Computer Security
[EN] securityvulns.ru no-pyccku



24.02.2013
Detailed
9! Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
updated since 21.01.2013
document Over 85 of different vulnerabilites are fixed in CPU.
7!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Multiple memory corruptions, https response spoofing, information leakage, protection bypass, DoS.
6!SAP Netweaver Message Server multiple security vulnerabilities
document Code execution, DoS.
6!Ruby multiple security vulnerabilities
document Crossite scripting, protection bypass.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 nss-pam-ldapd fd_set overflow
document FD_SET() structure overflow
 Alt-N MDaemon multiple security vulnerabilities
document Multiple web interface vulnerabilities.
 HP ArcSight multiple security vulnerabilities
document Information leakage, code execution, crossite scripting.
 squid cachemanager DoS
updated since 04.02.2013
document cachemgr.cgi resources exhaustion.
 Boost library protection bypass
document Invalid UTF-8 sequences validation
 NetGear DGN2200 multiple security vulnerabilities
document XSS, code execution, information leakage.
 Samsung Galaxy S3 screenlock bypass
document Voice commands are available in locked state.
  


18.02.2013
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Atmel crypto co-processors information leakage
document Keys may be leaked via JTAG interface.
 Pidgin multiple security vulnerabilities
document Different vulnerabilities in MXit and IPnP implementations.
 TP-Link access points multiple security vulnereabilities
document Multiple web interface vulnerabilities
 Edimax access points multiple security vulnerabilities
document Multiple web interface vulnerabilities
 OpenConnect buffer overflow
document Buffer overflow on server response parsing.
 Qt multiple security vulnerabilities
document Information leakage, incalid SSL error messages.
 PostgreSQL information leakage
document Array index overflow.
 Cisco Linksys routers multiple security vulnerabilities
updated since 11.02.2013
document Directory traversals, code execution, etc.
 IBM Lotus Domino crossite scripting and open redirect
updated since 17.12.2012
document IBM Lotus Domino Web Server crossite scripting and open redirection.
 Dell Sonicwall Scrutinizer multiple security vulnerabilities
document Multiple web interface vulnerabilities
 gnome screensaver protection bypass
document Screensaver doesn't start automatically.
  


14.02.2013
Detailed
8!Microsoft Exchange / FAST Search Server code execution
document Code execution on Outlook Web Access document viewing / Advanced Filter Pack because of Oracle Outside In technology vulnerability.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Information leakage, multiple use-after-free vulnerabilities, VML memory corruption.
 Adobe Shockwave Player code execution
document Few code execution possibilities
 Microsoft Windows Server NFS server DoS
document NULL pointer dereference.
  


11.02.2013
Detailed
8!Broadcom chipset routers format string vulnerability
updated since 04.02.2013
document UPnP stack implementation format string vulnerability
6!Cisco ATA 187 unauthorized access
document Unauthorized access via TCP/7870 port
6!cURL buffer overflow
document Buffer overflow in SASL DIGEST-MD5 implementation
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP Network Node Manager I crossite scripting
   
 RSA Archer GRC multiple security vulnerabilities
document Directory traversal, clickjacking, crossite access, crossite scripting.
 Symantec Endpoint Protection Management security vulnerabilities
document Executable planting, remote PHP code execution.
 Lorex IP cameras authenticaiton bypass
document It's possible to access camera without authentication.
 QXL driver DoS
document Crash on connection termination.
 HP LeftHand Virtual SAN Appliance code execution
   
 IRCD-Hybrid DoS
   
 Symantec Enterprise Security Manager privilege escalation
document Privilege escalation via executable planting.
 Sony Playstation Vita addressbar spoofing
document Adress bar spoofing via window.open()
 Oracle Automated Service Manager symbolic links vulnerability
document Symbolic links vulnerability during installation process.
  


04.02.2013
Detailed
6!libav / ffmpeg multiple security vulnerabilities
document Multple memory corruptions on different formats handling.
6!EMC AlphaStor buffer overfllow
document Buffer overflow via device name.
6!Apple iOS multiple security vulnerabilities
document Information leakage, certificates vulnerabilities, multiple WebKit vulnerabilities.
6!D-Link IP cameras information leakage
updated since 17.12.2012
document It's possible to retrieve camera password.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 libvirt DoS vulnerabilities
document Few DoS conditions.
 Buffalo TeraStation security vulnerabilities
document Code execution, information leakage.
 FortiNet FortiMail security vulnerabilities
document Different vulnerabilities in Web interface.
 Serva security vulnerabilities
document DoS conditions on HTTP and DNS requests processing.
 libssh DoS
document Crash on connection engotiation.
 Apple TV security vulnerabilities
document Information leakage, DoS.
 HP XP P9000 Command View Advanced Edition DoS
   
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod