BugTraq Mode:
(Page 2 of 1730)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Zenario v7.6 CMS - SQL Injection Web Vulnerability 2018-01-15
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Zenario v7.6 CMS - SQL Injection Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2043

Release Date:
=============
2018-01-16

Vulnerability Laboratory ID (VL-ID):
===================================

[ more ]  [ reply ]
[RT-SA-2017-013] Truncation of SAML Attributes in Shibboleth 2 2018-01-15
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Truncation of SAML Attributes in Shibboleth 2

RedTeam Pentesting discovered that the shibd service of Shibboleth 2
does not extract SAML attribute values in a robust manner. By inserting
XML entities into a SAML response, attackers may truncate attribute
values without breaking the docume

[ more ]  [ reply ]
Broken TLS certificate pinning in VTech DigiGo Kid Connect app 2018-01-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Broken TLS certificate pinning in VTech DigiGo Kid Connect app
------------------------------------------------------------------------

Sipke Mellema, September 2017

------------------------------------------------------------

[ more ]  [ reply ]
Authentication bypass in Kaseya VSA 2018-01-13
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Authentication bypass in Kaseya VSA
------------------------------------------------------------------------

Kin Hung Cheng, Robert Hartshorn, May 2017

------------------------------------------------------------------------

A

[ more ]  [ reply ]
Arbitrary file read in Kaseya VSA 2018-01-13
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Arbitrary file read in Kaseya VSA
------------------------------------------------------------------------

Kin Hung Cheng, Robert Hartshorn, May 2017

------------------------------------------------------------------------

Abs

[ more ]  [ reply ]
[SECURITY] [DSA 4087-1] transmission security update 2018-01-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4087-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 14, 2018

[ more ]  [ reply ]
Multiple vulnerabilities in VTech DigiGo allow browser overlay attack 2018-01-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Multiple vulnerabilities in VTech DigiGo allow browser overlay attack
------------------------------------------------------------------------

Sipke Mellema, September 2017

-----------------------------------------------------

[ more ]  [ reply ]
Broken TLS certificate validation in VTech DigiGo browser 2018-01-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Broken TLS certificate validation in VTech DigiGo browser
------------------------------------------------------------------------

Sipke Mellema, September 2017

-----------------------------------------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 4086-1] libxml2 security update 2018-01-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4086-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 13, 2018

[ more ]  [ reply ]
Seagate Media Server allows deleting of arbitrary files and folders 2018-01-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Seagate Media Server allows deleting of arbitrary files and folders
------------------------------------------------------------------------

Yorick Koster, September 2017

-------------------------------------------------------

[ more ]  [ reply ]
Adminer <= v4.3.1 Server Side Request Forgery 2018-01-14
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVE
R-SIDE-REQUEST-FORGERY.txt
[+] ISR: apparition security

Vendor:
==============
www.adminer.org

Product:
===============

[ more ]  [ reply ]
Code execution in Kaseya VSA 2018-01-13
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Code execution in Kaseya VSA
------------------------------------------------------------------------

Kin Hung Cheng, Robert Hartshorn, May 2017

------------------------------------------------------------------------

Abstract

[ more ]  [ reply ]
[security bulletin] HPESBHF03800 rev.1 - HPE Comware 7 MSR Routers, Remote Denial of Service and Local Elevation or Privilege 2018-01-12
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03800en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03800en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 4085-1] xmltooling security update 2018-01-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4085-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 12, 2018

[ more ]  [ reply ]
[security bulletin] HPESBNS03804 rev.1 - HPE NonStop Server, Local Authentication Restriction Bypass 2018-01-12
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns
03804en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbns03804en_us

Version: 1

HP

[ more ]  [ reply ]
Microsoft Sharepoint 2013 - Limited Access Permission Bypass Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Microsoft Sharepoint 2013 - Limited Access Permission Bypass Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2111

Release Date:
=============
2018-01-07

Vulnerability Laboratory ID (VL-ID):
===========

[ more ]  [ reply ]
[SECURITY] [DSA 4084-1] gifsicle security update 2018-01-12
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4084-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 12, 2018

[ more ]  [ reply ]
MagicSpam 2.0.13 - Insecure File Permission Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
MagicSpam 2.0.13 - Insecure File Permission Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2113

Release Date:
=============
2018-01-12

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Magento Commerce - SSRF & XSPA Web Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Magento Commerce - SSRF & XSPA Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1631

Release Date:
=============
2018-01-03

Vulnerability Laboratory ID (VL-ID):
====================================
1

[ more ]  [ reply ]
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1819

Release Notes: http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/kn
own-issues?Parent

[ more ]  [ reply ]
Magento Connect T1 - (Claim) Persistent Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Magento Connect T1 - (Claim) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1469

Release Date:
=============
2018-01-08

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability 2018-01-12
Vulnerability Lab (submit vulnerability-lab com)
Document Title:
===============
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1943

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5282

CVE-ID:
=======
CVE-2018-5282

Release Date:

[ more ]  [ reply ]
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2005

Release Date:
=============
2018-01-12

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
Flash Operator Panel v2.31.03 - Command Execution Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Flash Operator Panel v2.31.03 - Command Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1907

Release Date:
=============
2018-01-08

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting 2018-01-11
Advisories (advisories compass-security com)
########################################################################
############################
#
# COMPASS SECURITY ADVISORY https://www.compass-security.com
########################################################################
############################
#
# CVE ID : CVE-2017-8802
# Produc

[ more ]  [ reply ]
[SECURITY] [DSA 4083-1] poco security update 2018-01-11
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4083-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 11, 2018

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2018-0001 2018-01-10
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2018-0001
------------------------------------------------------------------------

Date reported : January 10, 2018
Advisory ID : WSA-2018-0001
Advisor

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider
         Plugin SQL injection Security Vulnerability

Advisory ID:    DC-2018-01-005
Advisory Title: WordPress Testimonial Slider Plugin SQL injection
 Security Vulnerability
Advisory URL:   http://www.defensecode.com

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin
             SQL injection Security Vulnerability

Advisory ID:    DC-2018-01-004
Advisory Title: WordPress Smooth Slider Plugin SQL injection
 Security Vulnerability
Advisory URL:   http://www.defensecode.com/a

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite
        Multiple SQL injection Security Vulnerabilities

Advisory ID:    DC-2017-01-003
Advisory Title: WordPress Dbox 3D Slider Lite Plugin Multiple
 SQL injection Security Vulnerabilities
Advisory URL:   http://www.

[ more ]  [ reply ]
(Page 2 of 1730)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus