187 messages
starting Mar 03 14 and
ending Mar 31 14
Date index |
Thread index |
Author index
[CVE-2013-6231] Remote Privilege Escalation in SpagoBI v4.0 Christian Catalano (Mar 03)
ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability Security Alert (Mar 03)
WordPress thecotton Themes Remote File Upload Vulnerability iedb . team (Mar 03)
[CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0 Christian Catalano (Mar 03)
[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0 Christian Catalano (Mar 03)
[CVE-2013-6234] XSS File Upload in SpagoBI v4.0 Christian Catalano (Mar 03)
[CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution Julien Ahrens (Mar 03)
[SECURITY] [DSA 2868-1] php5 security update Salvatore Bonaccorso (Mar 03)
CFP: Passwords^14, Las Vegas, August 5-6 Per Thorsheim (Mar 03)
[SECURITY] [DSA 2869-1] gnutls26 security update Yves-Alexis Perez (Mar 03)
[slackware-security] gnutls (SSA:2014-062-01) Slackware Security Team (Mar 04)
[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation iclelland (Mar 04)
JOIDS (Java OpenID Server) multiple vulnerabilities Bartlomiej Balcerek (Mar 04)
[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults iclelland (Mar 04)
Public disclosure of Buffer Overflow Dassault Systems 0xnanoquetz9l (Mar 05)
(Added CVE) Dassault Systemes Catia Stack Buffer Overflow 0xnanoquetz9l (Mar 05)
PHP: patch to make session handling with default config more secure against local attackers Jann Horn (Mar 05)
[security bulletin] HPSBUX02972 SSRT101454 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Mar 05)
[security bulletin] HPSBUX02973 SSRT101455 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Mar 05)
[security bulletin] HPSBHF02965 rev.1 - HP Security Management System, Remote Execution of Arbitrary Code security-alert (Mar 05)
[security bulletin] HPSBMU02933 rev.2 - HP SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS) security-alert (Mar 05)
[security bulletin] HPSBST02955 rev.2 - HP XP P9000 Performance Advisor Software, 3rd party Software Security - Apache Tomcat and Oracle Updates, Multiple Vulnerabilities Affecting Confidentiality, Availability And Integrity security-alert (Mar 05)
CVE-2014-1599 - 39 Type-1 XSS in SFR DSL/Fiber Box alejandr0.w3b.p0wn3r (Mar 05)
Cross-Site Scripting (XSS) in Ilch CMS High-Tech Bridge Security Research (Mar 05)
Multiple Vulnerabilities in OpenDocMan High-Tech Bridge Security Research (Mar 05)
ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities Security Alert (Mar 05)
[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure Gustavo Speranza (Mar 05)
Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability Cisco Systems Product Security Incident Response Team (Mar 05)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team (Mar 05)
[slackware-security] sudo (SSA:2014-064-01) Slackware Security Team (Mar 06)
[ANN] Struts 2.3.16.1 GA release available - security fix Lukasz Lenart (Mar 06)
SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Mar 06)
SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot SEC Consult Vulnerability Lab (Mar 07)
[security bulletin] HPSBUX02963 SSRT101297 rev.1 - HP-UX m4(1), Local Unauthorized Access security-alert (Mar 07)
[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability contact (Mar 07)
E-Store (1.0 & 2.0) <= SQL Injection Vulnerability Alkeraithe (Mar 10)
[SECURITY] [DSA 2870-1] libyaml-libyaml-perl security update Salvatore Bonaccorso (Mar 10)
[ MDVSA-2014:048 ] gnutls security (Mar 10)
[ MDVSA-2014:049 ] subversion security (Mar 10)
[SECURITY] [DSA 2871-1] wireshark security update Moritz Muehlenhoff (Mar 10)
[SECURITY] [DSA 2872-1] udisks security update Moritz Muehlenhoff (Mar 10)
[security bulletin] HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability security-alert (Mar 10)
Android Vulnerability: Install App Without User Explicit Consent Daniel Divricean (Mar 10)
APPLE-SA-2014-03-10-1 iOS 7.1 Apple Product Security (Mar 10)
[ MDVSA-2014:050 ] wireshark security (Mar 10)
APPLE-SA-2014-03-10-2 Apple TV 6.1 Apple Product Security (Mar 10)
AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers. Asterisk Security Team (Mar 11)
AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers Asterisk Security Team (Mar 11)
AST-2014-003: Remote Crash Vulnerability in PJSIP channel driver Asterisk Security Team (Mar 11)
AST-2014-004: Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling Asterisk Security Team (Mar 11)
[security bulletin] HPSBMU02948 rev.1 - HP Systems Insight Manager (SIM) Running on Linux and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS), Disclosure of Information security-alert (Mar 11)
[security bulletin] HPSBMU02947 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Disclosure of Information and Cross-Site Request Forgery (CSRF) security-alert (Mar 11)
[security bulletin] HPSBUX02976 SSRT101236 rev.1 - HP-UX Running NFS rpc.lockd, Remote Denial of Service (DoS) security-alert (Mar 11)
[CVE-2013-6835] - iOS 7.0.6 Safari/Facetime-Audio Privacy issue Guillaume Ross (Mar 11)
[slackware-security] udisks, udisks2 (SSA:2014-070-01) Slackware Security Team (Mar 11)
CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities CORE Advisories Team (Mar 12)
Medium severity flaw in BlackBerry QNX Neutrino RTOS Tim Brown (Mar 12)
[SECURITY] [DSA 2873-1] file security update Salvatore Bonaccorso (Mar 12)
CVE-2014-0054 Spring MVC Incomplete fix for CVE-2013-4152 / CVE-2013-6429 (XXE) Pivotal Security Team (Mar 12)
CVE-2014-1904 XSS when using Spring MVC Pivotal Security Team (Mar 12)
CVE-2014-0097 Spring Security Blank password may bypass user authentication Pivotal Security Team (Mar 12)
NEW VMSA-2014-0002 VMware vSphere updates to third party libraries "VMware Security Response Center" (Mar 12)
Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Larry W. Cashdollar (Mar 12)
Cross-Site Scripting (XSS) in Open Classifieds High-Tech Bridge Security Research (Mar 12)
[SECURITY] [DSA 2876-1] cups security update Moritz Muehlenhoff (Mar 12)
[SECURITY] [DSA 2874-1] mutt security update Moritz Muehlenhoff (Mar 12)
[SECURITY] [DSA 2875-1] cups-filters security update Moritz Muehlenhoff (Mar 12)
PowerArchiver: Uses insecure legacy PKZIP encryption when AES is selected (CVE-2014-2319) Hanno Böck (Mar 13)
Synology DSM4 Blind SQL Injection Michael Wisniewski (Mar 13)
[SECURITY] [DSA 2877-1] lighttpd security update Michael Gilbert (Mar 13)
[slackware-security] mutt (SSA:2014-071-01) Slackware Security Team (Mar 13)
[ MDVSA-2014:051 ] file security (Mar 13)
[ MDVSA-2014:052 ] net-snmp security (Mar 13)
[ MDVSA-2014:053 ] libssh security (Mar 13)
[ MDVSA-2014:055 ] owncloud security (Mar 13)
[ MDVSA-2014:054 ] otrs security (Mar 13)
[ MDVSA-2014:056 ] apache-commons-fileupload security (Mar 13)
[ MDVSA-2014:057 ] mediawiki security (Mar 13)
[security bulletin] HPSBMU02967 rev.1 - HP Unified Functional Testing Running on Windows, Remote Execution of Arbitrary Code security-alert (Mar 13)
[SECURITY] [DSA 2878-1] virtualbox security update Moritz Muehlenhoff (Mar 14)
[security bulletin] HPSBMU02975 rev.1 - HP Smart Update Manager for Linux, Elevation of Privileges security-alert (Mar 14)
[ MDVSA-2014:058 ] freeradius security (Mar 14)
ActiVPN launches its security bug bounty Ninja ActiVPN (Mar 14)
[CVE-2014-2087] Free Download Manager CDownloads_Deleted::UpdateDownload() Buffer Overflow Remote Code Execution Julien Ahrens (Mar 14)
[SECURITY] [DSA 2879-1] libssh security update Raphael Geissert (Mar 14)
[slackware-security] samba (SSA:2014-072-01) Slackware Security Team (Mar 14)
NCC00596 Technical Advisory: iOS 7 arbitrary code execution in kernel mode NCC Group Research (Mar 14)
Multiple Vulnerabilities in SeedDMS < = 4.3.3 craig . arendt (Mar 14)
[ MDVSA-2014:059 ] php security (Mar 14)
[ MDVSA-2014:060 ] imapsync security (Mar 14)
[ MDVSA-2014:061 ] oath-toolkit security (Mar 17)
[slackware-security] php (SSA:2014-074-01) Slackware Security Team (Mar 17)
exploit for old rlpdaemon bug Nomen Nescio (Mar 17)
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service submit (Mar 17)
Open-Xchange Security Advisory 2014-03-17 Martin Braun (Mar 17)
[ MDVSA-2014:062 ] webmin security (Mar 17)
[ MDVSA-2014:064 ] udisks security (Mar 17)
[ MDVSA-2014:063 ] x2goserver security (Mar 17)
[SECURITY] [DSA 2880-1] python2.7 security update Moritz Muehlenhoff (Mar 17)
Microsoft Forefront Protection for Exchange Server detected a virus ForefrontServerProtection (Mar 18)
2014 World Conference on IST - Madeira Island, April 15-17 ML (Mar 18)
ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability Security Alert (Mar 19)
(CFP) LACSEC 2014: Cancun, Mexico. May 7-8, 2014 (EXTENDED DEADLINE) Fernando Gont (Mar 19)
Cross-Site Scripting (XSS) in CMSimple High-Tech Bridge Security Research (Mar 19)
[SECURITY] [DSA 2881-1] iceweasel security update Moritz Muehlenhoff (Mar 19)
Cisco Security Advisory: Cisco AsyncOS Software Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 19)
[SECURITY] [DSA 2859-2] pidgin security update Raphael Geissert (Mar 20)
Shakacon 2014: Call for Papers - Deadline April 11th Shakacon (Mar 20)
Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 20)
[ MDVSA-2014:065 ] apache security (Mar 20)
[SECURITY] [DSA 2882-1] extplorer security update Giuseppe Iuculano (Mar 20)
[ MDVSA-2014:066 ] nss security (Mar 20)
NCC00643 Technical Advisory: Nessus Authenticated Scan Local Privilege Escalation NCC Group Research (Mar 21)
[SECURITY] [DSA 2883-1] chromium-browser security update Michael Gilbert (Mar 24)
c0c0n 2014 | The cy0ps c0n - Call For Papers & Call For Workshops c0c0n International Information Security Conference (Mar 24)
CVE-2014-2570 - php-font-lib 0.3 www/make_subset.php Reflected Cross Site Scripting Daniel Marques (Mar 24)
ESA-2014-011: RSA BSAFE® Micro Edition Suite Server Crash Vulnerability Security Alert (Mar 24)
Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti CERT (Mar 24)
Deutsche Telekom CERT Advisory [DTC-A-20140324-003] vulnerabilities in icinga CERT (Mar 24)
Deutsche Telekom CERT Advisory [DTC-A-20140324-002] vulnerabilities in check_mk CERT (Mar 24)
Deutsche Telekom CERT Advisory [DTC-A-20140324-004] nagios vulnerability CERT (Mar 24)
[SECURITY] [DSA 2873-2] file regression update Salvatore Bonaccorso (Mar 24)
[oCERT-2014-002] Xalan-Java insufficient secure processing Andrea Barisani (Mar 25)
MS14-010 CVE-2014-0293 Technical Details and Code(I changed the web permanently) Dieyu (Mar 25)
[CVE-2014-2531] SQL injection in InterWorx Web Control Panel <= 5.0.13 Eric Flokstra (Mar 25)
CVE-2013-6955 Synology DSM remote code execution tiamat451 (Mar 25)
[security bulletin] HPSBMU02967 rev.2 - HP Unified Functional Testing Running on Windows, Remote Execution of Arbitrary Code security-alert (Mar 25)
Web Egg Hunting Game - Hacky Easter Ivan Buetler (Mar 26)
[security bulletin] HPSBST02968 rev.1 - HP StoreOnce, Remote Unauthorized Access security-alert (Mar 26)
VUPEN Security Research - Google Chrome "Clipboard::WriteData()" Function Sandbox Escape (Pwn2Own) VUPEN Security Research (Mar 26)
VUPEN Security Research - Google Chrome Blink "locationAttributeSetter" Use-after-free (Pwn2Own) VUPEN Security Research (Mar 26)
VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free (Pwn2Own) VUPEN Security Research (Mar 26)
ESA-2014-015: RSA® Authentication Manager Cross Frame Scripting Vulnerability Security Alert (Mar 26)
Cisco Security Advisory: Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco IOS Software SSL VPN Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 26)
Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516) Roee Hay (Mar 26)
[SECURITY] [DSA 2884-1] libyaml security update Salvatore Bonaccorso (Mar 26)
[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update Salvatore Bonaccorso (Mar 26)
[SECURITY] [DSA 2886-1] libxalan2-java security update Florian Weimer (Mar 26)
ESA-2014-016: EMC VPLEX Multiple Vulnerabilities Security Alert (Mar 28)
[oCERT-2014-003] LibYAML input sanitization errors Andrea Barisani (Mar 28)
Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities Vulnerability Lab (Mar 28)
FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability Vulnerability Lab (Mar 28)
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities Vulnerability Lab (Mar 28)
Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 28)
My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability Vulnerability Lab (Mar 28)
ES746 DELL Support-Bulletin - EMS Vulnerability Resolved Vulnerability Lab (Mar 28)
ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 28)
[security bulletin] HPSBST02968 rev.2 - HP StoreOnce, Remote Unauthorized Access security-alert (Mar 28)
[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update Moritz Muehlenhoff (Mar 28)
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update Moritz Muehlenhoff (Mar 28)
[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration RedTeam Pentesting GmbH (Mar 28)
[SECURITY] [DSA 2889-1] postfixadmin security update Thijs Kinkhorst (Mar 28)
SEC Consult SA-20140328-0 :: Multiple vulnerabilities in Symantec LiveUpdate Administrator SEC Consult Vulnerability Lab (Mar 28)
iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 28)
Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk CERT (Mar 28)
[slackware-security] mozilla-thunderbird (SSA:2014-086-05) Slackware Security Team (Mar 31)
[slackware-security] mozilla-nss (SSA:2014-086-04) Slackware Security Team (Mar 31)
[slackware-security] mozilla-firefox (SSA:2014-086-03) Slackware Security Team (Mar 31)
[slackware-security] openssh (SSA:2014-086-06) Slackware Security Team (Mar 31)
[slackware-security] curl (SSA:2014-086-01) Slackware Security Team (Mar 31)
[slackware-security] seamonkey (SSA:2014-086-07) Slackware Security Team (Mar 31)
[slackware-security] httpd (SSA:2014-086-02) Slackware Security Team (Mar 31)
[SECURITY] [DSA 2890-1] libspring-java security update Florian Weimer (Mar 31)
[SECURITY] [DSA 2891-1] mediawiki security update Thijs Kinkhorst (Mar 31)
PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 31)
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities Vulnerability Lab (Mar 31)
PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560) Jason Ostrom (Mar 31)
[SECURITY] [DSA 2891-2] mediawiki regression update Thijs Kinkhorst (Mar 31)