Notification: 2015-09-02
Solution Date: unknown
Public Disclosure: 2016-03-04
CVE Reference: Not yet assigned
Author of Advisory: Alexander Brachmann (SySS GmbH)
Overview:
The innovaphone IP222 and IP232 are IP telephones
Notification: 2015-07-14
Solution Date: 2015-10-26
Public Disclosure: 2015-12-07
CVE Reference: Not yet assigned
Author of Advisory: Daniele Salaris (SySS GmbH)
Overview:
sysPass is an web based Password Manager written in PHP and Ajax
an Unauthorized Control
Sphere (CWE-530)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2015-06-10
Solution Date: 2015-10-26
Public Disclosure: 2015-12-07
CVE Reference: Not yet assigned
Author of Advisory: Daniele Salaris (SySS GmbH
Solution Date: 2014-08-04
Public Disclosure: 2015-07-13
CVE Reference: Not yet assigned
Author of Advisory: Daniele Salaris (SySS GmbH)
Overview:
sysPass is an web based Password Manager written in PHP and Ajax with a
built
Hive
Manager and HiveOS software. These
vulnerabilities have been disclosed to the vendor on or before the 24th of
April 2014.
-- Hive Manager Arbitrary File Disclosure --
Leveraging directory traversal, a malicious user can retrieve arbitrary files
from the Hive Manager file system. As the
upport.citrix.com/article/CTX125975
Disclosure Timeline
---
20th February 2008 - Vendor Notification
26th February 2008 - Vendor Response for more Details
3rd March 2008 - Vendor Confirm Vulnerability
3rd August 2010 - Vendor Patch Released
Credits
Michael Jordon of Conte
a2009-52.html
CVE
---
This issue has been assigned CVE number CVE-2009-3370.
Disclosure Timeline
---
8th August 2009 - Initial Discovery and Vendor Notification 8th August 2009 -
Vendor Response
27 October 2009 - Vendor Advisory Release
4 November 2009 - Context Information Security
assigned CVE numbers CVE-2008-2247 and CVE-2008-2248.
Disclosure Timeline
---
10 January 2008 - Initial Discovery and vendor notification.
14th January 2008 - Vendor response requesting further details.
14th March 2008 - Vendor response requesting PoC. PoC provided.
9th July 2
assigned a CVE candidate number of
CVE-2007-4512
Disclosure Timeline
---
18 April 2007 Initial Discovery and vendor notification
19 April 2007 Vendor Response
21 August 2007 Second Vendor Response
6 September 2007 - Coordinated Public Release
Credits
Michael
SecureTest Ltd (www.securetest.com) Security Advisory
XSS vulnerability in Cisco MeetingPlace
Date: 18th July 2007
Author: Roger Jefferiss
Application: Cisco MeetingPlace
Risk: Medium
Vendor Status: Replicated and verified by Cisco Systems, patch
available.
Reference: http://www.cisco.com
Overvi
erabilities and Exposures (CVE) project has assigned the
name CVE-2006-4459 to this issue.
VIII. CREDIT
This vulnerability was discovered by Itzik Kotler, Safend.
IX. About SecuriTeam's Assisted Disclosure
Many researchers do not have the time, energy or inclination to deal with
reporting a vuln
munication regarding this issue.
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CAN-2005-1528 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org), which standardizes names for
security problems.
VIII. DISCLOSURE TI
)
# chmod -s /usr/photon/bin/phlocale
VI. VENDOR RESPONSE
The vendor has not responded to communication regarding this issue.
VII. CVE INFORMATION
A Mitre Corp. Common Vulnerabilities and Exposures (CVE) number has not
been assigned yet.
VIII. DISCLOSURE TIMELINE
12/15/2005 Initial vendor not
er ID or execute bits from the affected binary or remove
it entirely.
VI. VENDOR RESPONSE
The vendor has not responded to communication regarding this issue.
VII. CVE INFORMATION
A Mitre Corp. Common Vulnerabilities and Exposures (CVE) number has not
been assigned yet.
VIII. DISCLOSURE TIME
14 matches
Mail list logo
