47153 matches found
GDK-PixBuf security vulnerabilities
Buffer overflow, integer overflow, on graphic formats processing...
D-Link DCS-2103 security vulnerabilities
Directory traversal, information leakage, XSS, CSRF...
[SECURITY] [DSA 3373-1] owncloud security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3373-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 18, 2015 https://www.debian.org/security/faq...
Multiple Vulnerabilities found in ZHONE
Vantage Point Security Advisory 2015-002 ======================================== Title: Multiple Vulnerabilities found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA, 42xx, 42xxA, 26xx, and 28xx series models Versions affected: S3.0.501...
Re: CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android
CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Cordova Android File Transfer Plugin 1.2.1 and below Description: Android applications built with the Cordova framework...
My.WiFi USB Drive v1.0 iOS - File Include Vulnerability
Document Title: =============== My.WiFi USB Drive v1.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1589 Release Date: ============= 2015-09-24 Vulnerability Laboratory ID VL-ID: ==================================== 15...
Vulnerabilities in Callisto 821+R3 ADSL Router
Hello 3APA3A! After all my advisories about vulnerabilities in Callisto 821+ http://seclists.org/fulldisclosure/2011/Aug/1 and recent advisory about Callisto 821+R3, here is new one. Because vendor ignored in 2011 all my letters and subsequent my public disclosure of vulnerabilities and new devic...
ZTE Callisto 821+ ADSL router security vulnerabilities
Crossite scripting, crossite request forgery...
Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities
Code execution, information disclosure, restrictions bypass, multiple memory corruptions, multiple libraries vulnerabilities...
ASUS RT-G32 security vulnerabilities
XSS, CSRF...
XSS and CSRF vulnerabilities in ASUS RT-G32
Hello 3APA3A! There are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in ASUS Wireless Router RT-G32. ------------------------- Affected products: ------------------------- Vulnerable is the next model: ASUS RT-G32 with different versions of firmware. I checked in ASUS RT-G3...
[USN-2780-2] MiniUPnP vulnerability
========================================================================== Ubuntu Security Notice USN-2780-2 October 23, 2015 miniupnpc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities
Advisory Information Title: FortiClient Antivirus Multiple Vulnerabilities Advisory ID: CORE-2015-0013 Advisory URL: http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities Date published: 2015-09-01 Date of last update: 2015-09-01 Vendors contacted: Fortinet...
Cisco ASA multiple security vulnerabilities
Multiple DoS conditions...
Zhone routers multiple security vulnerabilities
Authentication bypass, information disclosure, code execution...
Vulnerabilities in Callisto 821+R3 ADSL Router
Hello 3APA3A! In 2011 I wrote 22 advisories about vulnerabilities in Callisto 821+ ADSL Router http://seclists.org/fulldisclosure/2011/Aug/1. Because vendor ignored in 2011 all my letters and subsequent my public disclosure of vulnerabilities and new devices are vulnerable as well, so in August I...
Microsoft Windows multiple security vulnerabilities
Internet Explorer / Edge multiple security vulnerabilities, VBScript / Jscript code execution, Windows Shell code execution, kernel privilege escsalation...
Apple Xcode multiple security vulnerabilities
Restrictions bypass, weak encryption, information discosure, multiple svn vulnerabilities...
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following: Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiti...
[USN-2722-1] GDK-PixBuf vulnerability
========================================================================== Ubuntu Security Notice USN-2722-1 August 26, 2015 gdk-pixbuf vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability
Vulnerability title Microsoft: Trusted Boot Security Feature Bypass Vulnerability CVE: CVE-2015-2552 Vendor: Microsoft Product: Windows NT series 8.0+ Affected versions: See "systems affected". Reported by: "Myria" Vulnerability Summary: ===================== An attacker with administrative acces...
Multiple Remote Code Execution found in ZHONE
Vantage Point Security Advisory 2015-003 ======================================== Title: Multiple Remote Code Execution found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA, 42xx, 42xxA, 26xx, and 28xx series models Versions affected:...
CSRF vulnerabilities in Callisto 821+R3 ADSL Router
Hello 3APA3A! After all my advisories about vulnerabilities in Callisto 821+ http://seclists.org/fulldisclosure/2011/Aug/1 and recent advisory about Callisto 821+R3, here is new one. Because vendor ignored in 2011 all my letters and subsequent my public disclosure of vulnerabilities and new devic...
Apple Keynote, Pages, Numbers, iWork multiple security vulnerabilities
Restrictions bypass, memory corruptions...
owncloud multiple security vulnerabilities
Code execution, authentication bypass, information disclosure, crossite scripting, DoS...
SAP Netwaver - XML External Entity Injection
Title: SAP Netwaver - XML External Entity Injection Author: Lukasz Miedzinski GPG: Public key provided in attachment Date: 29/10/2014 CVE: CVE-2015-7241 Affected software : =================== SAP Netwear : 7.01 Vendor advisories only for customers: =================== External ID : 851975 2014...
SAP NetWeaver security vulnerabilities
Unauthorized access, XXE...
[SECURITY] [DSA 3363-1] owncloud-client security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3363-1 [email protected] https://www.debian.org/security/ Luciano Bello September 20, 2015 https://www.debian.org/security/faq...
SiS / XGI display managers privilege escalation
IOCTL privilege escalation...
APPLE-SA-2015-10-21-2 watchOS 2.0.1
APPLE-SA-2015-10-21-2 watchOS 2.0.1 watchOS 2.0.1 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Some cards may allow a terminal to retrieve limited recent transaction information when maki...
Apple watchOS security vulnerabilities
Information disclosure, memory corruptions, multiple vulnerabilities in different libraries...
Apache Commons HttpClient DoS
No timeout on handshake...
Apple iOS multiple security vulnerabilities
Screen unlock, information disclosure, restrictions bypass, multiple memory corruptions, weak encryption, multiple vulnerabilities in different libraries...
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 Mac EFI Security Update 2015-002 is now available and addresses the following: EFI Available for: OS X Mavericks v10.9.5 Impact: An attacker can exercise unused EFI functions Description: An issue existed with EFI argument handling. This was...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Memory corruptions, information disclosure, DoS, buffer overflow, restrictions bypass...
Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)
Qualys Security Advisory LibreSSL CVE-2015-5333 and CVE-2015-5334 ======================================================================== Contents ======================================================================== Summary Memory Leak CVE-2015-5333 Buffer Overflow CVE-2015-5334...
[USN-2771-1] Click vulnerability
========================================================================== Ubuntu Security Notice USN-2771-1 October 15, 2015 click vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-2772-1] PostgreSQL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2772-1 October 16, 2015 postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities ========================================================================== A security issue affects these...
LibreSSL security vulnerabilities
DoS, buffer overflow...
Ubuntu Click restrictions bypass
It's possible to trick user into giving escalated privileges...
PostgreSQL security vulnerabilities
Information disclosure, DoS...
Cisco AnyConnect privilege escalation
Privilege escalation via DLLs and DMG files...
ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities EMC Identifier: ESA-2015-152 CVE Identifier: CVE-2015-4547, CVE-2015-4548 Severity Rating: CVSS v2 Base Score: View details below for individual CVSS v2 scores Affected Products: · RSA® W...
[USN-2744-1] Apport vulnerability
========================================================================== Ubuntu Security Notice USN-2744-1 September 24, 2015 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
NVidia graphics drivers privilege escalation
Privilege escalation via IOCTL processing...
ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities EMC Identifier: ESA-2015-142 CVE Identifier: CVE-2015-4541, CVE-2015-4542, CVE-2015-4543 Severity Rating: CVSS v2 Base Score: View details below for individual CVSS v2 scores Affected...
libvirt / qemu multiple security vulnerabilities
DoS, memory corruptions...
[USN-2747-1] NVIDIA graphics drivers vulnerability
========================================================================== Ubuntu Security Notice USN-2747-1 September 28, 2015 nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-346,...
Microsoft Exchange Information Disclosure
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-MS-EXCHANGE-INFO-DISCLOSURE.txt Vendor: ================================ www.microsoft.com Product: ================================ Microsoft Exchange Outlook Web Vulnerability Type:...
Unity Settings Daemon privilege escalation
User's session access...