Document Title:
===
BlinkSale Bug Bounty #1 - Encode Validation Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1416
Release Date:
=
2015-02-06
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability
References (Source):
http://vulnerability-lab.com/get_content.php?id=1355
Release Date:
=
2015-02-09
Vulnerability Laboratory ID (VL-ID):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Secure Access Control System SQL Injection Vulnerability
Advisory ID: cisco-sa-20150211-csacs
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150211-csacs
Revision 1.0
For Public Release 2015 February 11 16:00
Document Title:
===
T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll)
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1427
Release Date:
=
2015-01-29
Vulnerability Laboratory ID (VL-ID):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3160-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
February 11, 2015
Hi @ll,
yesterday Microsoft published the security advisory 3004375
https://technet.microsoft.com/en-us/library/security/3004375
announcing an update which enables Windows 7 and newer to log
the command lines used to start processes to the event log.
If you want to have this functionality on
Summary:
Elasticsearch versions 1.3.0-1.3.7 and 1.4.0-1.4.2 have vulnerabilities in the
Groovy scripting engine. The vulnerabilities allow an attacker to construct
Groovy scripts that escape the sandbox and execute shell commands as the user
running the Elasticsearch Java VM.
We have been
- Title: Ninja Forms WordPress Plugin Multiple Cross-Site Scripting
Vulnerability
- Vulnerable Version: 2.8.8 and probably prior
-Tested Version:2.8.8
- Vendor Notification: 20 November 2014
- Vendor Patch: 20 November 2014
Advisory ID: HTB23249
Product: Easing Slider WordPress Plugin
Vendor: Easing Slider
Vulnerable Version(s): 2.2.0.6 and probably prior
Tested Version: 2.2.0.6
Advisory Publication: January 21, 2015 [without technical details]
Vendor Notification: January 21, 2015
Vendor Patch: January 22, 2015
Document Title:
===
Facebook Bug Bounty #23 - Session ID CSRF Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1432
Facebook Security ID: 10202805822321483
Video: https://www.youtube.com/watch?v=SAr2AGLrBkQ
Vulnerability
Advisory ID: HTB23248
Product: my little forum
Vendor: http://mylittleforum.net/
Vulnerable Version(s): 2.3.3 and probably prior
Tested Version: 2.3.3
Advisory Publication: January 14, 2015 [without technical details]
Vendor Notification: January 14, 2015
Vendor Patch: February 8, 2015
Public
11 matches
Mail list logo