Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
174 messages
starting Feb 09 15 and
ending Feb 03 15
Date index |
Thread index |
Author index
Alessandro Ghedini
[SECURITY] [DSA 2978-2] libxml2 security update Alessandro Ghedini (Feb 09)
[SECURITY] [DSA 3163-1] libreoffice security update Alessandro Ghedini (Feb 19)
[SECURITY] [DSA 3157-1] ruby1.9.1 security update Alessandro Ghedini (Feb 09)
[SECURITY] [DSA 3159-1] ruby1.8 security update Alessandro Ghedini (Feb 10)
[SECURITY] [DSA 3156-1] liblivemedia security update Alessandro Ghedini (Feb 09)
[SECURITY] [DSA 3150-1] vlc security update Alessandro Ghedini (Feb 02)
alex_haynes
CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability alex_haynes (Feb 03)
Andrea Barisani
[oCERT-2015-002] e2fsprogs input sanitization errors Andrea Barisani (Feb 09)
Aurelien Jarno
[SECURITY] [DSA 3169-1] eglibc security update Aurelien Jarno (Feb 23)
ayman . abdelaziz
BMC Footprints Service Core 11.5 - Multiple Cross Site Scripting Vulnerabilities (XSS) ayman . abdelaziz (Feb 09)
Ben Fuhrmannek
Cross-Site-Scripting (XSS) in tcllib's html::textarea Ben Fuhrmannek (Feb 27)
bhdresh
Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) bhdresh (Feb 09)
borg
CVE-2015-1172 Wordpress-theme remote arbitrary code borg (Feb 09)
Christoph Gruber
Re: Suspicious URL:Re: [FD] Major Internet Explorer Vulnerability - NOT Patched Christoph Gruber (Feb 10)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Security Advisory Cisco WebEx Meetings Server Command Injection Vulnerability Cisco Systems Product Security Incident Response Team (Feb 04)
Cisco Security Advisory: Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 23)
Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team (Feb 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Cisco Systems Product Security Incident Response Team (Feb 12)
Darko Vršič
Re: CVE-2015-1437 XSS In ASUS Router. Darko Vršič (Feb 04)
David Leo
Very Important Info About "Major Internet Explorer Vulnerability - NOT Patched" David Leo (Feb 09)
Re: [FD] Major Internet Explorer Vulnerability - NOT Patched David Leo (Feb 04)
Major Internet Explorer Vulnerability - NOT Patched David Leo (Feb 02)
Re: [FD] Major Internet Explorer Vulnerability - NOT Patched David Leo (Feb 09)
dennis . veninga
TangoBB 1.5.0-A3 XSS Vulnerability dennis . veninga (Feb 26)
HelpDezk 1.0.1 Multiple Vulnerabilities dennis . veninga (Feb 27)
EnanoCMS 1.1.8pl1 XSS Vulnerability dennis . veninga (Feb 26)
Dimitris Strevinas
RE: [FD] Major Internet Explorer Vulnerability - NOT Patched Dimitris Strevinas (Feb 09)
Florian Weimer
[SECURITY] [DSA 3162-1] bind9 security update Florian Weimer (Feb 19)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:05.bind FreeBSD Security Advisories (Feb 26)
FreeBSD Security Advisory FreeBSD-SA-15:04.igmp FreeBSD Security Advisories (Feb 26)
Greg Hudson
MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token Greg Hudson (Feb 03)
Hector Marco
CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four Hector Marco (Feb 16)
CVE-2015-1574 - Google Email App 4.2.2 remote denial of service Hector Marco (Feb 13)
Henri Salo
Re: CVE-2015-1437 XSS In ASUS Router. Henri Salo (Feb 04)
High-Tech Bridge Security Research
Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin High-Tech Bridge Security Research (Feb 11)
Multiple Vulnerabilities in my little forum High-Tech Bridge Security Research (Feb 11)
iedb . team
N.E.T. E-Commerce Group Cross Site Scripting Vulnerability iedb . team (Feb 26)
iletisim
Wordpress Media Cleaner Plugin - XSS Vulnerability iletisim (Feb 27)
Imre Rad
LG On Screen Phone authentication bypass (CVE-2014-8757) Imre Rad (Feb 09)
innate
Cosmoshop - XSS on Admin-Login Mask innate (Feb 16)
ITAS Team
Microweber 0.95 - SQL Injection Vulnerability ITAS Team (Feb 02)
Fork CMS 3.8.3 - XSS Vulnerability ITAS Team (Feb 02)
Radexscript CMS 2.2.0 - SQL Injection vulnerability ITAS Team (Feb 09)
Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities ITAS Team (Feb 02)
Jeremy Boynes
[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags Jeremy Boynes (Feb 27)
jerold
UNIT4 Prosoft HRMS XSS Vulnerability jerold (Feb 13)
Bitdefender Internet Security - jerold (Feb 04)
Jonathan Brossard
Re: Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii) Jonathan Brossard (Feb 13)
Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii) Jonathan Brossard (Feb 12)
Joshua Rogers
Re: Suspicious URL:Re: [FD] Major Internet Explorer Vulnerability - NOT Patched Joshua Rogers (Feb 10)
jullrich
CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak jullrich (Feb 16)
Kevin Kluge
Elasticsearch vulnerability CVE-2015-1427 Kevin Kluge (Feb 11)
kingkaustubh
CVE-2015-1437 XSS In ASUS Router. kingkaustubh (Feb 03)
Re: Re: CVE-2015-1437 XSS In ASUS Router. kingkaustubh (Feb 04)
CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher kingkaustubh (Feb 17)
Stored XSS Vulnerability in ADPlugg Wordpress Plugin kingkaustubh (Feb 23)
Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher kingkaustubh (Feb 16)
Luciano Bello
[SECURITY] [DSA 3155-1] postgresql-9.1 security update Luciano Bello (Feb 09)
Mark Thomas
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling Mark Thomas (Feb 09)
Martin Heiland
Open-Xchange Security Advisory 2015-02-12 Martin Heiland (Feb 12)
Michael Gilbert
[SECURITY] [DSA 3166-1] e2fsprogs security update Michael Gilbert (Feb 23)
[SECURITY] [DSA 3165-1] xdg-utils security update Michael Gilbert (Feb 23)
[SECURITY] [DSA 3148-1] chromium-browser end of life Michael Gilbert (Feb 02)
michael . hendrickx
CVE-2014-8487: Kony EMM insecurity Direct Object Reference michael . hendrickx (Feb 23)
Michael Meyer
Re: CVE-2015-1437 XSS In ASUS Router. Michael Meyer (Feb 04)
Mike Antcliffe
Re: Reflected File Download in AOL Search Website Mike Antcliffe (Feb 16)
mohamed . idris
[CVE-2014-9331] ManageEngine Desktop Central CSRF vulnerability to add an Admin user advisory mohamed . idris (Feb 03)
Moritz Muehlenhoff
[SECURITY] [DSA 3160-1] xorg-server security update Moritz Muehlenhoff (Feb 11)
[SECURITY] [DSA 3164-1] typo3-src security update Moritz Muehlenhoff (Feb 23)
[SECURITY] [DSA 3174-1] iceweasel security update Moritz Muehlenhoff (Feb 26)
[SECURITY] [DSA 3153-1] krb5 security update Moritz Muehlenhoff (Feb 04)
[SECURITY] [DSA 3170-1] linux security update Moritz Muehlenhoff (Feb 26)
[SECURITY] [DSA 3175-1] kfreebsd-9 security update Moritz Muehlenhoff (Feb 26)
Onapsis Research Labs
[Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench Onapsis Research Labs (Feb 26)
[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA Onapsis Research Labs (Feb 26)
[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA Onapsis Research Labs (Feb 26)
[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA Onapsis Research Labs (Feb 26)
[Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA Onapsis Research Labs (Feb 26)
Onur Yilmaz
Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384 Onur Yilmaz (Feb 02)
Peter Adkins
NetGear WNDR Authentication Bypass / Information Disclosure Peter Adkins (Feb 17)
D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities Peter Adkins (Feb 26)
RedTeam Pentesting GmbH
[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page RedTeam Pentesting GmbH (Feb 10)
[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite RedTeam Pentesting GmbH (Feb 18)
Rehan Ahmed
Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilities Rehan Ahmed (Feb 18)
rgutierrez
GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server rgutierrez (Feb 26)
Ricardo Iramar dos Santos
Reflected File Download in AOL Search Website Ricardo Iramar dos Santos (Feb 16)
Salvatore Bonaccorso
[SECURITY] [DSA 3176-1] request-tracker4 security update Salvatore Bonaccorso (Feb 26)
[SECURITY] [DSA 3158-1] unrtf security update Salvatore Bonaccorso (Feb 09)
[SECURITY] [DSA 3161-1] dbus security update Salvatore Bonaccorso (Feb 12)
[SECURITY] [DSA 3173-1] libgtk2-perl security update Salvatore Bonaccorso (Feb 26)
[SECURITY] [DSA 3154-2] ntp security update Salvatore Bonaccorso (Feb 09)
[SECURITY] [DSA 3152-1] unzip security update Salvatore Bonaccorso (Feb 03)
[SECURITY] [DSA 3154-1] ntp security update Salvatore Bonaccorso (Feb 09)
[SECURITY] [DSA 3171-1] samba security update Salvatore Bonaccorso (Feb 23)
[SECURITY] [DSA 3151-1] python-django security update Salvatore Bonaccorso (Feb 03)
[SECURITY] [DSA 3167-1] sudo security update Salvatore Bonaccorso (Feb 23)
saman . j . l33t
Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC saman . j . l33t (Feb 10)
Sebastien Delafond
[SECURITY] [DSA 3149-1] condor security update Sebastien Delafond (Feb 02)
[SECURITY] [DSA 3168-1] ruby-redcloth security update Sebastien Delafond (Feb 23)
[SECURITY] [DSA 3172-1] cups security update Sebastien Delafond (Feb 26)
SEC Consult Vulnerability Lab
SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home SEC Consult Vulnerability Lab (Feb 27)
security
[ MDVSA-2015:036 ] python-django security (Feb 09)
[ MDVSA-2015:029 ] binutils security (Feb 09)
[ MDVSA-2015:032 ] php security (Feb 09)
[ MDVSA-2015:047 ] elfutils security (Feb 12)
[ MDVSA-2015:033 ] java-1.7.0-openjdk security (Feb 09)
[ MDVSA-2015:040 ] zarafa security (Feb 10)
[ MDVSA-2015:039 ] glibc security (Feb 10)
[ MDVSA-2015:045 ] e2fsprogs security (Feb 12)
[ MDVSA-2015:037 ] vorbis-tools security (Feb 09)
[ MDVSA-2015:043 ] otrs security (Feb 10)
[ MDVSA-2015:034 ] jasper security (Feb 09)
[ MDVSA-2015:042 ] clamav security (Feb 10)
[ MDVSA-2015:048 ] postgresql security (Feb 12)
[ MDVSA-2015:035 ] libvirt security (Feb 09)
[ MDVSA-2015:030 ] bugzilla security (Feb 09)
[ MDVSA-2015:046 ] ntp security (Feb 12)
[ MDVSA-2015:041 ] cabextract security (Feb 10)
[ MDVSA-2015:031 ] busybox security (Feb 09)
[ MDVSA-2015:044 ] perl-Gtk2 security (Feb 12)
Security Alert
ESA-2014-158: RSA BSAFE® Micro Edition Suite, SSL-J and SSL-C Triple Handshake Vulnerability Security Alert (Feb 04)
ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities Security Alert (Feb 04)
ESA-2015-012: EMC Captiva Capture Sensitive Information Disclosure Vulnerability Security Alert (Feb 09)
security-alert
[security bulletin] HPSBMU03216 rev.2 - HP Service Manager running SSLv3, Multiple Remote Vulnerabilities security-alert (Feb 09)
[security bulletin] HPSBGN03252 rev.1 - HP AppPulse Active running SSLv3, Remote Disclosure of Information security-alert (Feb 09)
[security bulletin] HPSBUX03166 SSRT101489 rev.2 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass security-alert (Feb 09)
[security bulletin] HPSBMU03246 rev.1 - HP Insight Control for Linux Central Management Server Pre-boot Execution Environment running Bash Shell, Multiple Vulnerabilities security-alert (Feb 10)
[security bulletin] HPSBMU03224 rev.1 - HP LoadRunner and Performance Center, Load Generator Virtual Machine Images, running Windows, Remote Elevation of Privilege security-alert (Feb 09)
[security bulletin] HPSBPV03266 rev.1 - Certain HP Networking and H3C Switches and Routers running NTP, Remote Execution of Code, Disclosure of Information, and Denial of Service (DoS) security-alert (Feb 23)
[security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites security-alert (Feb 26)
[security bulletin] HPSBGN03247 rev.1 - HP IceWall SSO Dfw using glibc, Remote Execution of Abitrary Code security-alert (Feb 03)
[security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Feb 26)
[security bulletin] HPSBGN03253 rev.1 - HP Business Process Insight (BPI) running SSLv3, Remote Disclosure of Information security-alert (Feb 09)
[security bulletin] HPSBUX03240 SSRT101872 rev.1 - HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilties security-alert (Feb 23)
[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution security-alert (Feb 02)
[security bulletin] HPSBMU03245 rev.1 - HP Insight Control server deployment Linux Preboot Execution Environment running Bash Shell, Multiple Vulnerabilities security-alert (Feb 10)
[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege security-alert (Feb 03)
[security bulletin] HPSBMU03260 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (Feb 26)
[security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information security-alert (Feb 09)
[security bulletin] HPSBGN03237 rev.1 - HP Insight Remote Support v7 Clients running SSLv3, Remote Disclosure of Information security-alert (Feb 03)
[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information security-alert (Feb 02)
[security bulletin] HPSBGN03258 rev.1 - HP Insight Control server deployment Windows Pre-boot Execution Environment, Microsoft Schannel (Winshock) Remote Code Execution security-alert (Feb 13)
[security bulletin] HPSBGN03255 rev.1 - HP OpenCall Media Platform (OCMP) running SSLv3, Remote Denial of Service (DoS),Disclosure of Information security-alert (Feb 10)
[security bulletin] HPSBGN03254 rev.1 - HP Service Health Analyzer running SSLv3, Remote Disclosure of Information security-alert (Feb 09)
[security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites security-alert (Feb 26)
[security bulletin] HPSBUX03235 SSRT101750 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Feb 09)
Shawn Hsiao
Suspicious URL:Re: [FD] Major Internet Explorer Vulnerability - NOT Patched Shawn Hsiao (Feb 09)
Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2015-056-02) Slackware Security Team (Feb 26)
[slackware-security] patch (SSA:2015-047-01) Slackware Security Team (Feb 17)
[slackware-security] seamonkey (SSA:2015-047-02) Slackware Security Team (Feb 17)
[slackware-security] sudo (SSA:2015-047-03) Slackware Security Team (Feb 17)
[slackware-security] mozilla-firefox (SSA:2015-056-01) Slackware Security Team (Feb 26)
sn
Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability sn (Feb 11)
Stefan Kanthak
Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you Stefan Kanthak (Feb 02)
[ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft) Stefan Kanthak (Feb 11)
iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... Stefan Kanthak (Feb 19)
Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation Stefan Kanthak (Feb 23)
Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames) Stefan Kanthak (Feb 19)
sven
[CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5 sven (Feb 16)
[CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3 sven (Feb 18)
[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5 sven (Feb 04)
Tien Tran Dinh
articleFR CMS 3.0.5 - XSS vulnerability Tien Tran Dinh (Feb 03)
articleFR CMS 3.0.5 - SQL injection vulnerability Tien Tran Dinh (Feb 03)
articleFR CMS 3.0.5 - Arbitrary File Upload Tien Tran Dinh (Feb 03)
Timo Schmid
PHP Code Execution in jui_filter_rules Parsing Library Timo Schmid (Feb 18)
Vulnerability Lab
Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities Vulnerability Lab (Feb 26)
DSS TFTP 1.0 Server - Path Traversal Vulnerability Vulnerability Lab (Feb 26)
T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll) Vulnerability Lab (Feb 11)
Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability Vulnerability Lab (Feb 17)
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability Vulnerability Lab (Feb 11)
Data Source: Scopus CMS - SQL Injection Web Vulnerability Vulnerability Lab (Feb 26)
Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Vulnerability Lab (Feb 11)
Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability Vulnerability Lab (Feb 11)
xfrendnugroho
Re: [SECURITY] [DSA 3149-1] condor security update xfrendnugroho (Feb 03)