|
|
Colapse all |
Post message
CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM) 2016-02-23 Alexandre Herzog (Alexandre Herzog csnc ch) InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-23 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1738 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID (VL-ID): ================================== [ more ] [ reply ] Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability 2016-02-22 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID (VL-ID): =================== [ more ] [ reply ] [SYSS-2015-063] OpenCms - Cross Site Scripting 2016-02-22 rainer boie syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-063 Product: OpenCms Official Maintainer: Alkacon Software GmbH Affected Version(s): 9.5.2 Tested Version(s): 9.5.2 Vulnerability Type: Cross-Site Scripting (CWE-79) Risk Level: Medium Solution Status: Fixed Maintainer Notificat [ more ] [ reply ] Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities 2016-02-22 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1728 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID (VL-ID): ================== [ more ] [ reply ] InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-22 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1738 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID (VL-ID): ================================== [ more ] [ reply ] [SECURITY] CVE-2015-5174 Apache Tomcat Limited Directory Traversal 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2015-5174 Apache Tomcat Limited Directory Traversal Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.0 to 6.0.44 - - Apache Tomcat 7.0.0 to 7.0.64 - - Apache Tomcat 8.0.0.RC1 to 8.0.26 - - Apache Tom [ more ] [ reply ] [SECURITY] CVE-2016-0763 Apache Tomcat Security Manager Bypass 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2016-0763 Apache Tomcat Security Manager Bypass Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 7.0.0 to 7.0.67 - - Apache Tomcat 8.0.0.RC1 to 8.0.30 - - Apache Tomcat 9.0.0.M1 to 9.0.0.M2 Descrip [ more ] [ reply ] [SECURITY] CVE-2015-5345 Apache Tomcat Directory disclosure 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2015-5345 Apache Tomcat Directory disclosure Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.0 to 6.0.44 - - Apache Tomcat 7.0.0 to 7.0.66 - - Apache Tomcat 8.0.0.RC1 to 8.0.29 - - Apache Tomcat 9.0 [ more ] [ reply ] [SECURITY] CVE-2015-5351 Apache Tomcat CSRF token leak 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2015-5351 Apache Tomcat CSRF token leak Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 7.0.1 to 7.0.67 - - Apache Tomcat 8.0.0.RC1 to 8.0.31 - - Apache Tomcat 9.0.0.M1 Description: The index page [ more ] [ reply ] [SECURITY] CVE-2016-0714 Apache Tomcat Security Manager Bypass 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2016-0714 Apache Tomcat Security Manager Bypass Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.0 to 6.0.44 - - Apache Tomcat 7.0.0 to 7.0.67 - - Apache Tomcat 8.0.0.RC1 to 8.0.30 - - Apache To [ more ] [ reply ] [SECURITY] CVE-2016-0706 Apache Tomcat Security Manager bypass 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2016-0706 Apache Tomcat Security Manager bypass Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.0 to 6.0.44 - - Apache Tomcat 7.0.0 to 7.0.67 - - Apache Tomcat 8.0.0.RC1 to 8.0.30 - - Apache Tomcat [ more ] [ reply ] [SECURITY] CVE-2015-5346 Apache Tomcat Session fixation 2016-02-22 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2015-5346 Apache Tomcat Session fixation Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 7.0.5 to 7.0.65 - - Apache Tomcat 8.0.0.RC1 to 8.0.30 - - Apache Tomcat 9.0.0.M1 Description: When recycling the [ more ] [ reply ] [SECURITY] [DSA 3486-1] chromium-browser security update 2016-02-21 Michael Gilbert (mgilbert debian org) [security bulletin] HPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware 7 and cURL, Remote Unauthorized Access 2016-02-20 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04986859 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04986859 Version: 1 HPSBHF03544 r [ more ] [ reply ] Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 2016-02-18 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 Advisory ID: cisco-sa-20160218-glibc For Public Release: 2016 February 18 20:22 GMT Version 1.0: Interim +------------------------------------------------ [ more ] [ reply ] [security bulletin] HPSBGN03547 rev.1 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution 2016-02-18 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04989404 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04989404 Version: 1 HPSBGN03547 r [ more ] [ reply ] ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1701 Video: http://www.vulnerability-lab.com/get_content.php?id=1702 Release Date: ============= 2016-02-18 Vu [ more ] [ reply ] Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1724 Release Date: ============= 2016-02-19 Vulnerability Laboratory ID (VL-ID): == [ more ] [ reply ] Investors Application - Client Side Cross Site Scripting Vulnerability 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Investors Application - Client Side Cross Site Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1540 Facebook Security ID: 246414938 Release Date: ============= 2016-02-12 Vulnerability Laboratory ID (V [ more ] [ reply ] Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1720 Video: https://www.youtube.com/watch?v=3ApPhUIk12Y Release Date: ============= 2016-02-15 Vulnera [ more ] [ reply ] Chamilo LMS - Persistent Cross Site Scripting Vulnerability 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Chamilo LMS - Persistent Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id= Video: https://www.youtube.com/watch?v=gNZsQjmtiGI Release Date: ============= 2016-02-17 Vulnerability La [ more ] [ reply ] Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1628 PSIRT ID: 4260 / 4261 Release Date: ============= 2016-02-15 Vulnerability Laboratory ID (VL [ more ] [ reply ] ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability 2016-02-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1700 Video: http://www.vulnerability-lab.com/get_content.php?id=1699 Release Date: ============= 2016-02-17 [ more ] [ reply ] [SYSS-2015-056] Thru Managed File Transfer Portal 9.0.2 - SQL Injection 2016-02-19 erlijn vangenuchten syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-056 Product: Thru Managed File Transfer Portal Manufacturer: Thru Affected Version(s): 9.0.2 Tested Version(s): 9.0.2 Vulnerability Type: SQL Injection (CWE-89) Risk Level: High Solution Status: Open Manufacturer Notification: [ more ] [ reply ] [SYSS-2015-057] Thru Managed File Transfer Portal 9.0.2 - Cross-Site Scripting 2016-02-19 erlijn vangenuchten syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-057 Product: Thru Managed File Transfer Portal Manufacturer: Thru Affected Version(s): 9.0.2 Tested Version(s): 9.0.2 Vulnerability Type: Cross-Site Scripting (CWE-79) Risk Level: Medium Solution Status: Open Manufacturer Notif [ more ] [ reply ] |
|
Privacy Statement |
#
# COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html
#############################################################
#
# CSNC ID: CSNC-2016-001
# Product: OpenAM [1]
# Vendor: ForgeRock
#
[ more ] [ reply ]