Computer Security
[EN] securityvulns.ru no-pyccku



25.06.2012
Detailed
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.06.2012
document Multiple memory corruptions, code executions, information leakage.
6!ClamAV antivirus multiple security vulnerabilities
document Vulnerabilitie on TAR and CHM parsing.
6!Cisco ASA DoS
document It's possible to reboot device remotely.
6!FreeBSD kernel privilege escalation
updated since 13.06.2012
document Privilege escalation on susret on some CPUs.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP Business Service Management multiple security vulnerabilities
document Information leakage, unauthorized access, DoS.
 snmpd DoS
document Crash on request to non-existent extension table entry.
 Western Digital ShareSpace information leakage
document It's possible to access configuration files via Web interface.
 QNAP Turbo NAS multiple security vulnerabilities
document Information leakage, privilege esclation, system access.
 Cisco Application Control Engine privilege escalation
document Context administrator can access wrong context.
 Lattice Diamond Programmer buffer overflow
document Code execution via .xcf files.
  


24.06.2012
Detailed
6!RealNetworks Helix Server code execution
document Code execution during rn5auth authentication process.
6!HP Data Protector Express multiple security vulnerabilities
updated since 19.03.2012
document DoS, code execution.
 libxml off-by-one
   
 HP DataDirect OpenAccess security vulnerabilities
updated since 17.06.2012
document Few buffer overflows on traffic parsing.
 HP Performance Manager security vulnerabilities
updated since 02.04.2012
document DoS, code execution.
  


18.06.2012
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


17.06.2012
Detailed
7!ffmpeg library multiple security vulnerabilities
updated since 21.05.2012
document Multiple security vulnerabilities on Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV parsing.
6!F5 BIG-IP authentication bypass
document Full device acces is possible.
 Sielco Sistemi Winlog buffer overflow
document Buffer overflow on TCP/46824 traffic parsing.
 Network UPS Tools buffer overflow
document Buffer overflow on oversized string.
 ComSndFTP FTP Server format string vulnerability
document Format string vulnerability in USER command.
 HP Server Automation code execution
   
 HP Onboard Administrator multiple security vulnerabilities
document Unauthorized access, DoS.
 AdNovum NevisProxy XSS
document Crossite scripting via 302 redirection.
 Checkpoint Endpoint Connect DLL hijacking
document It's possible to load user provided library into system process.
 VMWare security vulnerabilities
document DoS, memory corruption.
 Asterisk DoS
document Crash in Skinny driver.
 ESRI ArcMap code execution
document MXD files may contain VBS scripts.
 IObit Protected Folder protection bypass
document It's possible to bypass protection, e.g. by changing return value of password checking function.
 Opera URL spoof
document It's possible to trace event when user leaves the site and to spoof site content.
 arpwatch protection bypass
document Elevated privileges are dropped incorrectly.
  


13.06.2012
Detailed
8!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Buffer overflows, memory corruptions, use-after-free, code executions, privilege escalations.
8!Microsoft Remote Desktop memory corruption
document Memory corruption on RDP packets processing.
8!Adobe Flash Player multiple security vulnerabilities
updated since 16.02.2012
document Memory corruptions, protection bypass, crossite scripting.
6!Network Instruments Observer security vulnerabilities
document Buffer overflows on SNMP parsing.
6!Symantec WebGateway security vulnerabilities
document Code execution, unfiltered shell characters.
6!RealNetworks RealPlayer multiple security vulnerabilities
document Multiple vulnerabilities on different sofrmats parsing.
6!PHP buffer overflow
document Buffer overflow on tar files processing.
6!ISC bind DoS
document Crash on zero length RADTA processing.
6!Microsoft IIS protection bypass
document Password protection bypass, script files content access.
6!Mictosoft Lync multiple security vulnerabilities
document Font parsing vulnerabilities, unsafe DLL loading, crossite scripting.
 PostgreSQL security vulnerabilities
document DoS, weak crypt() implementation.
 PHP PDO out-of-boundaures access
document Out-of-bounds access via precompiled database request.
 Microsoft Dynamics AX crossite scripting
document Crossite scripting via URLs.
  


12.06.2012
Detailed
8!MySQL authentication vulnerability
document Invalid hash calculation under some platforms allows access without password knowledge.
 Apple iTunes security vulnerabilities
document Buffer overflow on .m3u parsing, buffer overflow in embedded browser.
  


06.06.2012
Detailed
8!Microsoft certificates vulnerability
document Terminal Services activation certificate may be used to sign code on behalf of Microsoft.
  


03.06.2012
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 strongswan authentication bypass
updated since 03.06.2012
document Invalid authentication data check if gmp plugin is used.
 HP Diagnostics Server buffer overflow
updated since 16.01.2012
document Buffer overflow on TCP/23472 request parsing
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod