Computer Security
[EN] securityvulns.ru no-pyccku



30.11.2014
Detailed
7!Linux kernel multiple security vulnerabilities
updated since 03.11.2014
document Multiple KVM vulnerabilities, CIFS client DoS, remote DoS vulnerabilities, trace_syscalls privilege escalation and protection bypass.
6!squid security vulnerabilities
document DoS and information disclosure in pinger service.
6!imagemagic DoS
document Out-of-buffer reads.
6!ClamAV memory corruptions
document Memory corruptions on JS and PE files parsing.
6!GNU glibc code execution
document wordexp() function code execution.
6!flac memory corruptions
document Buffer overflows on audio files parsing.
6! libksba buffer overflow
document Buffer overflow on S/MIME messages parsing.
 icecast information disclosure
document Server leaks scripts sources.
 dbus multiple security vulnerabilities
updated since 21.09.2014
document Memory corruptions, DoS.
  


24.11.2014
Detailed
7!GnuTLS memory corruption
document Memory corruption on ECC.
6!Apple Mac OS X multiple security vulnerabilities
document Information leakage, memory corruption.
6!Asterisk multiple security vulnerabilities
document Restrictions bypass, privilege escalation, DoS.
 Apple TV multiple security vulnerabilities
document Memory corruptions, unsigned code execution, privilege escalation.
 mountall privilege escalation
document umask is handled incorrectly.
 libcurl information leakage
document Memory content leakage via POST.
 Ruby DoS
document Resources exhaustion on XML parsing. Memory corruption in encodes().
 AppArmor restrictions bypass
document Restrictions bypass in apparmor_parser
 libvirt information leakage
document Information access via qemuDomainFormatXML.
 wireshark multiple security vulnerabilities
document Buffer overflow and DoS-conditions on different protocols parsing.
 MIT krb5 privilege escalation
document Under some conditions, kadm5_randkey_principal_3() returns old keys.
 LibreOffice use-after-free vulnereability
updated since 10.11.2014
document Ingress remote control protocol use-after-free, memory corruption in OLE preview.
  


18.11.2014
Detailed
8!Microsoft Office multiple security vulnerabilities
document Few different memory corruptions on different documents parsing.
 Microsoft Active Directory Federation Services information leakage
document It's possible to access closed session.
 Microsoft SharePoint Server crossite scripting
document Stored XSS.
  


10.11.2014
Detailed
6!RSA Web Threat Detection SQL injection
document SQL injection by authenticated user.
6!Open-Xchange SQL injection
document SQLi in jslob API.
6!Cisco RV multiple security vulnerabilities
document Files access, code execution, crossite scripting.
6!FreeBSd ftp code execution
document Shell characters vulnerability on server response parsing.
 Symantec Endpoint Protection multiple security vulnerabilities
document XSS, XXE, unauthroized files access.
 CA Cloud Service Management multiple security vulnerabilities
document Replay-атаки, XSS, XXE, token validation vulnerability.
 Softing FG-100 security vulnerabilities
document Backdoor accounts, crossite scripting.
 ZTE modems multiple security vulnereabilities
document Multiple vulnerabilities in Web interface.
 FreeBSD information leakage
document Kernel information disclosure in setlogin/getlogin calls.
 FreeBSD OpenSSH DoS
document Race condition because of invalid thread-safe library linking.
 VMWare Workstation / Player DoS
updated since 05.05.2014
document Uninitialized potiner dereference on IOCTL processing.
  


03.11.2014
Detailed
9!Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
updated since 16.10.2014
document Quarterly update covers 138 different vulnerabilities.
6!Aircrack-ng multiple security vulnerabilities
document DoS conditions, buffer overflow, integer overflow.
6!libbfd memory corruptions
document Memory corruptions on ELF parsing.
6!Pidgin multiple security vulnerabilities
document Insufficient certificate validation, emoticons parsing DoS, Groupwise messages DoS, information leakages via XMPP.
6!Apple iOS multiple security vulnerabilities
updated since 27.10.2014
document Unauthorized bluetooth access, insufficient encryption, insufficient certificate check, information leakage, SSL poodle attack.
6!PHP memory corruption
updated since 27.10.2014
document exif_thumbnail() memory corruption on JPEG parsing. XMLRPC buffer overflow. object_custom function() integer overflow.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 torque privilege escalation
document It's possible to kill the process of any user.
 Ubuntu systemd-shim DoS
document Debugging is enabled by default.
 HP Color LaserJet security vulnerabilities
document Unauthorized data access, DoS.
 quassel information leakage
document Memory content leakage, DoS.
 HP-UX DoS
document 
 wget symbolic links vulnerability
document Symbolic links vulnerability in FTP mirror mode.
 Dell SonicWall GMS XSS
document XSS in web management interface.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod