Computer Security
[EN] securityvulns.ru
no-pyccku

  


29.06.2011
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


28.06.2011
Detailed
 libcurl GSSAPI security vulnerability
document Client's security credentials are unconditionally delegated.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 27.06.2011
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


23.06.2011
Detailed
9!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Multiple memory corruptions, buffer overflows, integer overflows, cross domain data access.
 Easewe FTP OCX ActiveX Control code execution
document Unsafe methods allow data access and code execution.
  


19.06.2011
Detailed
9!Oracle Java multiple security vulnerabilities
updated since 10.06.2011
document Multiple integer overflows on ICC profiles parsing. Java Web Start shell commands execution.
8!Adobe Shockwave Player multiple security vulnerabilities
updated since 17.06.2011
document Multiple memory corruptions, buffer overflow, code execution.
8!Microsoft Windows multiple security vulnerabilities
updated since 15.06.2011
document Buffer overflow on WMF files parsing. Uninitialized pointers on OTF parsing. DFS memory corruptions. SMB client and server memory corruptions. afd.sys privilege escalation.
7!Adobe Reader / Acrobat multiple security vulnerabilities
updated since 17.06.2011
document Buffer overflow, memory corruption, code execution, cross document scripting
6!libvirt security vulnerabilities
document DoS, off-by-one.
 IBM WebSphere crossite request forgery
document Crossite request forgery via administration console.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 17.06.2011
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Hyper-V DoS
updated since 15.06.2011
document Hang on VMBus commands processing.
  


17.06.2011
Detailed
7!Adobe Flash Player memory corruption
document 
  


15.06.2011
Detailed
8!Microsoft .Net Framework multiple security vulnerabilities
document Array index overflow, JIT compiler code execution.
7!Barracuda NG Firewall / phion netfence code execution
document Unescaped shell characters vulnerability during authentication.
7!Microsoft Forefront Threat Management Gateway Firewall Client memory corruption
document Buffer overflow in NSPLookupServiceNext.
6!Microsoft Excel multiple security vulnerabilities
document Multiple vulnerabilities on different record types parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 15.06.2011
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Certificate Services crossite scripting
document Crossite scripting in Active Directory Certificate Services Web Enrollment.
 Microsoft XML Editor information leakage
document Information leakage via .disco files.
  


11.06.2011
Detailed
6!Novell iPrint multiple security vulnerabilities
document Code execution via op-printer-list-all-jobs URI handler and cookie, Multiple ActiveX code execution vulnerabilities.
 VMWare VirtualCenter ActiveX memory corruption
document Tom Sawyer's Default GET Extension Factory ActiveX memory corruption.
 VMWare Tools privilege escalations
updated since 11.06.2011
document Privilege escalation via mount.vmhgfs and vmware-user-suid-wrapper suid utilities.
 TRENDnet / Digicom / iPUX / ZoneNet / AirLink101 IP camera products multiple security vulnerabilities
document Undocumented productmaker:ftvsbannedcode account may access camera via Web interface. Different vulnerabilities allows to obtain full administrative access via this account.
 OProfile privilege escalation
document Privilege escalation via opcontrol
  


10.06.2011
Detailed
 HP Service Manager / HP Service Center multiple security vulnerabilities
document Uauthorized access, privilege escalation, information leakage, HTTP session hijack, crossite scripting.
 HP OpenView Storage Data Protector code execution
document 
 vlc player integer overflow
document Integer overflow on XSPF playlists parsing.
  


08.06.2011
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 FontForge buffer overflow
document Buffer overflow on BDF files parsing.
  


07.06.2011
Detailed
7!IBM Tivoli Endpoint buffer overflows
updated since 02.06.2011
document Buffer overflow in lcfd.exe on TCP/9495 traffic parsing.
 fetchmail DoS
document No timeout enforced for SSL operations.
  


03.06.2011
Detailed
6!Sybase OneBridge Mobile Data Suite format string vulnerability
document Format string vulnerability during IMAPs/SMTPs requests parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Asterisk DoS
document Crash on processing SIP response headers.
 Cisco AnyConnect Secure Mobility Client security vulnerabilities
updated since 02.06.2011
document Local privilege escalation, signature is not checked for downloaded application components.
  


02.06.2011
Detailed
 Cisco Media Experience Engine 5600 default account
document Default password for root account.
 Cisco Unified IP Phones 7900 series security vulnerabilites
document Privilege escalation, signature check bypass for software images.
 Gnome GDM information leak
document Under some conditions it's possible to launch broser to access some files.
 Citadel Jabber server / Jabberd / ejabberd DoS
document DoS on XML data parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 30.05.2011
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco Network Registrar default credentials
document Default password for administrator account.
 CodeMeter crossite scripting
document Crossite scripting in web administration interface.
 Wireshark multiple security vulnerabilities
updated since 16.05.2011
document Multiple vulnerabilities on .pcap files parsing.
 Linux kernel multiple DoS conditions
document epoll() DoS conditions, tkill() privilege escalation, buffer overflows in bluetooth stack.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru