BugTraq Mode:
(Page 256 of 1747)  < Prev  251 252 253 254 255 256 257 258 259 260 261  Next >
Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-21
iedb team gmail com
#################################

# Iranian Exploit DataBase Forum

# http://iedb.ir/acc

# http://iedb.ir

#################################

# Exploit Title : Wordpress fgallery_plus Plugin Xss vulnerabilities

# Author : Iranian Exploit DataBase

# Discover

[ more ]  [ reply ]
[ANN] Struts 2.3.15.2 GA release available - security fix 2013-09-21
Lukasz Lenart (lukaszlenart apache org)
The Apache Struts group is pleased to announce that Struts 2.3.15.2 is
available as a "General Availability" release.The GA designation is
our highest quality grade.

Apache Struts 2 is an elegant, extensible framework for creating
enterprise-ready Java web applications. The framework is designed to

[ more ]  [ reply ]
Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-21
iedb team gmail com
#################################

# Iranian Exploit DataBase Forum

# http://iedb.ir/acc

# http://iedb.ir

#################################

# Exploit Title : Wordpress fgallery_plus Plugin Xss vulnerabilities

# Author : Iranian Exploit DataBase

# Discover

[ more ]  [ reply ]
[security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS) 2013-09-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03898171

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03898171
Version: 1

HPSBST02919 re

[ more ]  [ reply ]
APPLE-SA-2013-09-20-1 Apple TV 6.0 2013-09-20
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-20-1 Apple TV 6.0

Apple TV 6.0 is now available and addresses the following:

Apple TV
Available for: Apple TV 2nd generation and later
Impact: Viewing a maliciously crafted PDF file may lead to an
unexpected application termination

[ more ]  [ reply ]
Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability 2013-09-20
Vulnerability Lab (research vulnerability-lab com)
Title:
======
Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability

Date:
=====
2013-09-20

References:
===========
http://www.vulnerability-lab.com/get_content.php?id=1081

VL-ID:
=====
1081

Common Vulnerability Scoring System:
====================================
8.7

Introduction:
=======

[ more ]  [ reply ]
[iBliss Security Advisory] Blind SQL injection vulnerability in NOSpamPTI wordpress plugin 2013-09-20
Alexandro Silva (alexos ibliss com br)
[ NOSpamPTI Wordpress plugin Blind SQL Injection ]

[ Vendor product description ]

NOSpamPTI eliminates the spam in your comment box so strong and free,
developed from the idea of Nando Vieira <a href="http://bit.ly/d38gB8"
rel="nofollow">http://bit.ly/d38gB8</a>, but some themes do not support
cha

[ more ]  [ reply ]
Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability 2013-09-20
Vulnerability Lab (research vulnerability-lab com)
Title:
======
Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability

Date:
=====
2013-09-20

References:
===========
http://www.vulnerability-lab.com/get_content.php?id=984

PayPal Security UID: nj1071UU

VL-ID:
=====
984

Common Vulnerability Scoring System:
=================

[ more ]  [ reply ]
[security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities 2013-09-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03918632

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03918632
Version: 1

HPSBGN02925 re

[ more ]  [ reply ]
[SECURITY] [DSA 2761-1] puppet security update 2013-09-19
Raphael Geissert (geissert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2761-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Raphael Geissert
September 19, 2013

[ more ]  [ reply ]
[security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS) 2013-09-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03901176

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03901176
Version: 1

HPSBGN02923 re

[ more ]  [ reply ]
[ MDVSA-2013:239 ] wordpress 2013-09-19
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:239
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2013:238 ] wireshark 2013-09-19
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:238
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager 2013-09-19
noreply ptsecurity ru
-----------------------------------------------------------
(PT-2013-41) Positive Technologies Security Advisory

Arbitrary Code Execution in Ajax File and Image Manager
-----------------------------------------------------------

---[ Vulnerable software ]

Ajax File and Image Manager
Version: 1.1

[ more ]  [ reply ]
An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism 2013-09-19
RBS Research (research riskbasedsecurity com)
January 2013, we encountered the latest version of RealArcade
installer provided by GameHouse (a division of RealNetworks) on a
system during an audit. Considering its historical vulnerabilities and
recent reports about vulnerabilities in game clients/installers, we
decided to take a closer look at

[ more ]  [ reply ]
[slackware-security] glibc (SSA:2013-260-01) 2013-09-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] glibc (SSA:2013-260-01)

New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities 2013-09-18
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03839862

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03839862
Version: 3

HPSBMU02900 r

[ more ]  [ reply ]
Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability 2013-09-18
Vulnerability Lab (research vulnerability-lab com)
Title:
======
Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

Date:
=====
2013-09-17

References:
===========
http://www.vulnerability-lab.com/get_content.php?id=1080

VL-ID:
=====
1080

Common Vulnerability Scoring System:
=================================

[ more ]  [ reply ]
CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS 2013-09-18
J. Oquendo (joquendo e-fensive net)
Multiple Vulnerabilities in the Adtran Netvanta 7100
Impact: Multiple Local and Remote Compromise, XSS and
other Injection Attacks
Version(s): firmware prior to R10.5.3.HA
Author: J. Oquendo (joquendo at e-fensive dot net)

I. ADVISORY

Title: Multiple Vulnerabilities in Adtran Netvanta 7100
Date p

[ more ]  [ reply ]
APPLE-SA-2013-09-18-3 Xcode 5.0 2013-09-18
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-18-3 Xcode 5.0

Xcode 5.0 is now available and addresses the following:

Git
Available for: OS X Mountain Lion v10.8.4 or later
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive i

[ more ]  [ reply ]
[security bulletin] HPSBUX02927 SSRT101288 rev.1 - HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2013-09-18
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03922406

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03922406
Version: 1

HPSBUX02927 SS

[ more ]  [ reply ]
APPLE-SA-2013-09-18-2 iOS 7 2013-09-18
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-18-2 iOS 7

iOS 7 is now available and addresses the following:

Certificate Trust Policy
Available for: iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Root certificates have been updated
Descripti

[ more ]  [ reply ]
APPLE-SA-2013-09-18-1 iTunes 11.1 2013-09-18
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-18-1 iTunes 11.1

iTunes 11.1 is now available and addresses the following:

iTunes
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or a

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability 2013-09-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability

Advisory ID: cisco-sa-20130918-pc

Revision 1.0

For Public Release 2013 September 18 16:00 UTC

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-09-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager

Advisory ID: cisco-sa-20130918-dcnm

Revision 1.0

For Public Release 2013 September 18 16:00 UTC (GMT)

+--------------------------------------------------

[ more ]  [ reply ]
[security bulletin] HPSBMU02917 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Remote Command Execution and Privilege Escalation 2013-09-18
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03895050

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03895050
Version: 1

HPSBMU02917 r

[ more ]  [ reply ]
[SECURITY] [DSA 2760-1] chrony security update 2013-09-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2760-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 18, 2013

[ more ]  [ reply ]
[SECURITY] [DSA 2759-1] iceweasel security update 2013-09-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2759-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 18, 2013

[ more ]  [ reply ]
SQL Injection in vtiger CRM 2013-09-18
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23168
Product: vtiger CRM
Vendor: vtiger
Vulnerable Version(s): 5.4.0 and probably prior
Tested Version: 5.4.0
Vendor Notification: August 7, 2013
Vendor Patch: September 17, 2013
Public Disclosure: September 18, 2013
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2

[ more ]  [ reply ]
(Page 256 of 1747)  < Prev  251 252 253 254 255 256 257 258 259 260 261  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus