Computer Security
[EN] securityvulns.ru no-pyccku



29.09.2014
Detailed
7!Cisco IOS multiple security vulnerabilities
document Multiple DoS conditions.
7!Linux kernel multiple security vulnerabilities
updated since 03.09.2014
document SCTP DoS, ALSA multiple DoS and information leakage, autofs DoS.
6!wireshark multiple security vulnerabilities
document Multiple memory corruptions and DoS conditions on dufferent formats.
6!libvncserver multiple security vulnerabilities
document Buffer overflows, memory corruptions, DoS.
6!Mozilla NSS library RSA siagnature forgery
document Signature validation bypass due to invalid length check in ASN.1 record.
 nginx information leakage
document Invalid cached session reusage.
 Glype filtering bypass
document Access by decimal addresses is possible. Directory traversal.
 net-snmp DoS
document snmptrapd NULL pointer dereference.
 libgadu certificate check bypass
document Server certificate is not checked.
 Perl stack overflow
document Buffer overflow on recursion.
  


25.09.2014
Detailed
 apt multiple security vulnerabilities
updated since 21.09.2014
document Protection bypass, restrictions bypass.
  


21.09.2014
Detailed
8!Apple Safari / Webkit multiple security vulnerabilities
document Unsafe passwords autofill, unsafe cache handling, multiple memory corruptions.
8!Apple Mac OS X / OS X Server multiple security vulnerabilities
document Privilege escalation, multiple memory corruptions on different formats parsing, information leakage, DoS, protection bypass, multiple vulnerabilities in 3rd parties components.
8!Apple iOS multiple security vulnerabilities
document Weak authentication, unauthorized access, information leakage, race conditions, protection bypass, memory corruptions on different formats parsing, XXE.
6!FreeBSD tcp DoS
document It's possible to tear down connection without knowing sequence number.
6!Apple TV multiple security vulnerabilities
document Weak authentication, unauthorized access, information leakage, race conditions, protection bypass, memory corruptions on different formats parsing.
 libav / ffmpeg memory corruption
document Memory corruption on FFV1 decoding.
 Asterisk security vulnerabilities
document Few DoS conditions.
 Aztech routers multiple security vulnerabilities
document DoS, unauthorized access, information leakage.
  


15.09.2014
Detailed
7!Microsoft Windows multiple security vulnerabilities
document Windows Media Center use-after-free, drivers privilege escalation, .Net restriction bypass and DoS, LRPC restriction bypass, Windows Installer service privilege escalation, Internet Explorer multiple security vulnerabilities, Task Scheduler privilege escalation.
7!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
updated since 03.09.2014
document Memory corruptions, local files access.
6!procmail buffer overflow
document Buffer overflow on mail headers parsing.
6!Apache Tomcat security vulnerabilities
document Code execution, DoS.
6!PHP security vulnerabilities
document Fileinfo and php_parserr() buffer overflows. GD poisoned NULL byte vulnerability.
6!libcurl information leakage
document Cookie can be leaked to wrong site.
6!Microsoft SQL Server multiple security vulnerabilities
document XSS, stack overrun.
 HP Network Node Manager I code execution
document 
 GnuPG / libcrypt information leakage
document ElGamal subkeys can be leaked via side-channel.
 Microsoft Lync multiple security vulnerabilities
document Information disclosure, DoS.
 Microsoft SharePoint Server privilege escalation
document Code execution in another user's context.
 Microsoft OneNote memory corruption
document Memory corruption on OneNote files parsing.
 acpi-support privilege escalation
updated since 04.08.2014
document Race conditions, memory corruption.
  


10.09.2014
Detailed
 ppp privilege escalation
document Access to privileged options is possible.
 IBM WebSphere Application Server XSS
document Integrated Solutions Console crossite scripting.
 Cisco Unified Computing System E DoS
document SSH DoS in built in management controller.
  


03.09.2014
Detailed
6!Lua buffer overflow
document Buffer overflow on function call with large number of arguments.
 file utility memory corruption
updated since 09.03.2012
document Memory corruption CDF format parsing.
  


02.09.2014
Detailed
6!squid DoS
document DoS via Range: request.
 F5 BIG-IP crossite scripting
document Crossite scripting via POST reuqest.
 Mathematica symbolic links vulnerability
updated since 17.05.2010
document Symbolic links vulnerability on temporary files creation.
  


01.09.2014
Detailed
6!GNU glibc buffer overflow
document Off-by-one in __gconv_translit_find().
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod