Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
147 messages
starting Nov 18 13 and
ending Nov 01 13
Date index |
Thread index |
Author index
advisories
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities advisories (Nov 18)
Vulnerability in Pydio/AjaXplorer <= 5.0.3 advisories (Nov 10)
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting advisories (Nov 06)
Vulnerability in Pydio/AjaXplorer < = 5.0.3 advisories (Nov 10)
andrew
CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater andrew (Nov 22)
Apple Product Security
APPLE-SA-2013-11-14-1 iOS 7.0.4 Apple Product Security (Nov 14)
bhavyasethi . atcs
vulnerability issue for DB2 express bhavyasethi . atcs (Nov 11)
bruk0ut . sec
Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) bruk0ut . sec (Nov 19)
Carlos A. Lozano
CFP BugCON 2014 - Mexico City Carlos A. Lozano (Nov 07)
Chris John Riley
LastPass Android container PIN and auto-wipe security feature bypass (CVE-2013-5113/5114) Chris John Riley (Nov 13)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)
Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)
CORE Advisories Team
CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass CORE Advisories Team (Nov 06)
Dennis Kelly
SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution Dennis Kelly (Nov 19)
Dirk-Willem van Gulik
CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) Dirk-Willem van Gulik (Nov 07)
Florian Weimer
[SECURITY] [DSA 2791-1] tryton-client security update Florian Weimer (Nov 04)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] FreeBSD Security Advisories (Nov 29)
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh FreeBSD Security Advisories (Nov 19)
g . delvecchio
Cisco Mars Cross-Site Scripting Vulnerability - CVE-2013-5563 g . delvecchio (Nov 05)
geinblues
XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs geinblues (Nov 17)
XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug geinblues (Nov 17)
XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption geinblues (Nov 19)
XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow geinblues (Nov 19)
XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow geinblues (Nov 10)
XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability geinblues (Nov 03)
XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow geinblues (Nov 19)
Gleb O. Raiko
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Gleb O. Raiko (Nov 14)
Gregory Panakkal
16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) Gregory Panakkal (Nov 19)
Hafez Kamal
[HITB-Announce] #HITB2014AMS Call for Papers Now Open Hafez Kamal (Nov 27)
High-Tech Bridge Security Research
SQL Injection in Dokeos High-Tech Bridge Security Research (Nov 27)
SQL Injection in Chamilo LMS High-Tech Bridge Security Research (Nov 27)
Cross-Site Scripting (XSS) in Zikula Application Framework High-Tech Bridge Security Research (Nov 13)
Multiple Cross-Site Scripting (XSS) in Claroline High-Tech Bridge Security Research (Nov 27)
SQL Injection in appRain High-Tech Bridge Security Research (Nov 06)
Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin High-Tech Bridge Security Research (Nov 17)
iedb . team
Mybb Ajaxfs Plugin Sql Injection vulnerability iedb . team (Nov 20)
wordpress jigoshop Plugin path disclosure vulnerabilities iedb . team (Nov 06)
info
XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3 info (Nov 11)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability ISecAuditors Security Advisories (Nov 06)
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system ISecAuditors Security Advisories (Nov 06)
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" ISecAuditors Security Advisories (Nov 06)
Jake Reynolds
Dahua DVR Authentication Bypass - CVE-2013-6117 Jake Reynolds (Nov 13)
Jeimy Cano
Information Security Forecast 2014 Jeimy Cano (Nov 17)
Johannes . Ernst
Belkin WiFi NetCam video stream backdoor with unchangeable admin/admin credentials Johannes . Ernst (Nov 10)
John Stamatakis
WebSurgery v1.1 released (Web application security testing suite) John Stamatakis (Nov 11)
WebSurgery v1.1 released (Web application security testing suite) John Stamatakis (Nov 11)
Jonathan Yu
Fwd: vulnerability issue for DB2 express Jonathan Yu (Nov 12)
jsibley1
Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 jsibley1 (Nov 10)
Word 2003 SP2 .doc fork bomb on WinXP SP3 jsibley1 (Nov 08)
Julien Ahrens
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability Julien Ahrens (Nov 17)
Kevin Cernekee
Superuser "su --daemon" vulnerability on Android >= 4.3 Kevin Cernekee (Nov 13)
Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee (Nov 13)
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee (Nov 14)
Android Superuser shell character escape vulnerability Kevin Cernekee (Nov 13)
Luc Dore
Unauthorized console access on Satechi travel router v1.5 Luc Dore (Nov 22)
Luciano Bello
[SECURITY] [DSA 2805-1] sup-mail security update Luciano Bello (Nov 27)
Maria Lemos
WorldCIST'14 - World Conference on IST; Submission deadline: November 29 Maria Lemos (Nov 10)
Martin Braun
Open-Xchange Security Advisory 2013-11-25 Martin Braun (Nov 26)
Open-Xchange Security Advisory 2013-11-06 Martin Braun (Nov 06)
m . benetrix
XSS and CSRF Horde Groupware Web mail Edition m . benetrix (Nov 03)
CSRF Horde Groupware Web mail Edition m . benetrix (Nov 03)
Michael Gilbert
[SECURITY] [DSA 2795-1] lighttpd security update Michael Gilbert (Nov 13)
[SECURITY] [DSA 2795-2] lighttpd regression update Michael Gilbert (Nov 17)
[SECURITY] [DSA 2797-1] chromium-browser security update Michael Gilbert (Nov 17)
[SECURITY] [DSA 2798-1] curl security update Michael Gilbert (Nov 17)
Moritz Muehlenhoff
[SECURITY] [DSA 2793-1] libav security update Moritz Muehlenhoff (Nov 10)
[SECURITY] [DSA 2804-1] drupal7 security update Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 2803-1] quagga security update Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 2797-1] icedove security update Moritz Muehlenhoff (Nov 13)
pfohl
Instagram Photo Upload and Flattr Money Redirection Vulnerability pfohl (Nov 21)
qsrc Quotium
Facebook Vulnerability Discloses Friends Lists Defined as Private qsrc Quotium (Nov 21)
Rodzbry27
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Rodzbry27 (Nov 14)
Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities Rodzbry27 (Nov 14)
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Rodzbry27 (Nov 14)
rubengarrote
pineapp mailsecure remote no authenticated privilege escalation & remote execution code rubengarrote (Nov 19)
Ruckus Product Security Team
Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers Ruckus Product Security Team (Nov 12)
RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface Ruckus Product Security Team (Nov 11)
RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface Ruckus Product Security Team (Nov 27)
Salvatore Bonaccorso
[SECURITY] [DSA 2796-1] torque security update Salvatore Bonaccorso (Nov 13)
[SECURITY] [DSA 2798-2] curl security update Salvatore Bonaccorso (Nov 20)
[SECURITY] [DSA 2800-1] nss security update Salvatore Bonaccorso (Nov 26)
[SECURITY] [DSA 2792-1] wireshark security update Salvatore Bonaccorso (Nov 05)
[SECURITY] [DSA 2790-1] nss security update Salvatore Bonaccorso (Nov 03)
[SECURITY] [DSA 2801-1] libhttp-body-perl security update Salvatore Bonaccorso (Nov 21)
[SECURITY] [DSA 2794-1] spip security update Salvatore Bonaccorso (Nov 10)
security
[ MDVSA-2013:275 ] krb5 security (Nov 21)
[ MDVSA-2013:266 ] java-1.6.0-openjdk security (Nov 19)
[ MDVSA-2013:273 ] libjpeg security (Nov 21)
[ MDVSA-2013:268 ] torque security (Nov 20)
[ MDVSA-2013:267 ] java-1.7.0-openjdk security (Nov 19)
[ MDVSA-2013:277 ] lighttpd security (Nov 21)
[ MDVSA-2013:282 ] perl-HTTP-Body security (Nov 26)
[ MDVSA-2013:265 ] kernel security (Nov 10)
[ MDVSA-2013:278 ] samba security (Nov 21)
[ MDVSA-2013:286 ] ruby security (Nov 26)
[ MDVSA-2013:281 ] nginx security (Nov 25)
[ MDVSA-2013:285 ] bugzilla security (Nov 26)
[ MDVSA-2013:283 ] glibc security (Nov 26)
[ MDVSA-2013:280 ] memcached security (Nov 25)
[ MDVSA-2013:274 ] libjpeg security (Nov 21)
[ MDVSA-2013:276 ] curl security (Nov 21)
[ MDVSA-2013:270 ] nss security (Nov 20)
[ MDVSA-2013:284 ] glibc security (Nov 26)
[ MDVSA-2013:269 ] firefox security (Nov 20)
[ MDVSA-2013:287 ] drupal security (Nov 27)
[ MDVSA-2013:279 ] wireshark security (Nov 25)
[ MDVSA-2013:272 ] poppler security (Nov 21)
[ MDVSA-2013:271 ] pmake security (Nov 21)
Security Alert
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities Security Alert (Nov 19)
ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities Security Alert (Nov 21)
ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. Security Alert (Nov 05)
ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. Security Alert (Nov 05)
security-alert
[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution security-alert (Nov 01)
[security bulletin] HPSBMU02872 SSRT101185 rev.3 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert (Nov 01)
[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution security-alert (Nov 27)
[security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code security-alert (Nov 01)
[security bulletin] HPSBMU02874 SSRT101184 rev.2 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert (Nov 01)
[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution security-alert (Nov 01)
[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) security-alert (Nov 03)
[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information security-alert (Nov 12)
[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution security-alert (Nov 01)
shatter
Re: Fwd: vulnerability issue for DB2 express shatter (Nov 18)
Slackware Security Team
[slackware-security] openssh (SSA:2013-322-02) Slackware Security Team (Nov 18)
[slackware-security] seamonkey (SSA:2013-322-04) Slackware Security Team (Nov 18)
[slackware-security] mozilla-thunderbird (SSA:2013-307-01) Slackware Security Team (Nov 03)
[slackware-security] mozilla-firefox (SSA:2013-322-01) Slackware Security Team (Nov 18)
[slackware-security] samba (SSA:2013-322-03) Slackware Security Team (Nov 18)
Stefan Arentz
Re: Apple MacOSX 10.9 Hard Link Memory Corruption Stefan Arentz (Nov 11)
Stefan Kanthak
Defense in depth -- the Microsoft way (part 14): incomplete, misleading and dangerous documentation Stefan Kanthak (Nov 25)
Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 Stefan Kanthak (Nov 10)
submit
Apple MacOSX 10.9 Hard Link Memory Corruption submit (Nov 08)
support
Re: DS3 Authentication Server - Multiple Issues support (Nov 14)
Tamara Vera
RE: FP BugCON 2014 - Mexico City Tamara Vera (Nov 08)
Thijs Kinkhorst
[SECURITY] [DSA 2806-1] nbd security update Thijs Kinkhorst (Nov 29)
[SECURITY] [DSA 2802-1] nginx security update Thijs Kinkhorst (Nov 21)
Tim Brown
[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass Tim Brown (Nov 17)
Tony Naggs
DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 Tony Naggs (Nov 21)
"VMware Security Response Center"
NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability "VMware Security Response Center" (Nov 14)
Vulnerability Lab
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Nov 20)
pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Nov 03)
NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability Vulnerability Lab (Nov 29)
PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability Vulnerability Lab (Nov 18)
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability Vulnerability Lab (Nov 18)
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability Vulnerability Lab (Nov 18)
Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability Vulnerability Lab (Nov 20)
Yves-Alexis Perez
[SECURITY] [DSA 2789-1] strongswan security update Yves-Alexis Perez (Nov 01)