|
|
Colapse all |
Post message
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16 Cisco Systems Product Security Incident Response Team (psirt cisco com) Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability Advisory ID: cisco-sa-20150916-pcp Revision 1.0 For Public Release 2015 September 16 16:00 UTC (GMT) +--------------------------- [ more ] [ reply ] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance Advisory ID: cisco-sa-20150916-pca Revision 1.0 For Public Release 2015 September 16 16:00 UTC (GMT) +---------------------------------------------------- [ more ] [ reply ] [security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04762687 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04762687 Version: 2 HPSBGN03393 r [ more ] [ reply ] Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16 gregory draperi (gregory draperi gmail com) Exploit Title: Improper authentication allows unauthenticated access to configuration files Product: Pentaho GA PDI & Pentaho GA BA Vulnerable Versions: 5.2.x GA BA Suite and PDI - Suite and previous versions Tested Version: 5.2.x GA BA Suite and PDI - Suite Advisory Publication: 15/02/2015 Latest U [ more ] [ reply ] Microsoft Exchange Information Disclosure 2015-09-16 apparitionsec gmail com [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-MS-EXCHANGE-INFO-DISCLOSUR E.txt Vendor: ================================ www.microsoft.com Product: ================================ Microsoft Exchange Outlook Web Vulner [ more ] [ reply ] [SECURITY] [DSA 3360-1] icu security update 2015-09-15 Laszlo Boszormenyi (GCS) (gcs debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3360-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Laszlo Boszormenyi (GCS) September 15, 2015 [ more ] [ reply ] [security bulletin] HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data 2015-09-15 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04796784 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04796784 Version: 1 HPSBHF03509 r [ more ] [ reply ] Paypal Inc - Open Redirect Web Vulnerability 2015-09-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Paypal Inc - Open Redirect Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1598 Vulnerability Magazine: http://magazine.vulnerability-db.com/?q=articles/2015/09/11/paypal-inc-% C2%A0medium-severity-open [ more ] [ reply ] Openfire 3.10.2 CSRF Vulnerabilities 2015-09-15 apparitionsec gmail com [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt Vendor: ================================ www.igniterealtime.org/projects/openfire www.igniterealtime.org/downloads/index.jsp Product: ==================== [ more ] [ reply ] IKEView.exe R60 Stack Buffer Overflow 2015-09-14 apparitionsec gmail com [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-IKEVIEWR60-0914.txt Vendor: ================================ www.checkpoint.com http://pingtool.org/downloads/IKEView.exe Product: ========================================= [ more ] [ reply ] [security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass 2015-09-14 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04762372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04762372 Version: 2 HPSBMU03392 r [ more ] [ reply ] [CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14 Ahrens, Julien (Julien Ahrens secunet com) [SECURITY] [DSA 3358-1] php5 security update 2015-09-13 Salvatore Bonaccorso (carnil debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3358-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2015 [ more ] [ reply ] [SECURITY] [DSA 3356-1] openldap security update 2015-09-12 Salvatore Bonaccorso (carnil debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3356-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Salvatore Bonaccorso September 12, 2015 [ more ] [ reply ] IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12 apparitionsec gmail com [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-CP_IKEVIEW-0911.txt Vendor: ================================ www.checkpoint.com Product: ================================ IKEView.exe Fox beta 1 IKEVIew.EXE is used to ins [ more ] [ reply ] [security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-09-11 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04773272 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04773272 Version: 2 HPSBHF03408 r [ more ] [ reply ] [KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11 Egidio Romano (research karmainsecurity com) ------------------------------------------------------------------------ ------- Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability ------------------------------------------------------------------------ ------- [-] Software Link: http://magento.com/ [-] Affected Ver [ more ] [ reply ] Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Magento Bug Bounty #19 - Persistent Filename Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1570 ID: APPSEC-1059 Release Date: ============= 2015-09-11 Vulnerability Laboratory ID (VL-ID): =========== [ more ] [ reply ] PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1486 Video: http://www.vulnerability-lab.com/get_content.php?id=1485 Watch Video: https://www [ more ] [ reply ] Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1592 Release Date: ============= 2015-09-04 Vulnerability Laboratory ID (VL-ID): =========================== [ more ] [ reply ] Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Yahoo Bug Bounty #32 - CSRF bulkImport Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10 LpSolit gmail com Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: * Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected [ more ] [ reply ] Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14 2015-09-10 dkl mozilla com Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: * Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected [ more ] [ reply ] DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10 Onur Yilmaz (onur netsparker com) Information -------------------- Advisory by Netsparker. Name: XSS Vulnerability in DataTables Affected Software : DataTables Affected Versions : 1.10.8 and possibly below Vendor Homepage : https://github.com/DataTables/DataTables Vulnerability Type : Cross-site Scripting Severity : Important Status [ more ] [ reply ] Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Synology Download Station ------------------------------------------------------------------------ Han Sahin, September 2015 ---------------------------------------------------- [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability
Advisory ID: cisco-sa-20150916-tps
Revision 1.0
For Public Release 2015 September 16 16:00 UTC (GMT)
+-------------------------------------------------------------
[ more ] [ reply ]