|
|
Prev week |
Colapse all |
Post message
ZDI-11-144: HP Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention 2011-04-29 Security_Alert emc com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention Advisories Updated April 25, 2011 Summary: RSA, The Security Division of EMC, announces a fix for a security vulnera [ more ] [ reply ] Re: HTB22827: File Content Disclosure in Wikipad 2011-04-29 security curmudgeon (jericho attrition org) : Vulnerability ID: HTB22827 : Reference: http://www.htbridge.ch/advisory/file_content_disclosure_in_wikipad.html : Vulnerability Type: File Content Disclosure : Risk level: Low : Vulnerability Details: : The vulnerability exists due to failure in the "/pages.php" script to properly sanitize use [ more ] [ reply ] [security bulletin] HPSBMA02668 SSRT100474 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code 2011-04-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02810240 Version: 1 HPSBMA02668 SSRT100474 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon a [ more ] [ reply ] [Onapsis Security Advisory 2011-004] SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-004: SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain acce [ more ] [ reply ] [Onapsis Security Advisory 2011-009] Oracle JD Edwards JDENET SawKernel Remote Password Disclosure 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-009: Oracle JD Edwards JDENET SawKernel Remote Password Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain a [ more ] [ reply ] [Onapsis Security Advisory 2011-007] Oracle JD Edwards JDENET Kernel Shutdown 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-007: Oracle JD Edwards JDENET Kernel Shutdown This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand i [ more ] [ reply ] VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console 2011-04-28 VMware Security Team (security vmware com) [Onapsis Security Advisory 2011-006] Oracle JD Edwards JDENET Kernel Denial of Service 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-006: Oracle JD Edwards JDENET Kernel Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to bef [ more ] [ reply ] [Onapsis Security Advisory 2011-013] Oracle JD Edwards JDENET USRBROADCAST Denial of Service 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-013: Oracle JD Edwards JDENET USRBROADCAST Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access [ more ] [ reply ] [Onapsis Security Advisory 2011-012] Oracle JD Edwards JDENET Firewall Bypass 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-012: Oracle JD Edwards JDENET Firewall Bypass This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand i [ more ] [ reply ] [Onapsis Security Advisory 2011-011] Oracle JD Edwards JDENET Buffer Overflow 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-011: Oracle JD Edwards JDENET Buffer Overflow This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand i [ more ] [ reply ] [Onapsis Security Advisory 2011-008] Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-008: Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will g [ more ] [ reply ] [Onapsis Security Advisory 2011-005] SAP Enterprise Portal Path Disclosure 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-005: SAP Enterprise Portal Path Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand info [ more ] [ reply ] [Onapsis Security Advisory 2011-010] Oracle JD Edwards JDENET Remote Logging Deactivation 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-010: Oracle JD Edwards JDENET Remote Logging Deactivation This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to [ more ] [ reply ] [Onapsis Security Advisory 2011-003] SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities 2011-04-28 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-003: SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain acc [ more ] [ reply ] ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability 2011-04-28 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-143(formerly ZDI-CAN-965): Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-143 April 28, 2011 -- CVE ID: CVE-2011-1610 -- CVSS: 7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P) -- Affected Vendors: Cisco -- Affected Products [ more ] [ reply ] HTB22960: XSS in Daily Maui Photo Widget wordpress plugin 2011-04-28 advisory htbridge ch Vulnerability ID: HTB22960 Reference: http://www.htbridge.ch/advisory/xss_in_daily_maui_photo_widget_wordpress _plugin.html Product: Daily Maui Photo Widget wordpress plugin Vendor: Kris Nelson ( http://www.webnelly.com/ ) Vulnerable Version: 0.2 Vendor Notification: 14 April 2011 Vulnerability Ty [ more ] [ reply ] HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy 2011-04-28 advisory htbridge ch Vulnerability ID: HTB22959 Reference: http://www.htbridge.ch/advisory/csrf_cross_site_request_forgery_in_phpgr aphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ ( http://phpgraphy.sourceforge.net/ ) Vulnerable Version: 0.9.13b Vendor Notification: 14 April 2011 Vulnerability T [ more ] [ reply ] hashdays 2011 - Call for Papers (#days CFP) 2011-04-28 Hashdays CFP (cfp defcon-switzerland org) Call for Paper for hashdays 2011 (#days) ======================================== Introduction ------------ Hashdays is an international security technology and research conference which is preceded by several 2-day workshops delivering IT security training. The event features many international IT [ more ] [ reply ] HTB22961: XSS in WP Photo Album wordpress plugin 2011-04-28 advisory htbridge ch Vulnerability ID: HTB22961 Reference: http://www.htbridge.ch/advisory/xss_in_wp_photo_album_wordpress_plugin.h tml Product: WP Photo Album wordpress plugin Vendor: Rubin J. Kaplan ( http://me.mywebsight.ws/ ) Vulnerable Version: 1.5.1 Vendor Notification: 14 April 2011 Vulnerability Type: XSS (Cro [ more ] [ reply ] HTB22958: XSS in phpGraphy 2011-04-28 advisory htbridge ch Vulnerability ID: HTB22958 Reference: http://www.htbridge.ch/advisory/xss_in_phpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ ( http://phpgraphy.sourceforge.net/ ) Vulnerable Version: 0.9.13b Vendor Notification: 14 April 2011 Vulnerability Type: XSS (Cross Site Scripti [ more ] [ reply ] HTB22965: Multiple XSS vulnerabilities in BackupPC 2011-04-28 advisory htbridge ch Vulnerability ID: HTB22965 Reference: http://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_backuppc .html Product: BackupPC Vendor: Craig Barratt ( http://backuppc.sourceforge.net/ ) Vulnerable Version: 3.1.0, perhaps 3.2.0 also vulnerable Vendor Notification: 14 April 2011 Vulnerabilit [ more ] [ reply ] CFP: Hacktivity 2011, September 17-18, Budapest, Hungary 2011-04-28 jozsef tiborcz hacktivity com Hacktivity is the biggest hacker conference in CEE region which will be held between September 17-18 2011 in Budapest, Hungary. If you are interested, please check our CFP at http://hacktivity.com/portal/downloadable/Hacktivity2011_CFP_en.pdf CFP deadline: May 18. ---- József Tiborcz on behalf [ more ] [ reply ] [USN-1125-1] PCSC-Lite vulnerability 2011-04-27 Marc Deslauriers (marc deslauriers canonical com) ======================================================================== == Ubuntu Security Notice USN-1125-1 April 27, 2011 pcsc-lite vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - U [ more ] [ reply ] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2011-04-27 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager Document ID: 112878 Advisory ID: cisco-sa-20110427-cucm Revision 1.0 For Public Release 2011 April 27 1600 UTC (GMT) +-------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability 2011-04-27 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability Document ID: 112916 Advisory ID: cisco-sa-20110427-wlc Revision 1.0 For Public Release 2011 April 27 1600 UTC (GMT) +----------------------------------------- [ more ] [ reply ] [USN-1124-1] rsync vulnerability 2011-04-27 Marc Deslauriers (marc deslauriers canonical com) ======================================================================== == Ubuntu Security Notice USN-1124-1 April 27, 2011 rsync vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - Ubunt [ more ] [ reply ] NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write 2011-04-27 Research@NGSSecure (research ngssecure com) LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect mu [ more ] [ reply ] B-Sides Vienna | NinjaCon 11 Call For Participation 2011-04-27 astera (a schneeweisz gmail com) Dear all, the Call For Papers for B-Sides Vienna | NinjaCon 11, 3rd edition, taking place in Vienna (Austria) is open! This year, the conference will be held Saturday, June 18th - or in other words, the day after the 23rd annual FIRST conference, at The Hub in Vienna. 1111111111111111111111111111 [ more ] [ reply ] |
|
Privacy Statement |
http://www.zerodayinitiative.com/advisories/ZDI-11-144
April 29, 2011
-- CVE ID:
CVE-2011-1728
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
H
[ more ] [ reply ]