Bugtraq: by author

Previous period
Next period

64 messages starting Oct 11 16 and ending Oct 03 16
Date index | Thread index | Author index

admin () evolution-sec com

Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities admin () evolution-sec com (Oct 11)

apparitionsec

TeempIp XSS Cookie Theft apparitionsec (Oct 03)
ZendStudio IDE v13.5.1 Privilege Escalation apparitionsec (Oct 12)
wincvs-2.0.2.4 Privilege Escalation apparitionsec (Oct 25)
Oracle Netbeans IDE v8.1 Import Directory Traversal apparitionsec (Oct 21)
Puppet Enterprise Web Interface Authentication Redirect apparitionsec (Oct 21)
Puppet Enterprise Web Interface User Enumeration apparitionsec (Oct 21)
Snort v2.9.7.0-WIN32 DLL Hijack apparitionsec (Oct 12)

Apple Product Security

APPLE-SA-2016-10-27-3 iTunes 12.5.2 for Windows Apple Product Security (Oct 28)
APPLE-SA-2016-10-24-3 Safari 10.0.1 Apple Product Security (Oct 24)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Oct 05)
Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Oct 05)
Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability Cisco Systems Product Security Incident Response Team (Oct 19)
Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Oct 05)
Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Oct 05)
Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Oct 12)

David Black

September 2016 - HipChat Plugin for various products - Critical Security Advisory David Black (Oct 05)
October 2016 - Crowd - Critical Security Advisory David Black (Oct 31)

Dawid Golunski

CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation Dawid Golunski (Oct 03)
CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation Dawid Golunski (Oct 26)

Dennis E. Hamilton

CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path Dennis E. Hamilton (Oct 25)

dirtycow

[CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability dirtycow (Oct 20)

EMC Product Security Response Center

ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities EMC Product Security Response Center (Oct 04)
ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability EMC Product Security Response Center (Oct 20)
ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability EMC Product Security Response Center (Oct 04)

ERPScan inc

[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability ERPScan inc (Oct 17)

Florian Weimer

[SECURITY] [DSA 3688-1] nss security update Florian Weimer (Oct 05)
[SECURITY] [DSA 3701-1] nginx security update Florian Weimer (Oct 26)
[SECURITY] [DSA 3687-1] nspr security update Florian Weimer (Oct 05)
[SECURITY] [DSA 3695-1] quagga security update Florian Weimer (Oct 18)
[SECURITY] [DSA 3684-1] libdbd-mysql-perl security update Florian Weimer (Oct 03)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED] FreeBSD Security Advisories (Oct 26)

Gergely Eberhardt

[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities Gergely Eberhardt (Oct 11)

HP Security Alert

[security bulletin] HPSBHF3549 ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege HP Security Alert (Oct 28)

hyp3rlinx

Puppet Enterprise Web Interface Authentication Redirect hyp3rlinx (Oct 21)

KoreLogic Disclosures

KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials KoreLogic Disclosures (Oct 05)
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial of Service KoreLogic Disclosures (Oct 05)

matthias . deeg

[SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) matthias . deeg (Oct 10)
[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks matthias . deeg (Oct 10)
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks matthias . deeg (Oct 11)
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks matthias . deeg (Oct 11)

mehta . himanshu21

Evernote for Windows DLL Loading Remote Code Execution Vulnerability mehta . himanshu21 (Oct 14)

Moritz Muehlenhoff

[SECURITY] [DSA 3694-1] tor security update Moritz Muehlenhoff (Oct 18)
[SECURITY] [DSA 3693-1] libgd2 security update Moritz Muehlenhoff (Oct 17)
[SECURITY] [DSA 3700-1] asterisk security update Moritz Muehlenhoff (Oct 26)

Nightwatch Cybersecurity Research

Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] Nightwatch Cybersecurity Research (Oct 10)

Salvatore Bonaccorso

[SECURITY] [DSA 3698-1] php5 security update Salvatore Bonaccorso (Oct 24)
[SECURITY] [DSA 3691-2] ghostscript regression update Salvatore Bonaccorso (Oct 31)
[SECURITY] [DSA 3701-2] nginx regression update Salvatore Bonaccorso (Oct 28)

Sebastian Perez

Multiple Vulnerabilities in Plone CMS Sebastian Perez (Oct 12)

SEC Consult Vulnerability Lab

SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT) SEC Consult Vulnerability Lab (Oct 11)

security-alert

[security bulletin] HPSBGN03639 rev.1 - HPE KeyView, Remote Code Execution security-alert (Oct 05)
[security bulletin] HPSBMU03653 rev.1 - HPE System Management Homepage (SMH), Remote Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information security-alert (Oct 28)
[security bulletin] HPSBGN03663 rev.1 - HPE ArcSight WINC Connector, Remote Code Execution security-alert (Oct 20)
[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities security-alert (Oct 11)
[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information security-alert (Oct 13)

Stefan Kanthak

Defense in depth -- the Microsoft way (part 45): filesystem redirection fails to redirect the application directory Stefan Kanthak (Oct 20)
Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update Stefan Kanthak (Oct 20)

Vulnerability Lab

AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit Vulnerability Lab (Oct 04)
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability Vulnerability Lab (Oct 11)
Clean Master v1.0 - Unquoted Path Privilege Escalation Vulnerability Lab (Oct 05)
Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability Vulnerability Lab (Oct 05)
Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities Vulnerability Lab (Oct 04)

Yves-Alexis Perez

[SECURITY] [DSA 3681-2] wordpress regression update Yves-Alexis Perez (Oct 03)
Previous period
Next period