Feed aggregator

Vuln: EMC RSA Data Loss Prevention Improper Session Management Local Privilege Escalation Vulnerability

EMC RSA Data Loss Prevention Improper Session Management Local Privilege Escalation Vulnerability
Categories:

Vuln: Elfutils libdw 'check_section()' Function Remote Heap Based Buffer Overflow Vulnerability

Elfutils libdw 'check_section()' Function Remote Heap Based Buffer Overflow Vulnerability
Categories:

Vuln: SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
Categories:

Vuln: OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities

OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities
Categories:

Vuln: OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities

OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities
Categories:

Vuln: OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities

OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities
Categories:

Vuln: OpenJPEG CVE-2013-6054 Multiple Remote Heap Based Buffer Overflow Vulnerabilities

OpenJPEG CVE-2013-6054 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
Categories:

Vuln: Adobe Flash Player and AIR CVE-2014-0507 Unspecified Buffer Overflow Vulnerability

Adobe Flash Player and AIR CVE-2014-0507 Unspecified Buffer Overflow Vulnerability
Categories:

Vuln: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability

OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability
Categories:

[SECURITY] [DSA 2904-1] virtualbox security update

BugTraq Latest Security Advisories - April 15, 2014 - 1:42pm

Posted by Moritz Muehlenhoff on Apr 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-2904-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
April 15, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : virtualbox
CVE ID : CVE-2014-0981 CVE-2014-0983...
Categories:

[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information

BugTraq Latest Security Advisories - April 15, 2014 - 1:27pm

Posted by security-alert on Apr 15

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04240206

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04240206
Version: 1

HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure
of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-15...
Categories:

Bugtraq: VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own)

Security Focus Latest Security Advisories - April 15, 2014 - 1:15pm
VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own)
Categories:

Bugtraq: [SECURITY] [DSA 2903-1] strongswan security update

Security Focus Latest Security Advisories - April 15, 2014 - 1:15pm
[SECURITY] [DSA 2903-1] strongswan security update
Categories:

[SECURITY] CVE-2014-0111 Apache Syncope

BugTraq Latest Security Advisories - April 15, 2014 - 1:11pm

Posted by Francesco Chicchiriccò on Apr 15

CVE-2014-0111: Remote code execution by an authenticated administrator

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Syncope 1.0.0 to 1.0.8
Syncope 1.1.0 to 1.1.6

Description:
In the various places in which Apache Commons JEXL expressions are
allowed (derived schema definition, user / role templates, account links
of resource mappings) a malicious administrator can inject Java code
that can be executed...
Categories:

RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160

BugTraq Latest Security Advisories - April 15, 2014 - 12:56pm

Posted by Ruckus Product Security Team on Apr 15

RUCKUS ADVISORY ID 041414

Customer release date: April 14, 2014
Public release date: April 14, 2014

TITLE

OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160

SUMMARY

OpenSSL library is used in Ruckus products to implement various
security related features. A vulnerability has been discovered in
OpenSSL library which may allow an unauthenticated, remote attacker to
retrieve memory in chunks of 64 kilobytes from...
Categories:

VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own)

BugTraq Latest Security Advisories - April 15, 2014 - 12:37pm

Posted by VUPEN Security Research on Apr 15

VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free
Code Execution (Pwn2Own)

Website : http://www.vupen.com

Twitter : http://twitter.com/vupen

I. BACKGROUND
---------------------

Adobe Flash Player is a cross-platform browser-based application runtime
that delivers viewing of expressive applications, content, and videos
across screens and browsers. It is installed on 98% of computers.

II. DESCRIPTION
---------------------...
Categories:

[SECURITY] [DSA 2903-1] strongswan security update

BugTraq Latest Security Advisories - April 15, 2014 - 12:24pm

Posted by Moritz Muehlenhoff on Apr 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-2903-1 security () debian org
http://www.debian.org/security/ Yves-Alexis Perez
April 14, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : strongswan
CVE ID : CVE-2014-2338

An...
Categories:

PDF Album v1.7 iOS - File Include Web Vulnerability

BugTraq Latest Security Advisories - April 15, 2014 - 12:09pm

Posted by Vulnerability Lab on Apr 15

Document Title:
===============
PDF Album v1.7 iOS - File Include Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1255

Release Date:
=============
2014-04-11

Vulnerability Laboratory ID (VL-ID):
====================================
1255

Common Vulnerability Scoring System:
====================================
7.3

Product & Service Introduction:...
Categories:

Bugtraq: [security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information

Security Focus Latest Security Advisories - April 15, 2014 - 12:00pm
[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information
Categories:

Bugtraq: [security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information

Security Focus Latest Security Advisories - April 15, 2014 - 12:00pm
[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information
Categories: