313 matches found
[SECURITY] Fedora 27 Update: bugzilla-5.0.4-1.fc27
Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines local or remote, Bugzilla will not work - see the Release Notes for details...
[SECURITY] Fedora 26 Update: bugzilla-5.0.4-1.fc26
Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines local or remote, Bugzilla will not work - see the Release Notes for details...
CVE-2017-3883
A vulnerability in the authentication, authorization, and accounting AAA implementation of Cisco Firepower Extensible Operating System FXOS and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA process...
Microsoft Kept Secret That Its Bug-Tracking Database Was Hacked In 2013
It was not just Yahoo among "Fortune 500" companies who tried to keep a major data breach incident secret. Reportedly, Microsoft had also suffered a data breach four and a half years ago in 2013, when a "highly sophisticated hacking group" breached its bug-reporting and patch-tracking database, b...
CVE-2017-7557
dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack...
MantisBT password reset
MantisBT before 1.3.10, 2.2.4, and 2.3.1 are vulnerable to unauthenticated password reset. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MantisBT password reset', 'Description' = %q MantisBT...
Best Practical Solutions Request Tracker Information Disclosure Vulnerability
Best Practical Solutions Request Tracker RT is an enterprise-grade, open source issue tracking system from Best Practical Solutions in the United States. The system has Bug tracking , customer service , customized workflow and other features . A security vulnerability exists in Best Practical...
CVE-2017-5529
JasperReports library components contain an information disclosure vulnerability. This vulnerability includes the theoretical disclosure of any accessible information from the host file system. Affects TIBCO JasperReports Library Community Edition versions 6.4.0 and below, TIBCO JasperReports...
CVE-2017-9373
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
Thanks to the researchers 2017
Research Thanks to the researchers 2017 Share March 3rd, 2017 We would like to thank the researchers who have offered us their assistance throughout the year, to help enhance the security of our websites. Special mention goes to those who discover and report security issues: Johnny Nipper Mehmet...
TestingWhiz - Codeless Software Testing Automation Tool
TestingWhiz is a test automation tool for web, database, cloud, mobile and web services/API testing from Cygnet Infotech. It has a codeless architecture based on FAST Automation Engine with 290+ readily available test commands that provide easy, intuitive and fast automation solution without...
Debian DLA-512-1 : mantis security update
It was discovered that there was an XSS vulnerability in custom field management in mantis, a web-based bug tracking system. For Debian 7 'Wheezy', this issue has been fixed in mantis version 1.2.18-1+deb7u1. We recommend that you upgrade your mantis packages. NOTE: Tenable Network Security has...
[SECURITY] [DLA 512-1] mantis security update
Package : mantis Version : 1.2.18-1+deb7u1 CVE ID : CVE-2016-5364 It was discovered that there was an XSS vulnerability in custom field management in mantis, a web-based bug tracking system. For Debian 7 "Wheezy", this issue has been fixed in mantis version 1.2.18-1+deb7u1. We recommend that you...
[SECURITY] Fedora 22 Update: bugzilla-4.4.12-1.fc22
Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines local or remote, Bugzilla will not work - see the Release Notes for details...
[SECURITY] Fedora 24 Update: bugzilla-5.0.3-1.fc24
Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines local or remote, Bugzilla will not work - see the Release Notes for details...
Monstra CMS 3.0.3 - Multiple Vulnerabilities
Monstra CMS 3.0.3 - Multiple Vulnerabilities Exploit Title: Monstra CMS 3.0.3 - Privilege Escalation / Remote Password Change Google Dork: intext:"Powered by Monstra"/users/registration Date: 2016-03-28 Exploit Author: Sarim Kiani Vendor Homepage: http://monstra.org Software Link:...
Nearly Two Years After Heartbleed OpenSSL Operating With Renewed Vision
SAN FRANCISCO—Experts have stressed this week that DROWN is no Heartbleed, but at some point in the not too distant future, there’s going to be another major Internet vulnerability and developers at OpenSSL claim they’re battle tested. Rich Salz and Tim Hudson, members of OpenSSL’s development...
[SECURITY] Fedora 22 Update: bugzilla-4.4.11-1.fc22
Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines local or remote, Bugzilla will not work - see the Release Notes for details...
[SECURITY] Fedora 23 Update: bugzilla-4.4.11-1.fc23
Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines local or remote, Bugzilla will not work - see the Release Notes for details...
Ebay Magento Commerce Cross Site Scripting
Document Title: =============== Magento Bug Bounty 22 - Profile Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1636 Magento Security ID: APPSEC-1121 Release Date: ============= 2015-11-06 Vulnerability Laboratory ID VL-ID:...