377 matches found
The vulnerability of the messaging system between components of ArchestrA Wonderware ArchestrA Logger is caused by buffer overflows in the stack, allowing an attacker to execute arbitrary code.
The vulnerability of the messaging system between components in ArchestrA Wonderware ArchestrA Logger arises due to buffer overflow on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a high-priority account...
SAP NetWeaver AS JAVA 7.4 Cross Site Scripting
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: http://SAP.com Bugs: Cross Site Scripting XSS Sent: 10.08.2015 Reported: 10.08.2015 Vendor response: 11.08.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2220571 Author: Vahagn...
Cisco IOS Software High Priority Queue Denial of Service Vulnerability
A vulnerability in the packet driver code of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a reload of the affected device, resulting in a denial of service DoS condition. The vulnerability is due to how the packet driver code handles packets that belong to protocols...
CVE-2013-4628
The firewall module on the Huawei Quidway Service Process Unit SPU board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone...
Google Releases Chrome 22 and Pays Out Nearly $30K in Rewards
Google has released Chrome 22, a major new version of its browser that includes a huge number of security fixes, many of them high-priority vulnerabilities. The company also handed out nearly $30,000 in rewards to security researchers, more than half of it to Sergey Glazunov, who discovered two...
Google Fixes Six High-Risk Bugs in Chrome, Pays Out $6k in Bounties
Google has fixed seven security vulnerabilities in its Chrome browser, including six high-priority flaws. The new release of Chrome is version 12.0.742.112 and also includes an updated version of Flash. The latest version of Chrome is the third major update from the company since just the end of...
Google Patches WebKit Bug in Chrome
Google has patched one of the vulnerabilities that a team of researchers used last week to win one portion of the Pwn2Own contest at CanSecWest. The bug is in the WebKit rendering engine. WebKit is the rendering engine that is at the heart of the Chrome browser, as well as Apple’s Safari browser...
Chrome 9 Security Update
Following last week’s release of Chrome 9 and a rather brazen $20,000 offering to anyone who can hack their browser at CanSecWest, Google released a stable channel update addressing some security flaws and containing a new version of Flash Player 10.2. Of the vulnerabilities, three were high...
Google Releases Chrome 6 With 14 Security Updates
Google has released a new version of its Chrome browser and has included more than a dozen security fixes in the update. The new version, 6.0.472.53, was released two years to the day after the company pushed out the first version of Chrome. Google Chrome 6 includes patches for 14 total security...
Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability 13/04/2010 Priority: High Type: Remote Impact: Remote code execution CVE id: CVE-2010-0478 CVSSv2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C - ---------- 1. Software...
Microsoft Patches Critical IE, Windows Vulnerabilities
Microsoft today shipped six bulletins with patches for a total of 12 documented security vulnerabilities in a wide range of widely deployed software products. Three of the six bulletins are rated “critical,” Microsoft’s highest severity rating. The most serious issues affect the company’s Interne...
Fedora 10 : python-fedora-0.3.9-1.fc10 (2009-1518)
This release includes a bugfix to the fedora.client.AccountSystem.verifypassword method. verifypassword was incorrectly returning True username, password combination was correct for any input. Although no known code is using this method to verify a user's account with the Fedora Account System, t...
Fedora Core 9 FEDORA-2009-1519 (python-fedora)
The remote host is missing an update to python-fedora announced via advisory FEDORA-2009-1519. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
[ SCL-2005.001 ] - WebCalendar: SQL Injection from encoded cookie
=====BEGIN-SCL-REPORT===== Scovetta Labs Security Advisory Title: WebCalendar: SQL Injection from encoded cookie Status: Public Release Date: 2005-02-16 Package: WebCalendar Vendor: k5n.us - http://www.k5n.us/webcalendar.php Priority: High Vulnerability: SQL Injection Affected Versions:...
Concerning the LDAP Enabled Netscape FTP Server
Over the last few days a great number of people have mailed us in regards to the "Netscape Professional Services FTP Server Vulnerability" http://www.securityfocus.com/bid/1375 discovered by Michal Zalewski [email protected] and posted to the Bugtraq mailing list on Wed, 21 Jun 2000. The following...
linux.tos.field.high.priority.patch
This patch sets the tos field for IP headers to high priority and optimizes the IP connection for throughput, which has real effects on cisco routers. Since it is bad policy and if hundrets of lamers use it I wont like it. But I even more dislike hidden information, I'll let you decide wether to...
Bing Bar HPM 4-5
Bing Bar CPN 4-5...