Computer Security
[EN] securityvulns.ru no-pyccku



29.06.2015
Detailed
7!SAP NetWeather multiple security vulnerabilities
document Information disclosure, XXE injection, code execution, DoS.
6!EMC Unisphere for VMAX code execution
document JDWP access is possible.
6!Cisco Virtual WSA / ESA / SMA default keys
document Default ssh keys are installed.
 SAP SYBASE SQL Anywhere DoS
document DoS on request processing.
 SAP Afaria security vulnerabilities
document DoS, authentication bypass
 FreeRADIUS
document Insufficient certificate revocations checks.
 Netgear Prosafe multiple security vulnerabilities
document XSS, headers injection, SQL injection.
 wireshark multiple security vulnerabilities
updated since 08.06.2015
document Multiple memory corruptions in different dissectors.
 Kguard Digital Video Recorders security vulnerabilities
updated since 16.03.2015
document Authentication bypass, commands injection, DoS.
 GNU patch security vulnerabilities
updated since 08.03.2015
document DoS, directory traversal.
  


21.06.2015
Detailed
7!wpa_supplicant multiple security vulnerabilities
updated since 05.05.2015
document Buffer overflows, DoS vulnerabilities.
6!libav / ffmpeg security vulnerabilities
document Memory corruptions in multiple demuxers.
6!libvirt / qemu / Xen multiple security vulnerabilities
updated since 13.06.2015
document DoS, privilege escalation, information disclosure, code execution.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 VCE Vision Intelligent Operations weak cryptography
document Weak cyphers usage, sensitive information transmitted in cleartext.
 OpenStack cinder privilege escalation
document Authorized user can access any files.
 EMC Unified Infrastructure Manager/Provisioning authentication bypass
document Authentication bypass if LDAP authentication is used.
 p7zip deirectory trversal
document Directory traversal on archive extraction.
 My Wifi Router buffer overflow
document Buffer overflow on user authentication.
 Linux kernel security vulnerabilities
updated since 13.06.2015
document DoS, privilege escalations.
  


14.06.2015
Detailed
6!Cisco IOS XR
document Crash on IPv6 packet processing.
6!VMWare applications multiple security vulnereabilities
document Multiple memory corruptions, DoS.
6!CUPS security vulnerabilities
document Code execution, crossite scripting.
6!Microsoft Office multiple security vulnerabilities
document Multiple memory corruptions.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Alcatel-Lucent OmniSwitch security vulnerabilities
document Crossite scripting, session hijack.
 Elasticsearch files access
document snapshot API files access
 Microsoft Exchange multiple security vulnerabilities
document XSS, CSRF, HTML injection.
 Microsoft Active Directory Federation Services crossite scripting
document Crossite scipring in web interface.
  


13.06.2015
Detailed
7!Microsoft Windows multiple security vulnerabilities
document Multiple Internet Explorer vulnerabilities, Media Player code executions, system libraries code execution, privilege escalation.
6!OpenSSL multiple security vulnerabilities
document Multiple DoS conditions.
6!PHP multiple security vulnerabilities
updated since 08.06.2015
document NULL character injection, DoS, integer overflow, memory corruption.
  


08.06.2015
Detailed
6!Apache Jackrabbit XXE
document XXE via WebDAV request.
 redis restrictions bypass
document Lua sandbox escaping.
 StrongSwan certificate spoofing
document Server's certificate is validated after credentials are sent.
 Sendio ESP information disclosure
document Session disclosure via Referer.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 EMC RSA Web Threat Detection CSRF
document 
 t1utils memory corruption
document Memory corruption on fonts manipulation.
 Apache mod_jk information disclosure
document 
 HP WebInspect unauthorized access
document 
 CA Common Services privilege escalation
document Multiple privilege escalation vulnerabilities.
 Wing FTP Server security vulnerabilities
document Code execution and CSRF in web interface.
 1 Click ActiveX buffer overflow
document SkinCrafter.dll buffer overflow
 dbusmock code execution
document 
  


02.06.2015
Detailed
9!Apple iOS memory corruption
document A combination of UTF-8 characters leads to memory corruption.
7!Skype DoS
document Crash on parsing message with http://: URL from older application version.
  


01.06.2015
Detailed
6!D-Link NAS / NVR multiple security vulnerabilities
document More than 50 different vulnerabilities.
6!ipsec-tools DoS
document NULL pointer dereference on UDP packet parsing.
6!SAP Hana security vulnerabilities
document Information spoofing, information disclosure.
 EMC Document Sciences xPression SQL injection
document 
 HP Access Control Software unauthorized access
document 
 HP LoadRunner buffer overflow
document 
 HP SiteScope privilege escalation
document 
 Synology DiskStation / Synology PhotoStation security vulnerabilities
document Crossite scripting, commands injection.
 HP Easy Setup Wizard privilege escalation
document 
 nbd securityvulnerabilities
document Different DoS conditions.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod