|
|
Colapse all |
Post message
Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP 2016-07-31 Summer of Pwnage (lists securify nl) Elevation of Privilege Vulnerability in MediaTek Driver ( CVE-2016-6492) 2016-07-30 unlimitsec gmail com Details ======= Product: MTK platform:MT6595 -- MT6797 Security Risk: High CVE ID: CVE-2016-6492 Credit: unLimit Security Group Introduction ============ 1. https://github.com/jawad6233/MT6795.kernel/blob/1251b008a51be5cd97ce6da9 16f34fc6afa2b1d7/alps/kernel-3.10/drivers/misc/mediatek/mach/mt6795/c [ more ] [ reply ] [SYSS-2016-038] CHERRY B.UNLIMITED AES - Keystroke Injection Vulnerability 2016-07-29 matthias deeg syss de [SECURITY] [DSA 3635-1] libdbd-mysql-perl security update 2016-07-29 Salvatore Bonaccorso (carnil debian org) CVE-2016-5672: Intel Crosswalk SSL Prompt Issue 2016-07-29 research nightwatchcybersecurity com [Original at: https://wwws.nightwatchcybersecurity.com/2016/07/29/advisory-intel-cross walk-ssl-prompt-issue/] Summary The Intel Crosswalk Project library for cross-platform mobile development did not properly handle SSL errors. This behaviour could subject applications developed using this library [ more ] [ reply ] [SYSS-2016-032] CHERRY B.UNLIMITED AES - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-07-29 matthias deeg syss de [SYSS-2016-031] CHERRY B.UNLIMITED AES - Missing Protection against Replay Attacks 2016-07-29 matthias deeg syss de [SYSS-2016-038] CHERRY B.UNLIMITED AES - Keystroke Injection Vulnerability 2016-07-29 matthias deeg syss de [SYSS-2016-032] CHERRY B.UNLIMITED AES - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-07-29 matthias deeg syss de [SYSS-2016-031] CHERRY B.UNLIMITED AES - Missing Protection against Replay Attacks 2016-07-29 matthias deeg syss de [SYSS-2016-059] Microsoft Wireless Desktop 2000 - Insufficient Verification of Data Authenticity (CWE-345) 2016-07-29 matthias deeg syss de [SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks 2016-07-29 matthias deeg syss de [SYSS-2016-045] Perixx PERIDUO-710W - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-07-29 matthias deeg syss de [SYSS-2016-047] Perixx PERIDUO-710W - Keystroke Injection Vulnerability 2016-07-29 matthias deeg syss de [SYSS-2016-046] Perixx PERIDUO-710W - Missing Protection against Replay Attacks 2016-07-29 matthias deeg syss de [SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks 2016-07-29 matthias deeg syss de ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities 2016-07-29 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1890 Release Date: ============= 2016-07-28 Vulnerability Laboratory ID (VL-ID): ========== [ more ] [ reply ] [S21SEC-047] Fotoware Fotoweb 8.0 Cross Site Scripting 2016-07-29 S21sec Vulnerability Research (vulns s21sec com) Vicon Network Cameras - Authentication Bypass 2016-07-28 reggie dodd30 gmail com TITLE Vicon Network Cameras - Authentication Bypass AUTHOR Reginald Dodd / Information Security Engineer https://www.linkedin.com/in/reginalddodd VENDOR Vicon Industries Inc. http://www.vicon-security.com http://www.vicon-security.com/products/network-cameras/ DESCRIPTION Remote unauthenticated u [ more ] [ reply ] Saveya Bounty #1 - Bypass & Persistent Vulnerability 2016-07-28 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Saveya Bounty #1 - Bypass & Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1857 SaveYa ID: 56 Acknowledgements: https://www.saveya.com/white-hat-program-acknowledgements Release Date: ====== [ more ] [ reply ] Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities 2016-07-28 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1881 Release Date: ============= 2016-07-27 Vulnerability Laboratory ID (VL-ID): ======================= [ more ] [ reply ] Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability 2016-07-28 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1886 Release Date: ============= 2016-07-27 Vulnerability Laboratory ID (VL-ID): ============================ [ more ] [ reply ] Zortam Media Studio 20.60 - Buffer Overflow Vulnerability 2016-07-28 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Zortam Media Studio 20.60 - Buffer Overflow Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1884 Release Date: ============= 2016-07-27 Vulnerability Laboratory ID (VL-ID): ============================= [ more ] [ reply ] CVE-2016-2783 - Avaya VOSS/VSP Release 4.1.0.0 Vulnerable to SPB Traffic traversal 2016-07-27 Grebovich, Dragan \(Dragan\) (dgrebovich avaya com) Virtual Services Platform (VOSS) Security Vulnerability CVE-2016-2783 - Release 4.1.0.0 Vulnerable to SPB Traffic traversal Avaya Networking was notified by Kryptos Logic and Stora, that Avaya VSP (VOSS) 4.1.0.0 has security vulnerability on November 30, 2015. Avaya R&D has confirmed the existence [ more ] [ reply ] [SECURITY] [DSA 3632-1] mariadb-10.0 security update 2016-07-27 Salvatore Bonaccorso (carnil debian org) |
|
Privacy Statement |
Insert PHP WordPress Plugin allows authenticated user to execute
arbitrary PHP
------------------------------------------------------------------------
Marcel Vermeulen <vermeulen.mc.at.gmail.com> & Ed van der Vlies
<ecvdvlies.
[ more ] [ reply ]