Computer Security
[EN] securityvulns.ru
no-pyccku

  


30.09.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


29.09.2010
Detailed
 Synology Disk Station crossite scripting
document Crossite scripting on FTP commands logging.
 FFmpeg libavcodec / MPlayer buffer overflow
document Buffer overflow on flic format parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 29.09.2010
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


27.09.2010
Detailed
6!PHP multiple security vulnerabilities
document phar extension information leaks, SPLObjectStorage information leaks, error messages information leaks, variables spoofing.
 HP OpenView Network Node Manager DoS
   
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP System Management Homepage multiple security vulnerabilities
updated since 17.09.2010
document Crossite scripting, information leak.
 Cisco Unified Presence / Cisco Unified Communications Manager DoS
updated since 30.08.2010
document Crash on SIP messages parsing.
  


24.09.2010
Detailed
7!Cisco IOS multiple security vulnerabilities
document DoS via SIP, DoS via ICGMP, SSL information leak, DoS in voice protocols application layer gateway for NAT.
6!Opera crossite access
document Crossite scripting via @import url().
  


23.09.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


20.09.2010
Detailed
6!Squid proxy server DoS
document Crash on request with empty header strings.
6!bzip2 integer overflow
document Integer overflow on bz2 archive decompressing.
6!Linux kernel multiple security vulnerabilities
updated since 11.09.2010
document DoS conditions, CIFS client privilege escalation, do_anonymous_page privilege escalation, information leak in XFS, privilege escalation in compat_alloc_user_space().
 Alcatel OmniVista 4760 buffer overflow
document Buffer overflow in built-in HTTP proxy.
 Alcatel CCAgent unauthorized access
document Server does not provide any authenticaiton, password is stored on the client site in reversible encryption.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


17.09.2010
Detailed
7!cvsnt unauthorized access
document Directory traversal via branch name.
 BACnet OPC client buffer overflow
document Buffer overflow on SCADA data parsing.
 Flock browser crossite scripting
document Multiple crossite scripting vulnerabilities.
  3Com OfficeConnect Gigabit VPN Firewall crossite scripting
   
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP Data Protector Express privilege escalation
updated since 11.09.2010
document Buffer overflow in DtbClsLogin
 Nokia E72 smartphone protection bypass
document Keyboard is not locked during password validation.
  


16.09.2010
Detailed
9!Microsoft Internet Information Services multiple security vulnerabilities
document Authentication bypass, buffer overflow, DoS.
9!Microsoft Office multiple security vulnerabilities
updated since 15.09.2010
document Buffer overflow in Microsoft Outlook message parsing, memory corruption on fonts parsing.
9!Microsoft Windows multiple security vulnerabilities
updated since 15.09.2010
document Privilege escalation and code execution in spooler services,memory corruption in MPEG-4 codec, memroy corruption in RPC, privilege escalation in LSA, privilege escalation in CSRSS subsystem, WordPad memory corruption.
9!Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
updated since 10.09.2010
document Multiple memory corruptions, integer overflows, buffer overflows, code execution, crossite scripting.
7!SAMBA buffer overflow
document Buffer overflow on share SID parsing.
6!IBM Lotus Domino buffer overflow
document Buffer overflow on oversized mailto within iCalendar.
6!Novell PlateSpin Orchestrate shell characters vulnerability
document Shell characters vulnerability on graphs rendering.
6!Google Message Security SaaS multiple security vulnerabilities
document Crossite scripting, SQL injection.
  


14.09.2010
Detailed
7!Apple WebKit / Safari multiple security vulnerabilities
document Code execution, memory corruptions.
6!IBM Proventia Mail Security System multiple security vulnerabilities
document Crossite scripting, code execution, request spoofing.
6!Novell Netware SSH buffer overflow
updated since 06.09.2010
document Buffer overflow on oversized SCP GET request.
 MailEnable SMTP server DoS conditions
document Uninitialized memory reference during logging on MAIL FROM / RCPT TO commands.
 rpm hard links vulnerability
document Race conditions for file spoofing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Wireshark sniffer multiple security vulnerabilities
updated since 14.06.2010
document Multiple DoS conditions, buffer overflow.
  


12.09.2010
Detailed
 quagga BGP daemon DoS
document Few DoS conditions on BGP traffic parsing.
 LVM2 unauthorized access
document Access to management commands is not authorized for local socket.
 sudo privilege escalation
document Under some conditions, user can execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that group
 couchdb code execution
document Ralative path for dynamic library loading.
 Apple Safari code execution
document Under some conditions, explorer.exe is executed with relative name.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 11.09.2010
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


11.09.2010
Detailed
 Your Own Personal Server Web-Server buffer overflow
document Buffer overflow on request headers parsing.
  


10.09.2010
Detailed
 Internet Download Accelerator ActiveX buffer overflow
document Buffer overflow in NotSafe method.
  


09.09.2010
Detailed
6!EMC Celerra Network Attached Storage appliance unauthorized access
updated since 16.08.2010
document Full NFS access from predefined list of IP addresses is enabled by default.
 HP Insight Diagnostics Online Edition crosisite scripting
   
 HP-UX Software Distributor privilege escalation
   
 HP ProLiant G6 Lights-Out 100 DoS
   
 mountall privilege escalation
document udev rule file unsafe permissions.
 RSA Access Manager Server / Agent vulnerabilities
document Few restriction bypass vulnerabilities
  


08.09.2010
Detailed
6!Cisco Wireless LAN Controller multiple security vulnerabilities
document DoS conditions, privilege escalations, restrictions bypass.
  


06.09.2010
Detailed
6!HP Operations Agent security vulnerabilities
document Code execution, privilege escalation.
 barnowl uninitialized memory reference
document libzephyr library functions return code is not checked.
  


05.09.2010
Detailed
6!Google Chrome memory corruption
document Memory corruption on focus events processing.
  


02.09.2010
Detailed
7!Apple QuickTime code execution
document Memory corruption in ActiveX control.
6!libwww-perl directory traversal
document Directory traversal on file downloading in lwp-download.
 Apple WebKit / Safari DoS
document Crash on SGV style parameters parsing.
 libHX library buffer overflow
document Hep buffer overflow in HX_split function.
 OpenSSL library double free vulnerability
document Double free() in ECDH code.
 bogofilter DoS
document Crash on message parsing.
 libgdiplus / Mono multiple integer overflows
document Multiple integer overflows on BPM, JPEG, TIFF parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru