Feed aggregator

Vuln: Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability
Categories:

Vuln: Samba CVE-2014-8143 Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Samba CVE-2014-8143 Privilege Escalation Vulnerability
Categories:

Vuln: Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
Categories:

Vuln: Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
Categories:

Vuln: Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability

Security Focus Latest Security Advisories - January 23, 2015 - 12:00am
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
Categories:

PhotoSync 1.1.3 Android - Command Inject Vulnerability

BugTraq Latest Security Advisories - January 22, 2015 - 12:10pm

Posted by Vulnerability Lab on Jan 22

Document Title:
===============
PhotoSync 1.1.3 Android - Command Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1410

Release Date:
=============
2015-01-21

Vulnerability Laboratory ID (VL-ID):
====================================
1410

Common Vulnerability Scoring System:
====================================
5.2

Product & Service Introduction:...
Categories:

Program-O v2.4.6 - Multiple Web Vulnerabilities

BugTraq Latest Security Advisories - January 22, 2015 - 12:01pm

Posted by Vulnerability Lab on Jan 22

Document Title:
===============
Program-O v2.4.6 - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1414

Release Date:
=============
2015-01-21

Vulnerability Laboratory ID (VL-ID):
====================================
1414

Common Vulnerability Scoring System:
====================================
6.3

Product & Service Introduction:
===============================...
Categories:

CVE-2015-1180-xss-eventsentry

BugTraq Latest Security Advisories - January 22, 2015 - 9:40am

Posted by Sudhanshu Chauhan on Jan 22

CVE-2015-1180-xss-eventsentry

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in EventSentry Web Reports Interface
Affected Software : EventSentry
Affected Versions: 3.1.0 and possibly below
Vendor Homepage : http://eventsentry.com/
Vulnerability Type : Cross-site Scripting
Severity : High
CVE ID: CVE-2015-1180

Impact
----------
An attacker can craft a URL with malicious JavaScript code which
executes in...
Categories:

CVE-2015-1179-xss-mango-automation-scada

BugTraq Latest Security Advisories - January 22, 2015 - 9:32am

Posted by Sudhanshu Chauhan on Jan 22

CVE-2015-1179-xss-mango-automation-scada

Information
-----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in Mango Automation SCADA/HMI software
Affected Software : Mango Automation
Affected Versions: 2.4.0 and possibly below
Vendor Homepage : http://infiniteautomation.com/
Vulnerability Type : Cross-site Scripting
Severity : High
CVE ID: CVE-2015-1179

Impact
----------
An attacker can craft a URL with malicious JavaScript...
Categories:

CVE-2015-1178-xss-x-cart-ecommerce

BugTraq Latest Security Advisories - January 22, 2015 - 9:23am

Posted by Sudhanshu Chauhan on Jan 22

CVE-2015-1178-xss-x-cart-ecommerce

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in X-CART e-Commerce software
Affected Software : X-Cart
Affected Versions: 5.1.8 and possibly below
Vendor Homepage : https://www.x-cart.com
Vulnerability Type : Cross-site Scripting
Severity : High
CVE ID: CVE-2015-1178

Impact
----------
An attacker can craft a URL with malicious JavaScript code which
executes in the...
Categories:

CVE-2015-1177-xss-exponent

BugTraq Latest Security Advisories - January 22, 2015 - 9:15am

Posted by Sudhanshu Chauhan on Jan 22

CVE-2015-1177-xss-exponent

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in Exponent CMS
Affected Software : Exponent
Affected Versions: 2.3.2 and possibly below
Vendor Homepage : http://www.exponentcms.org/
Vulnerability Type : Cross-site Scripting
Severity : High
CVE ID: CVE-2015-1177

Impact
----------
An attacker can craft a URL with malicious JavaScript code which
executes in the browser.

Technical...
Categories:

SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP

BugTraq Latest Security Advisories - January 22, 2015 - 9:04am

Posted by SEC Consult Vulnerability Lab on Jan 22

SEC Consult Vulnerability Lab Security Advisory < 20150122-0 >
=======================================================================
title: Multiple critical vulnerabilities
products: Symantec Data Center Security: Server Advanced (SDCS:SA)
Symantec Critical System Protection (SCSP)
vulnerable version: see: Vulnerable / tested versions
fixed version: SCSP 5.2.9 MP6, SDCS:SA 6.0 MP1 -...
Categories:

CVE-2015-1176-xss-osticket

BugTraq Latest Security Advisories - January 22, 2015 - 8:55am

Posted by Sudhanshu Chauhan on Jan 22

CVE-2015-1176-xss-osticket

Information
----------------
Advisory by Octogence.
Name: Reflected XSS Vulnerability in osTicket Ticket system
Affected Software : osTicket
Affected Versions: 1.9.4 and possibly below
Vendor Homepage : http://osticket.com/
Vulnerability Type : Cross-site Scripting
Severity : High
CVE ID: CVE-2015-1176

Impact
----------
An attacker can craft a URL with malicious JavaScript code which
executes in the browser....
Categories:

Bugtraq: [oCERT-2015-001] JasPer input sanitization errors

Security Focus Latest Security Advisories - January 22, 2015 - 8:30am
[oCERT-2015-001] JasPer input sanitization errors
Categories: