Computer Security
[EN] securityvulns.ru no-pyccku



31.05.2012
Detailed
6!Cisco IOS XR DoS
document DoS on malcrafted packets.
 WinRADIUS buffer overflow
document Buffer overflow on oversized password option.
 tftpd32 buffer overflow
document Buffer overflow in embedded DNS server.
 Asterisk security vulnerabilities
document DoS conditions on Skinny and IAX2 parsing.
 Sony VAIO Wireless Manager ActiveX security vulnerabilities
document Few different buffer overflows.
 FreeBSD crypt() implementation vulnerability
document 8-bit characters are ignored during DES hash calculation.
  


24.05.2012
Detailed
7!PHP multiple security vulnerabilities
updated since 01.05.2012
document DoS conditions, code execution, SQL injections.
6!Linux kernel multiple security vulnerabilities
updated since 14.05.2012
document DoS conditions, protection bypass, buffer overflow
 FlashPeak SlimBrowser buffer overflow
document Buffer overflow via TITLE tag.
 HP OpenVMS ACMELOGIN privilege escalation
   
 Pidgin otr plugin format string vulnerability
   
 sudo protection bypass
document It's possible to bypass IP limitations.
  


21.05.2012
Detailed
 OpenOffice multiple security vulnerabilities
document Multiple memory corruptions.
 OpenSSL DoS
document Invalid memory dereference in CBC mode.
  


14.05.2012
Detailed
6!libtasn1 / GnuTLS memory corruption
document Memory corruption on some malformed values.
6!SAP NetWeaver multiple security vulnerabilities
document Multiple vulnerabilities in Dispatcher service.
 EMC Documentum Information Rights Management Server DoS
document Few different DoS conditions.
 Apache POI memory exhaustion
document Memory exhaustion on Microsoft Word documents processing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Adobe Photoshop security vulnerabilities
updated since 09.05.2012
document Memory corruptions on files processing.
 Nova DoS
updated since 26.04.2012
document Resources exhaustion via oversized username. Resources exhaustion by quota limitatations bypass.
  


10.05.2012
Detailed
7!Samba privilege escalation
document Unprivileged user can execute privileged RPC calls to modify accounts database.
 HP System Health Application сode execution
   
 HP SNMP Agents for Linux security vulnerabilities
document Crossite scripting, URL redirection.
 HP Insight Management Agents multiple security vulnerabilities
document Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (DoS)
 VMWare privilege escalation
document Uninitialized memory reference on guest system call processing.
 Apple Mac OS X filevault information leakage
document Encrypted file system password is written in cleartext to log file.
 HP Performance Insight for Networks multiple security vulnerabilities
document Crossite scripting, SQL injection, privilege escalation.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Lan Messenger DoS
document Crash on network packet parsing.
 rssh restrictions bypass
document It's possible to bypass restrictions by manipulating with environment variables.
 FireFox information leakage
document DNS names for websockets requests are resolved via system DNS server instead of configured SOCKS.
 Samba file existance check
document It's possible to check file existance by error message of mount.cifs
 Android information leakage
updated since 24.04.2012
document All local applications have unrestricted /proce access and access to SQLite journal files.
  


09.05.2012
Detailed
8!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Multiple memory corruptions in main code and different libraries, crossite scripting, information leakage.
7!Apple iOS multiple security vulnerabilities
document URL spoofing, crossite scripting, memory corruptions.
6!Adobe Shockwave Player multiple security vulnerabilities
document Multiple memory corruptions.
6!Adobe Flash Player memory corruption
document Memory corruption due to invalid objects handling.
 Adobe Flash Professional buffer overflow
document Buffer overflow on files processing.
 Adobe Illustrator multiple security vulnerabilities
document Multiple memory corruptions on file processing.
  


01.05.2012
Detailed
7!Symantec PCAnywhere multiple security vulnerabilities
updated since 30.01.2012
document Code execution, privilege escalation.
 McAfee Virtual Technician ActiveX code execution
document GetObject() unsafe function.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Imagemagic multiple security vulnerabilities
document Buffer overflows, insufficient user supplied data validation.
 Opera / Mozilla / Internet Explorer DoS
updated since 12.02.2010
document Large number of nested tags leads to buffer overflow.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod