|
|
Colapse all |
Post message
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities 2015-04-21 Vulnerability Lab (research vulnerability-lab com) PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1453 Video: http://www.vulnerability-lab.com/get_content.php?id=1454 View: https://www.youtube [ more ] [ reply ] Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1228 Release Date: ============= 2015-03-25 Vulnerability Laboratory ID (VL-ID): ================================== [ more ] [ reply ] Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1227 Release Date: ============= 2015-03-24 Vulnerability Laboratory ID (VL-ID): =============================== [ more ] [ reply ] Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1215 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID (VL-ID): ========================== [ more ] [ reply ] Photo Manager Pro v4.4.0 iOS - File Include Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Photo Manager Pro v4.4.0 iOS - File Include Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1445 Release Date: ============= 2015-03-12 Vulnerability Laboratory ID (VL-ID): ============================= [ more ] [ reply ] Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1447 Release Date: ============= 2015-03-13 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] Mobile Drive HD v1.8 - File Include Web Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Mobile Drive HD v1.8 - File Include Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1446 Release Date: ============= 2015-03-11 Vulnerability Laboratory ID (VL-ID): ================================= [ more ] [ reply ] Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability 2015-04-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1444 Release Date: ============= 2015-03-10 Vulnerability Laboratory ID (VL-ID): ============================ [ more ] [ reply ] [security bulletin] HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2015-04-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04636829 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04636829 Version: 1 HPSBMU03321 re [ more ] [ reply ] [SECURITY] [DSA 3230-1] django-markupfield security update 2015-04-20 Alessandro Ghedini (ghedo debian org) [SECURITY] [DSA 3229-1] mysql-5.5 security update 2015-04-19 Salvatore Bonaccorso (carnil debian org) Security Audit Notes - OpenSSL v1.0.2a (latest) Issues - Advanced Information Security Corporation 2015-04-19 lem nikolas gmail com -=[Advanced Information Security Corp]=- Author: Nicholas Lemonias Report Date: 2/4/2015 Email: lem.nikolas (at) gmail (dot) com [email concealed] Introduction ========== During a source-code audit of the OpenSSL v1.0.2a (Latest) implementation for linux; conducted internally by the Advance [ more ] [ reply ] CVE-2014-7953 Android backup agent code execution 2015-04-17 Imre RAD (imre rad search-lab hu) Android backup agent arbitrary code execution --------------------------------------------- The Android backup agent implementation was vulnerable to privilege escalation and race condition. An attacker with adb shell access could run arbitrary code as the system (1000) user (or any other valid pac [ more ] [ reply ] CVE-2014-7951 adb backup archive path traversal file overwrite 2015-04-17 Imre RAD (imre rad search-lab hu) ADB backup archive path traversal file overwrite ------------------------------------------------ Using adb one can create a backup of his/her Android device and store it on the PC. The backup archive is based on the tar file format. By modifying tar headers to contain ../../ like patterns it is [ more ] [ reply ] CVE-2014-7954 MTP path traversal vulnerability in Android 2015-04-17 Imre RAD (imre rad search-lab hu) MTP path traversal vulnerability in Android 4.4 ----------------------------------------------- doSendObjectInfo() method of the MtpServer class implemented in frameworks/av/media/mtp/MtpServer.cpp does not validate the name parameter of the incoming MTP packet at all. It is possible to upload fil [ more ] [ reply ] 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges 2015-04-17 Pierre Kim (pierre kim sec gmail com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ## Advisory Information Title: 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x00.txt.asc Date published: 2015-04-17 Vendors contacted: Kr [ more ] [ reply ] Lychee 2.7.1 remote code execution 2015-04-16 Filippo Cavallarin (filippo cavallarin segment technology) Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor fix: [ more ] [ reply ] [CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities 2015-04-16 alex_haynes outlook com Exploit Title: Landesk Management Suite RFI and CSRF vulnerabilities Product: Landesk Management Suite Vulnerable Versions: 9.5 (and possible previous versions), 9.6 Tested Version: 9.5 Advisory Publication: 16/04/2015 Latest Update: 16/04/2015 Vulnerability Type: Cross-site request forgery [CWE-352 [ more ] [ reply ] Secunia Research: Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability 2015-04-16 Secunia Research (remove-vuln secunia com) [security bulletin] HPSBMU03264 rev.1 - HP Network Automation, Multiple Remote Vulnerabilities 2015-04-15 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04574207 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04574207 Version: 1 HPSBMU03264 re [ more ] [ reply ] [SECURITY] [DSA 3227-1] movabletype-opensource security update 2015-04-15 Salvatore Bonaccorso (carnil debian org) Cisco Security Advisory: Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability 2015-04-15 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability Advisory ID: cisco-sa-20150415-csd Revision 1.0 For Public Release 2015 April 15 16:00 UTC (GMT) +------------------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability 2015-04-15 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20150415-iosxr Revision 1.0 For Public Release 2015 April 15 16:00 UTC (GMT) Summary ======= A vulnerability in the packet-processing code of Cisco IOS X [ more ] [ reply ] ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability 2015-04-15 Security Alert (Security_Alert emc com) [SECURITY] [DSA 3225-1] gst-plugins-bad0.10 security update 2015-04-15 Moritz Muehlenhoff (jmm debian org) |
|
Privacy Statement |
===============
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1314
Release Date:
=============
2015-03-23
Vulnerability Laboratory ID (VL-ID):
===================================
[ more ] [ reply ]