Full Disclosure
Posted by Vulnerability Lab on Nov 28
Document Title:
===============
Schoolhos CMS v2.29 – userberita SQL injection Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1932
Release Date:
=============
2016-11-22
Vulnerability Laboratory ID (VL-ID):
====================================
1932
Common Vulnerability Scoring System:
====================================
6.8
Product & Service Introduction:…
Posted by Carlo Di Dato on Nov 25
http://shinnai.altervista.org/exploits/SH-0025-20161123.html
———————————————————————
UCanCode multiple vulnerabilities
Url: http://www.hmi-software.com/
http://www.ucancode.net/index.htm
http://www.ucancode.net/bbs/zhuce/login.htm
Description: Form vendor’s web page “UCanCode Software is a Market
Leading provider of HMI & SCADA, CAD, UML, GIS, Vector Graphics…
Posted by VMware Security Response Center on Nov 25
??—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
– —————————————————————————
– –
VMware Security Advisory
Advisory ID: VMSA-2016-0021
Severity: Moderate
Synopsis: VMware product updates address partial information disclosure
vulnerability
Issue date: 2016-11-22
Updated on: 2016-11-22 (Initial Advisory)
CVE number: CVE-2016-5334
1. Summary…
Posted by VMware Security Response Center on Nov 25
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
– —————————————————————————
– —
VMware Security Advisory
Advisory ID: VMSA-2016-0022
Severity: Important
Synopsis: VMware product updates address information disclosure
vulnerabilities
Issue date: 2016-11-22
Updated on: 2016-11-22 (Initial Advisory)
CVE number: CVE-2016-7458, CVE-2016-7459,…
Posted by Matthias Deeg on Nov 25
Advisory ID: SYSS-2016-106
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-09-26
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Matthias Deeg (SySS GmbH)…
Posted by Matthias Deeg on Nov 25
Advisory ID: SYSS-2016-072
Product: Protect 9061
Manufacturer: Olympia
Affected Version(s): Article No. 5943 rev.03
Tested Version(s): Article No. 5943 rev.03
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2016-07-21
Solution Date: 2016-11-14
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Matthias Deeg (SySS GmbH)…
Posted by Matthias Deeg on Nov 25
Advisory ID: SYSS-2016-071
Product: Smart GSM Alarm SA 2500 Kit
Manufacturer: Blaupunkt
Affected Version(s): v1.0
Tested Version(s): v1.0
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-07-14
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Matthias Deeg (SySS GmbH)…
Posted by Matthias Deeg on Nov 25
Advisory ID: SYSS-2016-066
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-07-05
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Gerhard Klostermeier, SySS GmbH…
Posted by Matthias Deeg on Nov 25
Advisory ID: SYSS-2016-064
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Improper Restriction of Excessive Authentication
Attempts (CWE-307)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2016-07-05
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory:…
Posted by Matthias Deeg on Nov 25
Advisory ID: SYSS-2016-107
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Cryptographic Issues (CWE-310)
Risk Level: Low
Solution Status: Open
Manufacturer Notification: 2016-10-05
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Gerhard Klostermeier (SySS GmbH)…