what you don't know can hurt you
Showing 1 - 25 of 680 RSS Feed

Files

Secunia Security Advisory 46997
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Siemens SIMATIC WinCC Flexible, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 5fd55fcd2bf9dfe1a7c458925dcb0aad
Secunia Security Advisory 47007
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 83ccde2721dc9a5610242d059d873cfb
Secunia Security Advisory 47014
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in OrangeHRM, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | dc41a2ad0f25378c562f0662e0ac2c18
Secunia Security Advisory 46981
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ExpressionEngine, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 1e42193399830540d2ee9dd3486ab531
Secunia Security Advisory 46999
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Netcool/Reporter, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | d005fb1122c38fc3a06f1cc02d2672a1
Secunia Security Advisory 47001
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hastymail2, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | b148489b362211ad93e46a6bc428b708
Secunia Security Advisory 47002
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Manx, which can be exploited by malicious people to conduct HTTP response splitting and cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, web, vulnerability, xss
MD5 | a44950861322e8e2d0c11b41f1dace8a
Secunia Security Advisory 46941
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in HP Network Node Manager i, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 11eb5acb8db30ce8eb8a9235a7ccc252
Ubuntu Security Notice USN-1285-1
Posted Nov 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909
MD5 | e74dde7810f3e397c92db107a7f9f975
Red Hat Security Advisory 2011-1496-01
Posted Nov 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1496-01 - A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-4313
MD5 | eaf5a648dc8ea2f318db3f97b4f080b0
Red Hat Security Advisory 2011-1479-01
Posted Nov 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-1898, CVE-2011-2203, CVE-2011-2494, CVE-2011-3363, CVE-2011-4110
MD5 | d02c2d86522890a0fceb829fd283f7cc
Secunia Security Advisory 47026
Posted Nov 29, 2011
Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apt. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

MD5 | 0f4d182dd6f043de4b0caf3e2ae20f69
Secunia Security Advisory 47026
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apt. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, ubuntu
MD5 | 0f4d182dd6f043de4b0caf3e2ae20f69
Secunia Security Advisory 47024
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for update-manager. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to conduct spoofing attacks.

tags | advisory, local, spoof
systems | linux, ubuntu
MD5 | 1b8944ca9b8007dfd8416fe83eb55fba
Secunia Security Advisory 47046
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in multiple Schneider Electric products, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user's system.

tags | advisory, vulnerability, xss
MD5 | 91b6c948e35ff03718e5120257088490
Secunia Security Advisory 47028
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, fedora
MD5 | 4a911dcd4412e11418fc23f90f6cf26e
Secunia Security Advisory 47047
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nick Freeman has discovered a vulnerability in Avid Media Composer, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 71b81601a515026855f8c5332f45d883
Secunia Security Advisory 46991
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nick Freeman has discovered a vulnerability in Virtual Vertex Muster, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | fcfcf4ab97d08e2ae8c1c37d11d481b5
Secunia Security Advisory 47027
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, fedora
MD5 | a1f70fe5871f01fdc4bd32415ec5d717
Secunia Security Advisory 47048
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache MyFaces, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | c19ce0e374b75eaea85882f4b65916ff
Secunia Security Advisory 46959
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Mojarra, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 6b0720565498d5c050937ee1fd5a270a
Secunia Security Advisory 47029
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | e899efec610fe6e61dfdfe79a5a89985
Secunia Security Advisory 46998
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Gitblit, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | d8bd096e4502649a1b5d48098f134948
Zero Day Initiative Advisory 11-338
Posted Nov 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-338 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a header defined within a .ivr file. When parsing this header the application will explicitly trust a 16-bit value denoting an size and use it for performing an allocation. The code then uses a different value in the file to populate the buffer. Due to the difference in values used for allocation and the copy, this can be used to overwrite data outside the bounds of the buffer which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-4258
MD5 | c03baf8f1f878fff1d40743cf60e284a
Zero Day Initiative Advisory 11-337
Posted Nov 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-337 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses sample data encoded with the RV30 codec. When parsing this sample data, the application will make an allocation and then fail to completely initialize the buffer. During decoding of the sample data, the application will explicitly trust an index from the partially filled buffer and then use that to calculate an address to write to. This can lead to memory corruption which can be converted into code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-4256
MD5 | 10f78e6d499d58655257bf60e10da003
Page 1 of 28
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
New Magniber Ransomware Targets South Korea, Asia Pacific
Posted Oct 21, 2017

tags | headline, malware, china, fraud, korea
Hackers Race To Use Flash Exploit Before Vulnerable Systems Are Patched
Posted Oct 21, 2017

tags | headline, hacker, malware, flaw, cyberwar, adobe
Bitcoin Boom Prompts Growth Of Coin-Mining Malware
Posted Oct 21, 2017

tags | headline, malware, bank, fraud
How To Social Engineer Yourself Into High Security Facilities
Posted Oct 21, 2017

tags | headline, fraud, social
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close