Bugtraq: by thread
148 messages
starting Nov 02 15 and
ending Nov 30 15
Date index |
Thread index |
Author index
- [SECURITY] [DSA 3385-1] mariadb-10.0 security update Salvatore Bonaccorso (Nov 02)
- [SECURITY] [DSA 3386-1] unzip security update Laszlo Boszormenyi (GCS) (Nov 02)
- TCPing 2.1.0 Buffer Overflow apparitionsec (Nov 02)
- [SECURITY] [DSA 3387-1] openafs security update Florian Weimer (Nov 02)
- [SECURITY] [DSA 3388-1] ntp security update Moritz Muehlenhoff (Nov 02)
- [SECURITY] [DSA 3381-2] openjdk-7 security update Moritz Muehlenhoff (Nov 02)
- [SECURITY] [DSA 3389-1] elasticsearch end-of-life Moritz Muehlenhoff (Nov 02)
- Cross-Site Scripting | Zeuscart V4 ITAS Team (Nov 02)
- Accentis Content Resource Management System - SQL GalaxyCVEcollector (Nov 02)
- Accentis Content Resource Management System - XSS GalaxyCVEcollector (Nov 02)
- CVE-2015-7326 (XXE vulnerability in Milton Webdav) 0ang3el (Nov 02)
- [SECURITY] [DSA 3390-1] xen security update Salvatore Bonaccorso (Nov 02)
- [security bulletin] HPSBMU03518 rev.1 - HP Vertica, Remote Code Execution security-alert (Nov 02)
- [SECURITY] [DSA 3355-2] libvdpau regression update Alessandro Ghedini (Nov 02)
- [security bulletin] HPSBGN03426 rev.1 - HP Mobility Software, Remote Execution of Arbitrary Code security-alert (Nov 02)
- [security bulletin] HPSBGN03386 rev.2 - HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, Subscription Fraud Prevention, Remote Disclosure of Information, Local Disclosure of Information security-alert (Nov 04)
- [SECURITY] [DSA 3391-1] php-horde security update Florian Weimer (Nov 04)
- [security bulletin] HPSBGN03430 rev.1 - HP ArcSight products, Local Elevation of Privilege security-alert (Nov 04)
- [security bulletin] HPSBGN03425 rev.1 - HP ArcSight SmartConnectors, Remote Disclosure of Information, Local Escalation of Privilege security-alert (Nov 04)
- [security bulletin] HPSBGN03429 rev.2 - HP Arcsight Logger, Remote Disclosure of Information security-alert (Nov 04)
- [SECURITY] [DSA 3392-1] freeimage security update Sebastien Delafond (Nov 04)
- FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] FreeBSD Security Advisories (Nov 04)
- [KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability Egidio Romano (Nov 05)
- [KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability Egidio Romano (Nov 05)
- [KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability Egidio Romano (Nov 05)
- [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability Egidio Romano (Nov 05)
- [KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability Egidio Romano (Nov 05)
- [KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability Egidio Romano (Nov 05)
- Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Web Security Appliance Range Request Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Mobility Services Engine Static Credential Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Mobility Services Engine Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability Cisco Systems Product Security Incident Response Team (Nov 05)
- [SECURITY] [DSA 3393-1] iceweasel security update Moritz Muehlenhoff (Nov 05)
- [security bulletin] HPSBGN03519 rev.1 - HP Project and Portfolio Management Center, Remote Disclosure of Information security-alert (Nov 05)
- SEC Consult SA-20151105-0 :: Insecure default configuration in Ubiquiti Networks products SEC Consult Vulnerability Lab (Nov 05)
- Elasticsearch vulnerability CVE-2015-5377 Kevin Kluge (Nov 05)
- [SECURITY] [DSA 3394-1] libreoffice security update Moritz Muehlenhoff (Nov 05)
- Elasticsearch vulnerability CVE-2015-4165 Kevin Kluge (Nov 06)
- NXFilter v3.0.3 CSRF apparitionsec (Nov 06)
- NXFilter v3.0.3 Persistent / Reflected XSS apparitionsec (Nov 06)
- CVE-2015-5619 Suyog Rao (Nov 06)
- CVE-2015-5378 Suyog Rao (Nov 06)
- [slackware-security] mozilla-nss (SSA:2015-310-02) Slackware Security Team (Nov 06)
- [slackware-security] mozilla-firefox (SSA:2015-310-01) Slackware Security Team (Nov 06)
- [ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities Timothy Bish (Nov 06)
- [SECURITY] [DSA 3395-1] krb5 security update Salvatore Bonaccorso (Nov 06)
- TestLink 1.9.14 Persistent XSS Aravind (Nov 09)
- TestLink 1.9.14 CSRF Vulnerability Aravind (Nov 09)
- [SECURITY] [DSA 3386-2] unzip regression update Salvatore Bonaccorso (Nov 09)
- [SECURITY] [DSA 3396-1] linux security update Salvatore Bonaccorso (Nov 10)
- Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099 apparitionsec (Nov 11)
- [SECURITY] [DSA 3397-1] wpa security update Salvatore Bonaccorso (Nov 11)
- [security bulletin] HPSBGN03507 rev.2 - HP Arcsight Management Center, Arcsight Logger, Remote Cross-Site Scripting (XSS) security-alert (Nov 11)
- Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability Secunia Research (Nov 11)
- [SECURITY] [DSA 3395-2] krb5 security update Salvatore Bonaccorso (Nov 13)
- OpenBSD package 'net-snmp' information disclosure Pierre Kim (Nov 13)
- [slackware-security] seamonkey (SSA:2015-318-01) Slackware Security Team (Nov 14)
- D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF) vulnerability bhadresh . patel (Nov 14)
- /tmp race condition in IBM Installation Manager V1.8.1 install script larry0 (Nov 14)
- [SECURITY] [DSA 3208-2] freexl regression update Salvatore Bonaccorso (Nov 14)
- PHP Address Book SQL Injection Vulnerability Rahul Pratap Singh (Nov 14)
- CF Image Host PHP Command Injection apparitionsec (Nov 14)
- CF Image Host CSRF apparitionsec (Nov 14)
- CF Image Host XSS apparitionsec (Nov 14)
- Dlink DIR-866L Buffer overflows in HNAP and send email functionalities samhuntley84 (Nov 14)
- Dlink SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L samhuntley84 (Nov 14)
- Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. samhuntley84 (Nov 15)
- <Possible follow-ups>
- Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. samhuntley84 (Nov 15)
- Dlink DIR-825 (vC) Buffer overflows in authentication,HNAP and ping functionalities and also directory traversal issue exists samhuntley84 (Nov 15)
- Dlink DIR-890L/R Buffer overflows in authentication and HNAP functionalities. samhuntley84 (Nov 15)
- Dlink DIR-615 Authenticated Buffer overflow in Ping and Send email functionality samhuntley84 (Nov 15)
- Dlink DIR-818W Buffer overflows and Command injection in authentication and HNAP functionalities samhuntley84 (Nov 15)
- Dlink DIR-817LW Buffer overflows and Command injection in authentication and HNAP functionalities samhuntley84 (Nov 15)
- Dlink DIR-815 Buffer overflows and Command injection in authentication and HNAP functionalities samhuntley84 (Nov 15)
- Dlink DIR-645 UPNP Buffer Overflow samhuntley84 (Nov 15)
- Dlink DIR-601 Command injection in ping functionality samhuntley84 (Nov 15)
- Dlink DGL5500 Un-Authenticated Buffer overflow in HNAP functionality samhuntley84 (Nov 15)
- [security bulletin] HPSBGN03428 rev.3 - HP Asset Manager Web UI Client, Local Disclosure of Sensitive Information security-alert (Nov 15)
- SYSS-2015-061 Wirecard Checkout Page - Improper Validation of Integrity Check Value martin . sturm (Nov 15)
- CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability Matthew Flanagan (Nov 16)
- [SECURITY] [DSA 3398-1] strongswan security update Yves-Alexis Perez (Nov 16)
- LAN Scan HD v1.20 iOS - Command Inject Vulnerability Vulnerability Lab (Nov 17)
- Port Scan v2.0 iOS - Command Inject Vulnerability Vulnerability Lab (Nov 17)
- Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities Vulnerability Lab (Nov 17)
- Magento Bug Bounty #22 - (Profile) Persistent Vulnerability Vulnerability Lab (Nov 17)
- Murgent CMS - SQL Injection Vulnerability Vulnerability Lab (Nov 17)
- Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) Vulnerability Lab (Nov 17)
- Open-Xchange Security Advisory 2015-11-17 Martin Heiland (Nov 17)
- ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability Security Alert (Nov 17)
- WordPress Users Ultra Plugin [Unrestricted File Upload] pan . vagenas (Nov 17)
- [security bulletin] HPSBGN03521 rev.1 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) security-alert (Nov 17)
- Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability Vulnerability Lab (Nov 18)
- RCE and SQL injection via CSRF in Horde Groupware High-Tech Bridge Security Research (Nov 18)
- [SECURITY] [DSA 3399-1] libpng security update Salvatore Bonaccorso (Nov 19)
- [security bulletin] HPSBGN03521 rev.2 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) security-alert (Nov 19)
- IBM i Access Buffer Overflow Code Exec CVE-2015-2023 apparitionsec (Nov 19)
- IBM i Access Buffer Overflow Code DOS CVE-2015-7422 apparitionsec (Nov 19)
- CVE-2015-8131: Kibana CSRF vulnerability Kevin Kluge (Nov 19)
- NEW VMSA-2015-0008 - VMware product updates address information disclosure issue VMware Security Response Center (Nov 19)
- [security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) security-alert (Nov 19)
- [SECURITY] [DSA 3400-1] lxc security update Salvatore Bonaccorso (Nov 19)
- Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions Shazron (Nov 21)
- Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android Shazron (Nov 21)
- Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- <Possible follow-ups>
- Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- Proftpd ZERODAY - Malloc issues Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- Proftpd v1.3.5a ZERODAY - Malloc issues Advanced Information Security Corporation Nicholas Lemonias. (Nov 23)
- [ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import ERPScan inc (Nov 23)
- [FD] Celoxis <= 9.5 - Cross Site Scripting (XSS) Manuel Mancera (Nov 23)
- [ERPSCAN-15-019] SAP Afaria - Stored XSS ERPScan inc (Nov 23)
- [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE ERPScan inc (Nov 23)
- CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 Christofer Dutz (Nov 23)
- Steam Weak File Permissions Privilege Escalation ajs (Nov 23)
- [SECURITY] [DSA 3402-1] symfony security update Salvatore Bonaccorso (Nov 24)
- ESA-2015-164: EMC Isilon OneFS Privilege Escalation Vulnerability Security Alert (Nov 24)
- [SECURITY] [DSA 3403-1] libcommons-collections3-java security update Moritz Muehlenhoff (Nov 24)
- [slackware-security] pcre (SSA:2015-328-01) Slackware Security Team (Nov 25)
- [security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution security-alert (Nov 25)
- <Possible follow-ups>
- [security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution security-alert (Nov 25)
- CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability Vulnerability Lab (Nov 25)
- [SECURITY] [DSA 3404-1] python-django security update Salvatore Bonaccorso (Nov 25)
- [SECURITY] [DSA 3406-1] nspr security update Moritz Muehlenhoff (Nov 25)
- [SECURITY] [DSA 3405-1] smokeping security update Florian Weimer (Nov 25)
- [SECURITY] [DSA 3407-1] dpkg security update Salvatore Bonaccorso (Nov 26)
- [FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) Manuel Mancera (Nov 27)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- <Possible follow-ups>
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation aiscorp (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation lem . nikolas (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 29)
- Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 30)
- Proftpd 1.3.5a LATEST 0day (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Audit Report. Nicholas Lemonias. (Nov 29)
- Belkin N150 Wireless Home Router Multiple Vulnerabilities Rahul Pratap Singh (Nov 30)
- Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Nicholas Lemonias. (Nov 30)
- LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection advisories (Nov 30)
- [SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7) Security Explorations (Nov 30)
- Huawei Wimax routers vulnerable to multiple threats Pierre Kim (Nov 30)