47153 matches found
SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot
SEC Consult Vulnerability Lab Security Advisory 20140307-0 ======================================================================= title: Unauthenticated access & manipulation of settings product: Huawei E5331 MiFi mobile hotspot vulnerable version: Software version 21.344.11.00.414 fixed version...
Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities
Document Title: =============== Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1191 Dell SonicWall Security Bulletin:...
CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory ID: CORE-2014-0002 Advisory URL:...
EMC VPLEX multiple security vulnerabilities
Directory traversal, protection bypass...
[USN-2140-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2140-1 March 07, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Linux kernel security vulnerabilities
ptrace information leakage, debug functions privilege escalation, cprng weak PRNG, networking dissector DoS, multiple integer overflows, buffer overlows in WiMax, USB and different devices drivers, UDP fragmentation offload uninitialized memory, privilege escalations. NAT conntrack information...
Apple iOS multiple security vulnerabilities
Symbolic links vulnerability, root certificates problems, protection bypass, DoS, privilege escalation, memory corruption, information leakage, code execution...
ES746 DELL Support-Bulletin - EMS Vulnerability Resolved
Document Title: =============== ES746 DELL Support-Bulletin - EMS Vulnerability Resolved References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1241 Download:...
Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities
Document Title: =============== Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1234 Release Date: ============= 2014-03-25 Vulnerability Laboratory ID VL-ID: ==================================== 12...
Dell SonicWALL security vulnerabilities
Filtering bypass, XSS...
EMC Documentum TaskSpace security vulnerabilities
Privilege escalation, information leakage...
IcedTea Web information leakage
Weak permission for temporary files...
SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability
Document Title: =============== SonicWall Dashboard Backend Server - Client-Side Cross Site Scripting Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1100 Release Date: ============= 2014-03-06 Vulnerability Laboratory ID VL-ID:...
[USN-2132-1] ImageMagick vulnerabilities
========================================================================== Ubuntu Security Notice USN-2132-1 March 06, 2014 imagemagick vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability
Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...
Oracle VirtualBox memory corruptions
Multiple memory corruptions in 3D acceleration...
Symantec LiveUpdate Administrator security vulnerabilities
Unaurhorized access, SQL injection...
WiFiles HD v1.3 iOS - File Include Web Vulnerability
Document Title: =============== WiFiles HD v1.3 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1214 Release Date: ============= 2014-02-22 Vulnerability Laboratory ID VL-ID: ==================================== 1214...
ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities
Document Title: =============== ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1230 Release Date: ============= 2014-03-25 Vulnerability Laboratory ID VL-ID: ==================================== 1230...
jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities
Document Title: =============== jDisk stickto v2.0.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1196 Release Date: ============= 2014-02-12 Vulnerability Laboratory ID VL-ID: ==================================== 11...
Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities
Document Title: =============== Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1229 Release Date: ============= 2014-03-19 Vulnerability Laboratory ID VL-ID: ====================================...
iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities
Document Title: =============== iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1237 Release Date: ============= 2014-03-26 Vulnerability Laboratory ID VL-ID:...
Office Assistant Pro v2.2.2 iOS - File Include Vulnerability
Document Title: =============== Office Assistant Pro v2.2.2 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1197 Release Date: ============= 2014-02-13 Vulnerability Laboratory ID VL-ID: ==================================...
[SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Commons FileUpload 1.0 to 1.3 - - Apache Tomcat 8.0.0-RC1 to 8.0.1 - - Apache Tomcat 7.0.0 to 7.0.50 - -...
File Hub v1.9.1 iOS - Multiple Web Vulnerabilities
Document Title: =============== File Hub v1.9.1 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1195 Release Date: ============= 2014-02-15 Vulnerability Laboratory ID VL-ID: ==================================== 1195...
PowerArchiver: Uses insecure legacy PKZIP encryption when AES is selected (CVE-2014-2319)
PowerArchiver: Uses insecure legacy PKZIP encryption when AES is selected CVE-2014-2319 References https://vulners.com/cve/CVE-2014-2319 http://int21.de/cve/CVE-2014-2319-powerarchiver.html http://www.powerarchiver.com/2014/03/12/powerarchiver-2013-14-02-05-released/ Background...
Chromium / Google Chrome multiple security vulnerabilities
Memory corruprions, information leakage, certificate validation issues, protection bypass, crossite scripting, directory traversal...
Synology DiskStation Manager code execution
Code execution via web interface...
[oCERT-2014-002] Xalan-Java insufficient secure processing
2014-002 Xalan-Java insufficient secure processing Description: The Xalan-Java library is a popular XSLT processor from the Apache Software Foundation. The library implements the Java API for XML Processing JAXP which supports a secure processing feature for interpretive and XSLCT processors. The...
VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free (Pwn2Own)
VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Mozilla Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with ...
MS14-010 CVE-2014-0293 Technical Details and Code(I changed the web permanently)
Origin: Visit http://technet.microsoft.com/en-us/security/bulletin/ms14-010 Check "Acknowledgments" for "CVE-2014-0293". It says "Dieyu" and links to my website http://dieyu.org/ Technical Details: showModalDialog to keep script running, HTTP redirecting to target domain. Then script will run in...
[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2885-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2884-1] libyaml security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2884-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...
HP Smart Update Manager privilege escalation
No description provided...
[security bulletin] HPSBUX02976 SSRT101236 rev.1 - HP-UX Running NFS rpc.lockd, Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04174142 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04174142 Version: 1 HPSBUX02976...
HP-UX rpc.lockd DoS
No description provided...
HP-UX m4 privilege escalation
No description provided...
Microsoft Internet Explorer multiple security vulnerabilities
Multiple memory corruptions, crossite access, privilege escalation...
EMC RSA Authentication Manager crossframe scripting
Self-Service Console cross frame scripting...
[USN-2155-1] OpenSSH vulnerability
========================================================================== Ubuntu Security Notice USN-2155-1 March 25, 2014 openssh vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[SECURITY] [DSA 2886-1] libxalan2-java security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2886-1 [email protected] http://www.debian.org/security/ Florian Weimer March 26, 2014 http://www.debian.org/security/faq -...
ESA-2014-015: RSA® Authentication Manager Cross Frame Scripting Vulnerability
ESA-2014-015.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-015: RSA® Authentication Manager Cross Frame Scripting Vulnerability EMC Identifier: ESA-2014-015 CVE Identifier: CVE-2014-0623 Severity Rating: CVSS v2 Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N Affected Products: RSA...
HP SiteScope security vulnerabilities
Code execution, information leakage, DoS on SOAP requests...
HP StoreOnce unauthorized access
No description provided...
EMC RSA BSAFE Micro Edition DoS
Server crash on certificate check...
Cisco IOS multiple security vulnerabilities
Multiple DoS conditions...
HP Security Management System code execution
No description provided...
[security bulletin] HPSBHF02965 rev.1 - HP Security Management System, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04156626 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04156626 Version: 1 HPSBHF02965 rev....
Mozilla Firefox / Thunderbird / Seamonkey / nss multiple security vulnerabilities
Buffer overflows, memory corruptions, information leakage, privilege escalation, protection bypass, unauthorized access, interface spoofing...
OpenSSH protection bypass
Invalid wildcard expressions parsing...