-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability
EMC Identifier: ESA-2015-174
CVE Identifier: CVE-2015-6850
Severity Rating: CVSS Base Score 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Affected Products
EMC Software: EMC VPLEX GeoSynchrony
Document Title:
===
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web
Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1657
Release Date:
=
2015-12-14
Vulnerability Laboratory ID (VL-ID):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04779492
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04779492
Version: 1
HPSBHF03419
Hi @ll,
the executable installer [°]['] (rather: the 7-Zip based executable
self-extractor [²]) of Rapid7's (better known for their flagship
Metasploit) ScanNowUPnP.exe loads and executes several rogue/bogus
DLLs eventually found in the directory it is started from (the
"application directory"),
Document Title:
===
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1657
Release Date:
=
2015-11-26
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Lithium Forum - (previewImages) Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1520
Release Date:
=
2015-12-18
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Switch v4.68 - Code Execution Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1649
Release Date:
=
2015-11-23
Vulnerability Laboratory ID (VL-ID):
1649
Document Title:
===
Aeris Calandar v2.1 - Buffer Overflow Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1656
Release Date:
=
2015-12-01
Vulnerability Laboratory ID (VL-ID):
Advisory: Symfony PHP Framework: Session Fixation In "Remember Me" Login
Functionality
A session fixation vulnerability within the Symfony web application
framework's "Remember Me" login functionality allows an attacker to
impersonate the victim towards the web application if the