Computer Security
[EN] securityvulns.ru no-pyccku



31.08.2015
Detailed
8!Mozilla Firefox / Thunderbird / Seamonkey / Firefox OS multiple security vulnerabilities
updated since 10.08.2015
document Restrictions bypass, memory corruptions.
6!FreeBSD privilege escalation
document Privilege escalation because of imcomplete context switching on exception handling.
6!libvirt / qemu multiple security vulnerabilities
updated since 03.08.2015
document Multiple memory corruptions.
 PHP security vulnerabilities
document DoS and buffer overflow on PHAR files processing.
 cups-filters limitations bypass
document Local printers may be accessible via external interfaces.
  


24.08.2015
Detailed
9!Microsoft Windows multiple security vulnerabilities
updated since 11.08.2015
document OpenType fonts parsing code execution, multiple Internet Explorer and Edge vulnerabilities, code execution and information disclosure in system libraries, code execution via RDP and AMB, privilege escalation, information disclosure via WebDAV.
9!Microsoft Windows multiple security vulnerabilities
updated since 18.11.2014
document OLE code execution, Internet Explorer multiple vulnerabilities, Schannel code execution, XML Core Services code execution, TCP/IP privilege escalation, Windows Audio Service privilege escalation, .NET Framework privilege escalation, RDP restrictions bypass, IIS restrictions bypass, IME privilege escalation, kernel-mode drivers DoS.
6!HP KeyView multiple security vulnerabilities
document Multiple vulnerabilities with potential code execution impact.
6!HP Operations Manager i code execution
document 
6!McAfee Application Control multiple security vulnerabilities
document Restrictions bypass, unsafe libraries usage, privilege escalation.
6!Websense Triton Content Manager buffer overflow
document Buffer overflow on request parsing.
6!GnuTLS double free
document Double free on DN parsing.
6!gdk-pixbuf buffer overflow
document Heap buffer overflow on BMP parsing.
6!Apache Subversion security vulnerabilities
document Authentication bypass, unauthorized files access.
6!VLC uninitialized pointer dereference
document Uninitialized pointer dereference on 3GP parsing.
 HP Central View applications information leakage
document 
 Fortiguard FortiSandbox XSS
document Crossite scripting in web interface.
 Apache ActiveMQ DoS
document Undocumented shutdown command.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 QNAP devices protection bypass
document Decyphering ispossible without knowledge of key information.
 Hawkeye-G XSS
document Crossite scripting in web interface.
 Basware Banking/Maksuliikenne security vulnerabilities
document 
 Dell Netvault Backup DoS
document Crash on network request parsing.
 OpenStack Keystone restrictions bypass
document Certificates validation bypass.
 OpenStack Swift security vulnerabilities
document Few restriction bypass vulnerabilities.
 EMC RSA BSAFE multiple security vulnerabilities
document Integer overflow in base64 decode, multiple crypto vulnerabilities.
 EMC RSA Archer CSRF
document Multiple CSRF vulnerabilities.
 SAP Mobile Platform DataVault multiple security vulnerabilities
document Multiple cryptographical vulnerabilities.
 SAP Afaria 7 multiple security vulnerabilities
document Buffer overflow, information leakage, DoS.
 conntrack DoS
document Crash on different network packets.
 Net-SNMP memory corruption
document Memory corruption on server response parsing.
 Trend Micro Deep Discovery security vulnerabilities
document Authentication bypass, crossite scripting.
 Cumulus Linux's Switch Configuration Tools Backend privilege escalation
document Privilege escalation via command injection.
 OpenSSH resreictions bypass
updated since 02.08.2015
document It's possible to bypass MaxAuthTries restrictions.
 EMC Secure Remote Services Virtual Edition multiple security vulnerabilities
updated since 16.03.2015
document Code execution, SQL injection, buffer overflow.
 Dell SonicWall NetExtender privilege escalation
document Binary planting vulnerability.
 Linksys WAG120N crossite scripting
document Crossite scripting in web interface.
 WiFi Pineapple protection bypass
document Predictable CSRF tokens.
 Glorylogic PDF Shaper buffer overflow
document Buffer overflow on PDF parsing.
  


23.08.2015
Detailed
7!Apple QuickTime multiple security vulnerabilities
document Multiple memory corruptions.
 HP-UX privilege escalation
document Privilege escalation via execve().
 Elastic Logstash insufficient certificate check
document man-in-the-middle attack is possible
  


17.08.2015
Detailed
8!Apple Mac OS X / OS X Server multiple security vulnerabilities
document Over 150 different vulnerabilities in system components and libraries.
8!Apple Safari / Webkit multiple security vulnerabilities
document Interface spoofing, memory corruption, restrictions bypass.
7!Apple iOS multiple security vulnerabilities
document Over 70 of different vulnerabilities.
6!Cisco Unified Communications Manager multiple security vulnerabilities
document Code execution, authentication bypass, local files inclusion.
  


11.08.2015
Detailed
8!Microsoft Office multiple security vulnerabilities
document Memory corruptions, code execution.
 System Center Operations Manager crossite scripting
document Crossite scripting in web interface.
  


10.08.2015
Detailed
 squid restrictions bypass
document Restrictions bypass is possible under some configurations.
 FreeBSD routed DoS
document Crash on RIP request from non-directly connected network.
 FreeBSD patch code execution
updated since 03.08.2015
document Commands injection is possible.
  


03.08.2015
Detailed
6!Cisco ASR routers DoS
document Crash on fragmented packets processing.
 expat library integer overflow
document Multiple integer overflows.
 ISC bind named DoS
document Assert on TKEY request processing.
 ghostscript memory corruption
document Memory corruption on Postscript file parsing.
 HPLIP restrictions bypas
document Invalid GPG key retrieval from server.
  


02.08.2015
Detailed
6!PCRE multiple security vulnerabilities
document Multiple memory corruptions on PCRE parsing.
 DoS против библиотеки XMLTooling
document Unhandled exception on processing XML with invalid schema.
 OpenAFS multiple security vulnerabilities
document Information disclosure, DoS.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod