Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
176 messages
starting Jun 03 14 and
ending Jun 23 14
Date index |
Thread index |
Author index
advisories
LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues advisories (Jun 03)
Apple Product Security
APPLE-SA-2014-06-30-4 Apple TV 6.1.2 Apple Product Security (Jun 30)
APPLE-SA-2014-06-30-3 iOS 7.1.2 Apple Product Security (Jun 30)
APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 Apple Product Security (Jun 30)
APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 Apple Product Security (Jun 30)
Asterisk Security Team
AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions Asterisk Security Team (Jun 13)
AST-2014-006: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Jun 13)
AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections Asterisk Security Team (Jun 13)
AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework Asterisk Security Team (Jun 13)
Brett Porter
[SECURITY] CVE-2013-2251: Apache Continuum affected by Remote Command Execution Brett Porter (Jun 13)
calendarsites
CFP 1st International Conference on Information Systems Security and Privacy - ICISSP 2015 calendarsites (Jun 27)
Christian Schneider
CVE-2014-2233 - "Server-Side Request Forgery" (CWE-918) vulnerability in "infoware MapSuite" Christian Schneider (Jun 03)
CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" Christian Schneider (Jun 03)
CVE-2014-2232 - "Absolute Path Traversal" (CWE-36) vulnerability in "infoware MapSuite" Christian Schneider (Jun 03)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products Cisco Systems Product Security Incident Response Team (Jun 06)
Cisco Security Advisory: Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jun 12)
cseye_ut
DNN (DotNetNuke®) ASPSlideshow Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
DNN (DotNetNuke®) dnnUI_NewsArticlesSlider Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
DNN (DotNetNuke®) CodeEditor Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
DNN (DotNetNuke®) eventscalendar Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
multiple Vulnerability in "WahmShoppes eStore" cseye_ut (Jun 05)
DNN (DotNetNuke®) responsivesidebar Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
Daryl Tester
Re: Bug in bash <= 4.3 [security feature bypassed] Daryl Tester (Jun 05)
Dolev Farhi
CVE-2014-3740 - SpiceWorks Cross-site scripting Dolev Farhi (Jun 09)
ferenc . spala
[CFP] Hacktivity 2014 CFP is open ferenc . spala (Jun 16)
Fran
[CVE-2014-2577] XSS on Transform Foundation Server 4.3.1 and 5.2 from Bottomline Technologies Fran (Jun 04)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-14:13.pam FreeBSD Security Advisories (Jun 04)
FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail FreeBSD Security Advisories (Jun 04)
FreeBSD Security Advisory FreeBSD-SA-14:14.openssl FreeBSD Security Advisories (Jun 05)
FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace FreeBSD Security Advisories (Jun 04)
FreeBSD Security Advisory FreeBSD-SA-14:15.iconv FreeBSD Security Advisories (Jun 25)
FreeBSD Security Advisory FreeBSD-SA-14:16.file FreeBSD Security Advisories (Jun 25)
Giuseppe Iuculano
[SECURITY] [DSA 2945-1] chkrootkit security update Giuseppe Iuculano (Jun 04)
Hafez Kamal
[HITB-Announce] #HITB2014KUL round 1 CFP submission deadline in < 1 week Hafez Kamal (Jun 25)
Hector Marco
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 05)
CVE-2013-6825 DCMTK Root Privilege escalation Hector Marco (Jun 04)
CVE-2014-1226 s3dvt Root shell (still) Hector Marco (Jun 03)
Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 04)
Re: Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 06)
CVE-2013-6825 DCMTK Root Privilege escalation Hector Marco (Jun 03)
CVE-2014-1226 s3dvt Root shell (still) Hector Marco (Jun 04)
[FD] CVE-2013-6876 s3dvt Root shell Hector Marco (Jun 03)
CVE-2013-6876 s3dvt Root shell Hector Marco (Jun 04)
Henri Salo
Re: OpenCart 1.5.6.4 Directory Traversal Vulnerability Henri Salo (Jun 03)
High-Tech Bridge Security Research
Multiple SQL Injection Vulnerabilities in web2Project High-Tech Bridge Security Research (Jun 18)
SQL Injection in Dolphin High-Tech Bridge Security Research (Jun 18)
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite High-Tech Bridge Security Research (Jun 25)
iedb . team
ClipBucket CMS Xss Vulnerability iedb . team (Jun 16)
NeginGroup CMS Multiple Vulnerability iedb . team (Jun 09)
Jeffrey Walton
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jeffrey Walton (Jun 06)
J. Oquendo
CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones J. Oquendo (Jun 13)
Jose Carlos Luna Duran
Re: [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jose Carlos Luna Duran (Jun 04)
lists
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] lists (Jun 05)
Michael Gilbert
[SECURITY] [DSA 2965-1] tiff security update Michael Gilbert (Jun 23)
[SECURITY] [DSA 2959-1] chromium-browser security update Michael Gilbert (Jun 16)
[SECURITY] [DSA 2939-1] chromium-browser security update Michael Gilbert (Jun 03)
Michal Zalewski
Boolean algebra and CSS history theft Michal Zalewski (Jun 24)
Moritz Muehlenhoff
[SECURITY] [DSA 2944-1] gnutls26 security update Moritz Muehlenhoff (Jun 03)
[SECURITY] [DSA 2950-1] openssl security update Moritz Muehlenhoff (Jun 05)
[SECURITY] [DSA 2963-1] lucene-solr security update Moritz Muehlenhoff (Jun 18)
[SECURITY] [DSA 2956-1] icinga security update Moritz Muehlenhoff (Jun 12)
[SECURITY] [DSA 2942-1] typo3-src security update Moritz Muehlenhoff (Jun 03)
[SECURITY] [DSA 2962-1] nspr security update Moritz Muehlenhoff (Jun 18)
[SECURITY] [DSA 2951-1] mupdf security update Moritz Muehlenhoff (Jun 06)
[SECURITY] [DSA 2960-1] icedove security update Moritz Muehlenhoff (Jun 16)
[SECURITY] [DSA 2943-1] php5 security update Moritz Muehlenhoff (Jun 03)
[SECURITY] [DSA 2946-1] python-gnupg security update Moritz Muehlenhoff (Jun 05)
[SECURITY] [DSA 2955-1] iceweasel security update Moritz Muehlenhoff (Jun 12)
[SECURITY] [DSA 2950-2] openssl update Moritz Muehlenhoff (Jun 17)
[SECURITY] [DSA 2947-1] libav security update Moritz Muehlenhoff (Jun 05)
[SECURITY] [DSA 2941-1] lxml security update Moritz Muehlenhoff (Jun 03)
[SECURITY] [DSA 2970-1] cacti security update Moritz Muehlenhoff (Jun 30)
[SECURITY] [DSA 2948-1] python-bottle security update Moritz Muehlenhoff (Jun 05)
Nico Golde
[SECURITY] [DSA 2952-1] kfreebsd-9 security update Nico Golde (Jun 06)
Onapsis Research Labs
[Onapsis Security Advisory 2014-020] SAP SLD Information Tampering Onapsis Research Labs (Jun 06)
[Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components Onapsis Research Labs (Jun 06)
Pavel Machek
Re: MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service Pavel Machek (Jun 11)
Portcullis Advisories
CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) Portcullis Advisories (Jun 25)
CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 Portcullis Advisories (Jun 25)
CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2 Portcullis Advisories (Jun 04)
CVE-2014-3977 - Privilege Escalation in IBM AIX Portcullis Advisories (Jun 11)
Raphael Geissert
[SECURITY] [DSA 2953-1] dpkg security update Raphael Geissert (Jun 09)
RedTeam Pentesting GmbH
[RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting GmbH (Jun 25)
[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting RedTeam Pentesting GmbH (Jun 25)
[RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager RedTeam Pentesting GmbH (Jun 05)
[RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution RedTeam Pentesting GmbH (Jun 27)
Robin Bailey
FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS) Robin Bailey (Jun 03)
CodeIgniter <= 2.1.4 Session Decoding Vulnerability Robin Bailey (Jun 11)
Roee Hay
Android KeyStore Stack Buffer Overflow (CVE-2014-3100) Roee Hay (Jun 24)
Salvatore Bonaccorso
[SECURITY] [DSA 2967-1] gnupg security update Salvatore Bonaccorso (Jun 25)
[SECURITY] [DSA 2964-1] iodine security update Salvatore Bonaccorso (Jun 23)
[SECURITY] [DSA 2968-1] gnupg2 security update Salvatore Bonaccorso (Jun 27)
[SECURITY] [DSA 2954-1] dovecot security update Salvatore Bonaccorso (Jun 10)
[SECURITY] [DSA 2961-1] php5 security update Salvatore Bonaccorso (Jun 17)
[SECURITY] [DSA 2949-1] linux security update Salvatore Bonaccorso (Jun 05)
[SECURITY] [DSA 2969-1] libemail-address-perl security update Salvatore Bonaccorso (Jun 27)
SEC Consult Vulnerability Lab
SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS SEC Consult Vulnerability Lab (Jun 30)
SEC Consult SA-20140606-0 :: Multiple critical vulnerabilities in WebTitan SEC Consult Vulnerability Lab (Jun 06)
security
[ MDVSA-2014:109 ] gnutls security (Jun 10)
[ MDVSA-2014:114 ] squid security (Jun 11)
[ MDVSA-2014:111 ] otrs security (Jun 10)
[ MDVSA-2014:118 ] emacs security (Jun 11)
[ MDVSA-2014:121 ] libgadu security (Jun 11)
[ MDVSA-2014:113 ] python-django security (Jun 11)
[ MDVSA-2014:117 ] libcap-ng security (Jun 11)
[ MDVSA-2014:116 ] file security (Jun 11)
[ MDVSA-2014:122 ] chkrootkit security (Jun 12)
[ MDVSA-2014:115 ] php security (Jun 11)
[ MDVSA-2014:108 ] gnutls security (Jun 10)
[ MDVSA-2014:125 ] nspr security (Jun 16)
[ MDVSA-2014:123 ] tor security (Jun 12)
[ MDVSA-2014:124 ] kernel security (Jun 13)
[ MDVSA-2014:107 ] libtasn1 security (Jun 10)
[ MDVSA-2014:119 ] mediawiki security (Jun 11)
[ MDVSA-2014:110 ] curl security (Jun 10)
[ MDVSA-2014:120 ] miniupnpc security (Jun 11)
[ MDVSA-2014:106 ] openssl security (Jun 10)
[ MDVSA-2014:112 ] python-django security (Jun 10)
[ MDVSA-2014:105 ] openssl security (Jun 10)
Security Alert
ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability Security Alert (Jun 30)
ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability Security Alert (Jun 05)
ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities Security Alert (Jun 05)
ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities Security Alert (Jun 30)
ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities Security Alert (Jun 30)
ESA-2014-032: RSA® Adaptive Authentication (Hosted) DOM Cross-Site Scripting Vulnerability Security Alert (Jun 03)
security-alert
[security bulletin] HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege security-alert (Jun 27)
[security bulletin] HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access security-alert (Jun 18)
[security bulletin] HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 27)
[security bulletin] HPSBMU03024 rev.3 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information security-alert (Jun 09)
[security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information security-alert (Jun 13)
[security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information security-alert (Jun 30)
[security bulletin] HPSBMU03033 rev.3 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information security-alert (Jun 05)
[security bulletin] HPSBMU03056 rev.1 - HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 27)
[security bulletin] HPSBMU03051 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 25)
[security bulletin] HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosure of Information security-alert (Jun 23)
[security bulletin] HPSBMU03029 rev.2 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information security-alert (Jun 05)
[security bulletin] HPSBMU03058 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert (Jun 27)
[security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution security-alert (Jun 11)
[security bulletin] HPSBUX03046 SSRT101590 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access security-alert (Jun 13)
[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal security-alert (Jun 18)
[security bulletin] HPSBMU03053 rev.1 - HP Software Database and Middleware Automation, OpenSSL Vulnerability, Remote Unauthorized Access or Disclosure of Information security-alert (Jun 25)
[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 19)
[security bulletin] HPSBMU03028 rev.2 - HP Matrix Operating Environment and HP CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information security-alert (Jun 05)
Security Explorations
[SE-2014-01] Security vulnerabilities in Oracle Database Java VM Security Explorations (Jun 16)
Slackware Security Team
[slackware-security] gnupg2 (SSA:2014-175-03) Slackware Security Team (Jun 25)
[slackware-security] mariadb (SSA:2014-152-01) Slackware Security Team (Jun 03)
[slackware-security] gnutls (SSA:2014-156-01) Slackware Security Team (Jun 06)
[slackware-security] libtasn1 (SSA:2014-156-02) Slackware Security Team (Jun 06)
[slackware-security] php (SSA:2014-160-01) Slackware Security Team (Jun 10)
[slackware-security] samba (SSA:2014-175-04) Slackware Security Team (Jun 25)
[slackware-security] openssl (SSA:2014-156-03) Slackware Security Team (Jun 06)
[slackware-security] gnupg (SSA:2014-175-02) Slackware Security Team (Jun 25)
[slackware-security] sendmail (SSA:2014-156-04) Slackware Security Team (Jun 06)
[slackware-security] seamonkey (SSA:2014-175-05) Slackware Security Team (Jun 25)
[slackware-security] mozilla-thunderbird (SSA:2014-163-01) Slackware Security Team (Jun 13)
[slackware-security] bind (SSA:2014-175-01) Slackware Security Team (Jun 25)
[slackware-security] mozilla-firefox (SSA:2014-157-01) Slackware Security Team (Jun 09)
Thejas Nair
CVE-2014-0228: Apache Hive Authorization vulnerability Thejas Nair (Jun 13)
Thijs Kinkhorst
[SECURITY] [DSA 2958-1] apt security update Thijs Kinkhorst (Jun 13)
[SECURITY] [DSA 2957-1] mediawiki security update Thijs Kinkhorst (Jun 13)
tucu
Details for CVE-2014-0220 tucu (Jun 05)
"VMware Security Response Center"
NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities "VMware Security Response Center" (Jun 11)
NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library "VMware Security Response Center" (Jun 25)
Vulnerability Lab
Files Desk Pro v1.4 iOS - File Include Web Vulnerability Vulnerability Lab (Jun 03)
Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability Vulnerability Lab (Jun 18)
Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities Vulnerability Lab (Jun 18)
NG WifiTransfer Pro 1.1 - File Include Vulnerability Vulnerability Lab (Jun 03)
AllReader v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jun 03)
TigerCom My Assistant v1.1 iOS - File Include Vulnerability Vulnerability Lab (Jun 03)
iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability Vulnerability Lab (Jun 03)
Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability Vulnerability Lab (Jun 03)
Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jun 03)
VUPEN Security Research
VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass (Pwn2Own) VUPEN Security Research (Jun 03)
Yarubo Internet Security Scan
Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress Yarubo Internet Security Scan (Jun 03)
Yves-Alexis Perez
[SECURITY] [DSA 2966-1] samba security update Yves-Alexis Perez (Jun 23)