BugTraq Mode:
(Page 166 of 1748)  < Prev  161 162 163 164 165 166 167 168 169 170 171  Next >
Cisco Security Advisory: Cisco Security Advisory Cisco WebEx Meetings Server Command Injection Vulnerability 2015-02-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory Cisco WebEx Meetings Server Command Injection Vulnerability

Advisory ID: cisco-sa-20150204-wbx

Revision 1.0
For Public Release 2015 February 4 16:00 UTC (GMT)

- ----------------------------------------------------------------

[ more ]  [ reply ]
Bitdefender Internet Security - 2015-02-04
jerold v00d00sec com
There seems to be some security issues with the way Bitdefender Internet Security 2015 software (Build 18.20.0.1429) interacts with its myBitdefender online portal.

Issues:

1) Possible partial information disclosure privacy issue of users' myBitdefender account credentials when using the SAFEGO fu

[ more ]  [ reply ]
ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities 2015-02-04
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities

EMC Identifier: ESA-2015-010

CVE Identifier: CVE-2015-0517, CVE-2015-0518

Affected products:

? EMC Documentum D2 3.1 and all patch versions

? EMC Documentum D2 3.1 SP1 and all patch

[ more ]  [ reply ]
ESA-2014-158: RSA BSAFE® Micro Edition Suite, SSL-J and SSL-C Triple Handshake Vulnerability 2015-02-04
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-158: RSA BSAFE® Micro Edition Suite, SSL-J and SSL-C Triple Handshake Vulnerability

EMC Identifier: ESA-2014-158

CVE Identifier: CVE-2014-4630

Severity Rating: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affect

[ more ]  [ reply ]
Re: [FD] Major Internet Explorer Vulnerability - NOT Patched 2015-02-04
David Leo (david leo deusen co uk)
Microsoft was notified on Oct 13, 2014.

Joey thank you very much for your words.

Kind Regards,

On 2015/2/3 4:53, Joey Fowler wrote:
> Hi David,
>
> "nice" is an understatement here.
>
> I've done some testing with this one and, while there /are/ quirks, it most definitely works. It even bypasses

[ more ]  [ reply ]
[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5 2015-02-04
sven bsddaemon org
[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5

----------------------------------------------------------------

Product Information:

Software: Fork CMS

Tested Version: 3.8.5, released on Wednesday 14 January 2015

Vulnerability Type: SQL Injection (CWE-89)

Download link to tested ver

[ more ]  [ reply ]
[SECURITY] [DSA 3153-1] krb5 security update 2015-02-03
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3153-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 03, 2015

[ more ]  [ reply ]
MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token 2015-02-03
Greg Hudson (ghudson mit edu)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MITKRB5-SA-2015-001

MIT krb5 Security Advisory 2015-001
Original release: 2015-02-03
Last update: 2015-02-03

Topic: Vulnerabilities in kadmind, libgssrpc, gss_process_context_token
VU#540092

CVE-2014-5352: gss_process_context_token() incorrectly free

[ more ]  [ reply ]
CVE-2015-1437 XSS In ASUS Router. 2015-02-03
kingkaustubh me com (2 replies)
#####################################
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router
Author: Kaustubh G. Padwad
Product: ASUS Router RT-N10 Plus
Firmware: 2.1.1.1.70
Severity: HIGH
Auth: Not requierd
CVE ID: CVE-2015-1437
# Description:
Vulnerable Parameter: flag=
# Vulne

[ more ]  [ reply ]
Re: CVE-2015-1437 XSS In ASUS Router. 2015-02-04
Michael Meyer (micha komma-nix de) (1 replies)
Re: CVE-2015-1437 XSS In ASUS Router. 2015-02-04
Darko Vršič (darko varnost si)
Re: CVE-2015-1437 XSS In ASUS Router. 2015-02-04
Henri Salo (henri nerv fi)
[SECURITY] [DSA 3152-1] unzip security update 2015-02-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3152-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 03, 2015

[ more ]  [ reply ]
CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability 2015-02-03
alex_haynes outlook com
Exploit Title: Landesk Management Suite Cross-Site scripting vulnerabilityProduct: Landesk Management Suite

Vulnerable Versions: 9.5 (possible previous versions), 9.6
Tested Version: 9.5
Advisory Publication: Feb 02, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-536

[ more ]  [ reply ]
[SECURITY] [DSA 3151-1] python-django security update 2015-02-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3151-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 03, 2015

