Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
198 messages
starting Apr 03 14 and
ending Apr 01 14
Date index |
Thread index |
Author index
0a29 40
0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability [0day] 0a29 40 (Apr 03)
Apple Product Security
APPLE-SA-2014-04-22-2 iOS 7.1.1 Apple Product Security (Apr 22)
APPLE-SA-2014-04-22-3 Apple TV 6.1.1 Apple Product Security (Apr 22)
APPLE-SA-2014-04-22-1 Security Update 2014-002 Apple Product Security (Apr 22)
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 Apple Product Security (Apr 02)
APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 Apple Product Security (Apr 23)
Bipin Gautam
Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction Bipin Gautam (Apr 01)
Brett Porter
[SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability Brett Porter (Apr 21)
[SECURITY] CVE-2013-2251: Apache Archiva Remote Command Execution Brett Porter (Apr 21)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software Cisco Systems Product Security Incident Response Team (Apr 30)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence System MXP Series Cisco Systems Product Security Incident Response Team (Apr 30)
Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products Cisco Systems Product Security Incident Response Team (Apr 09)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Cisco Systems Product Security Incident Response Team (Apr 09)
CORE Advisories Team
[CORE-2014-0003] - SAP Router Password Timing Attack CORE Advisories Team (Apr 16)
craig . arendt
Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl craig . arendt (Apr 21)
Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2 craig . arendt (Apr 21)
dann frazier
[SECURITY] [DSA 2906-1] linux-2.6 security update dann frazier (Apr 25)
education
Call for Papers education (Apr 07)
Fabien Bourdaire
CVE-2014-0160 mitigation using iptables Fabien Bourdaire (Apr 09)
Felipe Daragon
Syhunt Advisory: CGILua session.lua Predictable Session ID Vulnerability Felipe Daragon (Apr 30)
Florent Daigniere
[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability Florent Daigniere (Apr 02)
Florian Weimer
[SECURITY] [DSA 2917-1] super security update Florian Weimer (Apr 28)
Francesco Chicchiriccò
[SECURITY] CVE-2014-0111 Apache Syncope Francesco Chicchiriccò (Apr 15)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-14:07.devfs FreeBSD Security Advisories (Apr 30)
FreeBSD Security Advisory FreeBSD-SA-14:08.tcp FreeBSD Security Advisories (Apr 30)
FreeBSD Security Advisory FreeBSD-SA-14:05.nfsserver FreeBSD Security Advisories (Apr 09)
FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED] FreeBSD Security Advisories (Apr 09)
FreeBSD Security Advisory FreeBSD-SA-14:09.openssl [REVISED] FreeBSD Security Advisories (Apr 30)
FreeBSD Security Advisory FreeBSD-SA-14:09.openssl FreeBSD Security Advisories (Apr 30)
FreeBSD Security Advisory FreeBSD-SA-14:06.openssl FreeBSD Security Advisories (Apr 09)
harun . esur
Misli.com Android App SSL certificate validation weakness harun . esur (Apr 24)
Birebin.com Android App SSL certificate validation weakness harun . esur (Apr 24)
High-Tech Bridge Security Research
Сross-Site Request Forgery (CSRF) in XCloner Standalone High-Tech Bridge Security Research (Apr 09)
SQL Injection in Orbit Open Ad Server High-Tech Bridge Security Research (Apr 09)
Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin High-Tech Bridge Security Research (Apr 02)
SQL Injection in mAdserve High-Tech Bridge Security Research (Apr 16)
Ipstenu (Mika Epstein)
Re: CVE-2014-2297(WordPress-videowhisper-live-streaming-integration 4.29.6-Xss) Ipstenu (Mika Epstein) (Apr 09)
Ivan Buetler
Heartbleed Testing Server Ivan Buetler (Apr 30)
Kotas, Kevin J
CA20140403-01: Security Notice for CA Erwin Web Portal Kotas, Kevin J (Apr 04)
kyle Lovett
D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities kyle Lovett (Apr 17)
Larry W. Cashdollar
Remote Command Injection in Ruby Gem sfpagent 0.4.14 Larry W. Cashdollar (Apr 21)
LpSolit
Security advisory for Bugzilla 4.5.3, 4.4.3, 4.2.8, and 4.0.12 LpSolit (Apr 21)
LSE Leading Security Experts GmbH (Security Advisories)
LSE Leading Security Experts GmbH - LSE-2014-04-10 - Sitepark IES - Unauthenticated Access LSE Leading Security Experts GmbH (Security Advisories) (Apr 30)
Lubomir Stroetmann
[softScheck] Denial of Service in Microsoft Office 2007-2013 Lubomir Stroetmann (Apr 03)
Luciano Bello
[SECURITY] [DSA 2895-2] prosody regression update Luciano Bello (Apr 21)
[SECURITY] [DSA 2895-1] prosody security update Luciano Bello (Apr 07)
Lukasz Lenart
[ANN] Struts 2.3.16.2 GA release available - security fix Lukasz Lenart (Apr 28)
marduk369
Sendy 1.1.9.1 - SQL Injection Vulnerability marduk369 (Apr 10)
Martin Braun
Open-Xchange Security Advisory 2014-04-08 Martin Braun (Apr 08)
mdgh9
[CVE-2014-2715] Cross-site scripting (XSS) vulnerability in Videowhisper mdgh9 (Apr 25)
Micha Borrmann
CVE-2014-2735 - WinSCP: missing X.509 validation Micha Borrmann (Apr 16)
Michael Gilbert
[SECURITY] [DSA 2905-1] chromium-browser security update Michael Gilbert (Apr 16)
modzero security
BlackBerry Z 10 - Buffer Overflow in qconnDoor [MZ-13-05] modzero security (Apr 08)
Moritz Muehlenhoff
[SECURITY] [DSA 2912-1] openjdk-6 security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2900-1] jbigkit security update Moritz Muehlenhoff (Apr 11)
[SECURITY] [DSA 2904-1] virtualbox security update Moritz Muehlenhoff (Apr 15)
[SECURITY] [DSA 2898-1] imagemagick security update Moritz Muehlenhoff (Apr 09)
[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable Moritz Muehlenhoff (Apr 16)
[SECURITY] [DSA 2918-1] iceweasel security update Moritz Muehlenhoff (Apr 30)
[SECURITY] [DSA 2903-1] strongswan security update Moritz Muehlenhoff (Apr 15)
[SECURITY] [DSA 2916-1] libmms security update Moritz Muehlenhoff (Apr 28)
[SECURITY] [DSA 2911-1] icedove security update Moritz Muehlenhoff (Apr 22)
[SECURITY] [DSA 2897-1] tomcat7 security update Moritz Muehlenhoff (Apr 08)
Oliver Goebel
[IMF 2014] Call for Participation Oliver Goebel (Apr 02)
Phrack Staff
Phrack Security Advisory 2014-001 - Paper leak on release timeout Phrack Staff (Apr 07)
Portcullis Advisories
CVE-2014-2383 - Arbitrary file read in dompdf Portcullis Advisories (Apr 23)
CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive Portcullis Advisories (Apr 23)
CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player Portcullis Advisories (Apr 11)
CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive Portcullis Advisories (Apr 23)
CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server Portcullis Advisories (Apr 17)
CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux Portcullis Advisories (Apr 15)
psiinon
OWASP ZAP 2.3.0 psiinon (Apr 10)
Raphael Geissert
[SECURITY] [DSA 2915-2] dpkg security update Raphael Geissert (Apr 30)
[SECURITY] [DSA 2908-1] openssl security update Raphael Geissert (Apr 21)
[SECURITY] [DSA 2915-1] dpkg security update Raphael Geissert (Apr 28)
[SECURITY] [DSA 2808-2] openjpeg regression update Raphael Geissert (Apr 23)
Rene Gielen
[ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114 Rene Gielen (Apr 29)
roberto . paleari
Weak firmware encryption and predictable WPA key on Sitecom routers roberto . paleari (Apr 24)
Ruckus Product Security Team
RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 Ruckus Product Security Team (Apr 15)
Salvatore Bonaccorso
[SECURITY] [DSA 2909-1] qemu security update Salvatore Bonaccorso (Apr 21)
[SECURITY] [DSA 2892-1] a2ps security update Salvatore Bonaccorso (Apr 01)
[SECURITY] [DSA 2896-2] openssl security update Salvatore Bonaccorso (Apr 08)
[SECURITY] [DSA 2914-1] drupal6 security update Salvatore Bonaccorso (Apr 28)
[SECURITY] [DSA 2902-1] curl security update Salvatore Bonaccorso (Apr 15)
[SECURITY] [DSA 2894-1] openssh security update Salvatore Bonaccorso (Apr 07)
[SECURITY] [DSA 2901-3] wordpress regression update Salvatore Bonaccorso (Apr 21)
[SECURITY] [DSA 2910-1] qemu-kvm security update Salvatore Bonaccorso (Apr 21)
[SECURITY] [DSA 2913-1] drupal7 security update Salvatore Bonaccorso (Apr 28)
[SECURITY] [DSA 2901-1] wordpress security update Salvatore Bonaccorso (Apr 15)
[SECURITY] [DSA 2896-1] openssl security update Salvatore Bonaccorso (Apr 08)
SEC Consult Vulnerability Lab
SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server SEC Consult Vulnerability Lab (Apr 11)
SEC Consult SA-20140430-0 :: SQL injection and persistent XSS in the Typo3 3rd party extension si_bibtex SEC Consult Vulnerability Lab (Apr 30)
SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager SEC Consult Vulnerability Lab (Apr 02)
SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances SEC Consult Vulnerability Lab (Apr 23)
Securify B.V.
Adobe Reader for Android exposes insecure Javascript interfaces Securify B.V. (Apr 15)
security
[ MDVSA-2014:079 ] json-c security (Apr 17)
[ MDVSA-2014:077 ] jbigkit security (Apr 15)
[ MDVSA-2014:075 ] php security (Apr 10)
[ MDVSA-2014:071 ] yaml security (Apr 09)
[ MDVSA-2014:073 ] file security (Apr 09)
[ MDVSA-2014:070 ] yaml security (Apr 09)
[ MDVSA-2014:076 ] a2ps security (Apr 11)
[ MDVSA-2014:078 ] asterisk security (Apr 16)
[ MDVSA-2014:072 ] php-ZendFramework security (Apr 09)
[ MDVSA-2014:067 ] openssl security (Apr 09)
[ MDVSA-2014:068 ] openssh security (Apr 09)
[ MDVSA-2014:069 ] perl-YAML-LibYAML security (Apr 09)
Security Alert
ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks Security Alert (Apr 11)
ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities Security Alert (Apr 03)
ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability Security Alert (Apr 11)
ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities Security Alert (Apr 16)
ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities Security Alert (Apr 03)
ESA-2014-029: RSA® Access Manager Sensitive Information Disclosure Vulnerability Security Alert (Apr 30)
ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability Security Alert (Apr 11)
ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability Security Alert (Apr 11)
ESA-2014-020: RSA Adaptive Authentication (On-Premise) Multiple Vulnerabilities Security Alert (Apr 01)
security-alert
[security bulletin] HPSBMU02995 rev.4 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (Apr 21)
[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information security-alert (Apr 11)
[security bulletin] HPSBMU03025 rev.1 - HP Diagnostics running OpenSSL, Remote Disclosure of Information security-alert (Apr 28)
[security bulletin] HPSBUX03001 SSRT101382 rev.1 - HP-UX Whitelisting (WLI), Local System Integrity Risk security-alert (Apr 16)
[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information security-alert (Apr 23)
[security bulletin] HPSBMU03023 rev.1 - HP BladeSystem c-Class Virtual Connect Support Utility (VCSU) running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (Apr 25)
[security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information security-alert (Apr 15)
[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information security-alert (Apr 17)
[security bulletin] HPSBPI03031 rev.1 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information security-alert (Apr 30)
[security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information security-alert (Apr 24)
[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code security-alert (Apr 17)
[security bulletin] HPSBMU02895 SSRT101253 rev.2 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code security-alert (Apr 25)
[security bulletin] HPSBST03016 rev.1 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage Remote Disclosure of Information security-alert (Apr 25)
[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (Apr 23)
[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information security-alert (Apr 24)
[security bulletin] HPSBMU02935 rev.2 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information security-alert (Apr 17)
[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (Apr 15)
[security bulletin] HPSBMU02994 rev.3 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert (Apr 25)
[security bulletin] HPSBMU02995 rev.3 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (Apr 17)
[security bulletin] HPSBMU03017 rev.1 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information security-alert (Apr 22)
[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information security-alert (Apr 22)
[security bulletin] HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert (Apr 21)
[security bulletin] HPSBST03015 rev.2 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information security-alert (Apr 24)
[security bulletin] HPSBST02980 rev.1 - HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux, Local Elevation of Privilege security-alert (Apr 08)
[security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (Apr 24)
[security bulletin] HPSBMU03024 rev.1 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information security-alert (Apr 30)
[security bulletin] HPSBMU02995 rev.2 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (Apr 15)
[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information security-alert (Apr 22)
[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information security-alert (Apr 21)
[security bulletin] HPSBGN03010 rev.3 - HP Software Server Automation running OpenSSL, Remote Disclosure of Information security-alert (Apr 30)
[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information security-alert (Apr 17)
[security bulletin] HPSBST03000 rev.1 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information security-alert (Apr 23)
[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert (Apr 15)
[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information security-alert (Apr 15)
[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert (Apr 17)
[security bulletin] HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service security-alert (Apr 24)
[security bulletin] HPSBST03016 rev.2 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information security-alert (Apr 30)
[security bulletin] HPSBMU02995 rev.6 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (Apr 28)
[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information security-alert (Apr 23)
[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information security-alert (Apr 17)
[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) security-alert (Apr 03)
[security bulletin] HPSBMU03017 rev.2 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information security-alert (Apr 25)
[security bulletin] HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information security-alert (Apr 23)
[security bulletin] HPSBGN02986 rev.1 - HP IceWall Identity Manager and HP IceWall SSO Password Reset Option Running Apache Commons FileUpload, Remote Denial of Service (DoS) security-alert (Apr 07)
[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert (Apr 28)
[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information security-alert (Apr 17)
[security bulletin] HPSBGN03011 rev.1 - HP IceWall MCRP running OpenSSL on Red Hat Enterprise Linux 6 (RHEL6), Remote Disclosure of Information security-alert (Apr 24)
[security bulletin] HPSBMU03020 rev.2 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (Apr 29)
[security bulletin] HPSBUX02963 SSRT101297 rev.2 - HP-UX m4(1), Local Unauthorized Access security-alert (Apr 28)
[security bulletin] HPSBGN03010 rev.2 - HP Software Server Automation running OpenSSL, Remote Disclosure of Information security-alert (Apr 28)
[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution security-alert (Apr 17)
[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information security-alert (Apr 16)
Security Explorations
[SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service (details) Security Explorations (Apr 01)
Re: [SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service (details) Security Explorations (Apr 01)
Slackware Security Team
[slackware-security] php (SSA:2014-111-02) Slackware Security Team (Apr 22)
[slackware-security] libyaml (SSA:2014-111-01) Slackware Security Team (Apr 22)
[slackware-security] mozilla-thunderbird (SSA:2014-119-02) Slackware Security Team (Apr 30)
[slackware-security] openssl (SSA:2014-098-01) Slackware Security Team (Apr 09)
[slackware-security] mozilla-firefox (SSA:2014-119-01) Slackware Security Team (Apr 30)
Stefan Kanthak
Buggy insecure "security" software executes rogue binary during installation and uninstallation Stefan Kanthak (Apr 17)
stephen
Regarding attacks and exploits of the physical body stephen (Apr 01)
submit
MacOSX/XNU HFS Multiple Vulnerabilities submit (Apr 07)
Thijs Kinkhorst
[SECURITY] [DSA 2899-1] openafs security update Thijs Kinkhorst (Apr 10)
[SECURITY] [DSA 2901-2] wordpress regression update Thijs Kinkhorst (Apr 21)
[SECURITY] [DSA 2891-3] mediawiki regression update Thijs Kinkhorst (Apr 07)
tudor . enache
Pearson eSIS Enterprise Student Information System Stored XSS tudor . enache (Apr 07)
Pearson eSIS Enterprise Student Information System SQL Injection tudor . enache (Apr 07)
Vulnerability Lab
Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability Vulnerability Lab (Apr 08)
PDF Album v1.7 iOS - File Include Web Vulnerability Vulnerability Lab (Apr 15)
AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability Vulnerability Lab (Apr 10)
BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability Vulnerability Lab (Apr 10)
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities Vulnerability Lab (Apr 02)
AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability Vulnerability Lab (Apr 23)
Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue Vulnerability Lab (Apr 11)
Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability Vulnerability Lab (Apr 03)
Depot WiFi v1.0.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Apr 25)
iVault Private P&V 1.1 iOS - Path Traversal Vulnerability Vulnerability Lab (Apr 10)
VUPEN Security Research
VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) VUPEN Security Research (Apr 15)
webmaster
[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7 webmaster (Apr 16)
[Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7 webmaster (Apr 16)
Wesley Henrique
Vulnerability in PHPFox v3.7.3, v3.7.4 and v3.7.5 all build [ CVE-2013-7195, CVE-2013-7196 ] Wesley Henrique (Apr 07)
Yves-Alexis Perez
[SECURITY] [DSA 2893-1] openswan security update Yves-Alexis Perez (Apr 01)