Computer Security
[EN] no-pyccku

8!Chromium / Google Chrome multiple security vulnerabilities
document Multiple memory corruptions, integer overflows, information leaks.
8!libtiff multiple security vulnerabilities
document Vulnerabilities in different utilities.
8!Oracle Java multiple security vulnerabilities
updated since 10.07.2013
document 40 different vulnerabilities
7!FreeBSD ip_multicast integer overflow
document Integer overflow on buffer size calculation in IP_MSFILTER.
6!PHP / python certificate spoofing
document Subject Alternative Name \0 invalid handling.
 FreeBSD information leakage
document Kernel memory content leakage via SCTP sockets.
 VMWare privilege escalation
document vmware-mount privilege escalation.
 perl-Proc-ProcessTable symbolic links vulnerabilities
document Symbolic links vulnerabilities on /tmp/TTYDEVS processing.
 Samba DoS
updated since 12.08.2013
document Memory exhaustion on malformed nttrans request processing.
document assert() on loops processing.

8!Многочисленные уязвимости в Mozilla Firefox / Seamonkey multiple security vulnerabilities
updated since 06.04.2010
document Multiple memory corruptions, integer overflows, array index overflows, information leak.
6!Sitecom wireless routers multiple security vulnerabilities
document Undocumented hardcoded accounts, undocumented telnet access, weak WPA and administrator accounts generation.
6!Linksys EA access points authentication bypass
updated since 08.07.2013
document It's possible to access web administration without authentication.

 libXfont memory corruption
updated since 17.08.2011
document Memory corruption on compressed font parsing.

7!Microsoft Exchange Oracle libraries security vulnerabilities
document Outlook Web Access vulnerabilities because of vulnerable Oracle Outside In libraries.
7!PuTTY / WinSCP security vulnerabilities
updated since 05.08.2013
document SSH handshake heap buffer overflow, protection bypass, information leakage.
 Microsoft Active Directory Federation Services information leakage
document It's possible to obtain service account information to cause account locking via unsuccessful logon attempts.

9!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
document Memory corruptions, buffer overflows, crossite data access, crossite scripting, information spoofing, privilege escalation, protection bypass, code execution, information leakage.
8!Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
updated since 29.07.2013
document Quarterly CPU fixes 89 dufferent vulnerabilities.
8!Chromium / Google Chrome multiple security vulnerabilities
updated since 19.07.2013
document Protection bypass, privilege escalation, DoS, use-after-free, information leakage, memory corruptions.
7!Cisco IOS / ASA / FWSM / NX-OS / StarOS OSPF protocol vulnerability
document LSA packet routing table manipulation
7!Cisco Wide Area Application Services, CDS, VDS, CDM code execution
document Code execution via HTTP POST request, privilege escalation.
7!Cisco TelePresence security vulnerabilities
updated since 19.07.2013
document DoS, directory traversal, backdoor account.
6!HP Data Protector code execution
document Unauthorized perl commands execution.
6!TP-Link IP cameras security vulnerabilities
updated since 05.06.2013
document Code execution, protection bypass.
 HP Integrated Lights-Out authentication bypass
 HP SiteScope code execution
document Code execution via SOAP.
 Apache mod_dav_svn DoS
document Assertion failure on COPY, DELETE and MOVE commands processing
 Hikvision IP Cameras multiple security vulnerabilities
document Code execution, protection bypass, information leakage.
 gnupg / libcrypt RSA implementation flush+reload timing attack
document Private key recovery by using CPU L3 cache timings.
 Vodafone EasyBox weak WPS PIN
document PIN is generated based on publically available data.
 Huawei B153 router information leakage
document WPA2 key leakage without authentication.
 Wireshark multiple security vulnerabilities
document Multiple vulnerabilities in different protocol dissectors.
 Apache suexec security vulnerabilities
document Protection bypass, privilege escalation.
 Netresec NetworkMiner security vulnerabilities
document Code execution, directory traversal.
 WD My Net security vulnerabilities
updated since 19.07.2013
document Unauthorized access, information leakages.
 HP / 3COM / H3C switches security vulnerabilities
updated since 15.07.2013
document Code execution, information leakage.
 Security vulnerabilities in different Ruby Gems
updated since 06.05.2013
document VUlnerabilities in different libraries.
 D-Link DIR-645 unauthroized access
updated since 02.03.2013
document It's possible to obtain administration password without authentication, crossite scripting, buffer overflow.

6!HP printers information leakage
document It's possible to obtain user accounts and WiFi PIN without authentication.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod