Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
142 messages
starting May 02 16 and
ending May 31 16
Date index |
Thread index |
Author index
Monday, 02 May
[security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution security-alert
[slackware-security] ntp (SSA:2016-120-01) Slackware Security Team
[slackware-security] php (SSA:2016-120-02) Slackware Security Team
[slackware-security] subversion (SSA:2016-121-01) Slackware Security Team
Exploit-DB Captcha Bypass Rahul Pratap Singh
[SECURITY] [DSA 3562-1] tardiff security update Salvatore Bonaccorso
[SECURITY] [DSA 3563-1] poppler security update Moritz Muehlenhoff
[SECURITY] [DSA 3564-1] chromium-browser security update Michael Gilbert
[SECURITY] [DSA 3565-1] botan1.10 security update Sebastien Delafond
ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities Security Alert
[slackware-security] mercurial (SSA:2016-123-01) Slackware Security Team
Tuesday, 03 May
CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Timo Juhani Lindfors
NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities bhadresh . patel
[SECURITY] [DSA 3566-1] openssl security update Alessandro Ghedini
LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability LSE-Advisories
Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting Julien Ahrens
[slackware-security] openssl (SSA:2016-124-01) Slackware Security Team
Wednesday, 04 May
CVE-2016-2784: CMS Made Simple < 2.1.3 & < 1.12.2 Web server Cache Poisoning Lab I-Tracing
Cisco Security Advisory: Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
APPLE-SA-2016-05-03-1 Xcode 7.3.1 Apple Product Security
[SECURITY] [DSA 3567-1] libpam-sshauth security update Salvatore Bonaccorso
ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities Security Alert
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 Cisco Systems Product Security Incident Response Team
FreeBSD Security Advisory FreeBSD-SA-16:17.openssl FreeBSD Security Advisories
Thursday, 05 May
[SECURITY] [DSA 3568-1] libtasn1-6 security update Salvatore Bonaccorso
[SECURITY] [DSA 3569-1] openafs security update Salvatore Bonaccorso
[SECURITY] [DSA 3570-1] mercurial security update Salvatore Bonaccorso
[security bulletin] HPSBMU03584 rev.1 - HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities security-alert
Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities bhadresh . patel
Friday, 06 May
ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. Saif El-Sherei
Re: ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. Saif El-Sherei
Monday, 09 May
[SECURITY] [DSA 3571-1] ikiwiki security update Moritz Muehlenhoff
WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS mail
[SECURITY] [DSA 3572-1] websvn security update Salvatore Bonaccorso
[SECURITY] [DSA 3573-1] qemu security update Salvatore Bonaccorso
[security bulletin] HPSBUX03577 SSRT102172 rev.1 - HP-UX VxFS, Local Unauthorized Access to Files security-alert
Tuesday, 10 May
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab
Skype Manager - (Email Change) Filter Bypass Vulnerability Vulnerability Lab
Notes v4.5 iOS - Arbitrary File Upload Vulnerability Vulnerability Lab
Stanford University - Multiple SQL Injection Vulnerabilities Vulnerability Lab
Trend Micro Direct Pass - Filter Bypass & Cross Site Scripting Vulnerability Vulnerability Lab
Wednesday, 11 May
Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution support
[SECURITY] [DSA 3574-1] libarchive security update Salvatore Bonaccorso
[security bulletin] HPSBUX03596 rev.1 - HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access security-alert
[security bulletin] HPSBUX03574 rev.1 - HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, Unauthorized Information Disclosure security-alert
BulletProof Security 53.3 - Security Advisory - Multiple XSS Vulnerabilities Onur Yilmaz
[slackware-security] imagemagick (SSA:2016-132-01) Slackware Security Team
[SECURITY] [DSA 3565-2] monotone ovito pdns qtcreator softhsm regression update Sebastien Delafond
[security bulletin] HPSBHF03592 rev.1 - HPE VAN SDN Controller OVA using OpenSSL, Multiple Remote Vulnerabilities security-alert
[security bulletin] HPSBNS03581 rev.2 - HPE NonStop Servers running Samba (NS-Samba), Multiple Remote Vulnerabilities security-alert
Re: [slackware-security] imagemagick (SSA:2016-132-01) U2ME236
[security bulletin] HPSBST03586 rev.1 - HPE 3PAR OS, Remote Unauthorized Modification security-alert
[security bulletin] HPSBST03598 rev.1 - HPE 3PAR OS using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert
[security bulletin] HPSBST03599 rev.1 - HPE 3PAR OS running OpenSSH, Remote Denial of Service (DoS), Access Restriction Bypass security-alert
[slackware-security] mozilla-thunderbird (SSA:2016-132-01) Slackware Security Team
Thursday, 12 May
[security bulletin] HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS) security-alert
[SECURITY] [DSA 3575-1] libxstream-java security update Moritz Muehlenhoff
[security bulletin] HPSBMU03591 rev.1 - HPE Server Migration Pack, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBMU03589 rev.1 - HPE Version Control Repository Manager (VCRM), Remote Denial of Service (DoS) security-alert
May 2016 - HipChat Server - Critical Security Advisory David Black
Friday, 13 May
[security bulletin] HPSBMU03590 rev.1 - HPE Systems Insight Manager (SIM) on Windows and Linux, Multiple Vulnerabilities security-alert
[SECURITY] [DSA 3576-1] icedove security update Moritz Muehlenhoff
Monday, 16 May
eXtplorer v2.1.9 Archive Path Traversal hyp3rlinx
dns_dhcp Web Interface SQL Injection hyp3rlinx
[SECURITY] [DSA 3577-1] jansson security update Alessandro Ghedini
[SECURITY] [DSA 3578-1] libidn security update Alessandro Ghedini
[SECURITY] [DSA 3579-1] xerces-c security update Salvatore Bonaccorso
[ERPSCAN-16-009] SAP xMII - directory traversal vulnerability ERPScan inc
[ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet ERPScan inc
[SECURITY] [DSA 3580-1] imagemagick security update Luciano Bello
Security advisory for Bugzilla 5.0.3 and 4.4.12 LpSolit
APPLE-SA-2016-05-16-1 tvOS 9.2.1 Apple Product Security
APPLE-SA-2016-05-16-2 iOS 9.3.2 Apple Product Security
APPLE-SA-2016-05-16-3 watchOS 2.2.1 Apple Product Security
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003 Apple Product Security
APPLE-SA-2016-05-16-5 Safari 9.1.1 Apple Product Security
APPLE-SA-2016-05-16-6 iTunes 12.4 Apple Product Security
Tuesday, 17 May
[SECURITY] [DSA 3581-1] libndp security update Salvatore Bonaccorso
[security bulletin] HPSBHF03594 rev.1 - HPE ConvergedSystem and AppSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities security-alert
WSO2 SOA Enablement Server - Reflected Cross-Site Scripting Etnies
[security bulletin] HPSBGN03587 rev.1 - HPE Helion OpenStack using OpenSSL and Open vSwitch, Remote Arbitrary Command Execution, Denial of Service (DoS), Disclosure of Information security-alert
FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg FreeBSD Security Advisories
[SECURITY] [DSA 3582-1] expat security update Salvatore Bonaccorso
Wednesday, 18 May
[security bulletin] HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilities security-alert
[security bulletin] HPSBHF03579 rev.1 - HPE ConvergedSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities security-alert
Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information security-alert
[SECURITY] [DSA 3583-1] swift-plugin-s3 security update Moritz Muehlenhoff
Thursday, 19 May
TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4 mandy
[ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability ERPScan inc
[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability ERPScan inc
[SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast Gergely Eberhardt
[SECURITY] [DSA 3584-1] librsvg security update Salvatore Bonaccorso
[security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution security-alert
Monday, 23 May
[slackware-security] curl (SSA:2016-141-01) Slackware Security Team
[RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries Julien Ahrens
[SECURITY] [DSA 3585-1] wireshark security update Moritz Muehlenhoff
[RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections Julien Ahrens
[SECURITY] [DSA 3586-1] atheme-services security update Moritz Muehlenhoff
AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection mehmet . ince
Tuesday, 24 May
MSA-2016-01: PowerFolder Remote Code Execution Vulnerability Advisories Advisories
[security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information security-alert
Wednesday, 25 May
[slackware-security] libarchive (SSA:2016-145-01) Slackware Security Team
Open-Xchange Security Advisory 2016-05-25 Martin Heiland
Cisco Security Advisory: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
VMWare vSphere Web Client Flash XSS apparitionsec
[security bulletin] HPSBMU03601 rev.1 - HPE Insight Control server deployment using OpenSSL, Multiple Vulnerabilities security-alert
[security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities security-alert
[security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBMU03611 rev.1 - HPE Matrix Operating Environment on Windows and Linux, Multiple Remote Vulnerabilities security-alert
[security bulletin] HPSBGN03610 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert
Thursday, 26 May
ESA-2016-061: EMC Isilon OneFS SMB Signing Vulnerability Security Alert
[CVE-2016-4434] Apache Tika XML External Entity vulnerability Tim Allison
[CVE-2016-2175] Apache PDFBox XML External Entity vulnerability Andreas Lehmkuehler
Friday, 27 May
[SECURITY] [DSA 3587-1] libgd2 security update Salvatore Bonaccorso
[CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability Lorenz Quack
[CVE-2016-4432] Apache Qpid Java Broker - authentication bypass Keith W
Monday, 30 May
[CVE-2016-4945] Login Form Hijacking Vulnerability in Citrix NetScaler Gateway Daniel Schliebner
[slackware-security] libxml2 (SSA:2016-148-01) Slackware Security Team
[slackware-security] libxslt (SSA:2016-148-02) Slackware Security Team
[slackware-security] php (SSA:2016-148-03) Slackware Security Team
Multiple Vulnerabilities in Intex Wireless N150 Easy Setup Router mohitreload
[SECURITY] [DSA 3588-1] symfony security update Luciano Bello
[oCERT 2016-001] Jetty path sanitization issues Daniele Bianco
WebKitGTK+ Security Advisory WSA-2016-0004 Carlos Alberto Lopez Perez
[SECURITY] [DSA 3589-1] gdk-pixbuf security update Salvatore Bonaccorso
[SECURITY] Lorex ECO DVR Hard coded password andrew . hofmans
Tuesday, 31 May
[slackware-security] imagemagick (SSA:2016-152-01) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2016-152-02) Slackware Security Team
[RT-SA-2015-012] XML External Entity Expansion in Paessler PRTG Network Monitor RedTeam Pentesting GmbH
[RT-SA-2016-004] Websockify: Remote Code Execution via Buffer Overflow RedTeam Pentesting GmbH
[RT-SA-2016-005] Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution RedTeam Pentesting GmbH
FreeBSD Security Advisory FreeBSD-SA-16:21.43bsd FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:23.libarchive FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:22.libarchive FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:20.linux FreeBSD Security Advisories