47153 matches found
WebKit / Apple Safari multiple security vulnerabilities
Multiple memory corruptions and crossite scripting...
[USN-1878-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1878-1 June 14, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
Microsoft Internet Explorer multiple security vulnerabilities
Multiple memory corruptions...
Microsoft Office buffer overflow
Microsoft Outlook vulnerability on messages reading is used in-the-wild...
Microsoft Windows multiple security vulnerabilities
Kernel information leakage, drivers DoS, print spooler privilege escalation...
[security bulletin] HPSBMU02883 SSRT101227 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03781657 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03781657 Version: 1 HPSBMU02883...
CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall)
CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products ViPNet ClientCoordinator, SafeDisk, Personal Firewall CVE reference: CVE-2013-3496 Credit: Maksim Chudakov @MChudakov Andrey [email protected] Severity: Medium LocalRemote: Local Vulnerability Class:...
[ MDVSA-2013:168 ] python-httplib2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:168 http://www.mandriva.com/en/support/security/ Package : python-httplib2 Date : May 27, 2013 Affected: Business Server 1.0 Problem Description: Updated python-httplib2 packages fix security vulnerability:...
python-httplib insufficient certificate validation
Certificate is only validated on first request...
Zavio IP cameras multiple security vulnerabilities
Hardcoded credentials, code execution, weak permissions...
[CORE-2013-0103] Mac OSX Server DirectoryService buffer overflow
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1. Advisory Information Title: Mac OSX Server DirectoryService buffer overflow Advisory ID: CORE-2013-0103 Advisory URL:...
Apple Mac OS X Directory Service buffer overflow
Buffer overflow on response parsing...
[SECURITY] [DSA 2666-1] xen security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2666-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 12, 2013 http://www.debian.org/security/faq -...
CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com TP-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: TP-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0318 Advisory URL:...
CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com Zavio IP Cameras multiple vulnerabilities 1. Advisory Information Title: Zavio IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0302 Advisory URL:...
MayGion IP cameras security vulnerabilities
Buffer overflow, directory traversal...
OpenVPN cryptography weakness
It's possible to inject and decript ciphertext in UDP mode...
CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MayGion IP Cameras multiple vulnerabilities 1. Advisory Information Title: MayGion IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0322 Advisory URL:...
[SECURITY] [DSA 2695-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2695-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 29, 2013 http://www.debian.org/security/faq -...
HP Data Protector multiple security vulnerabilities
Privilege escalation, code execution, DoS...
[ MDVSA-2013:167 ] openvpn
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:167 http://www.mandriva.com/en/support/security/ Package : openvpn Date : May 27, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated openvpn package fixes security...
Cisco TelePresence Supervisor DoS
Resources exhaustion on TCP packets processing...
Xen security vulnerabilities
DoS, information leakage, privilege escalation...
InfoTeCS applications weak permissions
Weak permissions for installation folder...
Monkey HTTPD 1.1.1 - Denial of Service Vulnerability
Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...
socat security vulnerabilities
Buffer overflow, file descriptor leakage...
CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution
Title CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution 2. Introduction Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low memory and CPU consumption, the perfect solution for...
LibTiff security vulnerabilities
tiff2pdf vulnerabilities...
[USN-1832-1] LibTIFF vulnerabilities
========================================================================== Ubuntu Security Notice USN-1832-1 May 21, 2013 tiff vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
kde4libs information leakage
User's credentials are incorrectly requested under some conditions...
KDE Paste applet weak password generation
Weak PRNG...
[USN-1842-1] KDE-Libs vulnerability
========================================================================== Ubuntu Security Notice USN-1842-1 May 29, 2013 kde4libs vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
[ MDVSA-2013:169 ] socat
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:169 http://www.mandriva.com/en/support/security/ Package : socat Date : May 29, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in socat: ...
Sony PlayStation 3 code execution
No description provided...
FreeBSD NFS server memory corruption
It's possible to call readdir on plain file...
Sony PS3 Firmware v4.31 - Code Execution Vulnerability
Title: ====== Sony PS3 Firmware v4.31 - Code Execution Vulnerability Date: ===== 2013-05-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=767 VL-ID: ===== 767 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= The...
[SECURITY] [DSA 2672-1] kfreebsd-9 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2672-1 [email protected] http://www.debian.org/security/ Florian Weimer May 22, 2013 http://www.debian.org/security/faq -...
KDE Paste Applet
The paste applet included with kdeplasma-addons allows you to define macros that will copy some generated data into the clipboard, using simple macros to define the source and format of the data. The available macros include password... which generates "random" passwords. Here is the code that...
ModSecurity DoS
NULL pointer dereference under some conditions...
[SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference
CVE Number: CVE-2013-2765 / ModSecurity Remote Null Pointer Dereference When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically...
Monkey HTTPD security vulnerabilities
Crash on NULL byte in request. Buffer overflow on oversized header...
ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities
ESA-2013-040.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities EMC Identifier: ESA-2013-040 CVE Identifier: CVE-2013-0947, CVE-2013-1899 Severity Rating: CVSS v2 Base Score: See below for individual scores Affected Products: R...
[SECURITY] [DSA 2700-1] wireshark security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2700-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 02, 2013 http://www.debian.org/security/faq -...
[ MDVSA-2013:171 ] gnutls
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:171 http://www.mandriva.com/en/support/security/ Package : gnutls Date : May 30, 2013 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in gnutls: A flaw...
[USN-1849-1] Linux kernel (Raring HWE) vulnerability
========================================================================== Ubuntu Security Notice USN-1849-1 May 31, 2013 linux-lts-raring vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
[SECURITY] [DSA 2693-1] libx11 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2693-1 [email protected] http://www.debian.org/security/ Raphael Geissert May 24, 2013 http://www.debian.org/security/faq -...
Vulnerable Microsoft VC++ 2005 RTM runtime libraries installed with "Microsoft Security Essentials" (and numerous other Microsoft products)
Hi @ll, this is part 2 of "Defense in depth -- the Microsoft way", see http://seclists.org/fulldisclosure/2013/May/107 On Windows NT 5.x the current "Microsoft Security Essentials" v4.2 available from http://www.microsoft.com/securityessentials, and offered as optional update KB2804527 via...
Netgear DGN devices security vulnerabilities
Authentication bypass, code execution...
Imperva SecureSphere Operations Manager multiple security vulnerabilities
Multiple web interface vulnerabilities...
[USN-1844-1] Linux kernel vulnerability
========================================================================== Ubuntu Security Notice USN-1844-1 May 30, 2013 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...