|
|
Colapse all |
Post message
Ruxcon 2015 Call For Presentations 2015-04-13 cfp ruxcon org au Ruxcon 2015 Call For Presentations Melbourne, Australia, October 24-25 CQ Function Centre http://www.ruxcon.org.au The Ruxcon team is pleased to announce the first round of Call For Presentations for Ruxcon 2015. This year the conference will take place over the weekend of the 24th and 25th of Oc [ more ] [ reply ] SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows 2015-04-09 SEC Consult Vulnerability Lab (research sec-consult com) APPLE-SA-2015-04-08-5 Xcode 6.3 2015-04-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-04-08-5 Xcode 6.3 Xcode 6.3 is now available and addresses the following: Clang Available for: OS X Mavericks v10.9.4 or later Impact: An attacker may be able to bypass stack guards Description: A register allocation issue existed i [ more ] [ reply ] AST-2015-003: TLS Certificate Common name NULL byte exploit 2015-04-08 Asterisk Security Team (security asterisk org) [security bulletin] HPSBUX03240 SSRT101872 rev.2 - HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilities 2015-04-08 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04554677 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04554677 Version: 2 HPSBUX03240 SS [ more ] [ reply ] APPLE-SA-2015-04-08-3 iOS 8.3 2015-04-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-3 iOS 8.3 iOS 8.3 is now available and addresses the following: AppleKeyStore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to guess the us [ more ] [ reply ] APPLE-SA-2015-04-08-4 Apple TV 7.2 2015-04-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-04-08-4 Apple TV 7.2 Apple TV 7.2 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A malicious application may be able to execute arbitrary code with system privileges De [ more ] [ reply ] APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 2015-04-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gai [ more ] [ reply ] APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 2015-04-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v [ more ] [ reply ] Cisco Security Advisory: Cisco ASA FirePOWER Services and Cisco ASA CX Services Crafted Packets Denial of Service Vulnerability 2015-04-08 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco ASA FirePOWER Services and Cisco ASA CX Services Crafted Packets Denial of Service Vulnerability Advisory ID: cisco-sa-20150408-cxfp Revision 1.0 For Public Release 2015 April 8 16:00 UTC (GMT) +----------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-04-08 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vulnerabilities in Cisco ASA Software Advisory ID: cisco-sa-20150408-asa Revision 1.0 For Public Release 2015 April 8 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Cisco Adaptive S [ more ] [ reply ] [HITB-Announce] HITB GSEC 2015 Singapore - Call for Papers 2015-04-08 Hafez Kamal (aphesz hackinthebox org) The Call for Papers for the inaugural Hack In The Box GSEC conference in Singapore is now open. Call for Papers: http://gsec.hitb.org/call-for-papers/ Event Website: http://gsec.hitb.org/sg2015/ HITB GSEC is a three-day security conference limited to 111 attendees who vote on the final agenda of t [ more ] [ reply ] [CVE-2015-2926] XSS vuln in phpTrafficA 2015-04-08 Daniël Geerts (dgeerts nikhef nl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Product: phpTrafficA Product page: http://soft.zoneo.net/phpTrafficA/ Affected versions: Up to and including 2.3 (latest as of writing). Description: The user agent string provided by the browser is not sanitized nor escaped when handled. This strin [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-15:04.igmp [REVISED] 2015-04-07 FreeBSD Security Advisories (security-advisories freebsd org) [security bulletin] HPSBHF03310 rev.1 - HP Thin Clients running Windows Embedded Standard 7 (WES7) or Windows Embedded Standard 2009 (WES09) with HP Easy Deploy, Remote Elevation of Privilege, Execution of Code 2015-04-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04629160 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04629160 Version: 1 HPSBHF03310 re [ more ] [ reply ] FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415) 2015-04-07 Pierre Kim (pierre kim sec gmail com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ## Advisory Information Title: FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415) Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-1415.txt.asc Date published: 2015-04-07 Vendors contacted: FreeBSD Release mode: Coordinated relea [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-15:07.ntp 2015-04-07 FreeBSD Security Advisories (security-advisories freebsd org) FreeBSD Security Advisory FreeBSD-SA-15:09.ipv6 2015-04-07 FreeBSD Security Advisories (security-advisories freebsd org) FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall 2015-04-07 FreeBSD Security Advisories (security-advisories freebsd org) CA20150407-01: Security Notice for CA Spectrum 2015-04-07 Kotas, Kevin J (Kevin Kotas ca com) -----BEGIN PGP SIGNED MESSAGE----- CA20150407-01: Security Notice for CA Spectrum Issued: April 7, 2015 CA Technologies Support is alerting customers to multiple potential risks with CA Spectrum. Two vulnerabilities exist that can potentially allow a remote authenticated attacker to gain sensitiv [ more ] [ reply ] Reflected Cross-Site Scripting vulnerability in asdoc generated documentation 2015-04-07 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in asdoc generated documentation ------------------------------------------------------------------------ Radjnies Bhansingh, March 2014 -------------------------------------------- [ more ] [ reply ] [SECURITY] [DSA 3057-2] libxml2 regression update 2015-04-07 Salvatore Bonaccorso (carnil debian org) CVE-2015-1773 Apache Flex reflected XSS vulnerability 2015-04-07 Tom Chiverton (tomc apache org) CVE-2015-1773 Apache Flex reflected XSS vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: All versions of Apache Flex before 4.14.1 Description: The asdoc tool produced JavaScript code that was vulnerable to a reflected XSS attack. A request with a specially c [ more ] [ reply ] [CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution 2015-04-07 Pedro Ribeiro (pedrib gmail com) Hi, I've found a reported an unrestricted file upload vulnerability in Novell ZenWorks Configuration Management which can be abused to achieve remote code execution. The full advisory text is below, and can also be obtained from my repo [1]. A Metasploit module has been submitted and should hopefu [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:201
http://www.mandriva.com/en/support/security/
___________________________________________________________
[ more ] [ reply ]