Computer Security
[EN] securityvulns.ru no-pyccku



26.08.2014
Detailed
6!HP Release Control XXE vulnerability
document Few SSI possibilities.
6!MIT krb5 kadmind buffer overflow
document Buffer overflow via LDAP.
6!Apache Subversion multiple security vulnerabilities
document DoS, information leakage, certificate validation bypass.
6!HP Service Manager multiple security vulnerabilities
document Crossite scripting, unauthorized access, privilege escalation.
 Grand MA 300 Fingerprint Reader insufficient encryption
document PIN code is not encrypted during transfer.
 ntopng XSS
document XSS in web interface
 IBM Maximo crossite scripting
document Few different vulnerabilities.
 pyCADF information leakage
document Authentication tokens leakage.
 BlackBerry Z10 authentication bypass
document Authentication bypass via SMB.
 serf certificate name spoofing vulnerability
document Certificate spoofing via NUL byte.
 Kolibri WebServer buffer overflow
document Buffer overlow on oversized POST request.
 EMC RSA Archer multiple security vulnerabilities
document CSRF, Pribilege escalation, unauthorized access.
 Panda Security privilege escalation
document Privilege escalation via PavTPK.sys driver.
 ESET application privilege escalation
document Privilege escalation via EpFwNdis.sys driver
 oxide-qt multiple security vulnerabilities
document Information leakage, code execution.
 Python Imaging Library DoS
document DoS on icns decoding.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Barracuda Networks Firewall / Web Firewall / Spam&Virus Firewall security vulnerabilities
updated since 28.07.2014
document XSS, restrictions bypass.
 Zyxel P660RT2 multiple security vulnerabilities
document Crossite scripting, CSRF, password bruteforce.
  


24.08.2014
Detailed
8!Apache OpenOffice security vulnerabilities
document Code execution, information leakage.
6!OpenStack multiple security vulnerabilities
document Ceilometer information leakage, Neutron information leakage and DoS, Glance DoS, Horizon crossite scripting, Keystone restrictions bypass and privilege escalation, Nova timing attacks.
 Ganeti weak permissions
document Weak archives permissions.
 IPv6 DoS
document Forget ICMPv6 PTB can break communication between two hosts.
  


18.08.2014
Detailed
7!Linux kernel multiple security vulnerabilities
updated since 11.08.2014
document DoS via ptrace syscall, filesystems mount options limitation bypass.
6!Apache HttpClient certificate checking bypass
document Validation bypass via malcrafted constructions like O="foo,CN=www.apache.org”
 Outlook.com for Android insufficient certificate validation
document Server certificate is not checked.
  


11.08.2014
Detailed
7!HP desktops and notebooks code execution
document UEFI firmware code execution.
6!Cisco IOS DoS
document EnergyWise module DoS, UDP/43440 and TCP/43440
6!readline library symbolic links vulnerability
document Symbolic links vulnerability in _rl_tropen()
 dhcpcd DoS
document Infinite loop on server response parsing.
 Snack insufficient certificate check
document Server hostname is not checked.
 HP Application Lifecycle Management / Quality Center privilege escalation
document 
 GnuPG Made Easy memory corruption
document Memory corruption on certificates parsing.
 Apache Cordova multiple security vulnerabilities
document Cross application scripting, restrictions bypass, information leakage.
 glibc use-after-free
document posix_spawn_file_actions_addopen() use-fater-free.
 HP Operations Agent privilege escalation
document Privilege escalation via Glance.
 IPython code execution
document notebook server doesn't check websocket source.
 EMC Network Configuration Manager session fixation
document Report Advisor session fixation.
  


10.08.2014
Detailed
 wireshark multiple security vulnerabilities
document Memory corruptions and DoS in different dissectors.
  


07.08.2014
Detailed
8!OpenSSL multiple security vulnerabilities
document DoS and protocol version downgrades in client and server code, memory corruptions and information leaks in client code.
  


04.08.2014
Detailed
8!Apple iOS multiple security vulnerabilities
document Повреждения памяти, DoS, обход ограничений.
8!Apple Mac OS X multiple security vulnerabilities
document Multiple memory corruptions, information leakages, DoS, privilege escalation, screen lock bypass.
8!Samba memory corruption
document Memory corruption on NetBIOS name resolution request parsing.
7!Apple TV multiple security vulnerabilities
document DoS, memory corruptions, unauthrized access to iTunes store.
7!gcc regular expressions security vulnerabilities
document Resources exhaustion and memory corruptions in stdc regular expressions.
6!Cisco Unified Communications Domain Manager multiple security vulnerabilities
document Default ssh-key, privilege escalation, SSRF.
6!KDE restrictions bypass
document Kauth polkit authorization check bypass.
 HP Network Virtualization, code execution
   
 HP / H3C VPN Firewall Module DoS
   
 HP Enterprise Maps information leakage
   
 tor user deanonymizing
document User deanonimization via Relay-early cells.
 dbus security vulnerabilities
document Few DoS conditions.
 Unity screen lock protection bypass
document Under some conditions keyboard is not blocked.
 Windows Mail privilege escalation
document Insufficient path on executable call.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod