Computer Security and Information Security

Computer Security Vulnerabilities


[EN] securityvulns.ru
no-pyccku


02.02.2015
Detailed
9!GNU glibc gethostbyname functions buffer overflow
document Buffer overflow in __nss_hostname_digits_dots().
9!Microsoft Windows multiple security vulnerabilities
updated since 18.11.2014
document OLE code execution, Internet Explorer multiple vulnerabilities, Schannel code execution, XML Core Services code execution, TCP/IP privilege escalation, Windows Audio Service privilege escalation, .NET Framework privilege escalation, RDP restrictions bypass, IIS restrictions bypass, IME privilege escalation, kernel-mode drivers DoS.
 EMC Avamar certificate protection bypass
document Insufficient certificate validation.
 Privoxy use-after-free
updated since 25.01.2015
document Multiple use-after-free cases.
 Asus RT routers unauthorized access
updated since 07.04.2014
document Full anonymous access is allowed be default. Authentication bypass. Crossite scripting.
  


25.01.2015
Detailed
9!Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
document Over 150 vulnerabilities in different applications are closed in auqrterly update.
6!Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP security vulnerabilities
document SQL injections, crossite scripting, information disclosure, protection bypass.
6!jasper library multiple security vulnerabilities
updated since 08.12.2014
document Buffer overflows in jpc_dec_cp_setfromcox() and jpc_dec_cp_setfromrgn() functions, double free(), heap buffer overflow.
 EMC M&R multiple security vulnerabilities
document Crossite scripting, insecure data storage, directory traversal, unrestricted files upload.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Samba privilege escalation
document Active Directory user can get UF_SERVER_TRUST_ACCOUNT bit.
 elfutils directory traversal
document Directory traversal on ar extraction.
 Different iOS / Android applications vulnerabilities
updated since 18.01.2015
document Information leaks, code execution, protection bypass, etc.
 AVM FRITZ!Box protection bypass
document Image integrity protection bypass.
  


19.01.2015
Detailed
9!Adobe Flash Player multiple security vulnerabilities
document typejacking, code execution, memory corruptions, buffer overflows, information disclosure.
8!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Memory corruptions, headers injection, restrictions bypass.
7!xdg-open code execution
document Code execution because of insufficient shell characters filtering in protocol handlers.
7!Microsoft Windows multiple security vulnerabilities
document Application Compatibility Cache privilege escalation, telnet service buffer overflow, User Profile Service privilege escalation, TS WebProxy directory traversal, Network Location Awareness Service restrictions bypass, Windows Error Reporting restrictions bypass, WebDAV driver privilege escalation.
6!Microsoft Network Policy Server DoS
document Crash on username processing in RADIUS request.
6!GNU coreutils memory corruption
document Memory corruption in date and touch on date parsing.
 cgmanager information disclosure
document Invalid nested groups processing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  

Archive by months:
*  2015/2*  2015/1
*  2014/12*  2014/11
*  2014/10*  2014/9
*  2014/8*  2014/7
*  2014/6*  2014/5
*  2014/4*  2014/3
*  2014/2*  2014/1
*  2013/12*  2013/11
*  2013/10*  2013/9
*  2013/8*  2013/7
*  2013/6*  2013/5
*  2013/4*  2013/3
*  2013/2*  2013/1
*  2012/12*  2012/11
*  2012/10*  2012/9
*  2012/8*  2012/7
*  2012/6*  2012/5
*  2012/4*  2012/3
*  2012/2*  2012/1
*  2011/12*  2011/11
*  2011/10*  2011/9
*  2011/8*  2011/7
*  2011/6*  2011/5
*  2011/4*  2011/3
*  2011/2*  2011/1
*  2010/12*  2010/11
*  2010/10*  2010/9
*  2010/8*  2010/7
*  2010/6*  2010/5
*  2010/4*  2010/3
*  2010/2*  2010/1
*  2009/12*  2009/11
*  2009/10*  2009/9
*  2009/8*  2009/7
*  2009/6*  2009/5
*  2009/4*  2009/3
*  2009/2*  2009/1
*  2008/12*  2008/11
*  2008/10*  2008/9
*  2008/8*  2008/7
*  2008/6*  2008/5
*  2008/4*  2008/3
*  2008/2*  2008/1
*  2007/12*  2007/11
*  2007/10*  2007/9
*  2007/8*  2007/7
*  2007/6*  2007/5
*  2007/4*  2007/3
*  2007/2*  2007/1
*  2006/12*  2006/11
*  2006/10*  2006/9
*  2006/8*  2006/7
*  2006/6*  2006/5
*  2006/4*  2006/3
*  2006/2*  2006/1
All periods

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
Share your news!
You may send information about any vulnerabilities to vuln@security.nnov.ru

Subscribe
Security news RSS/XML feed
Subscribtion options and news export - have SecurityVulns information on your site (no site script support required)!

3proxy forum:
Log denied requests?
How to config 3proxy with user password authentication?
ftp transparent proxy
how Compile
Changelog mentioned "ldapauth plugin"

Links
Find out who offer the best storage cloud plan here.
ExecutiveIce.com
1337Day Exploits Market
1337Day Exploits Market



Rating@Mail.ru