Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

308 messages starting Mar 12 15 and ending Mar 31 15
Date index | Thread index | Author index

Advisories

MSA-2015-03: iPass Mobile Client Service Local Privilege Escalation Advisories (Mar 12)

Alessandro Ghedini

[SECURITY] [DSA 3180-1] libarchive security update Alessandro Ghedini (Mar 09)

Apple Product Security

APPLE-SA-2015-03-09-2 AppleTV 7.1 Apple Product Security (Mar 10)
APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 Apple Product Security (Mar 18)
APPLE-SA-2015-03-19-1 Security Update 2015-003 Apple Product Security (Mar 20)
APPLE-SA-2015-03-09-4 Xcode 6.2 Apple Product Security (Mar 10)
APPLE-SA-2015-03-09-1 iOS 8.2 Apple Product Security (Mar 10)
APPLE-SA-2015-03-09-3 Security Update 2015-002 Apple Product Security (Mar 10)

Bartlomiej Balcerek

WSO2 Identity Server multiple vulnerabilities Bartlomiej Balcerek (Mar 25)

Cantor, Scott

Xerces-C Security Advisory [CVE-2015-0252] Cantor, Scott (Mar 20)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Row Hammer Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 10)
Cisco Security Advisory: Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 11)
Cisco Security Advisory: Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway and Cisco TelePresence Conductor Cisco Systems Product Security Incident Response Team (Mar 11)
Cisco Security Advisory: Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team (Mar 12)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Product Cisco Systems Product Security Incident Response Team (Mar 10)
Cisco Security Advisory: Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol Cisco Systems Product Security Incident Response Team (Mar 25)

CORE Advisories Team

[CORE-2015-0006] - Fortinet Single Sign On Stack Overflow CORE Advisories Team (Mar 18)
[CORE-2015-0007] - Schneider Vampset Stack and Heap Buffer Overflow CORE Advisories Team (Mar 30)

dennis . veninga

ocPortal 9.0.16 Multiply XSS Vulnerabilities dennis . veninga (Mar 09)

edric

Serendipity CMS - XSS Vulnerability in Version 2.0 edric (Mar 13)

edricteo

[CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2 edricteo (Mar 02)
BEdita CMS - XSS & CSRF Vulnerability in Version 3.5.0 edricteo (Mar 02)

Federick Joe P Fajardo

Multiple Vulnerabilities with Kguard Digital Video Recorders Federick Joe P Fajardo (Mar 10)

Filippo Cavallarin

DokuWiki persistent Cross Site Scripting Filippo Cavallarin (Mar 23)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-15:06.openssl FreeBSD Security Advisories (Mar 19)
FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED] FreeBSD Security Advisories (Mar 20)

harish . ramadoss

Reflected cross-site scripting(XSS) Vulnerability in Manage Engine AD Audit Manager Plus Admin Panel(Build 6270) harish . ramadoss (Mar 10)

High-Tech Bridge Security Research

SQL Injection in Huge IT Slider WordPress Plugin High-Tech Bridge Security Research (Mar 12)
Arbitrary file deletion and multiple XSS vulnerabilities in pfSense High-Tech Bridge Security Research (Mar 25)

ITAS Team

ProjectSend r561 - SQL injection vulnerability ITAS Team (Mar 10)
Community Gallery - Srored Corss-Site Scripting vulnerability ITAS Team (Mar 11)

Ivan Buetler

Hacky Easter 2015 Ivan Buetler (Mar 24)

Jann Horn

Re: Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security Jann Horn (Mar 18)

Jouko Pynnonen

WPML WordPress plug-in SQL injection etc. Jouko Pynnonen (Mar 12)
Google Analytics by Yoast stored XSS Jouko Pynnonen (Mar 19)

j . v . vallejo

Microsoft Office Compatibility Pack tries to execute path without quotes j . v . vallejo (Mar 11)

kingkaustubh

CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS kingkaustubh (Mar 30)
Stored XSS Vulnerability In Manage Engine Device Expert kingkaustubh (Mar 23)
Reflected XSS Vulnerability in XSS In Manage Engine Device Expert kingkaustubh (Mar 23)
CSRF to add admin user Vulnerability In Manage Engine Device Expert kingkaustubh (Mar 23)
Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration kingkaustubh (Mar 23)
CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin kingkaustubh (Mar 23)
Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin kingkaustubh (Mar 09)

ling201423

canada goose uk db39m1 ling201423 (Mar 25)

Matthew Daley

Advisory: CVE-2014-9708: Appweb Web Server Matthew Daley (Mar 30)
Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1 Matthew Daley (Mar 30)

Michael Gilbert

[SECURITY] [DSA 3187-1] icu security update Michael Gilbert (Mar 16)

michael . hendrickx

CVE-2015-2223: Palo Alto Traps Server Stored XSS michael . hendrickx (Mar 30)

Michael Richardson

tcpdump 4.7.2 remote crashes Michael Richardson (Mar 10)

ML

Last Call - Workhsops of CISTI'2015: 10th Iberian Conference on Information Systems and Technologies ML (Mar 05)

Moritz Muehlenhoff

[SECURITY] [DSA 3196-1] file security update Moritz Muehlenhoff (Mar 18)
[SECURITY] [DSA 3198-1] php5 security update Moritz Muehlenhoff (Mar 20)
[SECURITY] [DSA 3179-1] icedove security update Moritz Muehlenhoff (Mar 04)
[SECURITY] [DSA 3197-1] openssl security update Moritz Muehlenhoff (Mar 19)
[SECURITY] [DSA 3210-1] wireshark security update Moritz Muehlenhoff (Mar 31)
[SECURITY] [DSA 3195-1] php5 security update Moritz Muehlenhoff (Mar 18)
[SECURITY] [DSA 3189-1] libav security update Moritz Muehlenhoff (Mar 16)
[SECURITY] [DSA 3190-1] putty security update Moritz Muehlenhoff (Mar 16)
[SECURITY] [DSA 3188-1] freetype security update Moritz Muehlenhoff (Mar 16)
[SECURITY] [DSA 3194-1] libxfont security update Moritz Muehlenhoff (Mar 17)
[SECURITY] [DSA 3181-1] xen security update Moritz Muehlenhoff (Mar 11)
[SECURITY] [DSA 3200-1] drupal7 security update Moritz Muehlenhoff (Mar 23)
[SECURITY] [DSA 3208-1] freexl security update Moritz Muehlenhoff (Mar 30)

Nicholas Lemonias.

OpenSSL v1.0.2 for Linux affected by CVE-2015-0235 Nicholas Lemonias. (Mar 11)
Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security Nicholas Lemonias. (Mar 18)

noreply-secresearch

MongoDB BSON Handling Remote Denial of Service Vulnerability noreply-secresearch (Mar 09)

NSO Research

Jolla Phone tel URI Spoofing NSO Research (Mar 13)

prathan . ptr

Betster (PHP Betoffice) Authentication Bypass and SQL Injection prathan . ptr (Mar 09)
Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability prathan . ptr (Mar 05)
WeBid 1.1.1 Unrestricted File Upload Exploit prathan . ptr (Mar 04)
[CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection prathan . ptr (Mar 04)

Rehan Ahmed

Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities Rehan Ahmed (Mar 13)

Rodrigo Rubira Branco (BSDaemon)

H2HC 12th Edition - Call for Papers Rodrigo Rubira Branco (BSDaemon) (Mar 09)

Roee Hay

Vulnerability in the Dropbox SDK for Android (CVE-2014-8889) Roee Hay (Mar 11)

root

Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset root (Mar 27)

Salvatore Bonaccorso

[SECURITY] [DSA 3198-2] php5 regression update Salvatore Bonaccorso (Mar 30)
[SECURITY] [DSA 3183-1] movabletype-opensource security update Salvatore Bonaccorso (Mar 12)
[SECURITY] [DSA 3182-1] libssh2 security update Salvatore Bonaccorso (Mar 11)
[SECURITY] [DSA 3193-1] tcpdump security update Salvatore Bonaccorso (Mar 17)
[SECURITY] [DSA 3199-1] xerces-c security update Salvatore Bonaccorso (Mar 20)
[SECURITY] [DSA 3178-1] unace security update Salvatore Bonaccorso (Mar 03)
[SECURITY] [DSA 3206-1] dulwich security update Salvatore Bonaccorso (Mar 30)
[SECURITY] [DSA 3191-1] gnutls26 security update Salvatore Bonaccorso (Mar 16)
[SECURITY] [DSA 3192-1] checkpw security update Salvatore Bonaccorso (Mar 17)
[SECURITY] [DSA 3197-2] openssl regression update Salvatore Bonaccorso (Mar 25)
[SECURITY] [DSA 3201-1] iceweasel security update Salvatore Bonaccorso (Mar 23)
[SECURITY] [DSA 3186-1] nss security update Salvatore Bonaccorso (Mar 13)

Sebastien Delafond

[SECURITY] [DSA 3205-1] batik security update Sebastien Delafond (Mar 27)
[SECURITY] [DSA 3177-1] mod-gnutls security update Sebastien Delafond (Mar 11)
[SECURITY] [DSA 3202-1] mono security update Sebastien Delafond (Mar 23)
[SECURITY] [DSA 3203-1] tor security update Sebastien Delafond (Mar 23)

Securify B.V.

Multiple Cross-Site Scripting vulnerabilities in Websense Reporting Securify B.V. (Mar 18)
Source code disclosure of Websense Triton JSP files via double quote character Securify B.V. (Mar 18)
Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting Securify B.V. (Mar 18)
Viber for Android exposes insecure Javascript interface Securify B.V. (Mar 20)
Cross-Site Scripting vulnerability in Websense Explorer report scheduler Securify B.V. (Mar 18)
Cross-Site Scripting vulnerability in Websense Data Security block page Securify B.V. (Mar 18)
Command injection vulnerability in EMC Secure Remote Services Virtual Edition Securify B.V. (Mar 19)
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites Securify B.V. (Mar 19)
EMC M&R (Watch4net) data storage collector credentials are not properly protected Securify B.V. (Mar 19)
Missing access control on Websense Explorer web folder Securify B.V. (Mar 18)
Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery Securify B.V. (Mar 19)
Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting Securify B.V. (Mar 18)
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console Securify B.V. (Mar 19)
Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users Securify B.V. (Mar 19)
EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection Securify B.V. (Mar 19)
Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser Securify B.V. (Mar 19)
Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting Securify B.V. (Mar 19)
Command injection vulnerability in network diagnostics tool of Websense Appliance Manager Securify B.V. (Mar 18)
Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting Securify B.V. (Mar 19)
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend Securify B.V. (Mar 19)
Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view Securify B.V. (Mar 18)
Command injection vulnerability in Citrix NITRO SDK xen_hotfix page Securify B.V. (Mar 19)

security

[ MDVSA-2015:178 ] ctags security (Mar 30)
[ MDVSA-2015:054 ] bind security (Mar 04)
[ MDVSA-2015:182 ] tcpdump security (Mar 30)
[ MDVSA-2015:144 ] lua security (Mar 30)
[ MDVSA-2015:114 ] cifs-utils security (Mar 30)
[ MDVSA-2015:131 ] rsync security (Mar 30)
[ MDVSA-2015:085 ] subversion security (Mar 30)
[ MDVSA-2015:169 ] git security (Mar 30)
[ MDVSA-2015:116 ] libtasn1 security (Mar 30)
[ MDVSA-2015:163 ] grub2 security (Mar 30)
[ MDVSA-2015:107 ] lcms2 security (Mar 30)
[ MDVSA-2015:055 ] freetype2 security (Mar 04)
[ MDVSA-2015:153 ] libgd security (Mar 30)
[ MDVSA-2015:138 ] patch security (Mar 30)
[ MDVSA-2015:112 ] python-lxml security (Mar 30)
[ MDVSA-2015:148-1 ] libssh2 security (Mar 30)
[ MDVSA-2015:105 ] imagemagick security (Mar 30)
[ MDVSA-2015:139 ] openvpn security (Mar 30)
[ MDVSA-2015:127 ] serf security (Mar 30)
[ MDVSA-2015:126 ] sudo security (Mar 30)
[ MDVSA-2015:122 ] util-linux security (Mar 30)
[ MDVSA-2015:119 ] x11-server security (Mar 30)
[ MDVSA-2015:106 ] apache-mod_security security (Mar 30)
[ MDVSA-2015:145-1 ] libxfont security (Mar 30)
[ MDVSA-2015:104 ] elfutils security (Mar 30)
[ MDVSA-2015:029-1 ] binutils security (Mar 30)
[ MDVSA-2015:052 ] tomcat security (Mar 03)
[ MDVSA-2015:079 ] php security (Mar 30)
[ MDVSA-2015:143 ] mpfr security (Mar 30)
[ MDVSA-2015:141 ] not-yet-commons-ssl security (Mar 30)
[ MDVSA-2015:094 ] nginx security (Mar 30)
[ MDVSA-2015:075 ] python security (Mar 27)
[ MDVSA-2015:110 ] postgresql security (Mar 30)
[ MDVSA-2015:161 ] icu security (Mar 30)
[ MDVSA-2015:125 ] tcpdump security (Mar 30)
[ MDVSA-2015:057 ] kernel security (Mar 10)
[ MDVSA-2015:183 ] wireshark security (Mar 30)
[ MDVSA-2015:072 ] gnutls security (Mar 27)
[ MDVSA-2015:168 ] glibc security (Mar 30)
[ MDVSA-2015:165 ] bind security (Mar 30)
[ MDVSA-2015:151 ] libksba security (Mar 30)
[ MDVSA-2015:070 ] libvirt security (Mar 27)
[ MDVSA-2015:175 ] ejabberd security (Mar 30)
[ MDVSA-2015:089 ] freetype2 security (Mar 30)
[ MDVSA-2015:064 ] cabextract security (Mar 27)
[ MDVSA-2015:077 ] python-numpy security (Mar 27)
[ MDVSA-2015:063 ] openssl security (Mar 27)
[ MDVSA-2015:129 ] ruby security (Mar 30)
[ MDVSA-2015:108 ] cups security (Mar 30)
[ MDVSA-2015:101 ] jbigkit security (Mar 30)
[ MDVSA-2015:051 ] sympa security (Mar 03)
[ MDVSA-2015:111 ] libxml2 security (Mar 30)
[ MDVSA-2015:154 ] gnupg security (Mar 30)
[ MDVSA-2015:156 ] libcap-ng security (Mar 30)
[ MDVSA-2015:140 ] ntp security (Mar 30)
[ MDVSA-2015:137 ] pcre security (Mar 30)
[ MDVSA-2015:081 ] samba security (Mar 30)
[ MDVSA-2015:173 ] ffmpeg security (Mar 30)
[ MDVSA-2015:148 ] libssh2 security (Mar 30)
[ MDVSA-2015:159 ] jasper security (Mar 30)
[ MDVSA-2015:174 ] erlang security (Mar 30)
[ MDVSA-2015:184 ] setup security (Mar 30)
[ MDVSA-2015:067 ] e2fsprogs security (Mar 27)
[ MDVSA-2015:167 ] glpi security (Mar 30)
[ MDVSA-2015:147-1 ] libtiff security (Mar 30)
[ MDVSA-2015:098 ] curl security (Mar 30)
[ MDVSA-2015:162 ] gtk+3.0 security (Mar 30)
[ MDVSA-2015:090 ] libpng security (Mar 30)
[ MDVSA-2015:172 ] firebird security (Mar 30)
[ MDVSA-2015:186 ] phpmyadmin security (Mar 31)
[ MDVSA-2015:128 ] sendmail security (Mar 30)
[ MDVSA-2015:096 ] stunnel security (Mar 30)
[ MDVSA-2015:066 ] cpio security (Mar 27)
[ MDVSA-2015:056 ] rpm security (Mar 09)
[ MDVSA-2015:086 ] libssh security (Mar 30)
[ MDVSA-2015:142 ] nodejs security (Mar 30)
[ MDVSA-2015:103 ] squid security (Mar 30)
[ MDVSA-2015:136 ] perl security (Mar 30)
[ MDVSA-2015:146 ] libvncserver security (Mar 30)
[ MDVSA-2015:059 ] nss security (Mar 13)
[ MDVSA-2015:145 ] libxfont security (Mar 30)
[ MDVSA-2015:123 ] unzip security (Mar 30)
[ MDVSA-2015:078 ] mutt security (Mar 30)
[ MDVSA-2015:176 ] dbus security (Mar 30)
[ MDVSA-2015:095 ] openssh security (Mar 30)
[ MDVSA-2015:132 ] readline security (Mar 30)
[ MDVSA-2015:180 ] apache-mod_wsgi security (Mar 30)
[ MDVSA-2015:133 ] python-requests security (Mar 30)
[ MDVSA-2015:155 ] gnupg security (Mar 30)
[ MDVSA-2015:177 ] ctdb security (Mar 30)
[ MDVSA-2015:166 ] clamav security (Mar 30)
[ MDVSA-2015:115 ] libvirt security (Mar 30)
[ MDVSA-2015:120 ] wpa_supplicant security (Mar 30)
[ MDVSA-2015:102 ] json-c security (Mar 30)
[ MDVSA-2015:109 ] python-django security (Mar 30)
[ MDVSA-2015:152 ] libjpeg security (Mar 30)
[ MDVSA-2015:118 ] xlockmore security (Mar 30)
[ MDVSA-2015:017-1 ] libevent security (Mar 30)
[ MDVSA-2015:130 ] rsyslog security (Mar 30)
[ MDVSA-2015:076 ] python3 security (Mar 27)
[ MDVSA-2015:087 ] egroupware security (Mar 30)
[ MDVSA-2015:084 ] tomcat security (Mar 30)
[ MDVSA-2015:099 ] python-pillow security (Mar 30)
[ MDVSA-2015:117 ] emacs security (Mar 30)
[ MDVSA-2015:185 ] dokuwiki security (Mar 31)
[ MDVSA-2015:062 ] openssl security (Mar 27)
[ MDVSA-2015:049 ] cups security (Mar 02)
[ MDVSA-2015:088 ] udisks2 security (Mar 30)
[ MDVSA-2015:097 ] php-ZendFramework security (Mar 30)
[ MDVSA-2015:068 ] e2fsprogs security (Mar 27)
[ MDVSA-2015:158 ] jython security (Mar 30)
[ MDVSA-2015:170 ] gcc security (Mar 30)
[ MDVSA-2015:150 ] liblzo security (Mar 30)
[ MDVSA-2015:171 ] freerdp security (Mar 30)
[ MDVSA-2015:147 ] libtiff security (Mar 30)
[ MDVSA-2015:179 ] coreutils security (Mar 30)
[ MDVSA-2015:121 ] wget security (Mar 30)
[ MDVSA-2015:181 ] drupal security (Mar 30)
[ MDVSA-2015:134 ] pulseaudio security (Mar 30)
[ MDVSA-2015:124 ] torque security (Mar 30)
[ MDVSA-2015:073 ] openldap security (Mar 27)
[ MDVSA-2015:149 ] libsndfile security (Mar 30)
[ MDVSA-2015:080 ] php security (Mar 30)
[ MDVSA-2015:050 ] patch security (Mar 02)
[ MDVSA-2015:093 ] apache security (Mar 30)
[ MDVSA-2015:083 ] samba4 security (Mar 30)
[ MDVSA-2015:157 ] libarchive security (Mar 30)
[ MDVSA-2015:061 ] qemu security (Mar 13)
[ MDVSA-2015:053 ] tomcat6 security (Mar 03)
[ MDVSA-2015:065 ] cpio security (Mar 27)
[ MDVSA-2015:160 ] ipython security (Mar 30)
[ MDVSA-2015:082 ] samba security (Mar 30)
[ MDVSA-2015:074 ] openldap security (Mar 27)
[ MDVSA-2015:092 ] net-snmp security (Mar 30)
[ MDVSA-2015:135 ] ppp security (Mar 30)
[ MDVSA-2015:058 ] kernel security (Mar 13)
[ MDVSA-2015:071 ] libpng12 security (Mar 27)
[ MDVSA-2015:113 ] dovecot security (Mar 30)
[ MDVSA-2015:060 ] yaml security (Mar 13)
[ MDVSA-2015:100 ] cups-filters security (Mar 30)

Security Alert

ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability Security Alert (Mar 23)
ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities Security Alert (Mar 10)
ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability Security Alert (Mar 25)
ESA-2015-014: RSA® Digital Certificate Solution Multiple Vulnerabilities Security Alert (Mar 11)

security-alert

[security bulletin] HPSBST03196 rev.1- HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Code Execution security-alert (Mar 24)
[security bulletin] HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code security-alert (Mar 24)
[security bulletin] HPSBST03265 rev.1 - HP VMA SAN Gateway running Bash Shell and OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information security-alert (Mar 04)
[security bulletin] HPSBPI03107 rev.2 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access security-alert (Mar 09)
[security bulletin] HPSBMU03220 rev.1 - HP Shunra Network Appliance / HP Shunra Wildcat Appliance, Remote Execution of Code security-alert (Mar 24)
[security bulletin] HPSBMU03259 rev.1 - HP Version Control Repository Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (Mar 13)
[security bulletin] HPSBHF03271 rev.1 - HP PCs and Workstations Running Windows 7 with NVidia Graphics Driver, Elevation of Privileges security-alert (Mar 31)
[security bulletin] HPSBGN03299 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information, Unauthorized Access security-alert (Mar 24)
[security bulletin] HPSBGN03277 rev.1 - HP Virtualization Performance Viewer, Remote Execution of Code, Denial of Service (DoS) and Other Vulnerabilities security-alert (Mar 09)
[security bulletin] HPSBHF03276 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4), Remote Unauthorized Access, Denial of Service (Dos) security-alert (Mar 24)
[security bulletin] HPSBGN03270 rev.1 - HP Operations Analytics, Remote Execution of Code security-alert (Mar 31)
[security bulletin] HPSBMU03262 rev.1 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert (Mar 13)
[security bulletin] HPSBST03298 rev.1 - HP XP Service Processor Software for Windows, Multiple Vulnerabilities security-alert (Mar 17)
[security bulletin] HPSBGN03249 rev.1 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities security-alert (Mar 12)
[security bulletin] HPSBUX03281 SSRT101968 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Mar 11)
[security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash, Remote Denial of Service (DoS), Code Execution, Disclosure of Information security-alert (Mar 17)
[security bulletin] HPSBMU03283 rev.1 - HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert (Mar 13)
[security bulletin] HPSBMU02895 SSRT101253 rev.5 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code security-alert (Mar 12)
[security bulletin] HPSBGN03285 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vulnerabilities security-alert (Mar 24)
[security bulletin] HPSBHF03275 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4), Remote Disclosure of Information security-alert (Mar 24)
[security bulletin] HPSBUX03235 SSRT101750 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Mar 09)
[security bulletin] HPSBHF03289 rev.1- HP ThinClient PCs running ThinPro Linux, Remote Code Execution, Denial of Service, Disclosure of information security-alert (Mar 24)
[security bulletin] HPSBMU03294 rev.1 - HP Process Automation running OpenSSL, Remote Disclosure of Information security-alert (Mar 26)
[security bulletin] HPSBGN03249 rev.2 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities security-alert (Mar 24)
[security bulletin] HPSBST03274 rev.1 - HP XP P9000 Command View Advanced Edition Software Online Help for Windows and Linux, Remote Cross-site Scripting (XSS) security-alert (Mar 02)
[security bulletin] HPSBMU03263 rev.1 - HP Insight Control running OpenSSL, Remote Disclosure of Information security-alert (Mar 24)
[security bulletin] HPSBGN03288 rev.1 - HP Server Automation, Remote Arbitrary Code Execution security-alert (Mar 24)
[security bulletin] HPSBHF03279 rev.1 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code security-alert (Mar 09)
[security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege security-alert (Mar 24)
[security bulletin] HPSBMU03292 rev.1 - HP Operations Orchestration Authentication Bypass security-alert (Mar 24)
[security bulletin] HPSBMU03262 rev.2 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert (Mar 24)
[security bulletin] HPSBMU03301 rev.1 - HP BladeSystem c-Class Onboard Administrator running OpenSSL, Remote Disclosure of Information security-alert (Mar 24)
[security bulletin] HPSBMU03267 rev.1 - HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL, Remote Disclosure of Information security-alert (Mar 13)
[security bulletin] HPSBGN03282 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vulnerabilities security-alert (Mar 24)
[security bulletin] HPSBMU03291 rev.1 - HP Operations Orchestration running Powershell Operations, Remote Disclosure of Information security-alert (Mar 24)

Security Explorations

[SE-2014-02] Google App Engine Java security sandbox bypasses (details) Security Explorations (Mar 16)

Simon Waters

Insecure file upload in Berta CMS Simon Waters (Mar 26)

Slackware Security Team

[slackware-security] samba (SSA:2015-064-01) Slackware Security Team (Mar 09)

Stefan Kanthak

Defense in depth -- the Mozilla way: return and exit codes are dispensable Stefan Kanthak (Mar 16)
Defense in depth -- the Microsoft way (part 31): UAC is for binary planting Stefan Kanthak (Mar 16)
Defense in depth -- the Microsoft way (part 30): on exploitable Win32 functions Stefan Kanthak (Mar 16)

Steven M. Christey

cve-assign delays Steven M. Christey (Mar 19)

Thijs Kinkhorst

[SECURITY] [DSA 3185-1] libgcrypt11 security update Thijs Kinkhorst (Mar 12)
[SECURITY] [DSA 3184-1] gnupg security update Thijs Kinkhorst (Mar 12)

Yves-Alexis Perez

[SECURITY] [DSA 3207-1] shibboleth-sp2 security update Yves-Alexis Perez (Mar 30)
[SECURITY] [DSA 3209-1] openldap security update Yves-Alexis Perez (Mar 31)

Previous period

Next period