Bugtraq: by thread
124 messages
starting Jun 01 16 and
ending Jun 30 16
Date index |
Thread index |
Author index
- [SECURITY] [DSA 3590-1] chromium-browser security update Michael Gilbert (Jun 01)
- AjaxExplorer v1.10.3.2 Remote CMD Execution / CSRF / Persistent XSS hyp3rlinx (Jun 01)
- [SECURITY] [DSA 3591-1] imagemagick security update Luciano Bello (Jun 01)
- [security bulletin] HPSBGN03609 rev.1 - HPE LoadRunner and Performance Center, Remote Code Execution, Denial of Service (DoS) security-alert (Jun 01)
- Cisco Security Advisory: Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Jun 01)
- Cisco Security Advisory: Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jun 01)
- [SECURITY] [DSA 3592-1] nginx security update Moritz Muehlenhoff (Jun 01)
- [security bulletin] HPSBOV03615 rev.1 - HPE OpenVMS CSWS running the Apache Tomcat 7 Servlet Engine, Multiple Remote Vulnerabilities security-alert (Jun 01)
- [security bulletin] HPSBMU03612 rev.1 - HPE Insight Control on Windows and Linux, Multiple Remote Vulnerabilities security-alert (Jun 01)
- XML External Entity XXE vulnerability in OpenID component of Liferay Sandro Gauci (Jun 02)
- SEC Consult SA-20160602-0 :: Multiple critical vulnerabilities in Ubee EVW3226 Advanced wireless voice gateway SEC Consult Vulnerability Lab (Jun 02)
- [security bulletin] HPSBMU03607 rev.1 - HPE BladeSystem c-Class Virtual Connect (VC) Firmware, Remote Denial of Service (DoS), Disclosure of Information, Cross-Site Request Forgery (CSRF) security-alert (Jun 02)
- Zoho OpManager < v12 d_fens (Jun 02)
- ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability Security Alert (Jun 02)
- [SECURITY] [DSA 3593-1] libxml2 security update Salvatore Bonaccorso (Jun 02)
- Notilus v2012 R3 - SQL injection alex_haynes (Jun 03)
- [Announce] CVE-2016-4437: Apache Shiro information disclosure vulnerability Brian Demers (Jun 03)
- [security bulletin] HPSBUX03616 SSRT110128 rev.2 - HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access security-alert (Jun 06)
- [security bulletin] - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER HP Security Alert (Jun 06)
- [slackware-security] ntp (SSA:2016-155-01) Slackware Security Team (Jun 06)
- FreeBSD Security Advisory FreeBSD-SA-16:24.ntp FreeBSD Security Advisories (Jun 06)
- [SECURITY] [DSA 3594-1] chromium-browser security update Michael Gilbert (Jun 06)
- [SECURITY] [DSA 3548-3] samba regression update Salvatore Bonaccorso (Jun 06)
- [SECURITY] [DSA 3595-1] mariadb-10.0 security update Salvatore Bonaccorso (Jun 06)
- [SECURITY] [DSA 3596-1] spice security update Salvatore Bonaccorso (Jun 06)
- [security bulletin] HPSBGN03442 rev.2 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (Jun 07)
- [security bulletin] HPSBGN03619 rev.1 - HPE Discovery and Dependency Mapping Inventory (DDMi) using Java Deserialization, remote Code Execution security-alert (Jun 07)
- [security bulletin] HPSBGN03620 rev.1 - HPE Helion OpenStack using OpenSSL and QEMU, Remote Unauthorized Data Access security-alert (Jun 07)
- Mapbox (API) - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Jun 07)
- Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload Vulnerability Vulnerability Lab (Jun 07)
- Microsoft Education - Code Execution Vulnerability Vulnerability Lab (Jun 07)
- Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability Vulnerability Lab (Jun 07)
- [SECURITY] [DSA 3597-1] expat security update Luciano Bello (Jun 07)
- [CVE-2016-0392] IBM GPFS / Spectrum Scale Command Injection john . fitzpatrick (Jun 07)
- [security bulletin] HPSBGN03621 rev.1 - HPE Universal CMDB using OpenSSL, Remote Disclosure of Sensitive Information security-alert (Jun 07)
- [security bulletin] HPSBGN03622 rev.1 - HPE UCMDB, Universal Discovery, and UCMDB Configuration Manager using Apache Commons Collection, Remote Code Executon security-alert (Jun 07)
- [security bulletin] HPSBGN03623 rev.1 - HPE Universal CMDB, Remote Disclosure of Sensitive Information security-alert (Jun 07)
- [SECURITY] [DSA 3598-1] vlc security update Moritz Muehlenhoff (Jun 08)
- Cisco EPC 3928 Multiple Vulnerabilities patryk . bogdan (Jun 08)
