Lime Survey Multiple Vulnerabilities
===
[ADVISORY INFORMATION]
Title: Lime Survey Multiple Vulnerabilities
Discovery date: 02/07/2014
Release date: 03/07/2014
Vendor Homepage:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2972-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
July 06, 2014
Hi,
We have just released an App to check if your device is affected by this bug:
https://play.google.com/store/apps/details?id=com.actisec.keystorescanner
Thanks.
Arturo
CVE-2014-3863
===
Stored Cross-Site Scripting (XSS) (CWE-79) vulnerability in
JChatSocial Joomla extension.
Vendor
===
Joomla! Extensions Store
Product
===
JChatSocial: the Joomla live chat
JChatSocial is a powerful chat system for Joomla with a
Hi @ll,
Apples current iTunes 11.2.2 for Windows comes with the following
COMPLETELY outdated and vulnerable 3rd party libraries (as part of
AppleApplicationSupport.msi):
* libeay32.dll and ssleay32.dll 0.9.8d
are more than SEVEN years old and have at least 27 unfixed CVEs!
the current
# Title: Multiple Stored Cross Site Scripting Vulnerabilities
# Author: Madhu Akula
# Vendor Homepage: http://www.ocsinventory-ng.org/en/
# Software Link: http://www.ocsinventory-ng.org/en/download/
# Tested on: Chrome, Mozilla
Reporter Name : Madhu Akula
Product : OCS-Inventory NG
Version
[ADVISORY INFORMATION]
Title: Backdoor access to Techboard/Syac devices
Discovery date: 02/04/2014
Release date: 07/07/2014
Advisory URL: http://blog.emaze.net/2014/07/backdoor-techboardsyac.html
Credits:Roberto Paleari (@rpaleari),
Luca Giancane
Document Title:
===
PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1278
PayPal Inc Security UID: cDc49dT
Release Date:
=
2014-06-04
Vulnerability
Document Title:
===
Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass
Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1050
PayPal Security UID: Pq115cey
Release Date:
=
Document Title:
===
Yahoo! Bug Bounty #25 Flickr API - Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1132
Release Date:
=
2014-07-06
Vulnerability Laboratory ID (VL-ID):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2014-3503: Insecure Random implementations used to generate passwords in
Apache Syncope
Severity: Major
Vendor: The Apache Software Foundation
Versions Affected:
This vulnerability affects all versions of Apache Syncope 1.1.x prior to
Document Title:
===
Photo Org WonderApplications v8.3 iOS - File Include Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1277
Release Date:
=
2014-07-04
Vulnerability Laboratory ID (VL-ID):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities
EMC Identifier: ESA-2014-064
CVE Identifier: CVE-2014-2513, CVE-2014-2514
Severity Rating: CVSS v2 Base Score: Refer below for scores for each CVE.
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity
(XXE) Vulnerability
EMC Identifier: ESA-2014-057
CVE Identifier: CVE-2014-2510
Severity Rating: CVSS v2 Base Score: 8 (AV:N/AC:L/Au:S/C:C/I:P/A:P)
Affected products:
•
14 matches
Mail list logo