47153 matches found
automake race conditions
No description provided...
PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities
Title: ====== PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Date: ===== 2012-06-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=616 VL-ID: ===== 616 Common Vulnerability Scoring System: ==================================== 2.3 Introduction: =============...
EMC RSA Authentication Manager multiple security vulnerabilities
Crossite scripting, open redirection...
[SECURITY] [DSA 2512-1] mono security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2512-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 12, 2012 http://www.debian.org/security/faq -...
security advisory: AirDroid 1.0.4 beta
Dear Sir or Madam, we'd like to publish the following advisory. Thanks in advance. TC-SA-2012-02: Several weaknesses in implementation of security features in AirDroid 1.0.4 beta Published: 2012/07/12 Advisory-Version: 1.0 Affected products: AirDroid 1.0.4 beta References: TC-SA-2012-02...
Cross site scripting vulnerability found in GLPI 0.83.2
Hi, This is regarding XSS Vulnerability in GLPI 0.83.2. The following is the disclosure document: Title: Cross site scripting vulnerability found in GLPI 0.83.2 ------------------------------------------------------------------------...
Multiple CSRF Vulnerabilities in [GLPI Version 0.83.2]
Hi, This is regarding multiple CSRF Cross Site Request Forgery Vulnerabilities in GLPI Version 0.83.2. The following is the disclosure document: Title: Multiple CSRF Vulnerabilities in GLPI Version 0.83.2 ------------------------------------------------------------------------...
ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability EMC Identifier: ESA-2012-027 CVE Identifier: CVE-2012-2282 Severity Rating: CVSS v2 Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C Affected products: EMC Celerra Network Server...
EMC Celerra/VNX/VNXe unauthorized access
NFS access restriction vulnerabilities...
Rhythmbox code execution
No description provided...
Cisco TelePresence applications multiple security vulnerabilities
DoS, commands injection, code execution...
AirDroid multiple security vulnerabilities
Multiple cryptography weaknesses...
TPLink Gateway multiple security vulnerabilities
Multiple vulnerabilities in Web interface...
[ MDVSA-2012:103 ] automake
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:103 http://www.mandriva.com/security/ Package : automake Date : July 12, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in automake: A race...
ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-121 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities
Title: ====== Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Date: ===== 2012-06-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=526 VL-ID: ===== 526 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Die...
ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-119 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
HP Operations Agent code execution
coda.exe buffer overflow on HTTP GET request processing...
[USN-1503-1] Rhythmbox vulnerability
========================================================================== Ubuntu Security Notice USN-1503-1 July 11, 2012 rhythmbox vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-123 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
[SECURITY] [DSA 2510-1] extplorer security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2510-1 [email protected] http://www.debian.org/security/ Luciano Bello July 12, 2012 http://www.debian.org/security/faq -...
ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-125 July 12, 2012 - -- CVE ID: CVE-2012-0666 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Appl...
ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-114 July 12, 2012 - -- CVE ID: CVE-2012-2019 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-116 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-120 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-115 July 12, 2012 - -- CVE ID: CVE-2012-2020 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-117 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: E...
[USN-1506-1] Puppet vulnerabilities
========================================================================== Ubuntu Security Notice USN-1506-1 July 12, 2012 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities
Title: ====== Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities Date: ===== 2012-06-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=617 VL-ID: ===== 617 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...
Multiple Cross-Site Scripting (XSS) in Kajona
Advisory ID: HTB23097 Product: Kajona Vendor: www.kajona.de Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Vendor Notification: 20 June 2012 Vendor Patch: 26 June 2012 Public Disclosure: 11 July 2012 Vulnerability Type: Cross-Site Scripting XSS CVE Reference: CVE-2012-3805...
ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-118 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...
TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities
Title: ====== TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Date: ===== 2012-06-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=613 VL-ID: ===== 613 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: =============...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-023: RSA® Authentication Manager Multiple Vulnerabilities EMC Identifier: ESA-2012-023 CVE Identifier: CVE-2012-2278, CVE-2012-2279, CVE-2012-2280 Severity Rating: See below for scores for individual issues Affected Products: RSA Authenticati...
[ MDVSA-2012:106 ] libexif
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:106 http://www.mandriva.com/security/ Package : libexif Date : July 13, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in libexif:...
[ MDVSA-2012:104 ] openjpeg
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:104 http://www.mandriva.com/security/ Package : openjpeg Date : July 12, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in openjpeg: OpenJPEG allocated...
ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-122 July 12, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: EM...
[security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03397769 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03397769 Version: 1 HPSBMU02796...
[SECURITY] [DSA 2509-1] pidgin security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2509-1 [email protected] http://www.debian.org/security/ Luciano Bello July 08, 2012 http://www.debian.org/security/faq -...
Gharine Cross Site Scripting Vulnerabilitiy
Exploit Title : Gharine Cross Site Scripting Vulnerabilitiy Author : Iranian Security & Research Team Discovered By : zilli0o0n Home : sec-lab.ir Contact : research at sec-lab dot ir Software Link : http://www.gharine.com/ Security Risk : high DorK : "ШСЗНн УЗнК: ЗСКИЗШ ЮСнде"...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
libpurple / Pidgin code execution
Code execution in MXit protocol...
Checkpoint Arba protection bypass
It's possible to bypass sandbox protection...
Joomla Board All Version Sql Vulnerability
Exploit Title : Joomla Board All Version Sql Vulnerability Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 22/1/2012 - 13:30 Software Link : www.joomla.org Security Risk : High...
PHP NUKE ALL VERSION MULTI VULNERABILITY
Exploit Title : PHP NUKE ALL VERSION MULTI VULNERABILITY Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 23/1/2012 - 19:30 Software Link : www.phpnuke.ir Security Risk : High...
Flogr V1.7 Xss Vulnerability
Exploit Title : Flogr V1.7 Xss Vulnerability Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 23/1/2012 - 16:00 Source : www.flogr.googlecode.com...
Asterisk security vulnerabilities
Few DoS conditions...
AST-2012-010: Possible resource leak on uncompleted re-invite transactions
Asterisk Project Security Advisory - AST-2012-010 Product Asterisk Summary Possible resource leak on uncompleted re-invite transactions Nature of Advisory Denial of Service Susceptibility Remote authenticated sessions Severity Minor Exploits Known No Reported On June 13, 2012 Reported By Steve...
Checkpoint Abra - Vulnerabilities
Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V., Komarov A. Group-IB Summary: Check Point Abra allow...
Arasism Remote Command Upload Vulnerability
Exploit Title : Arasism Remote Command Upload Vulnerability Author : Iranian Security & Research Team Discovered By : Ehram.shahmohamadi Home : sec-lab.ir Contact : research at sec-lab dot ir Portal Link : www.Arasism.Com Security Risk : High DorK : "Powered by Arasism.com"...