BugTraq Mode:
(Page 40 of 1748)  < Prev  35 36 37 38 39 40 41 42 43 44 45  Next >
[security bulletin] HPESBGN03712 rev.1 - HPE LoadRunner and Performance Center, Remote Code Execution 2017-03-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03712en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03712en_us

Version: 1

HP

[ more ]  [ reply ]
SEC Consult SA-20170308-0 :: Multiple vulnerabilities in Navetti PricePoint 2017-03-08
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170308-0 >
=======================================================================
title: Multiple vulnerabilities
product: Navetti PricePoint
vulnerable version: 4.6.0.0
fixed version: 4.7.0.0 or higher
CV

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2017-066-01) 2017-03-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2017-066-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in GoAhead 2017-03-08
Pierre Kim (pierre kim sec gmail com)
Hello,

Please find a text-only version below sent to security mailing lists.

The complete version on analysing the security of "Wireless IP Camera
(P2P) WIFICAM cameras and vulnerabilities in GoAhead" is posted here:
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html

=== text

[ more ]  [ reply ]
[security bulletin] HPESBHF03710 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Multiple Remote Vulnerabilities 2017-03-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03710en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03710en_us

Version: 1

HP

[ more ]  [ reply ]
Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution 2017-03-07
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Stack-based buffer overflow in Western Digital My Cloud allows for
remote code execution
------------------------------------------------------------------------

Remco Vermeulen, January 2017

----------------------------------

[ more ]  [ reply ]
SEC Consult SA-20170307-0 :: Unauthenticated OS command injection & arbitrary file upload in Western Digital WD My Cloud 2017-03-07
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170307-0 >
=======================================================================
title: Unauthenticated OS command injection & arbitrary file upload
product: Western Digital My Cloud
vulnerable version: at least: 2.21.1

[ more ]  [ reply ]
WordPress audio playlist functionality is affected by Cross-Site Scripting 2017-03-06
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

WordPress audio playlist functionality is affected by Cross-Site
Scripting
------------------------------------------------------------------------

Yorick Koster, July 2016

-----------------------------------------------------

[ more ]  [ reply ]
EasyCom PHP API Stack Buffer Overflow 2017-03-06
apparitionsec gmail securityfocus com (hyp3rlinx)
[+] Credits: John Page AKA Hyp3rlinX
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/EASYCOM-PHP-API-BUFFER-OVERFL
OW.txt
[+] ISR: ApparitionSec

Vendor:
================
easycom-aura.com

Product:
===========================
EASYCOM AS400

[ more ]  [ reply ]
Sawmill Enterprise v8.7.9 Pass The Hash Authentication Bypass 2017-03-06
apparitionsec gmail securityfocus com (hyp3rlinx)
[+] Credits: John Page AKA Hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/SAWMILL-PASS-THE-HASH-AUTHENT
ICATION-BYPASS.txt
[+] ISR: ApparitionSec

Vendor:
===============
www.sawmill.net

Product:
========================
Saw

[ more ]  [ reply ]
CVE-2016-7955 - Alienvault OSSIM/USM Authentication Bypass 2017-03-06
Peter Lapp (lappsec gmail com)
Details
=======

Product: Alienvault OSSIM/USM
Vulnerability: Authentication Bypass
Author: Peter Lapp, lappsec () gmail com
CVE: CVE-2016-7955
Vulnerable Versions: <=5.3.0
Fixed Version: 5.3.1

Vulnerability Details
=====================

This vulnerability allows remote attackers to bypass authe

[ more ]  [ reply ]
CVE-2017-6430: Out-of-Bounds Read (DOS) Vulnerability in Ettercap Etterfilter utility 2017-03-06
ddos2me gmail com
Document Title:
===============
CVE-2017-6430: Out-of-Bounds Read (DOS) Vulnerability in Ettercap Etterfilter utility

Vendor:
=======
Ettercap (http://ettercap.github.io/ettercap/)

Product and Versions Affected:
==============================
Etterfilter 0.8.2 and possibly prior.

