419 matches found
Vivotek IP Camera Buffer Overflow / Injection Vulnerabilities
Core Security Technologies Advisory - Vivotek IP Cameras suffer from information leak, buffer overflow, authentication, path traversal, and command injection vulnerabilities. Vulnerable are Vivotek PT7135 IP camera with firmware 0300a, Vivotek PT7135 IP camera with firmware 0400a, and possibly...
Vivotek IP Camera Buffer Overflow / Disclosure / Injection
Core Security - Corelabs Advisory http://corelabs.coresecurity.com Vivotek IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Vivotek IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0301 Advisory URL:...
CVE-2013-1413
COMPASS SECURITY ADVISORY http://www.csnc.ch/ CVE ID : CVE-2013-1413 CSNC ID: CSNC-2013-003 Product: i-doit Vendor: synetics Gesellschaft fьr Systemintegration mbH Subject: Cross-site Scripting - XSS Risk: High Effect: Remotely exploitable Author: Stephan Rickauer [email protected] Date:...
Oracle Application Express (Apex) Unspecified Issues (pre 2.2.1)
There are unspecified vulnerabilities in versions prior to version 2.2.1 of the Oracle Application Express component of the Oracle Database. The updated version of Apex contains '35 new security fixes for Oracle Application Express, 25 of which may be remotely exploitable without authentication'...
Rockwell Automation FactoryTalk and RSLinx Vulnerabilities
OVERVIEW --------- Begin Update A Part 1 of 4 -------- This updated advisory is a follow-up to the original advisory titled ICSA-13-095-02 Rockwell Automation FactoryTalk and RSLinx Vulnerabilities that was published April 5, 2013, on the ICS-CERT Web page. --------- End Update A Part 1 of 4...
exim: overflow in DKIM handling fixed (critical)
This update fixes a remotely exploitable overflow in DKIM handling...
[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability
------------------------------- INTREST SEC | Security Advisory ------------------------------- Product: Confluence Wiki Vendor: Atlassian www.atlassian.com Vulnerability Type: Cross Site Scripting XSS Risk Level: High classified by vendor Discovered by: INTREST SEC - NID Public Diclosure:...
MitM-vulnerability in Palo Alto Networks GlobalProtect
--------------------------------------------------------------------- SySS-Advisory: MitM-vulnerability in Palo Alto Networks GlobalProtect --------------------------------------------------------------------- Problem discovered: July 12th 2012 Vendor contacted: July 13th 2012 Advisory published:...
Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20120904)
These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page th...
Slackware Advisory SSA:2003-260-02 Sendmail vulnerabilities fixed
The remote host is missing an update as announced via advisory SSA:2003-260-02. OpenVAS Vulnerability Test $Id: esoftslkssa200326002.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Fedora 15 : asterisk-1.8.12.2-1.fc15 (2012-8685)
The Asterisk Development Team has announced the release of Asterisk 1.8.12.2. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 1.8.12.2 resolves an issue reported by the community and would have not been possible...
CSNC-2012-004 Generic XSS in AdNovum nevisProxy
COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: NevisProxy Vendor: AdNovum CVD ID: CSNC-2012-004 Subject: Cross-site scripting XSS within 302 Redirections Risk: High Effect: Remotely exploitable Author: Alexandre Herzog [email protected] Date: 02/23/2012...
SAP NetWeaver Dispatcher - Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Netweaver Dispatcher Multiple Vulnerabilities 1. Advisory Information Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL:...
PHP Group Set to Release Another Patch for CVE-2012-1823 Flaw
The PHP Group on Tuesday is planning to release another new version of the scripting language that’s designed to address, again, the remotely exploitable flaw that came to light last week. That bug, which requires no authentication, was supposed to have been fixed in new releases pushed out on Ma...
PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug
UPDATE–The developers of PHP have released new versions of the scripting language to fix a remotely exploitable vulnerability announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP...
Oracle Fixes 78 Flaws, Including Remotely Exploitable DB Server Bug
Oracle on Tuesday unleashed its quarterly critical patch update, which included just two fixes for vulnerabilities in its Oracle Database Server, one of the lower totals seen from the company in recent years. There are a total of 78 patches for a wide variety of Oracle products available today,...
spamdyke -- Buffer Overflow Vulnerabilities
Secunia reports: Fixed a number of very serious errors in the usage of snprintf/vsnprintf. The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that could be printed if the buffer were of infinite size...
Apple OS X Sandbox Predefined Profiles Bypass
No description provided by source. Apple OS X Sandbox Predefined Profiles Bypass 1. Advisory Information Title: Apple OS X Sandbox Predefined Profiles Bypass Advisory ID: CORE-2011-0919 Advisory URL: http://www.coresecurity.com/content/apple-osx-sandbox-bypass Date published: 2011-11-10 Date of...
Apple OS X Sandbox Predefined Profiles Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Apple OS X Sandbox Predefined Profiles Bypass 1. Advisory Information Title: Apple OS X Sandbox Predefined Profiles Bypass Advisory ID: CORE-2011-0919 Advisory URL:...
Microsoft Publisher 2007 Pubconv.dll Memory Corruption
Core Security Technologies - Corelabs Advisory Microsoft Publisher 2007 Pubconv.dll Memory Corruption 1. Advisory Information Title: Microsoft Publisher 2007 Pubconv.dll Memory Corruption Advisory ID: CORE-2011-0106 Advisory URL:...