Computer Security
[EN] securityvulns.ru no-pyccku



28.02.2014
Detailed
8!Apple Mac OS X multiple security vulnerabilities
document Multiple vulnerabilities in Network and Graphics subsystems, SSL bypass, multiple libraries and applications vulnerabilities.
8!Apple QuickTime multiple security vulnerabilities
document Buffer overflows, memory corruptions, integer overflows on different media formats parsing.
7!Apple WebKit / Safari multiple security vulnerabilities
document Multiple memory corruptions.
7!Apple products SSL validation vulnerability
document Certificate validity is not checked due to software error.
6!PostgreSQL multiple security vulnerabilities
document DoS, privilege escalations, memory corruptions.
6!GnuTLS certificates validation vulnerability
document Invalid validation of version 1 ceritficates.
6!Barracuda Firewall multiple security vulnerabilities
document Crossite scripting, protection bypass.
6!FreeRADIUS security vulnerabilities
document rlm_unix protection bypass, rlm_pap memory corruption.
  


18.02.2014
Detailed
8!Chromium / Google Chrome multiple security vulnerabilities
document Multiple memory corruptions, use-after-free and information leaks.
6!Cisco Linksys unauthorized access
document TCP/8083 web administration is accessible without authentication in some cases.
 flite symbolic links vulnerability
document Symlink vulnerability on temporary file creation.
 libpng DoS
document NULL pointer dereferences.
 socat buffer overflow
document Buffer overflow on command line arguments parsing.
  


12.02.2014
Detailed
7!Microsoft Forefront Protection for Exchange code execution
document Code execution on message parsing.
  


11.02.2014
Detailed
8!Microsoft Windows multiple security vulnerabilities
document XML services information leakage, IPv6 DoS, Direct2D memory corruption, .Net privilege escalation, VBScript code execution.
6!Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
6!EMC Documentum Foundation Services unauthorized access
document Filesystem access is possible.
  


10.02.2014
Detailed
9!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Multiple memory corruptions, crossite scripting, DoS, information leakage.
7!libav / ffmpeg multiple security vulnerabilities
document Vulnerabilitlies in different demuxers and decoders.
7!libgadu / libpurple / Pidgin multiple security vulnerabilities
document Buffer overflow on libgadu protocol parsing. Yahoo!, XMPP, MSN, HTTP, STUN, IRC protocols and URL parsing DoS. HTTP, SIMPLE protocols and MXit emoticons parsing memory corruptions.
6!Netgear D6300B routers backdoor
document Specially crafted network packet activates root level telnet access.
6!perl Locale::Maketext code execution
document It's possible to call external functions on template compilation
6!Asus routers authentication bypass
document AiCloud authentication bypass.
 Sophos antivirus weak permissions
document Weak permssions for system objects
 Inteno DG301 routers code execution
document Code execution via web interface.
  


03.02.2014
Detailed
7!Cisco Teleprense devices multiple security vulnerabilities
document DoS, code execution.
6!T-Mobile HOME NET routers multiple security vulnerabilities
document Privilege escalation, code execution, directory traversal CSRF.
 SimplyShare multiple security vulnerabilities
document Multiple bulit-in web server vulnerabilities.
 Apache Cordova/PhoneGap multiple security vulnerabilities
document Protection bypass, information leakage.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Citrix GoToMeeting information leakage
document Information leakage via logs.
 perl-Proc-Daemon weak permissions
document Weak pid file permissions.
 AmmyAdmin hidden options
document Few hidden options allow to use application as a backdoor.
  


01.02.2014
Detailed
6!Mozilla Thunderbird code execution
document It's possible to execute javascript via object tag.
 libotr downgrade attacks
document It's possible to downgrade protocol to 1st version.
 QEMU / Xen multiple security vulnerabilities
document DoS, privilege escalation.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod