|
|
Prev week |
Colapse all |
Post message
HTB22944: Path disclousure in ZENphoto 2011-04-21 advisory htbridge ch Vulnerability ID: HTB22944 Reference: http://www.htbridge.ch/advisory/path_disclousure_in_zenphoto.html Product: ZENphoto Vendor: Zenphoto ( http://www.zenphoto.org/ ) Vulnerable Version: 1.4.0.3 Vendor Notification: 07 April 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-T [ more ] [ reply ] HTB22950: SQL injection in 4images 2011-04-21 advisory htbridge ch Vulnerability ID: HTB22950 Reference: http://www.htbridge.ch/advisory/sql_injection_in_4images.html Product: 4images Vendor: http://www.4homepages.de/ ( http://www.4homepages.de/ ) Vulnerable Version: 1.7.9 Vendor Notification: 07 April 2011 Vulnerability Type: SQL Injection Status: Fixed by Vendo [ more ] [ reply ] HTB22945: Multiple XSS in ZENphoto 2011-04-21 advisory htbridge ch Vulnerability ID: HTB22945 Reference: http://www.htbridge.ch/advisory/multiple_xss_in_zenphoto.html Product: ZENphoto Vendor: ZENphoto ( http://www.zenphoto.org/ ) Vulnerable Version: 1.4.0.3 Vendor Notification: 07 April 2011 Vulnerability Type: XSS (Cross Site Scripting) Risk level: Medium Cred [ more ] [ reply ] HTB22946: Multiple SQL Injection in Ajax Category Dropdown wordpress plugin 2011-04-21 advisory htbridge ch Vulnerability ID: HTB22946 Reference: http://www.htbridge.ch/advisory/multiple_sql_injection_in_ajax_category_ dropdown_wordpress_plugin.html Product: Ajax Category Dropdown wordpress plugin Vendor: http://www.dyasonhat.com/ ( http://www.dyasonhat.com/ ) Vulnerable Version: 0.1.5 Vendor Notificatio [ more ] [ reply ] HTB22947: XSS in Ajax Category Dropdown wordpress plugin 2011-04-21 advisory htbridge ch Vulnerability ID: HTB22947 Reference: http://www.htbridge.ch/advisory/xss_in_ajax_category_dropdown_wordpress_ plugin.html Product: Ajax Category Dropdown wordpress plugin Vendor: http://www.dyasonhat.com/ ( http://www.dyasonhat.com/ ) Vulnerable Version: 0.1.5 Vendor Notification: 07 April 2011 Vu [ more ] [ reply ] CA20110420-01: Security Notice for CA SiteMinder 2011-04-21 Williams, James K (James Williams ca com) CA20110420-01: Security Notice for CA SiteMinder Issued: April 20, 2011 CA Technologies support is alerting customers to a security risk associated with CA SiteMinder. A vulnerability exists that can allow a malicious user to impersonate another user. CA Technologies has issued patches to [ more ] [ reply ] CA20110420-02: Security Notice for CA Output Management Web Viewer 2011-04-21 Williams, James K (James Williams ca com) CA20110420-02: Security Notice for CA Output Management Web Viewer Issued: April 20, 2011 CA Technologies support is alerting customers to security risks associated with CA Output Management Web Viewer. Two vulnerabilities exist that can allow a remote attacker to execute arbitrary code. CA [ more ] [ reply ] HTB22949: Multiple Path disclousure in 4images 2011-04-21 advisory htbridge ch Vulnerability ID: HTB22949 Reference: http://www.htbridge.ch/advisory/multiple_path_disclousure_in_4images.htm l Product: 4images Vendor: http://www.4homepages.de/ ( http://www.4homepages.de/ ) Vulnerable Version: 1.7.9 Vendor Notification: 07 April 2011 Vulnerability Type: Path disclosure Status: [ more ] [ reply ] [security bulletin] HPSBMA02665 SSRT100185 rev.1 - HP Virtual Server Environment for Windows, Remote Privilege Elevation 2011-04-21 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02749050 Version: 1 HPSBMA02665 SSRT100185 rev.1 - HP Virtual Server Environment for Windows, Remote Privilege Elevation NOTICE: The information in this Security Bulletin should be acted upon as [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-11:01.mountd 2011-04-20 FreeBSD Security Advisories (security-advisories freebsd org) [security bulletin] HPSBMA02664 SSRT100417 rev.1 - HP Insight Control Performance Management for Windows, Remote Privilege Elevation, Cross Site Request Forgery (CSRF) 2011-04-21 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02748970 Version: 1 HPSBMA02664 SSRT100417 rev.1 - HP Insight Control Performance Management for Windows, Remote Privilege Elevation, Cross Site Request Forgery (CSRF) NOTICE: The information in [ more ] [ reply ] [USN-1119-1] Linux kernel (OMAP4) vulnerabilities 2011-04-20 Kees Cook (kees ubuntu com) ======================================================================== == Ubuntu Security Notice USN-1119-1 April 20, 2011 linux-ti-omap4 vulnerabilities ======================================================================== == A security issue affects these releases of Ubuntu and its derivative [ more ] [ reply ] Directory Traversal Vulnerability in Viola DVR VIO-4/1000 2011-04-19 by_argos hotmail com ============================================================== Viola DVR VIO-4/1000 - Directory Traversal Vulnerability ============================================================== Software: Viola DVR VIO-4/1000 (other products may be affected) Vendor: http://www.videcon.co.uk/ Vuln Type [ more ] [ reply ] [USN-1117-1] PolicyKit vulnerability 2011-04-19 Kees Cook (kees ubuntu com) ======================================================================== == Ubuntu Security Notice USN-1117-1 April 19, 2011 policykit-1 vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - [ more ] [ reply ] [USN-1116-1] Kerberos vulnerability 2011-04-19 Kees Cook (kees ubuntu com) ======================================================================== == Ubuntu Security Notice USN-1116-1 April 19, 2011 krb5 vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu [ more ] [ reply ] [USN-1115-1] language-selector vulnerability 2011-04-19 Kees Cook (kees ubuntu com) ======================================================================== == Ubuntu Security Notice USN-1115-1 April 19, 2011 language-selector vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its derivativ [ more ] [ reply ] [security bulletin] HPSBMA02660 SSRT100433 rev.1 - HP Performance Insight Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access to Sensitive Information 2011-04-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02790298 Version: 1 HPSBMA02660 SSRT100433 rev.1 - HP Performance Insight Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access to Sensitive Information NOTICE: The informati [ more ] [ reply ] [security bulletin] HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution of Arbitrary Code, Denial of Service (DoS) 2011-04-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02738731 Version: 1 HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution [ more ] [ reply ] ZDI-11-139: Webkit Anonymous Frame Remote Code Execution Vulnerability 2011-04-19 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-139 (formerly ZDI-CAN-1035): Webkit Anonymous Frame Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-139 April 19, 2011 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: WebKit -- Affected Products: WebKit WebKit -- TippingPoint(TM) IPS [ more ] [ reply ] ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability 2011-04-19 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-137 April 19, 2011 -- CVE ID: CVE-2011-0807 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Oracle -- Affected Products: Oracle Appl [ more ] [ reply ] ZDI-11-140: Webkit Detached Body Element Remote Code Execution Vulnerability 2011-04-19 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-140 (formerly ZDI-CAN-1026): Webkit Detached Body Element Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-140 April 19, 2011 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: WebKit -- Affected Products: WebKit WebKit -- TippingPoint(TM [ more ] [ reply ] [USN-1118-1] OpenSLP vulnerability 2011-04-20 Marc Deslauriers (marc deslauriers canonical com) ======================================================================== == Ubuntu Security Notice USN-1118-1 April 20, 2011 openslp, openslp-dfsg vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its deriv [ more ] [ reply ] [security bulletin] HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure 2011-04-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02735590 Version: 1 HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure NOTICE: [ more ] [ reply ] [security bulletin] HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service (DoS) 2011-04-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02735910 Version: 1 HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service (DoS) NOT [ more ] [ reply ] [security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS) 2011-04-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02794777 Version: 1 HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information [ more ] [ reply ] |
|
Privacy Statement |
The purpose of the hack.lu convention is to give an open and free
playground where people can discuss the implication of new
technologies in society. hack.lu is a balanced mix convention where
technical and non-technical people can meet each othe
[ more ] [ reply ]