Computer Security
[EN] securityvulns.ru
no-pyccku

  


30.08.2011
Detailed
7!Apache Tomcat information leakage and unauthorized access
document A part of AJP message data may be processed as a new AJP message.
6!EMC RSA enVision security vulnerabilities
document Information leakage, unauthorized access.
6!Pidgin code execution
document It's possible to execute code via file:// URL
6!Cisco Unified Communications Manager / Cisco Unified Presence Server information leakage
document OpenQuery information leakage.
 NetSaro information leakage
document Source code leakage via administration web interface.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Report Viewer crossite scripting
updated since 10.08.2011
document ActiveX crossite scripting.
 Linux kernel DoS
document Crash on BeFS filesystem parsing.
  


27.08.2011
Detailed
8!Adobe Flash Player multiple security vulnerabilities
updated since 12.08.2011
document Memory corruptions, buffer overflows, integer overflows, crossite scripting.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 EMC AutoStart multiple buffer overflows
updated since 19.08.2011
document Multiple buffer overflows on network requests parsing.
 Lumension Device Control memory corruption
updated since 25.05.2011
document Memory corruption on TCP/65129 traffic parsing.
 PHP multiple security vulnerabilities
document NULL pointer dereference, ZipArchive mmemroy corruptions.
  


24.08.2011
Detailed
6!FLV Player flash application multiple security vulnerabilities
document Content spoofing, crossite scripting.
 eCryptfs multiple security vulnerabilities
updated since 11.08.2011
document Privilege escalation, information leakage.
  


19.08.2011
Detailed
9!Mozilla Fireox / Seamonkey / Thunderbird multiple security vulnerabilities
updated since 17.08.2011
document Multiple memory corruptions, crossite access, information leak, restriction bypass.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


17.08.2011
Detailed
8!Oracle Sun Java multiple security vulnerabilities
   
7!RealNetworks Realplayer multiple security vulnerabilities
document QCP, AAC, MP3, SWF, SIPR parsing memory corruptions, crossite scripting, unsafe methods and buffer overflow in ActiveX.
7!CheckPoint SSL VPN ActiveX code execution
document Unsafe methods allow file upload and execute.
7!Adobe Shockwave Player multiple security vulnerabilities
updated since 12.08.2011
document Multiple memory corruptions.
6!Symantec Veritas Storage Foundation multiple security vulnerabilities
document Multiple vulnerabilities on TCP/2148 request parsing.
6!Nortel / Avaya Media Application Server buffer overflow
document Buffer overflow on TCP/52005 request parsing.
6!Apache Tomcat security vulnerabilities
document Privilege escalation, information disclosure.
6!ISC DHCPD DoS
document Crash on BOOTP packet parsing.
 StudioLine Photo Basic ActiveX code execution
document Unsafe EnableLog() method.
 EMC RSA Adaptive Authentication authentication data reuse (On-Premise)
   
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 NetSaro Enterprise Messenger Server weak encryption
document Passwords are stored in cleartext or in reverible form.
 VMware vFabric tc Server weak encryption
document Server accepts cleartext password even if it's not allowed for user.
 foomatic code execution
document It's possible to execute code via .ppd files.
 CheckPoint Security Management products symbolic links vulnerability
document Symbolic links vulnerability during installation
 Microsoft Windows DHCPv6 DoS
document RPC crashes on DHCP reply with empty Domain Search List.
  


12.08.2011
Detailed
6!CA ARCserve D2D unauthorized access
updated since 26.07.2011
document Information leakage and code execution while processing TCP/8014 HTTP RPC request.
 HP ProLiant SL Advanced Power Manager unauthorized access
   
 HP Palm WebOS crossite scripting
document Crossite scripting in Contacts and Calendar applications.
 libavcodec / FFmpeg / MPlayer buffer overflow
document Buffer overflow in CAVS decoding.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Adobe Flash Media Server DoS
document Memory corruption.
 Adobe Photoshop memory corruption
document Memory corruption on GIF parsing.
  


10.08.2011
Detailed
9!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions, crossite data access, code execution.
8!Microsoft Windows multiple security vulnerabilities
document NDISTAPI service and CSRSS privilege escalations, kernel DoS, TCP/IP DoS, RDP DoS, .Net information disclosure.
7!Microsoft Windows DNS server security vulnerabilities
document Memory corruption on NAPTR record handling, uninitialized memory access on non-existent domain lookup.
6!Microsoft Office Visio security vulnerabilities
document Memory corruption on Visio files parsing.
 HP OpenView Performance Insight security vulnerabilities
document Crossite scripting, unauthorized access.
 McAfee Security-as-a-Service ActiveX code execution
document Insecure methods in MyAsUtil5.2.0.603.dll, myCIOScn.dll
 Microsoft Windows Remote Desktop Web Access crossite scripting
document Crossite scripting on the logon page.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Android application spoofing
document Application can emulate logon window of different application.
  


05.08.2011
Detailed
6!OpenSSH DoS
document GSSAPI authentication memory exhaustion.
 ThreeDify Designer ActiveX security vulnerabilities
document Buffer overflo, insecure methods.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Android crossapplication scripting
document Application can script in browser in any domain's context.
  


03.08.2011
Detailed
6!Citrix XenApp / XenDesktop security vulnerabilities
document Buffer overflow, heap memory corruption.
6!Sybase Adaptive Server Backup / Monitor Server Translation security vulnerabilities
document Different code execution vulnerabilities
6!LibAVCodec / FFMpeg / VLC index array overflow
updated since 27.04.2011
document Index array overflow on AMV files parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco TelePresence Recording Server default account
document root account hat default password.
 Flexera FlexNet License Server Manager buffer overflow
document Buffer overflow in TCP/27000 request processing.
 dhcpcd shell characters vulnerability
document Shell characters vulnerability in the hostname.
  


01.08.2011
Detailed
9!Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
updated since 25.07.2011
document Quarterly critical patch update closes 78 different vulnerabilities in all major applications.
9!WebKit / Apple Safari / Google Chrome multiple security vulnerabilities
updated since 22.07.2011
document WebKit and Apple libraries multiple security vulnerabilities
6!libsoup library directory traversal
document Directory traversal in Web request handling.
6!ioQuake3 game engine security vulnerabilities
document Shell characters vulnerability, code execution.
6!ClamAV antivirus DoS
   
 HP Data Protector Media Management Daemon DoS
   
 EMC Data Protection Advisor information leakage
updated since 01.08.2011
document Cleartext passwords are stored in user readable files.
 EMC Captiva eInput security vulnerabilities
document Crossite scripting, unsafe ActiveX methods.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco SA 500 security vulnerabilities
updated since 26.07.2011
document SQL injection, privilege escalation.
 Wireshark sniffer DoS
updated since 14.07.2011
document Crash on IKE packet parsing.
 HP OpenView Performance Agent DoS
updated since 06.07.2011
document It's possible to remove arbitrary files via TCP/383 HTTP request.
 Linux DBus DoS
document Byteorder is not checked in some messages.
 ZTE Callisto 821+ ADSL router security vulnerabilities
updated since 30.05.2011
document Crossite scripting, crossite request forgery.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru