BugTraq Mode:
(Page 2 of 1729)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability 2018-01-12
Vulnerability Lab (submit vulnerability-lab com)
Document Title:
===============
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1943

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5282

CVE-ID:
=======
CVE-2018-5282

Release Date:

[ more ]  [ reply ]
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2005

Release Date:
=============
2018-01-12

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
Flash Operator Panel v2.31.03 - Command Execution Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Flash Operator Panel v2.31.03 - Command Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1907

Release Date:
=============
2018-01-08

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting 2018-01-11
Advisories (advisories compass-security com)
########################################################################
############################
#
# COMPASS SECURITY ADVISORY https://www.compass-security.com
########################################################################
############################
#
# CVE ID : CVE-2017-8802
# Produc

[ more ]  [ reply ]
[SECURITY] [DSA 4083-1] poco security update 2018-01-11
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4083-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 11, 2018

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2018-0001 2018-01-10
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2018-0001
------------------------------------------------------------------------

Date reported : January 10, 2018
Advisory ID : WSA-2018-0001
Advisor

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider
         Plugin SQL injection Security Vulnerability

Advisory ID:    DC-2018-01-005
Advisory Title: WordPress Testimonial Slider Plugin SQL injection
 Security Vulnerability
Advisory URL:   http://www.defensecode.com

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin
             SQL injection Security Vulnerability

Advisory ID:    DC-2018-01-004
Advisory Title: WordPress Smooth Slider Plugin SQL injection
 Security Vulnerability
Advisory URL:   http://www.defensecode.com/a

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite
        Multiple SQL injection Security Vulnerabilities

Advisory ID:    DC-2017-01-003
Advisory Title: WordPress Dbox 3D Slider Lite Plugin Multiple
 SQL injection Security Vulnerabilities
Advisory URL:   http://www.

[ more ]  [ reply ]
Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637) 2018-01-10
chunibalon gmail com
Introduction:
================
The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link.
These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files.
If the attacker obtains the account and

[ more ]  [ reply ]
[security bulletin] HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. 2018-01-09
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03805en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03805en_us

Version: 4

HP

[ more ]  [ reply ]
[SECURITY] [DSA 4082-1] linux security update 2018-01-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4082-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 09, 2018

[ more ]  [ reply ]
CVE-2017-17485: one more way of rce in jackson-databind when defaultTyping+objects are used 2018-01-09
Imre Rad (radimre83 gmail com)
Jackson-databind is a popular library in Java for JSON
marshalling/unmarshalling.

It has a feature called default-typing: when the target class has some
polymorph fields inside (such as interfaces, abstract classes or the
Object base class), the library can include type info into the JSON
structure

[ more ]  [ reply ]
[SECURITY] [DSA 4080-1] php7.0 security update 2018-01-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4080-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 08, 2018

[ more ]  [ reply ]
[slackware-security] irssi (SSA:2018-008-01) 2018-01-09
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] irssi (SSA:2018-008-01)

New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages

[ more ]  [ reply ]
[SECURITY] [DSA 4081-1] php5 security update 2018-01-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4081-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 08, 2018

[ more ]  [ reply ]
Response to Meltdown and Spectre 2018-01-08
Gordon Tetlow (gordon tetlows org)
By now, we're sure most everyone have heard of the Meltdown and Spectre
attacks. If not, head over to https://meltdownattack.com/ and get an
overview. Additional technical details are available from Google
Project Zero.
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory
-with-si

[ more ]  [ reply ]
APPLE-SA-2018-1-8-3 Safari 11.0.2 2018-01-08
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-1-8-3 Safari 11.0.2

Safari 11.0.2 is now available and and addresses the following:

Available for: OS X El Capitan 10.11.6 and macOS Sierra 10.12.6
Description: Safari 11.0.2 includes security improvements to mitigate
the effects of Sp

[ more ]  [ reply ]
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update 2018-01-08
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update

macOS High Sierra 10.13.2 Supplemental Update is now available
and addresses the following:

Available for: macOS High Sierra 10.13.2
Description: macOS High Sierra 10.13.2 Supplementa

[ more ]  [ reply ]
APPLE-SA-2018-1-8-1 iOS 11.2.2 2018-01-08
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-1-8-1 iOS 11.2.2

iOS 11.2.2 is now available and and addresses the following:

Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Description: iOS 11.2.2 includes security improvements to Safari and
We

[ more ]  [ reply ]
WpJobBoard v4.4.4 - Multiple SQL Injection Vulnerabilities 2018-01-06
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WpJobBoard v4.4.4 - Multiple SQL Injection Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1940

Release Date:
=============
2018-01-06

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Wickr Inc - App Clock & Message Deletion Glitch - Bug Bounty 2018-01-06
Vulnerability Lab (research vulnerability-lab com)
Wickr Inc - App Clock & Message Deletion Glitch P2  - Bug Bounty
(Document) [PDF]

URL: https://www.vulnerability-lab.com/get_content.php?id=2107

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/01/04/wickr-inc-app-cl
ock-message-deletion-glitch

--
VULNERABILITY LABORATOR

[ more ]  [ reply ]
SonicWall SonicOS NSA Web Firewall - Multiple Web Vulnerabilities 2018-01-06
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
SonicWall SonicOS NSA Web Firewall - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1725

Release Date:
=============
2018-01-06

Vulnerability Laboratory ID (VL-ID):
=====================

[ more ]  [ reply ]
[SECURITY] [DSA 4079-1] poppler security update 2018-01-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4079-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 07, 2018

[ more ]  [ reply ]
CVE-2017-16884 Mist Server v2.12 Unauthenticated Persistent XSS (hyp3rlinx / ApparitionSec) 2018-01-06
apparitionsec gmail com
[+] Credits: John Page (aka Hyp3rlinX)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MIST-SERVER-v2.12-UNAUTHENTIC
ATED-PERSISTENT-XSS-CVE-2017-16884.txt
[+] ISR: ApparitionSec

Vendor:
=============
mistserver.org

Product:
=========

[ more ]  [ reply ]
CVE-2017-17055 Artica Web Proxy v3.06 Remote Code Execution (hyp3rlinx / ApparitionSec) 2018-01-06
apparitionsec gmail com
[+] Credits: John Page (aka Hyp3rlinX)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE
-CODE-EXECUTION-CVE-2017-17055.txt
[+] ISR: ApparitionSec

Vendor:
=======
www.articatech.com

Product:
=========
Artic

[ more ]  [ reply ]
Social Media Widget by Acurax [CSRF] 2018-01-07
Panagiotis Vagenas (pan vagenas gmail com) (2 replies)
* Exploit Title: Social Media Widget by Acurax [CSRF]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://www.acurax.com/
* Software Link: https://wordpress.org/plugins/acurax-social-media-widget
* Version: 3.2.5
*

[ more ]  [ reply ]
Admin Menu Tree Page View [CSRF, Privilege Escalation] 2018-01-07
Panagiotis Vagenas (pan vagenas gmail com)
CMS Tree Page View [CSRF, Privilege Escalation] 2018-01-07
Panagiotis Vagenas (pan vagenas gmail com)
Abyss Web Server < v2.11.6 Memory Heap Corruption (hyp3rlinx / apparitionsec) 2018-01-06
apparitionsec gmail com
[+] Credits: John Page (aka HyP3rlinX)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/ABYSS-WEB-SERVER-MEMORY-HEAP-
CORRUPTION.txt
[+] ISR: ApparitionSec

Vendor:
==========
aprelium.com

Product:
===========
Abyss Web Server < v2.11.6

[ more ]  [ reply ]
(Page 2 of 1729)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus