Computer Security
[EN] securityvulns.ru
no-pyccku

  


26.09.2011
Detailed
7!Linux kernel multiple security vulnerabilities
document Multipe local DoS conditions, information leaks, IPv6 remote DoS, X.25 code execution.
6!Sunway ForceControl multiple security vulnerabilities
document Multiple buffer overflows, DoS conditions, directory traversal, ActiveX code execution.
 Pantech Link/P7040P phones SSL certificate chain check vulnerabilities
document Intermediate certificate basic constraints are not checked.
 Apache Tomcat digest authentication vulnerabilities
document Multiple implementation errors make authentication vulnerable to different attacks.
 Netgear CG814WG cable modem security vulnerability
document CSRF, authentication bypass.
 Nomachine NX Server privilege escalation
document shell code execution via environment variables manipulation for suid application.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 PHP is_a function vulnerability
document Function behaviour is changed, making different application relying upon it behavior potentially vulnerable.
 gimp memory corruption
document Memory corruption on GIF LZW extraction.
 Dolphin Browser HD / Opera Mobile XAS
document Application can access browser's data.
  


20.09.2011
Detailed
7!Microsoft Office multiple security vulnerabilities
updated since 16.09.2011
document Multiple Excel memory corruptions, Word uninitialized pointer dereference, unsafe DLL loading.
6!Microsoft Sharepoint multiple security vulnerabilities
updated since 16.09.2011
document Crossite scripting, code injection, information disclosure.
6!Cisco Unified Communications Manager / Cisco Intercompany Media Engine / Cisco TelePresence Codecs DoS
updated since 30.08.2011
document Crash on Service Advertisement Framework (SAF) packet parsing, crash on SIP processing, connection flood DoS.
 Cisco Unified Service Monitor / Cisco Unified Operations Manager / CiscoWorks LAN Management / EMC Ionix buffer overflow
document Buffer overflow on TCP/9002 network packet parsing.
 HP Business Service Automation Essentials code execution
document 
 Colasoft Capsa DoS
document Crash on SNMP packet parsing.
 HP Network Node Manager i DoS
document 
 FortiMail Messaging Security Appliance crossite scripting
document Crossite scripting in web administration module.
 librsvg code execution
document Code excution on SVG files parsing
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


16.09.2011
Detailed
7!Microsoft Windows WINS server memory corruption
updated since 10.05.2011
document Memory corruption on send() exceptional conditions handling.
6!DigiNotar fraudulent certificates
updated since 01.09.2011
document Well known domain names certificates were issued to untrusted party.
 Microsoft Windows WIND server privilege escalation
document Loopback interface packets handling vulnereability
  


13.09.2011
Detailed
7!Linux kernel security vulnerabilities
document Predictable TCP ISN numbers, CIFS client memory corruption.
6!Google –°hrome multiple security vulnerabilities
document DoS, information leakage, memory corruption.
6!squid buffer overflow
document Buffer overflow on gopher reply parsing.
 rsyslog buffer overflow
document Buffer overflow on oversized syslog TAG.
 Quassel IRC client DoS
document CTCP request parsing DoS.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 EMC Avamar privilege escalation
document Domain administrator can access data from different domain.
  


09.09.2011
Detailed
 Witness Systems eQuality Unify buffer overflow
document Buffer overflow on TCP/6821 packet parsing.
 Cloud Manager unaurhozied access
document Insufficient authentication in RPC-based service.
 Microsoft Windows CSRSS DoS
document NULL pointer dereference on console input from stdin if stderr and stdout are closed.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


07.09.2011
Detailed
 openvas race conditions
document Race conditions for symbolic link attack.
  


05.09.2011
Detailed
7!Apple QuickTime multiple security vulnerabilities
updated since 05.08.2011
document Memory corruptions in PICT, JPEG2000, WAV, JPEG, GIF and different movie formats parsing, crossite scripting.
 Symantec Veritas Backup Exec code execution
document It's possible to execute privileged command remotely.
 KnFTPd FTP Server buffer overflows
document Buffer overflows in different FTP commands.
 BroadWin WebAccess Client ActiveX security vulnerabilities
document Format string vulnerability, memory corruption.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru