|
|
Colapse all |
Post message
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16 Vulnerability Lab (research vulnerability-lab com) File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1403 Release Date: ============= 2015-01-15 Vulnerability Laboratory ID (VL-ID): ================================= [ more ] [ reply ] Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16 admin (at) evolution-sec (dot) com [email concealed] (admin evolution-sec com) Document Title: =============== Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability References (Source): ==================== http://vulnerability-lab.com/get_content.php?id=1356 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID (VL-ID): =============================== [ more ] [ reply ] WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1406 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID (VL-ID): =========================== [ more ] [ reply ] VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== VeryPhoto v3.0 iOS - Command Injection Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1401 Release Date: ============= 2015-01-13 Vulnerability Laboratory ID (VL-ID): ================================== [ more ] [ reply ] CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== CatBot v0.4.2 (PHP) - SQL Injection Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1408 Release Date: ============= 2015-01-15 Vulnerability Laboratory ID (VL-ID): ==================================== [ more ] [ reply ] Alienvault OSSIM/USM Command Execution Vulnerability 2015-01-15 Peter Lapp (lappsec gmail com) Details ======= Product: Alienvault OSSIM/USM Vulnerability: Command Execution Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed] CVE: None assigned Vulnerable Versions: <=4.14.X Fixed Version: 4.15.0 Summary ======= Alienvault OSSIM is an open source SIEM solution designed to collect and correlate log data. [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14 FreeBSD Security Advisories (security-advisories freebsd org) Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14 High-Tech Bridge Security Research (advisory htbridge com) Advisory ID: HTB23244 Product: Simple Security WordPress Plugin Vendor: MyWebsiteAdvisor Vulnerable Version(s): 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 17, 2014 [without technical details] Vendor Notification: December 17, 2014 Public Disclosure: January 14, [ more ] [ reply ] MS14-080 CVE-2014-6365 Code 2015-01-14 DiéyÇ? (dieyu dieyu org) The attached file is exactly the code that I sent to Microsoft Security Response Center "MSRC" (Screenshot pictures are deleted) Technical details were said in this post: MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" (So I don't repeat here) The attached file is 4124 bytes. The attac [ more ] [ reply ] AusCERT2015 Call for Papers: closes 18th January 2015-01-14 AusCERT (auscert auscert org au) -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 AusCERT2015 Call for Presentations and Tutorials deadline extended by one week: closes 18th January By popular request we are extending the deadline for submission to the AusCERT2015 Call for Presentations and Tutorials by one week only. The Cal [ more ] [ reply ] [security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-01-13 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04540692 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04540692 Version: 1 HPSBGN03233 r [ more ] [ reply ] [SECURITY] [DSA 3123-2] binutils-mingw-w64 security update 2015-01-13 Thijs Kinkhorst (thijs debian org) Sitefinity Enterprise v7.2.53 - Persistent Vulnerability 2015-01-13 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1400 Release Date: ============= 2015-01-12 Vulnerability Laboratory ID (VL-ID): ============================= [ more ] [ reply ] [security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information 2015-01-13 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04537915 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04537915 Version: 1 HPSBMU03230 re [ more ] [ reply ] SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi 2015-01-13 SEC Consult Vulnerability Lab (research sec-consult com) SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower 2015-01-13 SEC Consult Vulnerability Lab (research sec-consult com) CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13 Gordon Sim (gsim apache org) SEC Consult SA-20150113-0 :: Multiple critical vulnerabilities in all snom desktop IP phones 2015-01-13 SEC Consult Vulnerability Lab (research sec-consult com) MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13 DiéyÇ? (dieyu dieyu org) Origin: Visit https://technet.microsoft.com/library/security/ms14-080 Go to "Acknowledgments" part and search for "CVE-2014-6365" It says "Dieyu" - that's me. Technical Details: "Internet Explorer XSS Filter Bypass Vulnerability" is done by... 1. Inject "a href" link into target page. (Not script, [ more ] [ reply ] [security bulletin] HPSBOV03228 rev.1 - HP OpenVMS running Bash Shell, Remote Code Execution 2015-01-12 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04533737 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04533737 Version: 1 HPSBOV03228 re [ more ] [ reply ] [Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-13 Peter Lapp (lappsec gmail com) Edit: Corrected the date in the timeline from 01/12/14 to 01/12/15. Details ======= Product: F5 BIG-IP Application Security Manager (ASM) Vulnerability: Cross Site Scripting Author: Peter Lapp, lappsec (at) gmail (dot) com [email concealed] CVE: None assigned Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5 [ more ] [ reply ] |
|
Privacy Statement |
===============
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1381
Facebook Security ID: 221374210
Vulnerability Magazine: http://magazine.vulnerability-db.com/?q=articles/20
[ more ] [ reply ]