Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
147 messages
starting Nov 01 13 and
ending Nov 29 13
Date index |
Thread index |
Author index
Friday, 01 November
[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution security-alert
[security bulletin] HPSBMU02872 SSRT101185 rev.3 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert
[security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code security-alert
[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution security-alert
[SECURITY] [DSA 2789-1] strongswan security update Yves-Alexis Perez
[security bulletin] HPSBMU02874 SSRT101184 rev.2 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert
[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution security-alert
Sunday, 03 November
pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab
[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) security-alert
[SECURITY] [DSA 2790-1] nss security update Salvatore Bonaccorso
[slackware-security] mozilla-thunderbird (SSA:2013-307-01) Slackware Security Team
XSS and CSRF Horde Groupware Web mail Edition m . benetrix
CSRF Horde Groupware Web mail Edition m . benetrix
XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability geinblues
Monday, 04 November
[SECURITY] [DSA 2791-1] tryton-client security update Florian Weimer
Tuesday, 05 November
Cisco Mars Cross-Site Scripting Vulnerability - CVE-2013-5563 g . delvecchio
[SECURITY] [DSA 2792-1] wireshark security update Salvatore Bonaccorso
ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. Security Alert
ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. Security Alert
Wednesday, 06 November
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" ISecAuditors Security Advisories
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability ISecAuditors Security Advisories
wordpress jigoshop Plugin path disclosure vulnerabilities iedb . team
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting advisories
Open-Xchange Security Advisory 2013-11-06 Martin Braun
SQL Injection in appRain High-Tech Bridge Security Research
CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass CORE Advisories Team
Thursday, 07 November
Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Cisco Systems Product Security Incident Response Team
CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) Dirk-Willem van Gulik
Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
CFP BugCON 2014 - Mexico City Carlos A. Lozano
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Friday, 08 November
Apple MacOSX 10.9 Hard Link Memory Corruption submit
RE: FP BugCON 2014 - Mexico City Tamara Vera
Word 2003 SP2 .doc fork bomb on WinXP SP3 jsibley1
Sunday, 10 November
WorldCIST'14 - World Conference on IST; Submission deadline: November 29 Maria Lemos
Belkin WiFi NetCam video stream backdoor with unchangeable admin/admin credentials Johannes . Ernst
Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 Stefan Kanthak
[SECURITY] [DSA 2793-1] libav security update Moritz Muehlenhoff
XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow geinblues
[ MDVSA-2013:265 ] kernel security
Vulnerability in Pydio/AjaXplorer < = 5.0.3 advisories
Vulnerability in Pydio/AjaXplorer <= 5.0.3 advisories
[SECURITY] [DSA 2794-1] spip security update Salvatore Bonaccorso
Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 jsibley1
Monday, 11 November
vulnerability issue for DB2 express bhavyasethi . atcs
XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3 info
WebSurgery v1.1 released (Web application security testing suite) John Stamatakis
WebSurgery v1.1 released (Web application security testing suite) John Stamatakis
RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface Ruckus Product Security Team
Re: Apple MacOSX 10.9 Hard Link Memory Corruption Stefan Arentz
Tuesday, 12 November
Fwd: vulnerability issue for DB2 express Jonathan Yu
Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers Ruckus Product Security Team
[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information security-alert
Wednesday, 13 November
[SECURITY] [DSA 2795-1] lighttpd security update Michael Gilbert
LastPass Android container PIN and auto-wipe security feature bypass (CVE-2013-5113/5114) Chris John Riley
Cross-Site Scripting (XSS) in Zikula Application Framework High-Tech Bridge Security Research
[SECURITY] [DSA 2796-1] torque security update Salvatore Bonaccorso
Android Superuser shell character escape vulnerability Kevin Cernekee
Superuser "su --daemon" vulnerability on Android >= 4.3 Kevin Cernekee
Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee
[SECURITY] [DSA 2797-1] icedove security update Moritz Muehlenhoff
Dahua DVR Authentication Bypass - CVE-2013-6117 Jake Reynolds
Thursday, 14 November
Re: DS3 Authentication Server - Multiple Issues support
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Rodzbry27
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Rodzbry27
Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities Rodzbry27
APPLE-SA-2013-11-14-1 iOS 7.0.4 Apple Product Security
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee
NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability "VMware Security Response Center"
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Gleb O. Raiko
Sunday, 17 November
Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin High-Tech Bridge Security Research
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability Julien Ahrens
XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug geinblues
XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs geinblues
[SECURITY] [DSA 2795-2] lighttpd regression update Michael Gilbert
[SECURITY] [DSA 2797-1] chromium-browser security update Michael Gilbert
[SECURITY] [DSA 2798-1] curl security update Michael Gilbert
Information Security Forecast 2014 Jeimy Cano
[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass Tim Brown
Monday, 18 November
Re: Fwd: vulnerability issue for DB2 express shatter
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities advisories
[slackware-security] mozilla-firefox (SSA:2013-322-01) Slackware Security Team
[slackware-security] openssh (SSA:2013-322-02) Slackware Security Team
[slackware-security] samba (SSA:2013-322-03) Slackware Security Team
PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability Vulnerability Lab
[slackware-security] seamonkey (SSA:2013-322-04) Slackware Security Team
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability Vulnerability Lab
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability Vulnerability Lab
Tuesday, 19 November
SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution Dennis Kelly
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh FreeBSD Security Advisories
16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) Gregory Panakkal
[ MDVSA-2013:266 ] java-1.6.0-openjdk security
[ MDVSA-2013:267 ] java-1.7.0-openjdk security
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities Security Alert
pineapp mailsecure remote no authenticated privilege escalation & remote execution code rubengarrote
XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow geinblues
XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption geinblues
XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow geinblues
Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) bruk0ut . sec
Wednesday, 20 November
[ MDVSA-2013:268 ] torque security
Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability Vulnerability Lab
Mybb Ajaxfs Plugin Sql Injection vulnerability iedb . team
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab
[ MDVSA-2013:269 ] firefox security
[ MDVSA-2013:270 ] nss security
[SECURITY] [DSA 2798-2] curl security update Salvatore Bonaccorso
Thursday, 21 November
[ MDVSA-2013:273 ] libjpeg security
[ MDVSA-2013:271 ] pmake security
[ MDVSA-2013:272 ] poppler security
[ MDVSA-2013:275 ] krb5 security
[ MDVSA-2013:277 ] lighttpd security
Facebook Vulnerability Discloses Friends Lists Defined as Private qsrc Quotium
Instagram Photo Upload and Flattr Money Redirection Vulnerability pfohl
[ MDVSA-2013:276 ] curl security
[ MDVSA-2013:274 ] libjpeg security
[ MDVSA-2013:278 ] samba security
[SECURITY] [DSA 2801-1] libhttp-body-perl security update Salvatore Bonaccorso
DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 Tony Naggs
ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities Security Alert
[SECURITY] [DSA 2802-1] nginx security update Thijs Kinkhorst
Friday, 22 November
CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater andrew
Unauthorized console access on Satechi travel router v1.5 Luc Dore
Monday, 25 November
[ MDVSA-2013:279 ] wireshark security
[ MDVSA-2013:280 ] memcached security
[ MDVSA-2013:281 ] nginx security
Defense in depth -- the Microsoft way (part 14): incomplete, misleading and dangerous documentation Stefan Kanthak
Tuesday, 26 November
Open-Xchange Security Advisory 2013-11-25 Martin Braun
[ MDVSA-2013:282 ] perl-HTTP-Body security
[ MDVSA-2013:283 ] glibc security
[ MDVSA-2013:284 ] glibc security
[SECURITY] [DSA 2800-1] nss security update Salvatore Bonaccorso
[ MDVSA-2013:285 ] bugzilla security
[ MDVSA-2013:286 ] ruby security
Wednesday, 27 November
[SECURITY] [DSA 2803-1] quagga security update Moritz Muehlenhoff
[ MDVSA-2013:287 ] drupal security
[SECURITY] [DSA 2804-1] drupal7 security update Moritz Muehlenhoff
[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution security-alert
Multiple Cross-Site Scripting (XSS) in Claroline High-Tech Bridge Security Research
SQL Injection in Dokeos High-Tech Bridge Security Research
SQL Injection in Chamilo LMS High-Tech Bridge Security Research
[HITB-Announce] #HITB2014AMS Call for Papers Now Open Hafez Kamal
[SECURITY] [DSA 2805-1] sup-mail security update Luciano Bello
RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface Ruckus Product Security Team
Friday, 29 November
NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability Vulnerability Lab
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] FreeBSD Security Advisories
[SECURITY] [DSA 2806-1] nbd security update Thijs Kinkhorst