Bugtraq: by author
113 messages
starting Jan 16 14 and
ending Jan 24 14
Date index |
Thread index |
Author index
Alexandre Herzog
CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers Alexandre Herzog (Jan 16)
ali . hussein
[CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application ali . hussein (Jan 15)
[CVE-2014-1607.] Cross Site Scripting(XSS) in Drupal Event calendar module ali . hussein (Jan 24)
Andrzej Targosz
CONFidence 2014- Call for Papers Andrzej Targosz (Jan 23)
Apple Product Security
APPLE-SA-2014-01-22-1 iTunes 11.1.4 Apple Product Security (Jan 23)
AusCERT
AusCERT2014 Call for Presentations and Tutorials AusCERT (Jan 07)
bhadresh . k . patel
Ammyy Admin - Hidden hard-coded option and Access Control vulnerability. bhadresh . k . patel (Jan 20)
c1ph04mail
NETGEAR WNR1000v3 Password Recovery Vulnerability c1ph04mail (Jan 13)
Christian Catalano
[CVE-2013-6235] - Multiple Reflected XSS vulnerabilities in JAMon v2.7 Christian Catalano (Jan 24)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jan 22)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System Cisco Systems Product Security Incident Response Team (Jan 15)
Cisco Security Advisory: Undocumented Test Interface in Cisco Small Business Devices Cisco Systems Product Security Incident Response Team (Jan 13)
Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Jan 22)
Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jan 22)
cjlacayo
[CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android) cjlacayo (Jan 24)
Daniel Wood
[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application Daniel Wood (Jan 14)
David Nalley
Updated [CVE-2013-6398] CloudStack Virtual Router stop/start modifies firewall rules allowing additional access David Nalley (Jan 13)
Updated [CVE-2014-0031] CloudStack ListNetworkACL API discloses ACLs for other users David Nalley (Jan 13)
Felipe Molina
[CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL) Felipe Molina (Jan 10)
Fernando Gont
SI6 Networks' IPv6 Toolkit v1.5.2 released! Fernando Gont (Jan 20)
Florian Weimer
[SECURITY] [DSA 2849-1] curl security update Florian Weimer (Jan 31)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-14:03.openssl FreeBSD Security Advisories (Jan 15)
FreeBSD Security Advisory FreeBSD-SA-14:04.bind FreeBSD Security Advisories (Jan 15)
FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd FreeBSD Security Advisories (Jan 15)
FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd FreeBSD Security Advisories (Jan 15)
Hafez Kamal
[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL Hafez Kamal (Jan 16)
[HITB-Announce] HITB Magazine Issue 10 Out Now Hafez Kamal (Jan 07)
High-Tech Bridge Security Research
SQL Injection in JV Comment Joomla Extension High-Tech Bridge Security Research (Jan 23)
Improper Authentication in Burden High-Tech Bridge Security Research (Jan 08)
Multiple Vulnerabilities in Eventum High-Tech Bridge Security Research (Jan 28)
Path Traversal in eduTrac High-Tech Bridge Security Research (Jan 02)
Multiple Vulnerabilities in Horizon QCMS High-Tech Bridge Security Research (Jan 08)
SQL Injection in Sexy Polling Joomla Extension High-Tech Bridge Security Research (Jan 16)
Cross-Site Scripting (XSS) in Komento Joomla Extension High-Tech Bridge Security Research (Jan 23)
Ivan Buetler
Online OWASP Security Challenges Ivan Buetler (Jan 15)
Luciano Bello
[SECURITY] [DSA 2831-1] puppet security update Luciano Bello (Jan 01)
Major Malfunction
DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 Major Malfunction (Jan 28)
Mark Litchfield
SiteCore XML Control Script Insertion Mark Litchfield (Jan 29)
Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail Mark Litchfield (Jan 29)
Ektron CMS Take Over - Hijacking Accounts Mark Litchfield (Jan 30)
Martin Braun
Open-Xchange Security Advisory 2014-01-06 Martin Braun (Jan 06)
Open-Xchange Security Advisory 2014-01-17 Martin Braun (Jan 17)
Matias Fontanini
Joomla! JomSocial component < 3.1.0.1 - Remote code execution Matias Fontanini (Jan 31)
mgeorgiev
Security Vulnerabilities in Apache Cordova / PhoneGap mgeorgiev (Jan 24)
ML
CISTI'2014: CFP - Doctoral Symposium ML (Jan 23)
CISTI'2014: List of Workshops ML (Jan 13)
Moritz Muehlenhoff
[SECURITY] [DSA 2833-1] openssl security update Moritz Muehlenhoff (Jan 01)
[SECURITY] [DSA 2841-1] movabletype-opensource security update Moritz Muehlenhoff (Jan 13)
[SECURITY] [DSA 2835-1] asterisk security update Moritz Muehlenhoff (Jan 06)
[SECURITY] [DSA 2845-1] mysql-5.1 security update Moritz Muehlenhoff (Jan 20)
[SECURITY] [DSA 2842-1] libspring-java security update Moritz Muehlenhoff (Jan 13)
[SECURITY] [DSA 2846-1] libvirt security update Moritz Muehlenhoff (Jan 20)
[SECURITY] [DSA 2838-1] libxfont security update Moritz Muehlenhoff (Jan 08)
[SECURITY] [DSA 2837-1] openssl security update Moritz Muehlenhoff (Jan 07)
nullcon
nullcon Blackshield Awards 2014 nullcon (Jan 09)
[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) nullcon (Jan 24)
Pedro Ribeiro
[CVE -2014-1201] Lorex security DVR ActiveX control buffer overflow Pedro Ribeiro (Jan 13)
Pivotal Security Team
CVE-2013-6430 Possible XSS when using Spring MVC Pivotal Security Team (Jan 15)
CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete Pivotal Security Team (Jan 15)
Raphael Geissert
[SECURITY] [DSA 2844-1] djvulibre security update Raphael Geissert (Jan 15)
[SECURITY] [DSA 2836-1] devscripts security update Raphael Geissert (Jan 06)
research-feedback
[FFRRA-20131213] Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 research-feedback (Jan 22)
Salvatore Bonaccorso
[SECURITY] [DSA 2831-2] puppet regression update Salvatore Bonaccorso (Jan 20)
[SECURITY] [DSA 2840-1] srtp security update Salvatore Bonaccorso (Jan 13)
[SECURITY] [DSA 2834-1] typo3-src security update Salvatore Bonaccorso (Jan 01)
[SECURITY] [DSA 2843-1] graphviz security update Salvatore Bonaccorso (Jan 14)
[SECURITY] [DSA 2839-1] spice security update Salvatore Bonaccorso (Jan 08)
[SECURITY] [DSA 2848-1] mysql-5.5 security update Salvatore Bonaccorso (Jan 24)
[SECURITY] [DSA 2847-1] drupal7 security update Salvatore Bonaccorso (Jan 21)
[SECURITY] [DSA 2832-1] memcached security update Salvatore Bonaccorso (Jan 01)
SEC Consult Vulnerability Lab
SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) SEC Consult Vulnerability Lab (Jan 22)
Secunia Research
Secunia Research: OpenPNE PHP Object Injection Vulnerability Secunia Research (Jan 21)
security
[ MDVSA-2014:014 ] php security (Jan 22)
[ MDVSA-2014:008 ] openjpeg security (Jan 20)
[ MDVSA-2014:005 ] ejabberd security (Jan 16)
[ MDVSA-2014:019 ] elinks security (Jan 22)
[ MDVSA-2014:012 ] nss security (Jan 21)
[ MDVSA-2014:010 ] memcached security (Jan 20)
[ MDVSA-2014:024 ] graphviz security (Jan 27)
[ MDVSA-2014:016 ] spice security (Jan 22)
[ MDVSA-2014:001 ] kernel security (Jan 13)
[ MDVSA-2014:011 ] java-1.7.0-openjdk security (Jan 21)
[ MDVSA-2014:004 ] nagios security (Jan 16)
[ MDVSA-2014:020 ] x11-server security (Jan 22)
[ MDVSA-2014:015 ] cups security (Jan 22)
[ MDVSA-2014:018 ] net-snmp security (Jan 22)
[ MDVSA-2014:002 ] bind security (Jan 16)
[ MDVSA-2014:007 ] openssl security (Jan 20)
[ MDVSA-2014:003 ] nrpe security (Jan 16)
[ MDVSA-2014:006 ] libxslt security (Jan 16)
[ MDVSA-2014:013 ] libxfont security (Jan 21)
[ MDVSA-2014:022 ] augeas security (Jan 27)
[ MDVSA-2014:017 ] net-snmp security (Jan 22)
[ MDVSA-2014:023 ] hplip security (Jan 27)
[ MDVSA-2014:009 ] librsvg security (Jan 20)
[ MDVSA-2014:021 ] perl-Proc-Daemon security (Jan 27)
security-alert
[security bulletin] HPSBUX02961 SSRT101420 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jan 17)
[security bulletin] HPSBMU02895 SSRT101253 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code security-alert (Jan 02)
[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS) security-alert (Jan 14)
Security Explorations
[SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service Security Explorations (Jan 31)
sisco . barrera
SPAMINA EMAIL FIREWALL 3.3.1.1 - Directory Traversal - sisco . barrera (Jan 07)
Slackware Security Team
[slackware-security] libXfont (SSA:2014-013-01) Slackware Security Team (Jan 14)
[slackware-security] php (SSA:2014-013-03) Slackware Security Team (Jan 14)
[slackware-security] openssl (SSA:2014-013-02) Slackware Security Team (Jan 15)
[slackware-security] samba (SSA:2014-013-04) Slackware Security Team (Jan 14)
[slackware-security] bind (SSA:2014-028-01) Slackware Security Team (Jan 30)
[slackware-security] mozilla-nss (SSA:2014-028-02) Slackware Security Team (Jan 29)
The Third International Conference on Cyber Security, Cyber Warfare, and Digital Forensic
CFP - IEEE Co-sponsored CyberSec2014 - Lebanon Section The Third International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (Jan 01)
Tomaz Muraus
[CVE-2013-6480] Libcloud doesn't send scrub_data query parameter when destroying a DigitalOcean node Tomaz Muraus (Jan 01)
tudor . enache
Reflected cross-site scripting (XSS) vulnerability in Mediatrix Web Management Interface login page tudor . enache (Jan 23)
Vulnerability Lab
Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability Vulnerability Lab (Jan 28)
SimplyShare v1.4 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jan 30)
Yves-Alexis Perez
[SECURITY] [DSA 2826-2] denyhosts regression update Yves-Alexis Perez (Jan 24)