|
|
Colapse all |
Post message
Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser 2015-03-18 Securify B.V. (lists securify nl) Command injection vulnerability in EMC Secure Remote Services Virtual Edition 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Command injection vulnerability in EMC Secure Remote Services Virtual Edition ------------------------------------------------------------------------ Han Sahin, November 2014 -------------------------------------------------- [ more ] [ reply ] Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014 ----------------------------------------------------------- [ more ] [ reply ] Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console ------------------------------------------------------------------------ Han Sahin, November 2014 --------------------------------------- [ more ] [ reply ] Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014 ---------------------------------------------------- [ more ] [ reply ] Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014 ------------------------------------------ [ more ] [ reply ] EMC M&R (Watch4net) data storage collector credentials are not properly protected 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ EMC M&R (Watch4net) data storage collector credentials are not properly protected ------------------------------------------------------------------------ Han Sahin, November 2014 ---------------------------------------------- [ more ] [ reply ] [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow 2015-03-18 CORE Advisories Team (advisories coresecurity com) 1. Advisory Information Title: Fortinet Single Sign On Stack Overflow Advisory ID: CORE-2015-0006 Advisory URL: http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-ove rflow Date published: 2015-03-18 Date of last update: 2015-03-18 Vendors contacted: Fortinet Release mode: Coordin [ more ] [ reply ] Cross-Site Scripting vulnerability in Websense Explorer report scheduler 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Explorer report scheduler ------------------------------------------------------------------------ Han Sahin, September 2014 ------------------------------------------------------ [ more ] [ reply ] Multiple Cross-Site Scripting vulnerabilities in Websense Reporting 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Websense Reporting ------------------------------------------------------------------------ Han Sahin, September 2014 ----------------------------------------------------------- [ more ] [ reply ] Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014 --------------------------------------------- [ more ] [ reply ] Missing access control on Websense Explorer web folder 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Missing access control on Websense Explorer web folder ------------------------------------------------------------------------ Han Sahin, September 2014 ------------------------------------------------------------------------ [ more ] [ reply ] Cross-Site Scripting vulnerability in Websense Data Security block page 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014 ------------------------------------------------------- [ more ] [ reply ] Source code disclosure of Websense Triton JSP files via double quote character 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Source code disclosure of Websense Triton JSP files via double quote character ------------------------------------------------------------------------ Han Sahin, September 2014 ------------------------------------------------ [ more ] [ reply ] Command injection vulnerability in network diagnostics tool of Websense Appliance Manager 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Command injection vulnerability in network diagnostics tool of Websense Appliance Manager ------------------------------------------------------------------------ Han Sahin, September 2014 ------------------------------------- [ more ] [ reply ] Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view ------------------------------------------------------------------------ Han Sahin, September 2014 ------------------------------- [ more ] [ reply ] Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting 2015-03-18 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014 ----------------------------------- [ more ] [ reply ] Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security 2015-03-17 Nicholas Lemonias. (lem nikolas googlemail com) (1 replies) -=[ Advanced Information Security Corporation ]=- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas (at) gmail (dot) com Audit: OpenSSL v1.0.2 (22nd of January, 2015 Release) ----- [ more ] [ reply ] Re: Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security 2015-03-18 Jann Horn (jann thejh net) APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 2015-03-17 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and address the following: WebKit Impact: Visiting a maliciously crafted website may lead to an unexpected application [ more ] [ reply ] [security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash, Remote Denial of Service (DoS), Code Execution, Disclosure of Information 2015-03-17 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04595951 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04595951 Version: 1 HPSBHF03293 re [ more ] [ reply ] [security bulletin] HPSBST03298 rev.1 - HP XP Service Processor Software for Windows, Multiple Vulnerabilities 2015-03-17 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04600552 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04600552 Version: 1 HPSBST03298 re [ more ] [ reply ] [SECURITY] [DSA 3191-1] gnutls26 security update 2015-03-15 Salvatore Bonaccorso (carnil debian org) Defense in depth -- the Microsoft way (part 31): UAC is for binary planting 2015-03-15 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the exploit shown here should be well-known to every Windows administrator, developer or QA engineer. In Microsoft's own terms it doesn't qualify as security vulnerability since UAC is a security feature, not a security boundary. Preconditions: * a user running as "protected Administrat [ more ] [ reply ] |
|
Privacy Statement |
Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser
------------------------------------------------------------------------
Han Sahin, November 2014
----------------------------------------------------------------
[ more ] [ reply ]