Feed aggregator

Bugtraq: TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367
Categories:

Bugtraq: TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325
Categories:

Bugtraq: Facebook BB #18 - IDOR Issue & Privacy Vulnerability

Facebook BB #18 - IDOR Issue & Privacy Vulnerability
Categories:

Bugtraq: Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability

Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability
Categories:

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories:

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367

Posted by Onur Yilmaz on Dec 19

Information
--------------------
Advisory by Netsparker.
Name: XSS Vulnerability with Scope and Other URL Parameters of WebSearch
Affected Software : TWiki
Affected Versions: 6.0.1 and possibly below
Vendor Homepage : http://www.twiki.org/
Vulnerability Type : Cross-site Scripting
Severity : Important
CVE ID: CVE-2014-9367
Netsparker Advisory Reference : NS-14-042

Advisory URL
------------...
Categories:

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325

Posted by Onur Yilmaz on Dec 19

Information
--------------------
Advisory by Netsparker.
Name: XSS Vulnerability with QUERYSTRING and QUERYPARAMSTRING in TWiki
Affected Software : TWiki
Affected Versions: 6.0.1 and possibly below
Vendor Homepage : http://www.twiki.org/
Vulnerability Type : Cross-site Scripting
Severity : Important
CVE ID: CVE-2014-9325
Netsparker Advisory Reference : NS-14-041

Advisory URL
------------...
Categories:

Facebook BB #18 - IDOR Issue & Privacy Vulnerability

Posted by Vulnerability Lab on Dec 19

Document Title:
===============
Facebook BB #18 - IDOR Issue & Privacy Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1371

Facebook Security ID: 219208937

Release Date:
=============
2014-12-12

Vulnerability Laboratory ID (VL-ID):
====================================
1371

Common Vulnerability Scoring System:
====================================
4.7

Product & Service...
Categories:

Bugtraq: iBackup v10.0.0.45 - Privilege Escalation Vulnerability

iBackup v10.0.0.45 - Privilege Escalation Vulnerability
Categories:

Bugtraq: SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor

SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor
Categories:

Bugtraq: APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3

APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3
Categories:

Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability

Posted by Vulnerability Lab on Dec 19

Document Title:
===============
Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1385

Release Date:
=============
2014-12-19

Vulnerability Laboratory ID (VL-ID):
====================================
1385

Common Vulnerability Scoring System:
====================================
6.4

Product & Service Introduction:...
Categories:

iBackup v10.0.0.45 - Privilege Escalation Vulnerability

Posted by Vulnerability Lab on Dec 19

Document Title:
===============
iBackup v10.0.0.45 - Privilege Escalation Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1382

Release Date:
=============
2014-12-18

Vulnerability Laboratory ID (VL-ID):
====================================
1382

Common Vulnerability Scoring System:
====================================
6.2

Product & Service Introduction:...
Categories:

SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor

Posted by SEC Consult Vulnerability Lab on Dec 19

SEC Consult Vulnerability Lab Security Advisory < 20141219-0 >
=======================================================================
title: XSS & Memory Disclosure
product: NetIQ eDirectory NDS iMonitor
vulnerable version: 8.8 SP8, 8.8 SP7
fixed version: 8.8 SP8 HF 4,
fix available for versions 8.8 SP7 (8.8.7.4 HF 4,
8.8.7.6 HF 3)
CVE number:...
Categories:

Bugtraq: [oCERT-2014-012] JasPer input sanitization errors

[oCERT-2014-012] JasPer input sanitization errors
Categories:

Bugtraq: SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager

SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager
Categories:

Bugtraq: SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted

SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted
Categories:

APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3

Posted by Apple Product Security on Dec 19

APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3

Xcode 6.2 beta 3 is now available and addresses the following:

Git
Available for: OS X Mavericks v10.9.4 or later
Impact: Synching with a malicious git repository may allow
unexpected files to be added to the .git folder
Description: The checks involved in disallowed paths did not account
for case insensitivity or unicode characters. This issue was
addressed by adding additional checks.
CVE-ID...
Categories:

Bugtraq: iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability

iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability
Categories:

Bugtraq: Apple iOS v8.x - Message Context & Privacy Vulnerability

Apple iOS v8.x - Message Context & Privacy Vulnerability
Categories: