Feed aggregator

Bugtraq: [security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information

[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information
Categories:

Bugtraq: [security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Di

[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure
Categories:

Bugtraq: CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive
Categories:

Bugtraq: AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability
Categories:

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories:

Vuln: Oracle Java SE CVE-2014-0457 Remote Security Vulnerability

Oracle Java SE CVE-2014-0457 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-2397 Remote Security Vulnerability

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-2428 Remote Security Vulnerability

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-0456 Remote Security Vulnerability

Oracle Java SE CVE-2014-0456 Remote Security Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-0446 Remote Security Vulnerability

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-0452 Remote Security Vulnerability

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
Categories:

[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information

BugTraq Latest Security Advisories - April 23, 2014 - 12:54pm

Posted by security-alert on Apr 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04239375

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04239375
Version: 2

HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure

BugTraq Latest Security Advisories - April 23, 2014 - 12:43pm

Posted by security-alert on Apr 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04236102

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04236102
Version: 5

HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB
Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation,
Diagnostics, LoadRunner, and Performance Center, running...
Categories:

Bugtraq: CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

Security Focus Latest Security Advisories - April 23, 2014 - 11:15am
CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive
Categories:

Bugtraq: CVE-2014-2383 - Arbitrary file read in dompdf

Security Focus Latest Security Advisories - April 23, 2014 - 11:15am
CVE-2014-2383 - Arbitrary file read in dompdf
Categories:

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

BugTraq Latest Security Advisories - April 23, 2014 - 7:39am

Posted by Portcullis Advisories on Apr 23

Vulnerability title: Unrestricted file upload in Livetecs Timelive
CVE: CVE-2014-2042
Vendor: Livetecs
Product: Timelive
Affected version: 6.2.71
Fixed version: 6.5.1
Reported by: Richard Hatch

Details:
It was discovered that it was possible for low-level TimeLive
application users to upload
files (by using the "My Projects".."Manage Project" functionality).
There was no restriction on
file types that could be uploaded and...
Categories:

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

BugTraq Latest Security Advisories - April 23, 2014 - 7:30am

Posted by Vulnerability Lab on Apr 23

Document Title:
===============
AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1258

Release Date:
=============
2014-04-22

Vulnerability Laboratory ID (VL-ID):
====================================
1258

Common Vulnerability Scoring System:
====================================
8.7

Product & Service Introduction:...
Categories:

CVE-2014-2383 - Arbitrary file read in dompdf

BugTraq Latest Security Advisories - April 23, 2014 - 7:20am

Posted by Portcullis Advisories on Apr 23

Vulnerability title: Arbitrary file read in dompdf
CVE: CVE-2014-2383
Vendor: dompdf
Product: dompdf
Affected version: v0.6.0
Fixed version: v0.6.1 (partial fix)
Reported by: Alejo Murillo Moyas

Details:
An arbitrary file read vulnerability is present on dompdf.php file that
allows remote or local attackers to read local files using a special
crafted argument. This vulnerability requires the configuration flag
DOMPDF_ENABLE_PHP to be enabled...
Categories: