|
|
Colapse all |
Post message
[SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7) 2015-11-30 Security Explorations (contact security-explorations com) LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30 advisories (advisories lsexperts de) === LSE Leading Security Experts GmbH - Security Advisory 2015-10-14 === HumHub - SQL-Injection ------------------------------------------------------------------------ Tested Versions =============== HumHub 0.11.2 and 0.20.0-beta.2 Issue Overview ============== Vulnerability Type: 89 - Improper [ more ] [ reply ] Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) =============================================== Credit: Nicholas Lemonias .::PROFTPD v1.3.5a HEAP OVERFLOWS / MALLOC CORRUPTION ::. ADVANCED INFORMATION SECURITY CORPORATION Keeping Things Simple! ====================================================== .88888888:. 88888888.88888. .88888888888888 [ more ] [ reply ] Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) =============================================== Credit: Nicholas Lemonias .::PROFTPD v1.3.5a HEAP OVERFLOWS / MALLOC CORRUPTION ::. ADVANCED INFORMATION SECURITY CORPORATION Keeping Things Simple! ====================================================== .88888888:. 88888888.88888. .88888888888888 [ more ] [ reply ] Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30 Rahul Pratap Singh (techno rps gmail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Audit Report. 2015-11-29 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 lem nikolas gmail com Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 aiscorp gives greetz com Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30 Nicholas Lemonias. (lem nikolas googlemail com) [FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27 Manuel Mancera (mmancera a2secure com) ================================================================ Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) ================================================================ Information -------------------- Name: Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) Affected Softw [ more ] [ reply ] [SECURITY] [DSA 3404-1] python-django security update 2015-11-25 Salvatore Bonaccorso (carnil debian org) CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1652 Release Date: ============= 2015-11-25 Vulnerability Laboratory ID (VL-ID): ============ [ more ] [ reply ] [security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04900820 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04900820 Version: 1 HPSBGN03523 [ more ] [ reply ] [security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04900820 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04900820 Version: 1 HPSBGN03523 [ more ] [ reply ] [slackware-security] pcre (SSA:2015-328-01) 2015-11-25 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] pcre (SSA:2015-328-01) New pcre packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/pcre-8.38-i486 [ more ] [ reply ] [SECURITY] [DSA 3403-1] libcommons-collections3-java security update 2015-11-24 Moritz Muehlenhoff (jmm debian org) ESA-2015-164: EMC Isilon OneFS Privilege Escalation Vulnerability 2015-11-24 Security Alert (Security_Alert emc com) CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23 Christofer Dutz (cdutz apache org) CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 Severity: Important Vendor: The Apache Software Foundation Versions Affected: BlazeDS 4.7.0 and 4.7.1 Description: The code in BlazeDS to deserialize AMF XML datatypes allows so-called SSRF Attacks (Server Side Request Forgery) in which [ more ] [ reply ] |
|
Privacy Statement |
Hello All,
On Jun 30, 2015 Security Explorations reported a security vulnerability
(Issue 42 assigned CVE-2015-4871) to Oracle affecting Java SE 7 [1].
In our original report [2], we indicated that the vulnerability had its
origin in klassItable::initialize_itable_for_interface method's
implement
[ more ] [ reply ]