Feed aggregator

Bugtraq: [ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE
Categories:

Bugtraq: [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS
Categories:

Bugtraq: [SECURITY] [DSA 3295-1] cacti security update

[SECURITY] [DSA 3295-1] cacti security update
Categories:

Bugtraq: CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders
Categories:

[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:29am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.2014
Reported: 09.12.2014
Vendor response: 10.12.2014
Date of Public Advisory: 18.06.2015
Reference: SAP...
Categories:

[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

BugTraq Latest Security Advisories - June 25, 2015 - 7:04am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.2014
Reported: 06.11.2014
Vendor response: 07.11.2014
Date of Public Advisory: 18.06.2015...
Categories:

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

BugTraq Latest Security Advisories - June 25, 2015 - 6:56am

Posted by Darya Maenkova on Jun 25

ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent: 25.08.14
Reported: 25.08.14
Vendor response: 25.08.14
Date of Public Advisory: 15.02.2015...
Categories:

Bugtraq: CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004

CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004
Categories:

Bugtraq: [SECURITY] [DSA 3294-1] wireshark security update

[SECURITY] [DSA 3294-1] wireshark security update
Categories:

next-20150625: linux-next

Linux Kernel Updates - June 25, 2015 - 3:14am
Version:next-20150625 (linux-next) Released:2015-06-25

[SECURITY] [DSA 3295-1] cacti security update

BugTraq Latest Security Advisories - June 24, 2015 - 2:16pm

Posted by Salvatore Bonaccorso on Jun 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3295-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
June 24, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : cacti
CVE ID : CVE-2015-2665 CVE-2015-4342...
Categories:

Bugtraq: ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability
Categories:

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

BugTraq Latest Security Advisories - June 24, 2015 - 1:09pm

Posted by Federick Joe P Fajardo on Jun 24

CVEID: CVE-2015-4464

SUBJECT: Insufficient Authorization Checks Request Handling Remote
Authentication Bypass for Kguard Digital Video Recorders

DESCRIPTION: A deficiency in handling authentication and authorization
has been found with Kguard 104/108/v2 models. While password-based
authentication
is used by the ActiveX component to protect the login page, all the
communication
to the application server at port 9000 allows data to be...
Categories:

Bugtraq: ESA-2015-109: EMC Documentum D2 Cross-Site Scripting

Security Focus Latest Security Advisories - June 24, 2015 - 12:45pm
ESA-2015-109: EMC Documentum D2 Cross-Site Scripting
Categories:

CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004

BugTraq Latest Security Advisories - June 24, 2015 - 11:02am

Posted by Marco Delai on Jun 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# http://www.csnc.ch/en/downloads/advisories.html
#
#############################################################
#
# CVE ID : CVE-2015-3443
# Product: Secret Server [1]
# Vendor: Thycotic
# Subject: Stored Cross-Site Scripting Vulnerability (XSS)
# Risk: High
# Effect: Remotely exploitable
# Author: Marco Delai...
Categories:

Bugtraq: KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass)

Security Focus Latest Security Advisories - June 24, 2015 - 10:15am
KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass)
Categories:

[SECURITY] [DSA 3294-1] wireshark security update

BugTraq Latest Security Advisories - June 24, 2015 - 9:03am

Posted by Moritz Muehlenhoff on Jun 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3294-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
June 23, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wireshark
CVE ID : CVE-2015-4651 CVE-2015-4652...
Categories:

Bugtraq: [security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information

[security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information
Categories:

next-20150624: linux-next

Linux Kernel Updates - June 24, 2015 - 3:20am
Version:next-20150624 (linux-next) Released:2015-06-24

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability

BugTraq Latest Security Advisories - June 23, 2015 - 1:53pm

Posted by Security Alert on Jun 23

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability

EMC Identifier: ESA-2015-110

CVE Identifier: CVE-2015-0550

Severity Rating: CVSS v2 Base Score: 8.5 (AV:N/AC:L/Au:N/C:C/I:N/A:P)

Affected products:

• EMC Documentum Thumbnail Server 6.7SP1
• EMC Documentum Thumbnail Server 6.7SP2
• EMC Documentum Thumbnail Server 7.0
• EMC Documentum Thumbnail Server 7.1
• EMC Documentum...
Categories: