47153 matches found
Novell GroupWise code execution
Untrusted pointer dereference...
Netgear WNR1000 authentication bypass
It's possible to bypass authentication by adding ?.jpg to filenames...
SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance
SEC Consult Vulnerability Lab Security Advisory 20130403-0 ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed version: 3.7.8.2 impact: Critical CVE number:...
Cisco Video Surveillance Operations Manager security vulnerabilities
Directory traversal, crossite scripting...
Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001
Sense of Security - Security Advisory - SOS-13-001 Release Date. 03-Apr-2013 Last Update. - Vendor Notification Date. 03-Sep-2012 Product. Google Active Directory Sync GADS Tool Platform. Windows, Linux, Solaris Affected versions. All versions up to 3.1.3 Severity Rating. High Impact. Exposure of...
Sophos Web Protection Appliance multiple security vulnerabilities
Local files access, commands executions, crossite scripting...
[security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03699981 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03699981 Version: 1 HPSBPV02855...
Google Active Directory Sync Tool weak encryption
It's possible to decypher stored credentials...
HP ProCurve switches crossite request forgery
No description provided...
PostgreSQL multiple security vulnerabilities
DoS, weak PRNG, privilege escalation...
OpenFabrics ibutils symbolic links vulnerability
infiniband utility unsafe temporary files creation...
[USN-1790-1] Libav vulnerabilities
========================================================================== Ubuntu Security Notice USN-1790-1 April 04, 2013 libav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
libxml2 DoS
CPU exhaustion...
[USN-1779-1] GNOME Online Accounts vulnerability
========================================================================== Ubuntu Security Notice USN-1779-1 March 25, 2013 gnome-online-accounts vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
[SECURITY] [DSA 2652-1] libxml2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2652-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 24, 2013 http://www.debian.org/security/faq -...
Groovy Media Player buffer overflow Vulnerability
Title: ==== Groovy Media Player 3.2.0 Buffer Overflow Vulnerability Credit: ====== Name: Akshaysinh Vaghela Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ===== CVE-2013-2760 Reserved Date: ==== 21-03-2013 CL-ID: ==== CRD-2013-02 Vendor: ======...
[USN-1789-1] PostgreSQL vulnerabilities
========================================================================== Ubuntu Security Notice USN-1789-1 April 04, 2013 postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities ========================================================================== A security issue affects these...
Cisco Video Surveillance Operations Manager Multiple vulnerabilities
Exploit Title:Cisco Video Surveillance Operations Manager Multiple vulnerabilities Google Dork: intitle:"Video Surveillance Operations Manager Login" Date: 22 Feb 2013 reported to the vendor Exploit Author: Bassem | bassem.co Vendor Homepage: www.cisco.com Version: Version 6.3.2 Tested on: Versio...
SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow
SEC Consult Vulnerability Lab Security Advisory 20130313-0 ======================================================================= title: QlikView Desktop Client Integer Overflow product: QlikView Desktop Client vulnerable version: 11.00 SR2 fixed version: 11.20 SR1 CVE: impact: High homepage:...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Multiple memory corruptions, privilege escalations, weak permissions, DoS, protection bypass, crossite scripting...
[USN-1785-1] poppler vulnerabilities
========================================================================== Ubuntu Security Notice USN-1785-1 April 02, 2013 poppler vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities
High Risk Vulnerability in Virtual Access Monitor 2 April 2013 Ken Wolstencroft of NCC Group has discovered a High risk vulnerability in Virtual Access Monitor Impact: Multiple SQL Injection Vulnerabilities Versions affected: Virtual Access Monitor 3.10.17 and previous Details of the most recent...
poppler library multiple security vulnerabilities
Multiple vulnerabilities on PDF parsing...
Virtual Access Monitor SQL injection
Few different SQL injections...
[USN-1784-1] libxslt vulnerability
========================================================================== Ubuntu Security Notice USN-1784-1 April 02, 2013 libxslt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-1787-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1787-1 April 02, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
AST-2013-002: Denial of Service in HTTP server
Asterisk Project Security Advisory - AST-2013-002 Product Asterisk Summary Denial of Service in HTTP server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known None Reported On January 21, 2013 Reported By Christoph Hebeisen, TELUS...
Multiple XSS vulnerabilities in IBM Lotus Domino
Hello 3APA3A! I want to warn you about multiple Cross-Site Scripting vulnerabilities in IBM Lotus Domino. Last year I've announced multiple vulnerabilities in IBM software and after IBM fixed many of them, I've disclosed them. These are new vulnerabilities in Domino, which I've found at 03.05.201...
[security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03691745 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03691745 Version: 1 HPSBST02848...
IBM Lotus Domino crossite scripting
Crossite scripting and response splutting...
ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability
ESA-2013-018.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability EMC Identifier: ESA-2013-018 CVE Identifier: CVE-2013-0936 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected products: EMC Smarts Product...
ESA-2013-016: EMC Smarts Network Configuration Manager
ESA-2013-016.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-016: EMC Smarts Network Configuration Manager Improper Authentication Vulnerability EMC Identifier: ESA-2013-016 CVE Identifier: CVE-2013-0935 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected...
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header
Asterisk Project Security Advisory - AST-2013-001 Product Asterisk Summary Buffer Overflow Exploit Through SIP SDP Header Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known No Reported On 6 January, 2013 Reported By Ul...
AST-2013-003: Username disclosure in SIP channel driver
Asterisk Project Security Advisory - AST-2013-003 Product Asterisk Summary Username disclosure in SIP channel driver Nature of Advisory Unauthorized data disclosure Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On January 30, 2013 Reported By Walter...
[USN-1783-1] Bind vulnerability
========================================================================== Ubuntu Security Notice USN-1783-1 March 29, 2013 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
[slackware-security] dhcp (SSA:2013-086-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security dhcp SSA:2013-086-02 New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...
bind / dhcp DoS
Resources exhaustion on RDATA regular expression check...
Asterisk multiple security vulnerabilities
SIP information disclosure and buffer overflow, HTTP DoS...
HP XP P9000 information leakage
No description provided...
EMC Smarts security vulnerabilities
Crossite scripting in different applications, Smarts Network Configuration Manager authentication bypass...
[USN-1772-1] OpenStack Keystone vulnerability
========================================================================== Ubuntu Security Notice USN-1772-1 March 20, 2013 keystone vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[ MDVSA-2013:023 ] coreutils
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:023 http://www.mandriva.com/en/support/security/ Package : coreutils Date : March 13, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in...
APPLE-SA-2013-03-19-1 iOS 6.1.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-19-1 iOS 6.1.3 iOS 6.1.3 is now available and addresses the following: dyld Available for: iPhone 3GS and later, iPod touch 4th generation and later, iPad 2 and later Impact: A local user may be able to execute unsigned code...
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free MS13-021 / CVE-2013-0087 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and includ...
[USN-1759-1] Puppet vulnerabilities
========================================================================== Ubuntu Security Notice USN-1759-1 March 12, 2013 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation
Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Incorrect Default Permissions CWE-276 Date found: 2013-03-18 Date published: 2013-03-19 CVSSv2 Score: 7,2 AV:L/AC:L/Au:N/C:C/I:C/A...
[USN-1771-1] OpenStack Nova vulnerabilities
========================================================================== Ubuntu Security Notice USN-1771-1 March 20, 2013 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
APPLE-SA-2013-03-19-2 Apple TV 5.2.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-19-2 Apple TV 5.2.1 Apple TV 5.2.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: A local user may be able to execute unsigned code Description: A state management issue...
Photodex ProShow Producer multiple security vulnerabilities
Buffer overflow on .pxs / .pxt files parsing. Privilege escalations via weak executable permissions and incorrect DLL paths...
Apple iOS multiple security vulnerabilities
Protection bypass, privilege escalation, code execution...