|
|
Colapse all |
Post message
Python v2.7 v1.5.4 iOS - Filter Bypass & Persistent Vulnerability 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1694 Trand Micro ID: 1-1-1035080936 Release Date: ============= 2016-03-31 Vulnerability Laboratory [ more ] [ reply ] Docker UI v0.10.0 - Multiple Persistent Vulnerabilities 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Docker UI v0.10.0 - Multiple Persistent Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1803 Release Date: ============= 2016-03-29 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] Dorsa Web CMS - Multiple SQL Injection Vulnerabilities 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Dorsa Web CMS - Multiple SQL Injection Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1807 Release Date: ============= 2016-03-31 Vulnerability Laboratory ID (VL-ID): =============================== [ more ] [ reply ] Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1802 Release Date: ============= 2016-03-28 Vulnerability Laboratory ID (VL-ID): [ more ] [ reply ] WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1788 Release Date: ============= 2016-03-23 Vulnerability Laboratory ID (VL-ID): =================== [ more ] [ reply ] Hi Technology & Services CMS - SQL Injection Vulnerabilities 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Hi Technology & Services CMS - SQL Injection Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1785 Release Date: ============= 2016-03-22 Vulnerability Laboratory ID (VL-ID): ========================= [ more ] [ reply ] Patron Info System - SQL Injection Vulnerability 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Patron Info System - SQL Injection Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1784 Release Date: ============= 2016-03-21 Vulnerability Laboratory ID (VL-ID): ==================================== [ more ] [ reply ] Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities 2016-03-31 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1804 Release Date: ============= 2016-03-30 Vulnerability Laboratory ID (VL-ID): ========================= [ more ] [ reply ] [SECURITY] [DSA 3536-1] libstruts1.2-java security update 2016-03-31 Sebastien Delafond (seb debian org) Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability 2016-03-30 Cisco Systems Product Security Incident Response Team (psirt cisco com) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Firepower Malware Block Bypass Vulnerability Advisory ID: cisco-sa-20160330-fp Revision 1.0 For Public Release 2016 March 30 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerabili [ more ] [ reply ] RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability 2016-03-30 Murray, Mike (MMurray csuchico edu) [CVE-2016-0784] Apache OpenMeetings ZIP file path traversal 2016-03-30 Maxim Solodovnik (solomax666 gmail com) Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings 1.9.x - 3.1.0 Description: The Import/Export System Backups functionality in the OpenMeetings Administration menu (http://domain:5080/openmeetings/#admin/backup) is vulnerable to path traversal via sp [ more ] [ reply ] Multiple Vulnerabilities in CubeCart 2016-03-30 High-Tech Bridge Security Research (advisory htbridge ch) Advisory ID: HTB23298 Product: CubeCart Vendor: CubeCart Limited Vulnerable Version(s): 6.0.10 and probably prior Tested Version: 6.0.10 Advisory Publication: March 2, 2016 [without technical details] Vendor Notification: March 2, 2016 Vendor Patch: March 16, 2016 Public Disclosure: March 30, 20 [ more ] [ reply ] CVE-2016-2385 Kamailio SEAS module heap buffer overflow 2016-03-30 Stelios Tsampas (stelios census-labs com) Kamailio (successor of former OpenSER and SER) is an Open Source SIP Server released under GPL. It can be used to build large platforms for VoIP and realtime communications, presence, WebRTC, Instant messaging and other applications. A heap overflow was found in Kamailio version 4.3.4 (possibly aff [ more ] [ reply ] Easy Hosting Control Panel (EHCP) - Multiple Vulnerabilities 2016-03-30 kyle Lovett (krlovett gmail com) EHCP Easy Hosting Control Panel Multiple Vulnerabilities - Clear Text MySQL Root Password Insufficiently Protected Sensitive Data Authentication Bypass Unauthenticated Arbitrary File Upload Software Links: https://launchpad.net/ehcp http://www.ehcp.net https://sourceforge.net/p/ehcp/wiki/ --------- [ more ] [ reply ] [security bulletin] HPSBGN03444 rev.2 - HPE Network Automation, Remote Code Execution, Disclosure of Sensitive Information 2016-03-29 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c05030906 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05030906 Version: 2 HPSBGN03444 r [ more ] [ reply ] Fireware XTM Web UI - Open Redirect 2016-03-29 Manuel Mancera (mmancera a2secure com) ================================================================ Fireware XTM Web UI - Open Redirect ================================================================ Information -------------------- Name: Fireware XTM Web UI - Open Redirect Affected Software : Fireware XTM Web UI Affected Versions: [ more ] [ reply ] [SECURITY] [DSA 3533-1] openvswitch security update 2016-03-29 Salvatore Bonaccorso (carnil debian org) BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543) 2016-03-28 appsec (appsec bmc com) ------------------------------------------------------------------------ Unauthorized password reset vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent BMC Identifier: BMC-2015-0011 CVE Identifier: CVE-2016-1543 --------------------------------------------------------------------- [ more ] [ reply ] BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542) 2016-03-28 appsec (appsec bmc com) ------------------------------------------------------------------------ User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent BMC Identifier: BMC-2015-0010 CVE Identifier: CVE-2016-1542 ------------------------------------------------------------------------ By BMC A [ more ] [ reply ] Validation Bypass in C2Box application : CVE - 2015-4626 2016-03-28 harish ramadoss helpag com ##################################### Title: Validation Bypass in C2Box application allows user to input negative value Author: Harish Ramadoss Vendor: boxautomation(B.A.S) Product: C2Box Version: All versions below 4.0.0(r19171) Tested Version: Version 4.0.0(r19171) Severity: Medium CVE Reference: [ more ] [ reply ] TrendMicro DDI Cross Site Request Forgerys 2016-03-26 hyp3rlinx lycos com [+] Credits: John Page aka hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-DDI-CSRF.txt Vendor: ==================== www.trendmicro.com Product: ========================================= Trend Micro Deep Discovery Inspector [ more ] [ reply ] [SECURITY] [DSA 3531-1] chromum-browser security update 2016-03-26 Michael Gilbert (mgilbert debian org) [slackware-security] mozilla-thunderbird (SSA:2016-085-02) 2016-03-25 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2016-085-02) New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ p [ more ] [ reply ] |
|
Privacy Statement |
Document Title:
===============
Python v2.7 v1.5.4 iOS - Filter Bypass & Persistent Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1806
Release Date:
=============
2016-03-31
Vulnerability Laboratory ID (VL-ID):
====================
[ more ] [ reply ]