Vulnerability Ty

[ more ]  [ reply ]
OpenElec: Remote Code Execution Vulnerability through Man-In-The-Middle(CVE-2017-6445) 2017-03-06
Wolfgang (lister feedyourhead at)
During my research about update mechanisms of open-source software I
discovered vulnerabilities in OpenElec.

== [ OVERVIEW ] ==

System affected: OpenElec
CVE: CVE-2017-6445
Vulnerable component: auto-update feature
Software-Version: 6.0.3, 7.0.1
User-Interaction: Reboot require

[ more ]  [ reply ]
CVE-2017-6429: Buffer overflow vulnerability in Tcpreplay tcpcapinfo utility 2017-03-06
ddos2me gmail com
Document Title:
===============
CVE-2017-6429: Buffer overflow vulnerability in Tcpreplay tcpcapinfo utility

Vendor:
=======
Appneta (https://www.appneta.com/)

Product and Versions Affected:
==============================
Tcpreplay 4.1.2 and possibly prior.

Fixed Version:
==============
4.2.0 Bet

[ more ]  [ reply ]
EasyCom SQL iPlug Denial Of Service 2017-03-04
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page AKA Hyp3rlinX
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/EASYCOM-SQL-IPLUG-DENIAL-OF-S
ERVICE.txt
[+] ISR: ApparitionSec

Vendor:
================
easycom-aura.com

Product:
===========
SQL iPlug
EasycomPHP_4.0029.iC8im2.ex

[ more ]  [ reply ]
[SECURITY] [DSA 3801-1] ruby-zip security update 2017-03-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3801-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 04, 2017

[ more ]  [ reply ]
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0 2017-03-02
Larry W. Cashdollar (larry0 me com)
Title: Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0
Vulnerability Date: 2017-02-27
Download: https://wordpress.org/plugins/zen-mobile-app-native/
Vendor: https://profiles.wordpress.org/zendkmobileapp/
Notified: 2017-02-27
Vendor Contact:
Description: Mobile App WordPre

[ more ]  [ reply ]
[SECURITY] [DSA 3794-2] munin regression update 2017-03-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3794-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 02, 2017

[ more ]  [ reply ]
Joomla com_publication Component - 'sid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_publication component version 3.1 and old version suffers from a remote SQL injection vulnerability.
teste on 3.1 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @

[ more ]  [ reply ]
Joomla com_news Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_news component version 3.1 suffers from a remote SQL injection vulnerability.
teste on 3.x version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@

[ more ]  [ reply ]
Joomla com_filecabinet Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_filecabinet component version 1.6 and old version suffers from a remote SQL injection vulnerability.
teste on 1.6 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@

[ more ]  [ reply ]
Joomla com_frontpage Component - 'Itemid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_frontpage component version 2.x and old version suffers from a remote SQL injection vulnerability.
teste on 2.0 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_phocadownload Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_phocadownload component version 1.x and old version suffers from a remote SQL injection vulnerability.
teste on 1.8 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
#

[ more ]  [ reply ]
[SECURITY] [DSA 3798-1] tnef security update 2017-03-01
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3798-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 01, 2017

[ more ]  [ reply ]
Joomla com_jdownloads Component - 'cid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_jdownloads component version 1.x and old version suffers from a remote SQL injection vulnerability.
teste on 1.5 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_webgrouper Component - 'Itemid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_webgrouper component version 1.6 and 1.7 and old version suffers from a remote SQL injection vulnerability.
teste on 1.6 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in Contact Form WordPress
Plugin
------------------------------------------------------------------------

Julien Rentrop, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery & Cross-Site Scripting in Contact Form
Manager WordPress Plugin
------------------------------------------------------------------------

Edwin Molenaar, July 2016

------------------------------------

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in User Login Log WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in User Login Log WordPress
Plugin
------------------------------------------------------------------------

Axel Koolhaas, July 2016

---------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Magic Fields 1 WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Magic Fields 1 WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
(Page 40 of 1748)  < Prev  35 36 37 38 39 40 41 42 43 44 45  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus