Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
159 messages
starting May 02 14 and
ending May 30 14
Date index |
Thread index |
Author index
Friday, 02 May
[security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03028 rev.1 - HP Matrix Operating Environment and CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03033 rev.1 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer Software running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03009 rev.2 - HP CloudSystem Foundation and Enterprise Software v8.0 running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU02998 rev.3 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert
[ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact Rene Gielen
Re: [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact Eric Reed
[security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN03034 rev.1 - HP OneView, Remote Elevation of Privileges security-alert
[security bulletin] HPSBST03027 rev.1 - HP StoreVirtual 4000 Storage and HP P4000 G2 Storage using HP System Management Homepage (SMH) running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03018 rev.2 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU02987 rev.2 - HP Universal Configuration Management Database Integration Service, Remote Code Execution security-alert
Monday, 05 May
[security bulletin] HPSBMU03024 rev.2 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03033 rev.2 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information security-alert
[SECURITY] [DSA 2919-1] mysql-5.5 security update Salvatore Bonaccorso
[SECURITY] [DSA 2920-1] chromium-browser security update Michael Gilbert
[SECURITY] [DSA 2921-1] xbuffy security update Yves-Alexis Perez
Ruxcon 2014 Call For Papers cfp
ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities Security Alert
[ANN] Struts 2.3.16.3 GA release available - security fix Lukasz Lenart
[SECURITY] [DSA 2923-1] openjdk-7 security update Moritz Muehlenhoff
[SECURITY] [DSA 2922-1] strongswan security update Yves-Alexis Perez
[SECURITY] [DSA 2924-1] icedove security update Moritz Muehlenhoff
[security bulletin] HPSBGN03010 rev.4 - HP Software Server Automation running OpenSSL, Remote Disclosure of Information security-alert
Tuesday, 06 May
CVE-2014-2845 - Cyberduck (Windows): Failure validating some certificates (using FTP-SSL) with untrusted root certificate authority Micha Borrmann
[security bulletin] HPSBMU03037 rev.1 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information security-alert
CVE-2014-2881 - Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler Portcullis Advisories
CVE-2014-2882 - Lack of SSL Certificate Validation in Citrix Netscaler Portcullis Advisories
CVE-2014-0930 - Kernel Memory Leak And Denial Of Service Condition in IBM AIX Portcullis Advisories
Wednesday, 07 May
[security bulletin] HPSBMU02994 rev.4 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert
Breakpoint 2014 Call For Presentations cfp
Cross-Site Scripting (XSS) in Offiria High-Tech Bridge Security Research
[security bulletin] HPSBMU03018 rev.3 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information security-alert
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players Cisco Systems Product Security Incident Response Team
Thursday, 08 May
SEC Consult SA-20140508-0 :: Multiple critical vulnerabilities in AVG Remote Administration SEC Consult Vulnerability Lab
[RT-SA-2014-003] Metadata Information Disclosure in OrbiTeam BSCW RedTeam Pentesting GmbH
[security bulletin] HPSBMU02935 rev.3 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information security-alert
[ MDVSA-2014:081 ] apache-mod_security security
[ MDVSA-2014:080 ] openssl security
[ MDVSA-2014:082 ] python-imaging security
[ MDVSA-2014:083 ] mediawiki security
Directory Traversal Vulnerability in VMTurbo Operations Manager 4.5 or earlier jpecou
[SECURITY] [DSA 2925-1] rxvt-unicode security update Moritz Muehlenhoff
Friday, 09 May
[security bulletin] HPSBGN03008 rev.2 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03035 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross-Site Scripting (XSS) security-alert
SSH key cloning problem in OnApp templates James Renken
[security bulletin] HPSBST03038 rev.1 - HP H-series Fibre Channel Switches, Remote Disclosure of Information security-alert
[security bulletin] HPSBHF02946 rev.1 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege security-alert
Monday, 12 May
[security bulletin] HPSBST03015 rev.3 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information security-alert
ESA-2014-027: RSA® NetWitness and RSA® Security Analytics Authentication Bypass Vulnerability Security Alert
[slackware-security] seamonkey (SSA:2014-131-01) Slackware Security Team
[ MDVSA-2014:084 ] libpng security
[ MDVSA-2014:085 ] ldns security
[ MDVSA-2014:086 ] libxml2 security
[security bulletin] HPSBMU02931 rev.6 - HP Service Manager and ServiceCenter, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) security-alert
[SECURITY] [DSA 2926-1] linux security update Moritz Muehlenhoff
Tuesday, 13 May
ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability Security Alert
[security bulletin] HPSBPI03031 rev.2 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information security-alert
CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 Portcullis Advisories
Multiple Stored XSS in FOG Image deployment system - FD Dolev Farhi
[security bulletin] HPSBMU02964 rev.2 - HP Service Manager, Cross-Site Scripting (XSS), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access, Disclosure of Information and Authentication Issues security-alert
FD - Cobbler Arbitrary File Read CVE-2014-3225 Dolev Farhi
[security bulletin] HPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert
[security bulletin] HPSBMU03022 rev.2 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert
Thursday, 15 May
[SECURITY] [DSA 2927-1] libxfont security update Salvatore Bonaccorso
FreeBSD Security Advisory FreeBSD-SA-14:10.openssl FreeBSD Security Advisories
CSRF and Remote Code Execution in EGroupware High-Tech Bridge Security Research
[security bulletin] HPSBMU03040 rev.1 - HP LoadRunner & HP Performance Center, running OpenSSL, Remote Disclosure of Information security-alert
Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability Vulnerability Lab
[SECURITY] [DSA 2928-1] linux-2.6 security update dann frazier
Bilyoner mobile apps prone to various SSL/TLS attacks harun . esur
[REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability Matteo Beccati
[ MDVSA-2014:087 ] php security
[CVE-2014-0749] TORQUE Buffer Overflow john . fitzpatrick
[ MDVSA-2014:088 ] python-lxml security
[security bulletin] HPSBMU02995 rev.7 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert
APPLE-SA-2014-05-15-1 OS X Mavericks v10.9.3 Apple Product Security
Friday, 16 May
APPLE-SA-2014-05-15-2 iTunes 11.2 Apple Product Security
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update Florian Weimer
[ MDVSA-2014:089 ] nagios security
Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel High-Tech Bridge Security Research
[ MDVSA-2014:092 ] cups security
[ MDVSA-2014:095 ] struts security
[ MDVSA-2014:098 ] rawtherapee security
[ MDVSA-2014:094 ] rxvt-unicode security
[ MDVSA-2014:096 ] python-jinja2 security
CA20140413-01: Security Notice for OpenSSL Heartbleed Vulnerability Williams, James K
[ MDVSA-2014:102 ] mariadb security
[ MDVSA-2014:100 ] java-1.7.0-openjdk security
[ MDVSA-2014:103 ] wordpress security
[ MDVSA-2014:091 ] cups security
[ MDVSA-2014:097 ] libvirt security
[ MDVSA-2014:099 ] dovecot security
[ MDVSA-2014:093 ] couchdb security
[ MDVSA-2014:101 ] owncloud security
[ MDVSA-2014:104 ] egroupware security
Monday, 19 May
[security bulletin] HPSBHF02946 rev.2 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege security-alert
APPLE-SA-2014-05-16-1 iTunes 11.2.1 Apple Product Security
[SECURITY] [DSA 2930-1] chromium-browser security update Michael Gilbert
[SECURITY] [DSA 2931-1] openssl security update Moritz Muehlenhoff
[SECURITY] [DSA 2932-1] qemu security update Giuseppe Iuculano
Tuesday, 20 May
[SECURITY] [DSA 2933-1] qemu-kvm security update Giuseppe Iuculano
FTP Rush: missing X.509 validation (FTP with TLS) Micha Borrmann
JavaMail SMTP Header Injection via method setSubject [CSNC-2014-001] Alexandre Herzog
[security bulletin] HPSBMU03022 rev.3 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert
[SECURITY] [DSA 2934-1] python-django security update Salvatore Bonaccorso
t2'14: Call for Papers 2014 (Helsinki / Finland) Tomi Tuominen
Construtiva CIS Manager CMS POST SQLi edge
[security bulletin] HPSBGN03007 rev.1 - HP IceWall MCRP and HP IceWall SSO, Remote Denial of Service (DoS) security-alert
Wednesday, 21 May
CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS Portcullis Advisories
CVE-2014-3450 - Privilege Escalation in Panda Security Portcullis Advisories
CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS Portcullis Advisories
CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS Portcullis Advisories
APPLE-SA-2014-15-20-1 OS X Server 3.1.2 Apple Product Security
Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Stefan Kanthak
Wordpress Booking System (Booking Calendar) plugin SQL Injection info sec
Thursday, 22 May
SEC Consult SA-20140521-0 :: Multiple critical vulnerabilities in CoSoSys Endpoint Protector 4 SEC Consult Vulnerability Lab
[security bulletin] HPSBMU03042 rev.1 - HP Operations Manager i, Execution of Arbitrary Code security-alert
[security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclosure of Information security-alert
Cisco Security Advisory: Cisco Wide Area Application Services Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Products Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 2935-1] libgadu security update Moritz Muehlenhoff
[KIS-2014-05] Dotclear <= 2.6.2 (XML-RPC Interface) Authentication Bypass Vulnerability Egidio Romano
[KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability Egidio Romano
[KIS-2014-07] Dotclear <= 2.6.2 (categories.php) SQL Injection Vulnerability Egidio Romano
APPLE-SA-2014-05-21-1 Safari 6.1.4 and Safari 7.0.4 Apple Product Security
Full Disclosure - DIR-652/DIR-835/DIR-855L/DGL-5500/DHP-1565 - Clear Text Password/XSS/Information Disclosure kyle Lovett
Friday, 23 May
ESA-2014-045: EMC Documentum D2 Arbitrary DQL Query Execution Vulnerability Security Alert
[security bulletin] HPSBMU02995 rev.8 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03025 rev.2 - HP Diagnostics running OpenSSL, Remote Disclosure of Information security-alert
[SECURITY] [DSA 2936-1] torque security update Salvatore Bonaccorso
ESA-2014-021: RSA Archer® GRC Multiple Cross-Site Scripting Vulnerabilities Security Alert
Monday, 26 May
[security bulletin] HPSBMU03009 rev.3 - HP CloudSystem Foundation and HP CloudSystem Enterprise Software running OpenSSL, Remote Disclosure of Information security-alert
[security bulletin] HPSBUX02960 SSRT101419 rev.3 - HP-UX Running NTP, Remote Denial of Service (DoS) security-alert
VUPEN Security Research - Adobe Acrobat & Reader XI-X Barcode Heap Overflow (Pwn2Own) VUPEN Security Research
Tuesday, 27 May
[security bulletin] HPSBGN03041 rev.1 - HP IceWall Configuration Manager running Apache Struts, Remote Execution of Arbitrary Code security-alert
call for papers- CSSE2014 cfp-conf2014.org
Wednesday, 28 May
[SECURITY] CVE-2014-0075 Apache Tomcat denial of service Mark Thomas
[SECURITY] CVE-2014-0096 Apache Tomcat information disclosure Mark Thomas
[SECURITY] CVE-2014-0095 Apache Tomcat denial of service Mark Thomas
[SECURITY] CVE-2014-0097 Apache Tomcat information disclosure Mark Thomas
CVE-2014-3445 - Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages Portcullis Advisories
[SECURITY] CVE-2014-0119 Apache Tomcat information disclosure Mark Thomas
Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure Mark Thomas
[SECURITY] [DSA 2937-1] mod-wsgi security update Moritz Muehlenhoff
[SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze Moritz Muehlenhoff
LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability LSE Leading Security Experts GmbH (Security Advisories)
SEC Consult SA-20140528-0 :: Root Backdoor & Unauthenticated access to voice recordings in NICE Recording eXpress SEC Consult Vulnerability Lab
Multiple vulnerabilities in Sharetronix High-Tech Bridge Security Research
Thursday, 29 May
[RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script RedTeam Pentesting GmbH
[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script RedTeam Pentesting GmbH
Defense in depth -- the Microsoft way (part 15): unquoted arguments in 120 (of 462) command lines Stefan Kanthak
OpenCart 1.5.6.4 Directory Traversal Vulnerability iedb . team
Mybb Sendthread Page Denial of Service Vulnerability iedb . team
Friday, 30 May
NEW VMSA-2014-0005 - VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation "VMware Security Response Center"
Google Compute Engine - Lateral Compromise Scott T. Cameron
Google Compute Engine Multiple DOS Vulnerabilities Scott T. Cameron