[ more ]  [ reply ]
articleFR CMS 3.0.5 - Arbitrary File Upload 2015-02-03
Tien Tran Dinh (tien d tran itas vn)
#Vulnerability title: articleFR CMS 3.0.5 - Arbitrary File Upload
#Product: articleFR CMS
#Vendor: http://freereprintables.com
#Affected version: version 3.0.5
#Fixed version: N/A
#Author: Tran Dinh Tien (tien.d.tran (at) itas (dot) vn [email concealed]) & ITAS
Team (w

[ more ]  [ reply ]
articleFR CMS 3.0.5 - SQL injection vulnerability 2015-02-03
Tien Tran Dinh (tien d tran itas vn)
#Vulnerability title: articleFR CMS 3.0.5 - SQL injection vulnerability
#Product: articleFR
#Vendor: http://freereprintables.com
#Affected version: version 3.0.5
#Download link: https://github.com/articlefr/articleFR
#Fixed version: N/A
#CVE ID: CVE-2015-1364
#Author: Tran Dinh Tien (tien.d.tran@ita

[ more ]  [ reply ]
articleFR CMS 3.0.5 - XSS vulnerability 2015-02-03
Tien Tran Dinh (tien d tran itas vn)
#Vulnerability title: articleFR CMS 3.0.5 - XSS vulnerability
#Product: articleFR
#Vendor: http://freereprintables.com
#Affected version: version 3.0.5
#Download link: https://github.com/articlefr/articleFR
#Fixed version: N/A
#CVE ID: CVE-2015-1363
#Author: Tran Dinh Tien (tien.d.tran (at) itas (dot) vn [email concealed]) & IT

[ more ]  [ reply ]
[CVE-2014-9331] ManageEngine Desktop Central CSRF vulnerability to add an Admin user advisory 2015-02-02
mohamed idris helpag com
#####################################
Title:- Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Desktop Central 9 Allows adding an Admin User
Author: Mohamed Idris - Help AG Middle East
Vendor: ZOHO Corp
Advisory ID: hag20141205
Product: ManageEngine Desktop Central 9
Version: All vers

[ more ]  [ reply ]
[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04539443

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04539443
Version: 3

HPSBMU03232 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03237 rev.1 - HP Insight Remote Support v7 Clients running SSLv3, Remote Disclosure of Information 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04553458

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04553458
Version: 1

HPSBGN03237 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03247 rev.1 - HP IceWall SSO Dfw using glibc, Remote Execution of Abitrary Code 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04560440

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04560440
Version: 1

HPSBGN03247 re

[ more ]  [ reply ]
[SECURITY] [DSA 3149-1] condor security update 2015-02-02
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3149-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
February 02, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04553906

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04553906
Version: 1

HPSBMU03239 re

[ more ]  [ reply ]
[SECURITY] [DSA 3150-1] vlc security update 2015-02-02
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3150-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
February 02, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution 2015-02-02
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04552143

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04552143
Version: 1

HPSBMU03236 r

[ more ]  [ reply ]
Fork CMS 3.8.3 - XSS Vulnerability 2015-02-02
ITAS Team (itas team itas vn)
# Exploit Title: Fork CMS 3.8.3 - XSS Vulnerability
# Vendor: http://www.fork-cms.com
# Download link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released
# CVE ID: CVE-2014-9470
# Vulnerability: Cross-Site Scripting
# Affected version: Fork 3.8.3
# Fixed version: Fork 3.8

[ more ]  [ reply ]
Microweber 0.95 - SQL Injection Vulnerability 2015-02-02
ITAS Team (itas team itas vn)
# Exploit Title: Microweber 0.95 - SQL Injection Vulnerability
# Vendor: https://microweber.com/
# Download link: https://microweber.com/download
(https://github.com/microweber/microweber)
# CVE ID: CVE-2014-9464
# Vulnerability: SQL Injection
# Affected version: Version 0.95 b

[ more ]  [ reply ]
Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities 2015-02-02
ITAS Team (itas team itas vn)
# Exploit Title: Sefrengo CMS v1.6.1 - Multiple SQL Injection
Vulnerabilities
# Vendor: http://www.sefrengo.org/
# Download link: http://forum.sefrengo.org/index.php?showtopic=3368
(https://github.com/sefrengo-cms/sefrengo-1.x/tree/22c0d16bfd715631ed317
cc99
0785cce

[ more ]  [ reply ]
(Page 166 of 1748)  < Prev  161 162 163 164 165 166 167 168 169 170 171  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus