Bugtraq: by thread
158 messages
starting Jul 01 14 and
ending Jul 31 14
Date index |
Thread index |
Author index
- Kerio Control <= 8.3.1 Boolean-based blind SQL Injection info (Jul 01)
- SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom SEC Consult Vulnerability Lab (Jul 01)
- CVE-2014-3149 - Reflected Cross-Site Scripting (XSS) in "Invision Power IP.Board" Christian Schneider (Jul 02)
- Cross-Site Request Forgery (CSRF) in Kanboard High-Tech Bridge Security Research (Jul 02)
- [security bulletin] HPSBMU03055 rev.1 - HP Smart Update Manager (HP SUM) running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jul 02)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager Cisco Systems Product Security Incident Response Team (Jul 02)
- <Possible follow-ups>
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager Cisco Systems Product Security Incident Response Team (Jul 09)
- [SECURITY] [DSA 2971-1] dbus security update Salvatore Bonaccorso (Jul 03)
- [security bulletin] HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code security-alert (Jul 03)
- [security bulletin] HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass security-alert (Jul 03)
- POC2014 Call for Paper pocadm (Jul 03)
- [security bulletin] HPSBMU03051 rev.2 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jul 04)
- Lime Survey 2-05+ Multiple Vulnerabilities g-damore (Jul 07)
- [SECURITY] [DSA 2972-1] linux security update Salvatore Bonaccorso (Jul 07)
- Re: Android KeyStore Stack Buffer Overflow (CVE-2014-3100) a . blas (Jul 07)
- CVE-2014-3863 - Stored XSS in JChatSocial Teodor Lupan (Jul 07)
- iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries Stefan Kanthak (Jul 07)
- {CVE-ID request} - OCS-Inventory-NG Multiple Stored Cross Site Scripting Vulnerabilities. Madhu Akula (Jul 07)
- Backdoor access to Techboard/Syac devices roberto . paleari (Jul 07)
- PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability Vulnerability Lab (Jul 07)
- Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Jul 07)
- Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability Vulnerability Lab (Jul 07)
- [SECURITY] CVE-2014-3503 Apache Syncope Francesco Chicchiriccò (Jul 07)
- Photo Org WonderApplications v8.3 iOS - File Include Vulnerability Vulnerability Lab (Jul 07)
- ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities Security Alert (Jul 07)
- ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability Security Alert (Jul 07)
- [SECURITY] [DSA 2973-1] vlc security update Moritz Muehlenhoff (Jul 08)
- [security bulletin] HPSBGN03050 rev.1 - HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access security-alert (Jul 08)
- Abusing Oracle's CREATE DATABASE LINK Privilege for fun and Profit Sumit Siddharth (Jul 08)
- CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX Portcullis Advisories (Jul 08)
- [ MDVSA-2014:126 ] phpmyadmin security (Jul 08)
- [security bulletin] HPSBMU03065 rev.1 - HP Operations Analytics, OpenSSL Vulnerability, SSL/TLS, Remote Code Execution, Denial of Service (DoS), Disclosure of Information security-alert (Jul 09)
- [SECURITY] [DSA 2974-1] php5 security update Salvatore Bonaccorso (Jul 09)
- FreeBSD Security Advisory FreeBSD-SA-14:17.kmem FreeBSD Security Advisories (Jul 09)
- CVE-2014-4331 OctavoCMS reflected XSS vulnerability andreu . antonio (Jul 09)
- Android NFC Service Denial of Service vuln (Jul 09)
- [ MDVSA-2014:127 ] gnupg security (Jul 09)
- [ MDVSA-2014:128 ] iodine security (Jul 09)
- [ MDVSA-2014:130 ] php security (Jul 09)
- [ MDVSA-2014:129 ] ffmpeg security (Jul 09)
- [ MDVSA-2014:131 ] file security (Jul 09)
- [ MDVSA-2014:132 ] libxfont security (Jul 09)
- OS Command Injection Infoblox Network Automation nate (Jul 09)
- Weak Local Database Credentials in Infoblox Network Automation nate (Jul 09)
- Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products Cisco Systems Product Security Incident Response Team (Jul 09)
- [SECURITY] [DSA 2975-1] phpmyadmin security update Thijs Kinkhorst (Jul 09)
- [security bulletin] HPSBMU03069 rev.1 - HP Software Operation Orchestration, OpenSSL Vulnerability, SSL/TLS, Remote Code Execution, Denial of Service (DoS), Disclosure of Information security-alert (Jul 10)
- [security bulletin] HPSBMU03070 rev.1 - HP Cloud Service Automation, OpenSSL Vulnerability, Unauthorized Access, Disclosure of Information security-alert (Jul 10)
- SEC Consult SA-20140710-0 :: Multiple critical vulnerabilities in Shopizer webshop SEC Consult Vulnerability Lab (Jul 10)
- SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system SEC Consult Vulnerability Lab (Jul 10)
- SEC Consult SA-20140710-3 :: Design Issue / Password Disclosure in WAGO-I/O-SYSTEM with CODESYS V2.3 WebVisu SEC Consult Vulnerability Lab (Jul 10)
- [ MDVSA-2014:133 ] gd security (Jul 10)
- SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop SEC Consult Vulnerability Lab (Jul 10)
- [ MDVSA-2014:134 ] liblzo security (Jul 10)
- [ MDVSA-2014:135 ] python security (Jul 10)
- Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Jul 10)
- Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability Vulnerability Lab (Jul 10)
- [SECURITY] [DSA 2976-1] eglibc security update Florian Weimer (Jul 10)
- [ MDVSA-2014:136 ] samba security (Jul 14)
- [ MDVSA-2014:137 ] apache-mod_wsgi security (Jul 14)
- [SECURITY] [DSA 2977-1] libav security update Moritz Muehlenhoff (Jul 14)
- [SECURITY] [DSA 2978-1] libxml2 security update Moritz Muehlenhoff (Jul 14)
- [ MDVSA-2014:138 ] asterisk security (Jul 14)
- [slackware-security] php (SSA:2014-192-01) Slackware Security Team (Jul 14)
- [KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability Egidio Romano (Jul 14)
- [security bulletin] HPSBST03039 rev.1 - HP StoreVirtual 4000 Storage and StoreVirtual VSA, Remote Disclosure of Information, Elevation of Privilege security-alert (Jul 15)
- [security bulletin] HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information security-alert (Jul 15)
- Ruxcon 2014 Final Call For Presentations cfp (Jul 15)
- [security bulletin] HPSBGN03068 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information security-alert (Jul 15)
- Node Browserify RCE vuln (<= 4.2.0) Cal Leeming [Simplicity Media Ltd] (Jul 15)
- [security bulletin] HPSBMU03072 SSRT101644 rev.1 - HP Data Protector, Remote Execution of Arbitrary Code security-alert (Jul 16)
- KL-001-2014-001 : Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation KoreLogic Disclosures (Jul 16)
- SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition SEC Consult Vulnerability Lab (Jul 16)
- VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014) VUPEN Security Research (Jul 16)
- VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass (Pwn2Own 2014) VUPEN Security Research (Jul 16)
- VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog()" Sandbox Bypass (Pwn2Own 2014) VUPEN Security Research (Jul 16)
- VUPEN Security Research - Microsoft Windows "DirectShow" Privilege Escalation Vulnerability (Pwn2Own 2014) VUPEN Security Research (Jul 16)
- Reflected Cross-Site Scripting (XSS) in e107 High-Tech Bridge Security Research (Jul 16)
- SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" SEC Consult Vulnerability Lab (Jul 16)
- SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway SEC Consult Vulnerability Lab (Jul 16)
- SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone SEC Consult Vulnerability Lab (Jul 16)
- Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Jul 17)
- [SECURITY] [DSA 2765-2] davfs regression update Thijs Kinkhorst (Jul 17)
- IP.Board 3.4 cross-site scripting in Referer header stormhacker (Jul 17)
- [HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August Hafez Kamal (Jul 17)
- Ignore the amount customers confirm is no security vulnerability according to PayPal Jan Kechel (Jul 17)
- [SECURITY] [DSA 2979-1] fail2ban security update Moritz Muehlenhoff (Jul 18)
- [SECURITY] [DSA 2980-1] openjdk-6 security update Moritz Muehlenhoff (Jul 18)
- Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability (BNSEC 703) Vulnerability Lab (Jul 18)
- Microsoft MSN HBE - Blind SQL Injection Vulnerability Vulnerability Lab (Jul 18)
- ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability Security Alert (Jul 18)
- CVE-2014-4980 Parameter Tampering in Nessus Web UI - Remote Information Disclosure i amroot (Jul 21)
- [SECURITY] [DSA 2981-1] polarssl security update Salvatore Bonaccorso (Jul 21)
- CVE-2014-4326 Remote command execution in Logstash zabbix and nagios_nsca outputs. Jordan Sissel (Jul 21)
- KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation KoreLogic Disclosures (Jul 21)
- KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation KoreLogic Disclosures (Jul 21)
- [SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update Moritz Muehlenhoff (Jul 21)
- [SECURITY] [DSA 2983-1] drupal7 security update Moritz Muehlenhoff (Jul 21)
- Call for Papers / Speakers for ISACA Ireland Conference on 3rd Oct in Dublin president (Jul 22)
- [oCERT-2014-004] Ansible input sanitization errors Andrea Barisani (Jul 22)
- Cross-site Scripting in EventLog Analyzer 9.0 build #9000 audit1 (Jul 22)
- Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080 audit1 (Jul 22)
- Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability Vulnerability Lab (Jul 22)
- [security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information security-alert (Jul 22)
- Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Jul 23)
- [SECURITY] [DSA 2984-1] acpi-support security update Luciano Bello (Jul 23)
- [SECURITY] [DSA 2985-1] mysql-5.5 security update Salvatore Bonaccorso (Jul 23)
- Multiple Vulnerabilities in Parallels® Plesk Sitebuilder cseye_ut (Jul 23)
- [oCERT-2014-005] LPAR2RRD input sanitization errors Daniele Bianco (Jul 23)
- SQL Injection in Е2 High-Tech Bridge Security Research (Jul 23)
- [security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information security-alert (Jul 23)
- [security bulletin] HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jul 24)
- Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 24)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Gynvael Coldwind (Jul 28)
- Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 28)
- Message not available
- Message not available
- <Possible follow-ups>
- Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 30)
- Message not available
- Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 31)
- Message not available
- Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 31)
- RE: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Joe Souza (Jul 31)
- Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 31)
- Message not available