Computer Security
[EN] securityvulns.ru
no-pyccku

  


26.04.2012
Detailed
6!Linux kernel multiple security vulnerabilities
updated since 02.04.2012
document DoS, information leakage, privilege escalation.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 NVidia Linux / Unix drivers privilege escalation
document Kernel memory access is possible.
  


24.04.2012
Detailed
7!Asterisk multiple security vulnerabilities
document Buffer overflow on Skinny processing, DoS via SIP, Asterisk Manager code execution.
6!Plixer Scrutinizer NetFlow and sFlow Analyzer multiple security vulnerabilities
document Authentication bypass, SQL injection, crossite scripting.
6!InspIRCd buffer overflow
document Buffer overflow on DNS request processing.
6!OpenSSL memory corruption
updated since 22.04.2012
document Memory corruption in asn1_d2i_read_bio()/SMIME_read_PKCS7()/SMIME_read_CMS()
 RuggedCom SCADA equipment backdoor
document RuggedCom's Rugged Operating System backdoor account.
 VMWare ESXi / ESX weak permissions
document VMWare Tools folder weak permissions
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP ProCurve switches compact flash cards virus
document Some of the devices contain virus on compact flash card.
 Astaro Security Gateway crossite scripting
document Multiple crossite scripting possibilities.
 Astaro Command Center crossite scripting
document Multiple crossite scripting vulnerabilities.
  


23.04.2012
Detailed
7!Microsoft Windows multiple security vulnerabilities
updated since 11.04.2012
document MSCOMCTL.ocx code execution, .Net code execution, WinVerifyTrust digital signature validation vulnerability
 EMC Data Protection Advisor security vulnerabilities
document Integer overflow, NULL pointer dereference.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cyberoam Unified Threat Management security vulnerabilities
updated since 26.03.2012
document Command execution, information leakage.
  


22.04.2012
Detailed
7!Adobe Flash Player multiple security vulnerabilities
document Different memory corruptions.
 Comodo Internet Ssecurity DoS
document BSOD on PE execution if ImageBase points to kernel space.
 Samsun TV and BD-players security vulnerabilities
document DoS, buffer overflow in Remote Controller protocol.
  


19.04.2012
Detailed
9!Samba array index overflow
document Array index overflow on RPC request processing.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 11.04.2012
document Multple vulnerabilities allow remote code execution.
7!Adobe Acrobat / Reader multiple security vulnerabilities
document Memory corruptions, integer overflow, code execution.
7!Adobe Flash Player security vulnerabilities
updated since 20.03.2012
document Few memory corruptions.
6!RealNetworks Helix Server security vulnerabilities
document Information leakage, SNMP DoS.
6!gajim jabber client multiple security vulnerabilities
document Unescaped shell characters, symbolic links vulnerability, SQL injections.
 SQLAlchemy SQL injection
document SQL request data is not checked
 HP OpenVMS DoS
   
 Microsoft SQL Server privilege escalation
document Privilege escalation via RESTORE DATABASE
 Squid / McAfee Web Gateway URL filtering bypass
document Server trusts to Host: header in CONNECT request.
  


11.04.2012
Detailed
6!Microsoft Forefront Unified Access Gateway information leakage
document Request redirection, access restrictions bypass.
 Microsoft Office buffer overflow
document Buffer overflow on .wps files parsing.
  


09.04.2012
Detailed
8!Oracle Java multiple security vulnerabilities
document 19 different vulnerabilities allow file access and code execution.
7!VMWare privilege escalation
updated since 02.04.2012
document It's possible to manipulate emulated ROM via backdoor interface.
6!Quest Toad for Oracle ActiveX unauthorized access
document It's possible to access files via unsafe methods.
 PHP crossite scripting
document XSS on error message if display_errors enabled.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP Business Availability Center crossite scripting
   
 HP Onboard Administrator multiple security vulnerabilities
document URL redirection, unaurthorized access, information leakage.
 Sourcefire Defense Center multiple security vulnerabilities
document Crossite scripting, unauthorized access.
 Quest vWorkspace ActiveX unauthorized access
document It's possible to modfi files via unsafe functions.
 Cisco WebEx Player buffer overflow
updated since 31.10.2011
document Buffer overflow on .WRF files parsing.
 Arbor Networks Peakflow SP crossite scripting
document Crossite scripting in administration interface.
 Sony Bravia TV sets DoS
document Flood attack with malcrafted packets causes device to hang.
  


02.04.2012
Detailed
7!Cisco IOS multiple security vulnerabilities
document Multiple DoS conditions.
6!McAfee Email and Web Security Appliance multiple security vulnerabilities
document XSS, authentication bypass, privilege escalation, information leakage, directory traversal.
6!libzip securitty vulnerabilities
updated since 25.03.2012
document Buffer overflow and integer overflow on zip files parsing.
 Quake 3 / ioquake3 traffic amplification vulnerability
document Source of getstatus UDP message is not checked.
 OpenSSL security vulnerabilities
document DoS, CMS implementation vulnerabilities.
 expat security vulnerability
document Memory leaks, predictable hash function.
 Wireshark multiple security vulnerabilities
document DoS via ANSI A, IEEE 802.11, MP2T protocols.
 HP-UX WBEM unauthorized access
   
 D-Link SecuriCam ActiveX buffer overflow
document Buffer overflow in DcsCliCtrl.dll control.
 Quest InTrust ActiveX buffer overflows
document ArDoc.dll and AnnotateX.dll buffer overflows.
 TrendNet SecurView ActiveX buffer overflow
document UltraMJCam control buffer overflow.
 PHP DoS
document Resouces exhaustion on POSIX regular expressions functions.
 Intuit QuickBook сode execution
document Code execution and memory corruption in intu-help-qb5: protocol handler.
 raptor library (libreoffice / openoffice) file injection
updated since 26.03.2012
document It's possible to inject file via XML
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 
Links
We'll help you to book hotels online cluberia.com - fast, reliably, assured



Rating@Mail.ru