ASUS RT-N56U Persistent XSS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 # Exploit Title: ASUS RT-N56U Persistent XSS # Date: 2/2/2016 # Exploit Author: @GraphX # Vendor Homepage: http://asus.com/ # Version: 3.0.0.4.374_239 1 Description: It is possible for an authenticated attacker to bypass input sanitation in the

[SECURITY] [DSA 3465-1] openjdk-6 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3465-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2016

TimeClock - Multiple SQL Injections

# Exploit Title : Multiple SQL injections Author:Marcela Benetrix Date: 02/03/2016 version: 0.995 (older version may be vulnerable too) software link:http://timeclock-software.net # Timeclock software Timeclock-software.net's free software

File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities

Document Title: === File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1704 Release Date: = 2016-02-03 Vulnerability Laboratory ID (VL-ID):

Soso Transfer v1.1 iOS - Denial of Service Vulnerability

Document Title: === Soso Transfer v1.1 iOS - Denial of Service Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1703 Release Date: = 2016-02-02 Vulnerability Laboratory ID (VL-ID):

Mezzanine CMS 4.1.0 XSS

[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MEZZANINE-CMS-XSS.txt Vendor: === mezzanine.jupo.org Product: Mezzanine 4.1.0 Mezzanine is an open source CMS built using the python based

Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability

Document Title: === Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1705 Release Date: = 2016-02-03 Vulnerability Laboratory ID (VL-ID):

Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability

Document Title: === Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1464 ID: #14770 Release Date: = 2016-02-02 Vulnerability Laboratory ID (VL-ID):

Security Advisories

Vulnerability title: Multiple Instances Of Cross-site Scripting In Viprinet Multichannel VPN Router 300 CVE: CVE-2014-2045 Vendor: Viprinet Product: Multichannel VPN Router 300 Affected version: 2013070830/2013080900 Fixed version: 2014013131/2014020702 Reported by: Tim Brown Details:

[slackware-security] MPlayer (SSA:2016-034-02)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] MPlayer (SSA:2016-034-02) New MPlayer packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog:

[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300

Hi, CERT/CC has helped me disclose two vulnerabilities in NETGEAR's Pro"safe" Network Management System 300 [1]. Two classical bugs: one remote code execution via arbitrary file upload and an authenticated arbitrary file download. The full advisory can be seen in my repo at [2] and it is also

AST-2016-001: BEAST vulnerability in HTTP server

Asterisk Project Security Advisory - AST-2016-001 ProductAsterisk SummaryBEAST vulnerability in HTTP server Nature of Advisory Unauthorized data disclosure due to

AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data.

Asterisk Project Security Advisory - AST-2016-003 ProductAsterisk SummaryRemote crash vulnerability when receiving UDPTL FAX data.

AST-2016-002: File descriptor exhaustion in chan_sip

Asterisk Project Security Advisory - AST-2016-002 ProductAsterisk SummaryFile descriptor exhaustion in chan_sip Nature of Advisory Denial of Service

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability Advisory ID: cisco-sa-20160203-apic Revision: 1.0 For Public Release 2016 February 03 16:00 UTC (GMT

Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability Advisory ID: cisco-sa-20160203-prsm Revision: 1.0 For Public Release 2016 February 03 16:00 UTC (GMT

Cisco Security Advisory: Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability Advisory ID: cisco-sa-20160203-n9knci Revision 1.0 For Public Release 2016 February 3 16:00 UTC (GMT

Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability

Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability -- http://www.info-sec.ca/advisories/Dell-SecureWorks.html Overview "Access your critical Dell SecureWorks security information on the go." "With the Dell SecureWorks Mobile App you can: * Quickly respond to security

[slackware-security] php (SSA:2016-034-04)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] php (SSA:2016-034-04) New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+

[slackware-security] openssl (SSA:2016-034-03)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] openssl (SSA:2016-034-03) New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--+

SimpleView CRM - Client Side Open Redirect Vulnerability

Document Title: === SimpleView CRM - Client Side Open Redirect Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1668 Release Date: = 2016-02-02 Vulnerability Laboratory ID (VL-ID):