|
|
Colapse all |
Post message
[REVIVE-SA-2016-001] Revive Adserver - Multiple vulnerabilities 2016-03-02 Matteo Beccati (matteo beccati com) [security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities 2016-03-02 HP Security Alert (hp-security-alert hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c0497186 7 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04971867 Version: 1 HPSBHF03545 rev. 1 - HP Eli [ more ] [ reply ] [security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-03-02 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c05028479 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05028479 Version: 1 HPSBGN03442 r [ more ] [ reply ] Vivint Sky Control Panel Unauthenticated Access Vulnerability 2016-03-01 jeremyscott solutionary com Vivint Sky Control Panel Unauthenticated Access Vulnerability Solutionary ID: SERT-VDN-1017 Risk Rating: High CVE ID: CVE-2014-8362 Product: Vivint Sky Control Panel Application Vendor: Vivint Vendor URL: http://www.vivint.com/en/ Date discovered: 09/25/2014 Discovered by: Jeremy Scott and S [ more ] [ reply ] Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege 2016-03-01 Stefan Kanthak (stefan kanthak nexgo de) Hi, putty-0.66-installer.exe loads and executes DWMAPI.dll or UXTheme.dll from its "application directory". For software downloaded with a web browser the application directory is typically the user's "Downloads" directory: see <https://insights.sei.cmu.edu/cert/2008/09/carpet-bombing-and-directo [ more ] [ reply ] [SYSS-2016-009] Sophos UTM 525 Web Application Firewall - Cross-Site Scripting in 2016-03-01 adrian vollmer syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2016-009 Product: Sophos UTM 525 Full Guard Vendor: Sophos Affected Version(s): 9.352-6, 94988 Tested Version(s): 9.352-6, 94988 Vulnerability Type: Cross-Site Scripting (CWE-79) Risk Level: Medium Solution Status: Fixed Vendor N [ more ] [ reply ] WordPress plugin GravityForms Cross-site Scripting vulnerability 2016-03-01 Henri Salo (henri salo nixu com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Product: WordPress plugin GravityForms Product URL: http://www.gravityforms.com/ Vendor: Rocketgenius Vulnerability Type: Reflected Cross-site Scripting (CWE-79) Vulnerable Versions: 1.9.15.11 (other versions not tested) Fixed Version: 1.9.16 Solution [ more ] [ reply ] Microsoft PowerPointViewer Code Execution 2016-03-01 hyp3rlinx lycos com [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-PPT-VIEWER-CODE-EXE C.txt Vendor: =================== www.microsoft.com Product: ============================ Microsoft PowerPoint Viewer version: 12.0.6600.1000 V [ more ] [ reply ] [security bulletin] HPSBUX03552 SSRT102983 rev.1 - HP-UX BIND running Named, Remote Denial of Service (DoS) 2016-02-29 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c05019901 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05019901 Version: 1 HPSBUX03552 S [ more ] [ reply ] [SYSS-2015-069] perfact::mpa - Insecure Direct Object References 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-069 Product: perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vulne [ more ] [ reply ] [SYSS-2015-067] perfact::mpa - Insecure Direct Object References 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-067 Product: perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vulne [ more ] [ reply ] [SYSS-2015-066] perfact::mpa - Cross-Site Scripting 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-066 Product: perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vulne [ more ] [ reply ] [SYSS-2015-070] perfact::mpa - Cross-Site Scripting 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-070 Product: perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vulne [ more ] [ reply ] [SYSS-2015-071] perfact::mpa - Cross-Site Request Forgery 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-071 Product(s): perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vu [ more ] [ reply ] [SYSS-2015-072] perfact::mpa - Insecure Direct Object References 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-072 Product(s): perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vu [ more ] [ reply ] [SYSS-2015-073] perfact::mpa - URL Redirection to Untrusted Site 2016-02-29 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-073 Product(s): perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Version(s): Custom versions using PerFact DB_Utils (Toolkit) < v3.2 Tested Version(s): Custom version with PerFact DB_Utils (Toolkit) < v3.2 Vu [ more ] [ reply ] Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability 2016-02-29 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1772 Release Date: ============= 2016-02-29 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability 2016-02-29 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1771 Release Date: ============= 2016-02-29 Vulnerability Laboratory ID (VL-ID): ============== [ more ] [ reply ] [SECURITY] [DSA 3496-1] php-horde-core security update 2016-02-28 Salvatore Bonaccorso (carnil debian org) Call For Papers - CISTI 2016 Workshops - Deadline March 15 2016-02-28 Maria Lemos (marialemos72 gmail com) ------------------------------------------------------------------------ ----- CISTI'2016 Workshops Gran Canaria, Canary Islands, Spain June 15 - 18, 2016 http://www.aisti.eu/cisti2016/index.php/es/xpto ------------------------------------------------------------------------ ----- Introduction ----- [ more ] [ reply ] [SECURITY] [DSA 3497-1] php-horde security update 2016-02-28 Salvatore Bonaccorso (carnil debian org) [slackware-security] libssh (SSA:2016-057-01) 2016-02-26 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libssh (SSA:2016-057-01) New libssh packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/li [ more ] [ reply ] [security bulletin] HPSBGN03549 rev.1 - HP IceWall Products using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-02-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c05008367 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05008367 Version: 1 HPSBGN03549 r [ more ] [ reply ] |
|
Privacy Statement |
Revive Adserver Security Advisory REVIVE-SA-2016-001
========================================================================
http://www.revive-adserver.com/security/revive-sa-2016-001
======================
[ more ] [ reply ]