BugTraq Mode:
(Page 242 of 1746)  < Prev  237 238 239 240 241 242 243 244 245 246 247  Next >
[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04031212

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04031212
Version: 1

HPSBUX02944 re

[ more ]  [ reply ]
[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04031205

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04031205
Version: 1

HPSBUX02943 re

[ more ]  [ reply ]
LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
zoczus gmail com
Author: Jakub Zoczek [zoczus (at) gmail (dot) com [email concealed]]
CVE Reference: CVE-2013-7003
Product: LiveZilla
Vendor: LiveZilla GmbH [http://livezilla.net]
Affected version: 5.1.1.0
Severity: Medium
CVSSv2 Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Status: Fixed

0x01 Background

LiveZilla, the widely-used and trusted Liv

[ more ]  [ reply ]
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities 2013-12-10
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1165

Release Date:
=============
2013-12-09

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
nospam gmail it
EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution

tested against: Microsoft Windows Server 2008 r2 sp1
EMC Data Protection Advisor 5.8 sp5

vulnerability:
the "DPA Illuminator" service (DPA_Illuminator.exe) listening
on public port 8090 (tcp/http)

[ more ]  [ reply ]
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10
Daniel Wood (daniel wood owasp org)
Title: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application

Published: December 7, 2013
Reported to Vendor: May 2013
CVE Reference: CVE-2013-6986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986

CVSS v2 Base Score: 4.9
CVSS v2 Ve

[ more ]  [ reply ]
[SECURITY] [DSA 2815-1] munin security update 2013-12-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2815-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
December 09, 2013

[ more ]  [ reply ]
[SECURITY] [DSA 2813-1] gimp security update 2013-12-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2813-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
December 09, 2013

[ more ]  [ reply ]
Vulnerabilities in Apache Solr < 4.6.0 2013-12-09
Nicolas Grégoire (nicolas gregoire agarri fr)
Hello,

Apache Solr is search platform edited by the Apache project. Quoting
http://lucene.apache.org/solr/:"its major features include powerful
full-text search, hit highlighting, faceted search, near real-time
indexing, dynamic clustering, database integration, rich document (e.g.,
Word, PDF) hand

[ more ]  [ reply ]
[SECURITY] [DSA 2814-1] varnish security update 2013-12-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2814-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
December 09, 2013

[ more ]  [ reply ]
[SECURITY] [DSA 2812-1] samba security update 2013-12-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2812-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
December 09, 2013

[ more ]  [ reply ]
Print n Share v5.5 iOS - Multiple Web Vulnerabilities 2013-12-09
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Print n Share v5.5 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1154

Release Date:
=============
2013-12-06

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
LiveZilla 5.1.0.0 Reflected XSS in translations 2013-12-08
zoczus gmail com
Author: Jakub Zoczek [zoczus (at) gmail (dot) com [email concealed]]
CVE Reference: CVE-2013-7002
Product: LiveZilla
Vendor: LiveZilla GmbH [http://livezilla.net]
Affected version: 5.1.0.0
Severity: Medium
CVSSv2 Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Status: Fixed

0x01 Background

LiveZilla, the widely-used and trusted Li

[ more ]  [ reply ]
[SECURITY] [DSA 2811-1] chromium-browser security update 2013-12-08
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2811-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
December 07, 2013

[ more ]  [ reply ]
Opencart Multiple Vulnerabilities 2013-12-06
trueend5 yahoo com
########################################################################
###
# Title: Opencart Multiple Vulnerabilities
# Vendor: http://www.opencart.com
# Vulnerabilities: Arbitrary File Upload, XSS, Path Disclosure
# Vulnerable Version: opencart 1.5.6 (prior versions also may be affected)
# Exploit

[ more ]  [ reply ]
[slackware-security] hplip (SSA:2013-339-04) 2013-12-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] hplip (SSA:2013-339-04)

New hplip packages are available for Slackware 14.0 to fix a security issue.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/hplip-3.12.9-i486-4_slac

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2013-339-03) 2013-12-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2013-339-03)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2013-339-02) 2013-12-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2013-339-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+---------------

[ more ]  [ reply ]
[slackware-security] mozilla-nss (SSA:2013-339-01) 2013-12-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-nss (SSA:2013-339-01)

New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pa

[ more ]  [ reply ]
ESA-2013-080: RSA Security Analytics Multiple Vulnerabilities 2013-12-04
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2013-080: RSA Security Analytics Multiple Vulnerabilities

EMC Identifier: ESA-2013-080

CVE Identifier: CVE-2013-6180

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected Products:

RSA Security Analytic

[ more ]  [ reply ]
NEW VMSA-2013-0015 VMware ESX updates to third party libraries 2013-12-06
Edward Hawkins (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

VMware Security Advisory

Advisory ID: VMSA-2013-0015
Synopsis: VMware ESX updates to third party libraries
Issue date: 2013-12-05
Updated on: 2013-12-05 (initial release)
CVE numbers: --- kernel (service console) ---

[ more ]  [ reply ]
[KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability 2013-12-05
Egidio Romano (research karmainsecurity com)
----------------------------------------------------------
openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability
----------------------------------------------------------

[-] Software Link:

http://www.opensis.com/

[-] Affected Versions:

All versions from 4.5 to 5.2.

[-] Vulnerability D

[ more ]  [ reply ]
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities 2013-12-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1152

Release Date:
=============
2013-12-04

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day) 2013-12-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1099

Bulletin: Dell SonicWALL GMS Service Bulletin for Cross-Site Scripting Vulnerability
http://www.sonicwal

[ more ]  [ reply ]
[SECURITY] [DSA 2809-1] ruby1.8 security update 2013-12-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2809-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
December 04, 2013

[ more ]  [ reply ]
[SECURITY] [DSA 2810-1] ruby1.9.1 security update 2013-12-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2810-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
December 04, 2013

[ more ]  [ reply ]
Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities 2013-12-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1160

Release Date:
=============
2013-12-03

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
Cross-Site Scripting (XSS) in Jamroom 2013-12-04
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23184
Product: Jamroom
Vendor: Talldude Networks, LLC
Vulnerable Version(s): 5.0.2 and probably prior
Tested Version: 5.0.2
Advisory Publication: November 13, 2013 [without technical details]
Vendor Notification: November 13, 2013
Vendor Patch: November 13, 2013
Public Disclosure

[ more ]  [ reply ]
[PT-2013-63] Hash Length Extension in HTMLPurifier 2013-12-04
noreply ptsecurity com
-----------------------------------------------------------

(PT-2013-63) Positive Technologies Security Advisory
Hash Length Extension in HTMLPurifier

-----------------------------------------------------------

---[ Vulnerable software ]

HTMLPurifier
Version: 4.5.0 and earlier

Link:
htt

[ more ]  [ reply ]
NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2013-0014
Synopsis: VMware Workstation, Fusion, ESXi and ESX patches
address a guest privilege esca

[ more ]  [ reply ]
(Page 242 of 1746)  < Prev  237 238 239 240 241 242 243 244 245 246 247  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus