultra Electronics - Series A
http://en.wikipedia.org/wiki/NetillaOS_NetConnect_by_North

[ more ]  [ reply ]
[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04468293

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04468293
Version: 2

HPSBHF03119 re

[ more ]  [ reply ]
[ MDVSA-2014:194 ] phpmyadmin 2014-10-03
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:194
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Elasticsearch vulnerability CVE-2014-6439 2014-10-02
Jordan Sissel (jordan sissel elasticsearch com)
Summary:
Elasticsearch versions 1.3.x and prior have a default configuration for
CORS that allows an attacker to craft links that could cause a userâ??s
browser to send requests to Elasticsearch instances on their local network.
These requests could cause data loss or compromise.

We have been assig

[ more ]  [ reply ]
the other bash RCEs (CVE-2014-6277 and CVE-2014-6278) 2014-10-01
Michal Zalewski (lcamtuf coredump cx)
Good morning! This is kinda long.

== Background ==

If you are not familiar with the original bash function export
vulnerability (CVE-2014-6271), you may want to have a look at this
article:

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impac
t.html

Well, long story short: the

[ more ]  [ reply ]
[ MDVSA-2014:193 ] xerces-j2 2014-10-01
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:193
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:192 ] perl-Email-Address 2014-10-01
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:192
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3041-1] xen security update 2014-10-01
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3041-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 01, 2014

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in Textpattern 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23223
Product: Textpattern
Vendor: http://textpattern.com/
Vulnerable Version(s): 4.5.5 and probably prior
Tested Version: 4.5.5
Advisory Publication: July 9, 2014 [without technical details]
Vendor Notification: July 9, 2014
Vendor Patch: September 20, 2014
Public Disclosure: Oc

[ more ]  [ reply ]
Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23232
Product: Photo Gallery WordPress plugin
Vendor: http://web-dorado.com/
Vulnerable Version(s): 1.1.30 and probably prior
Tested Version: 1.1.30
Advisory Publication: September 10, 2014 [without technical details]
Vendor Notification: September 10, 2014
Vendor Patch: September

[ more ]  [ reply ]
FreePBX (All Versions) RCE 2014-10-01
rob thomas schmoozecom com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We would like to announce that a significant security vulnerability has been discovered in all current versions of FreePBX.

A CVE has been requested from Mitre, but has yet to be provided.

Further details as they come to hand will be available from ht

[ more ]  [ reply ]
NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

VMware Security Advisory

Advisory ID: VMSA-2014-0010
Synopsis: VMware product updates address critical Bash
security vulnerabilities
Issue date: 2014-09-30
Updated on: 2014-09-30 (Initial Advisory)
CVE numbers: CVE-2014-6271, CVE-201

[ more ]  [ reply ]
[security bulletin] HPSBHF03119 rev.1 - HP DreamColor Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04468293

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04468293
Version: 1

HPSBHF03119 re

[ more ]  [ reply ]
[SECURITY] [DSA 3040-1] rsyslog security update 2014-09-30
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3040-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/
September 30, 2014

[ more ]  [ reply ]
[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution 2014-09-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04467807

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04467807
Version: 1

HPSBGN03117 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2014-09-30
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04463322

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04463322
Version: 1

HPSBMU03112 r

[ more ]  [ reply ]
(Page 4 of 1562)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus