date:20141119

[FD] [CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow

2014-11-19 Thread CORE Advisories Team

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech WebAccess Stack-based Buffer Overflow 1. *Advisory Information* Title: Advantech WebAccess Stack-based Buffer Overflow Advisory ID: CORE-2014-0010 Advisory URL: http://www.coresecurity.com/advisories/advantech-webAcce

[FD] [CORE-2014-0009] - Advantech EKI-6340 Command Injection

2014-11-19 Thread CORE Advisories Team

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech EKI-6340 Command Injection 1. *Advisory Information* Title: Advantech EKI-6340 Command Injection Advisory ID: CORE-2014-0009 Advisory URL: http://www.coresecurity.com/advisories/advantech-eki-6340-command-injection Da

[FD] [CORE-2014-0008] - Advantech AdamView Buffer Overflow

2014-11-19 Thread CORE Advisories Team

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech AdamView Buffer Overflow 1. *Advisory Information* Title: Advantech AdamView Buffer Overflow Advisory ID: CORE-2014-0008 Advisory URL: http://www.coresecurity.com/advisories/advantech-adamView-buffer-overflow Date pub

[FD] CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM

2014-11-19 Thread Portcullis Advisories

Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM CVE: CVE-2014-7137 Vendor: Dolibarr ERP & CRM Product: Dolibarr ERP & CRM Affected version: 3.5.3 Fixed version: 3.6.1 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an authe

[FD] CVE-2014-2630 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux

2014-11-19 Thread Portcullis Advisories

Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux CVE: CVE-2014-2630 Vendor: Compaq/Hewlett Packard Product: Glance for Linux Affected version: 11.00 and subsequent Fixed version: HPSBMU03086 rev.3 Reported by: Tim

[FD] CVE-2014-8600 - Insufficient Input Validation By IO Slaves In KDE e.V. KDE

2014-11-19 Thread Portcullis Advisories

Vulnerability title: Insufficient Input Validation By IO Slaves In KDE e.V. KDE CVE: CVE-2014-8600 Vendor: KDE e.V. Product: KDE Affected version: kwebkitpart <= 1.3.4, kde-runtime <= 4.14.3, kio-extras <= 5.1.1 Fixed version: Contact distribution vendor Reported by: T. Brown and D. Burton Details

[FD] Bootkit via SMS

2014-11-19 Thread SCADA StrangeLove

Short FAQ Q: Is it BadUSB? A: Not exactly, but kind of. Can be applied to Android gadgets. Q: Is it local or remote stuff? A: Can be done remotely (web/sms) for 4G/3G modems Q: Any threats to ICS? A: Yes Q: Huawei? A: Not limited to... Q: Who are our heroes? A: Alexey Osipov, Timur Yunusov, Al

[FD] CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise

2014-11-19 Thread Portcullis Advisories

Vulnerability title: Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise CVE: CVE-2014-2382 Vendor: Faronics Product: Deep Freeze Standard and Enterprise Affected version: Before and including v8.10 Fixed version: N/A Reported by: Kyriakos Economou Details: The latest, and ea

[FD] [CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow

[FD] [CORE-2014-0009] - Advantech EKI-6340 Command Injection

[FD] [CORE-2014-0008] - Advantech AdamView Buffer Overflow

[FD] CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM

[FD] CVE-2014-2630 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux

[FD] CVE-2014-8600 - Insufficient Input Validation By IO Slaves In KDE e.V. KDE

[FD] Bootkit via SMS

[FD] CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise

8 matches

Site Navigation

Mail list logo

Footer information