- [security bulletin] HPSBGN03624 rev.1 - HPE Project and Portfolio Management Center, Remote Disclosure of Sensitive Information, Execution of Arbitrary of Commands security-alert (Jun 08)
- [security bulletin] HPSBGN03618 rev.1 - HPE Service Manager remote Denial of Service (DoS), Disclosure of Information, Unauthorized Read Access to Files, Server Side Request Forgery security-alert (Jun 08)
- [security bulletin] HPSBMU03584 rev.2 - HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities security-alert (Jun 09)
- [security bulletin] HPSBMU03614 rev.1 - HPE Systems Insight Manager using Samba, Multiple Remote Vulnerabilities security-alert (Jun 09)
- ESA-2016-072: EMC NetWorker Remote Code Execution Vulnerability Security Alert (Jun 09)
- ESA-2016-064: EMC Data Domain Information Disclosure Vulnerability Security Alert (Jun 09)
- CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability John Kinsella (Jun 09)
- [SECURITY] [DSA 3599-1] p7zip security update Salvatore Bonaccorso (Jun 09)
- SimpleSAMLphp Link Injection hyp3rlinx (Jun 09)
- [SECURITY] [DSA 3600-1] iceweasel/firefox-esr security update Moritz Muehlenhoff (Jun 09)
- [security bulletin] HPSBGN03617 rev.2 - HPE IceWall Federation Agent and IceWall File Manager using libXML2 library, Remote Denial of Service (DoS) security-alert (Jun 09)
- ESA-2016-062: EMC Data Domain Multiple Vulnerabilities Security Alert (Jun 10)
- OpenWRT: swconfig infrastructure fails to check permissions Elliott Mitchell (Jun 13)
- FlashFXP v5.3.0 (Windows) - Memory Corruption Vulnerability Vulnerability Lab (Jun 13)
- CM Ad Changer 1.7.7 Wordpress Plugin - Cross Site Scripting Web Vulnerability Vulnerability Lab (Jun 13)
- ESA-2016-047: RSA ArcherĀ® GRC Platform Sensitive Information Disclosure Vulnerability Security Alert (Jun 13)
- Oracle Orakill.exe Buffer Overflow hyp3rlinx (Jun 14)
- [SECURITY] [DSA 3601-1] icedove security update Moritz Muehlenhoff (Jun 14)
- [SECURITY] [DSA 3602-1] php5 security update Salvatore Bonaccorso (Jun 14)
- Bashi v1.6 iOS - Persistent Mail Encoding Vulnerability Vulnerability Lab (Jun 14)
- [SECURITY] [DSA 3603-1] libav security update Moritz Muehlenhoff (Jun 15)
- [CVE-2014-1520] NOT FIXED: privilege escalation via Mozilla's executable installers Stefan Kanthak (Jun 15)
- NEW VMSA-2016-0009 VMware vCenter Server updates address an important reflective cross-site scripting issue VMware Security Response Center (Jun 15)
- Joomla com_enmasse - SQL Injection hamedizadi (Jun 15)
- FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability Vulnerability Lab (Jun 15)
- BookingWizz < 5.5 Multiple Vulnerability mehmet (Jun 15)
- Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Jun 15)
- Microsoft Visio multiple DLL side loading vulnerabilities Securify B.V. (Jun 15)
- [MWR-2016-0001] DDN Insecure Update Mechanism john . fitzpatrick (Jun 15)
- [MWR-2016-0002] DDN Default SSH Keys john . fitzpatrick (Jun 15)
- Authentication bypass in Ceragon FibeAir IP-10 web interface (<7.2.0) iancling (Jun 15)
- [security bulletin] HPSBGN03553 rev.1 - HP OneView Products using glibc and OpenSSL, Multiple Remote Vulnerabilties security-alert (Jun 16)
- [security bulletin] HPSBNS03625 rev.1 - HPE NonStop Application Server for Java (NSASJ) running SSL/TLS, Remote Disclosure of Information security-alert (Jun 16)
- [SECURITY] [DSA 3604-1] drupal7 security update Moritz Muehlenhoff (Jun 16)
- User enumeration in Skype for Business 2013 nyxgeek (Jun 16)
- [FD] Multiple vulnerabilities in squid 0.4.16_2 running on pfSense Remco Sprooten (Jun 16)
- [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player Stefan Kanthak (Jun 16)
- [ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability ERPScan inc (Jun 17)
- [ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet - XXE vulnerability ERPScan inc (Jun 17)
- [ERPSCAN-16-012] SAP NetWeaver AS JAVA - directory traversal vulnerability ERPScan inc (Jun 17)
- CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion Berend-Jan Wever (Jun 17)
- sNews CMS v1.7.1 Remote Command Execution / CSRF / XSS hyp3rlinx (Jun 20)
- [SECURITY] [DSA 3605-1] libxslt security update Salvatore Bonaccorso (Jun 20)
- Symphony CMS v2.6.7 Session Fixation hyp3rlinx (Jun 20)
- APPLE-SA-2016-06-20-1 AirPort Base Station Firmware Update 7.6.7 and 7.7.7 Apple Product Security (Jun 20)
- [slackware-security] libarchive (SSA:2016-172-01) Slackware Security Team (Jun 20)
- [slackware-security] pcre (SSA:2016-172-02) Slackware Security Team (Jun 20)
- [ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT - Information disclosure vulnerability ERPScan inc (Jun 21)
- [ERPSCAN-16-015] SAP NetWeaver Java AS - multiple XSS vulnerabilities ERPScan inc (Jun 21)
- [ERPSCAN-16-017] SAP JAVA AS icman - DoS vulnerability ERPScan inc (Jun 22)
- Magic values in 32-bit processes on 64-bit OS-es and how to exploit them Berend-Jan Wever (Jun 22)
- [ERPSCAN-16-018] SAP Application server for Javat - DoS vulnerability ERPScan inc (Jun 22)
- Open-Xchange Security Advisory 2016-06-22 Martin Heiland (Jun 22)
- ESA-2016-069: EMC Documentum WebTop and WebTop Clients Improper Authorization Vulnerability Security Alert (Jun 22)
- [KIS-2016-07] SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability Egidio Romano (Jun 24)
- [KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities Egidio Romano (Jun 24)
- [KIS-2016-05] SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities Egidio Romano (Jun 24)
- [KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability Egidio Romano (Jun 24)
- SEC Consult SA-20160624-0 :: ASUS DSL-N55U router XSS and information disclosure SEC Consult Vulnerability Lab (Jun 24)
- #146416 Ruby:HTTP Header injection in 'net/http' redrain root (Jun 24)
- [SECURITY] [DSA 3606-1] libpdfbox security update Moritz Muehlenhoff (Jun 27)
- [slackware-security] php (SSA:2016-176-01) Slackware Security Team (Jun 27)
- MyLittleForum v2.3.5 PHP Command Injection hyp3rlinx (Jun 27)
- [fd] CVE ID request: Untangle NGFW <= v12.1.0 post-auth command injection Matt Bush (Jun 27)
- BigTree CMS <= 4.2.11 Authenticated SQL Injection Vulnerability mehmet (Jun 27)
- Craft CMS affected by server side template injection Securify B.V. (Jun 27)
- [SECURITY] [DSA 3607-1] linux security update Salvatore Bonaccorso (Jun 28)
- Ladesk Agent #1 (Bug Bounty) - Session Reset Password Vulnerability Vulnerability Lab (Jun 28)
- Mutualaid CMS v4.3.1 - SQL Injection Web Vulnerability Vulnerability Lab (Jun 28)
- Alfine CMS v2.6 - (Login) Auth Bypass Vulnerability Vulnerability Lab (Jun 28)
- Iranian Weblog Services v3.3 CMS - Multiple Web Vulnerabilities Vulnerability Lab (Jun 28)
- [KIS-2016-08] Concrete5 <= 5.7.3.1 Multiple Cross-Site Request Forgeries Vulnerabilities Egidio Romano (Jun 28)
- [KIS-2016-09] Concrete5 <= 5.7.3.1 Multiple Stored Cross-Site Scripting Vulnerabilities Egidio Romano (Jun 28)
- [KIS-2016-10] Concrete5 <= 5.7.3.1 (Application::dispatch) Local File Inclusion Vulnerability Egidio Romano (Jun 28)
- KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Command Execution KoreLogic Disclosures (Jun 28)
- Symantec SEPM v12.1 Multiple Vulnerabilities hyp3rlinx (Jun 28)
- CVE-2016-4463: Apache Xerces-C XML Parser Crashes on Malformed DTD Cantor, Scott (Jun 29)
- Cisco Security Advisory: Cisco Firepower System Software Static Credential Vulnerability Cisco Systems Product Security Incident Response Team (Jun 29)
- Cisco Security Advisory: Cisco Prime Collaboration Provisioning Lightweight Directory Access Protocol Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Jun 29)
- Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Authentication Bypass API Vulnerability Cisco Systems Product Security Incident Response Team (Jun 29)
- [SECURITY] [DSA 3609-1] tomcat8 security update Moritz Muehlenhoff (Jun 29)
- [SECURITY] [DSA 3608-1] libreoffice security update Moritz Muehlenhoff (Jun 29)
- BFS-SA-2016-003: Huawei HiSuite Insecure Service Directory ACLs Blue Frost Security Research Lab (Jun 30)
- [SECURITY] [DSA 3610-1] xerces-c security update Salvatore Bonaccorso (Jun 30)
- [SECURITY] [DSA 3611-1] libcommons-fileupload-java security update Salvatore Bonaccorso (Jun 30)