Bugtraq: by thread
176 messages
starting Jun 03 14 and
ending Jun 30 14
Date index |
Thread index |
Author index
- [SECURITY] [DSA 2939-1] chromium-browser security update Michael Gilbert (Jun 03)
- [SECURITY] [DSA 2943-1] php5 security update Moritz Muehlenhoff (Jun 03)
- [SECURITY] [DSA 2941-1] lxml security update Moritz Muehlenhoff (Jun 03)
- Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress Yarubo Internet Security Scan (Jun 03)
- [SECURITY] [DSA 2944-1] gnutls26 security update Moritz Muehlenhoff (Jun 03)
- [SECURITY] [DSA 2942-1] typo3-src security update Moritz Muehlenhoff (Jun 03)
- Re: OpenCart 1.5.6.4 Directory Traversal Vulnerability Henri Salo (Jun 03)
- [slackware-security] mariadb (SSA:2014-152-01) Slackware Security Team (Jun 03)
- CVE-2014-2232 - "Absolute Path Traversal" (CWE-36) vulnerability in "infoware MapSuite" Christian Schneider (Jun 03)
- CVE-2014-2233 - "Server-Side Request Forgery" (CWE-918) vulnerability in "infoware MapSuite" Christian Schneider (Jun 03)
- CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" Christian Schneider (Jun 03)
- ESA-2014-032: RSA® Adaptive Authentication (Hosted) DOM Cross-Site Scripting Vulnerability Security Alert (Jun 03)
- [FD] CVE-2013-6876 s3dvt Root shell Hector Marco (Jun 03)
- VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass (Pwn2Own) VUPEN Security Research (Jun 03)
- FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS) Robin Bailey (Jun 03)
- CVE-2014-1226 s3dvt Root shell (still) Hector Marco (Jun 03)
- <Possible follow-ups>
- CVE-2014-1226 s3dvt Root shell (still) Hector Marco (Jun 04)
- CVE-2013-6825 DCMTK Root Privilege escalation Hector Marco (Jun 03)
- <Possible follow-ups>
- CVE-2013-6825 DCMTK Root Privilege escalation Hector Marco (Jun 04)
- LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues advisories (Jun 03)
- NG WifiTransfer Pro 1.1 - File Include Vulnerability Vulnerability Lab (Jun 03)
- Files Desk Pro v1.4 iOS - File Include Web Vulnerability Vulnerability Lab (Jun 03)
- AllReader v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jun 03)
- Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability Vulnerability Lab (Jun 03)
- TigerCom My Assistant v1.1 iOS - File Include Vulnerability Vulnerability Lab (Jun 03)
- Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jun 03)
- iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability Vulnerability Lab (Jun 03)
- CVE-2013-6876 s3dvt Root shell Hector Marco (Jun 04)
- Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 04)
- Re: [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jose Carlos Luna Duran (Jun 04)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 05)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jeffrey Walton (Jun 06)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] lists (Jun 05)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 05)
- Re: Bug in bash <= 4.3 [security feature bypassed] Daryl Tester (Jun 05)
- Re: Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 06)
- Re: [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jose Carlos Luna Duran (Jun 04)
- CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2 Portcullis Advisories (Jun 04)
- FreeBSD Security Advisory FreeBSD-SA-14:13.pam FreeBSD Security Advisories (Jun 04)
- FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail FreeBSD Security Advisories (Jun 04)
- FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace FreeBSD Security Advisories (Jun 04)
- [SECURITY] [DSA 2945-1] chkrootkit security update Giuseppe Iuculano (Jun 04)
- [CVE-2014-2577] XSS on Transform Foundation Server 4.3.1 and 5.2 from Bottomline Technologies Fran (Jun 04)
- ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability Security Alert (Jun 05)
- [SECURITY] [DSA 2947-1] libav security update Moritz Muehlenhoff (Jun 05)
- [SECURITY] [DSA 2948-1] python-bottle security update Moritz Muehlenhoff (Jun 05)
- [SECURITY] [DSA 2946-1] python-gnupg security update Moritz Muehlenhoff (Jun 05)
- [security bulletin] HPSBMU03033 rev.3 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information security-alert (Jun 05)
- [RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager RedTeam Pentesting GmbH (Jun 05)
- [SECURITY] [DSA 2950-1] openssl security update Moritz Muehlenhoff (Jun 05)
- [SECURITY] [DSA 2949-1] linux security update Salvatore Bonaccorso (Jun 05)
- FreeBSD Security Advisory FreeBSD-SA-14:14.openssl FreeBSD Security Advisories (Jun 05)
- multiple Vulnerability in "WahmShoppes eStore" cseye_ut (Jun 05)
- [security bulletin] HPSBMU03028 rev.2 - HP Matrix Operating Environment and HP CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information security-alert (Jun 05)
- ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities Security Alert (Jun 05)
- <Possible follow-ups>
- ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities Security Alert (Jun 30)
- [security bulletin] HPSBMU03029 rev.2 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information security-alert (Jun 05)
- Details for CVE-2014-0220 tucu (Jun 05)
- [SECURITY] [DSA 2951-1] mupdf security update Moritz Muehlenhoff (Jun 06)
- Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products Cisco Systems Product Security Incident Response Team (Jun 06)
- [SECURITY] [DSA 2952-1] kfreebsd-9 security update Nico Golde (Jun 06)
- [slackware-security] libtasn1 (SSA:2014-156-02) Slackware Security Team (Jun 06)
- [slackware-security] gnutls (SSA:2014-156-01) Slackware Security Team (Jun 06)
- SEC Consult SA-20140606-0 :: Multiple critical vulnerabilities in WebTitan SEC Consult Vulnerability Lab (Jun 06)
- [slackware-security] sendmail (SSA:2014-156-04) Slackware Security Team (Jun 06)
- [slackware-security] openssl (SSA:2014-156-03) Slackware Security Team (Jun 06)
- [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering Onapsis Research Labs (Jun 06)
- [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components Onapsis Research Labs (Jun 06)
- NeginGroup CMS Multiple Vulnerability iedb . team (Jun 09)
- CVE-2014-3740 - SpiceWorks Cross-site scripting Dolev Farhi (Jun 09)
- [slackware-security] mozilla-firefox (SSA:2014-157-01) Slackware Security Team (Jun 09)
- [SECURITY] [DSA 2953-1] dpkg security update Raphael Geissert (Jun 09)
- DNN (DotNetNuke®) ASPSlideshow Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
- DNN (DotNetNuke®) CodeEditor Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
- DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
- DNN (DotNetNuke®) eventscalendar Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
- DNN (DotNetNuke®) responsivesidebar Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
- DNN (DotNetNuke®) dnnUI_NewsArticlesSlider Module Arbitrary File Download Vulnerability cseye_ut (Jun 09)
- [security bulletin] HPSBMU03024 rev.3 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information security-alert (Jun 09)
- [ MDVSA-2014:105 ] openssl security (Jun 10)
- [SECURITY] [DSA 2954-1] dovecot security update Salvatore Bonaccorso (Jun 10)
- [ MDVSA-2014:106 ] openssl security (Jun 10)
- [ MDVSA-2014:107 ] libtasn1 security (Jun 10)
- [ MDVSA-2014:109 ] gnutls security (Jun 10)
- [ MDVSA-2014:108 ] gnutls security (Jun 10)
- [slackware-security] php (SSA:2014-160-01) Slackware Security Team (Jun 10)
- [ MDVSA-2014:111 ] otrs security (Jun 10)
- [ MDVSA-2014:112 ] python-django security (Jun 10)
- [ MDVSA-2014:110 ] curl security (Jun 10)
- Re: MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service Pavel Machek (Jun 11)
- [ MDVSA-2014:113 ] python-django security (Jun 11)
- [ MDVSA-2014:114 ] squid security (Jun 11)
- [ MDVSA-2014:115 ] php security (Jun 11)
- [ MDVSA-2014:116 ] file security (Jun 11)
- [ MDVSA-2014:117 ] libcap-ng security (Jun 11)
- CodeIgniter <= 2.1.4 Session Decoding Vulnerability Robin Bailey (Jun 11)
- [ MDVSA-2014:119 ] mediawiki security (Jun 11)
- [ MDVSA-2014:121 ] libgadu security (Jun 11)
- [ MDVSA-2014:118 ] emacs security (Jun 11)
- [ MDVSA-2014:120 ] miniupnpc security (Jun 11)
- [security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution security-alert (Jun 11)
- NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities "VMware Security Response Center" (Jun 11)
- CVE-2014-3977 - Privilege Escalation in IBM AIX Portcullis Advisories (Jun 11)
- [ MDVSA-2014:123 ] tor security (Jun 12)
- [ MDVSA-2014:122 ] chkrootkit security (Jun 12)
- [SECURITY] [DSA 2956-1] icinga security update Moritz Muehlenhoff (Jun 12)
- [SECURITY] [DSA 2955-1] iceweasel security update Moritz Muehlenhoff (Jun 12)
- Cisco Security Advisory: Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jun 12)
- CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones J. Oquendo (Jun 13)
- [slackware-security] mozilla-thunderbird (SSA:2014-163-01) Slackware Security Team (Jun 13)
- [SECURITY] [DSA 2957-1] mediawiki security update Thijs Kinkhorst (Jun 13)
- [SECURITY] [DSA 2958-1] apt security update Thijs Kinkhorst (Jun 13)
- AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework Asterisk Security Team (Jun 13)
- AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections Asterisk Security Team (Jun 13)
- AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions Asterisk Security Team (Jun 13)
- [security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information security-alert (Jun 13)
- CVE-2014-0228: Apache Hive Authorization vulnerability Thejas Nair (Jun 13)
- AST-2014-006: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Jun 13)
- [security bulletin] HPSBUX03046 SSRT101590 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access security-alert (Jun 13)
- [SECURITY] CVE-2013-2251: Apache Continuum affected by Remote Command Execution Brett Porter (Jun 13)
- [ MDVSA-2014:124 ] kernel security (Jun 13)
- [ MDVSA-2014:125 ] nspr security (Jun 16)
- ClipBucket CMS Xss Vulnerability iedb . team (Jun 16)
- [SECURITY] [DSA 2959-1] chromium-browser security update Michael Gilbert (Jun 16)
- [SE-2014-01] Security vulnerabilities in Oracle Database Java VM Security Explorations (Jun 16)
- [CFP] Hacktivity 2014 CFP is open ferenc . spala (Jun 16)
- [SECURITY] [DSA 2960-1] icedove security update Moritz Muehlenhoff (Jun 16)
- [SECURITY] [DSA 2950-2] openssl update Moritz Muehlenhoff (Jun 17)
- [SECURITY] [DSA 2961-1] php5 security update Salvatore Bonaccorso (Jun 17)
- [SECURITY] [DSA 2962-1] nspr security update Moritz Muehlenhoff (Jun 18)
- [security bulletin] HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access security-alert (Jun 18)
- [SECURITY] [DSA 2963-1] lucene-solr security update Moritz Muehlenhoff (Jun 18)
- [security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal security-alert (Jun 18)
- SQL Injection in Dolphin High-Tech Bridge Security Research (Jun 18)
- Multiple SQL Injection Vulnerabilities in web2Project High-Tech Bridge Security Research (Jun 18)
- Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability Vulnerability Lab (Jun 18)
- Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities Vulnerability Lab (Jun 18)
- [security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 19)
- [SECURITY] [DSA 2964-1] iodine security update Salvatore Bonaccorso (Jun 23)
- [SECURITY] [DSA 2965-1] tiff security update Michael Gilbert (Jun 23)
- [SECURITY] [DSA 2966-1] samba security update Yves-Alexis Perez (Jun 23)
- [security bulletin] HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosure of Information security-alert (Jun 23)
- Android KeyStore Stack Buffer Overflow (CVE-2014-3100) Roee Hay (Jun 24)
- Boolean algebra and CSS history theft Michal Zalewski (Jun 24)
- [security bulletin] HPSBMU03051 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 25)
- [HITB-Announce] #HITB2014KUL round 1 CFP submission deadline in < 1 week Hafez Kamal (Jun 25)
- [security bulletin] HPSBMU03053 rev.1 - HP Software Database and Middleware Automation, OpenSSL Vulnerability, Remote Unauthorized Access or Disclosure of Information security-alert (Jun 25)
- FreeBSD Security Advisory FreeBSD-SA-14:15.iconv FreeBSD Security Advisories (Jun 25)
- FreeBSD Security Advisory FreeBSD-SA-14:16.file FreeBSD Security Advisories (Jun 25)
- [slackware-security] gnupg2 (SSA:2014-175-03) Slackware Security Team (Jun 25)
- [slackware-security] gnupg (SSA:2014-175-02) Slackware Security Team (Jun 25)
- [slackware-security] bind (SSA:2014-175-01) Slackware Security Team (Jun 25)
- [slackware-security] samba (SSA:2014-175-04) Slackware Security Team (Jun 25)
- [slackware-security] seamonkey (SSA:2014-175-05) Slackware Security Team (Jun 25)
- NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library "VMware Security Response Center" (Jun 25)
- Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite High-Tech Bridge Security Research (Jun 25)
- [RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting GmbH (Jun 25)
- [RT-SA-2013-003] Endeca Latitude Cross-Site Scripting RedTeam Pentesting GmbH (Jun 25)
- CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) Portcullis Advisories (Jun 25)
- CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 Portcullis Advisories (Jun 25)
- [SECURITY] [DSA 2967-1] gnupg security update Salvatore Bonaccorso (Jun 25)
- [RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution RedTeam Pentesting GmbH (Jun 27)
- CFP 1st International Conference on Information Systems Security and Privacy - ICISSP 2015 calendarsites (Jun 27)
- [security bulletin] HPSBMU03058 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert (Jun 27)
- [SECURITY] [DSA 2968-1] gnupg2 security update Salvatore Bonaccorso (Jun 27)
- [security bulletin] HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege security-alert (Jun 27)
- [security bulletin] HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 27)
- [security bulletin] HPSBMU03056 rev.1 - HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information security-alert (Jun 27)
- [SECURITY] [DSA 2969-1] libemail-address-perl security update Salvatore Bonaccorso (Jun 27)
- [SECURITY] [DSA 2970-1] cacti security update Moritz Muehlenhoff (Jun 30)
- ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability Security Alert (Jun 30)
- SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS SEC Consult Vulnerability Lab (Jun 30)
- APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 Apple Product Security (Jun 30)
- APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 Apple Product Security (Jun 30)
- [security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information security-alert (Jun 30)
- APPLE-SA-2014-06-30-3 iOS 7.1.2 Apple Product Security (Jun 30)
- APPLE-SA-2014-06-30-4 Apple TV 6.1.2 Apple Product Security (Jun 30)
- ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities Security Alert (Jun 30)