Bugtraq: by thread
56 messages
starting Dec 01 16 and
ending Dec 28 16
Date index |
Thread index |
Author index
- [slackware-security] mozilla-firefox (SSA:2016-336-01) Slackware Security Team (Dec 01)
- Microsoft Windows Media Center "ehshell.exe" XML External Entity apparitionsec (Dec 05)
- Microsoft MSINFO32.EXE ".NFO" Files XML External Entity apparitionsec (Dec 05)
- CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used Eissing Stefan (Dec 05)
- Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption Berend-Jan Wever (Dec 06)
- CVE-2015-1730: MSIE jscript9 JavaScriptStackWalker memory corruption details and PoC Berend-Jan Wever (Dec 06)
- [ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security ESNC Security (Dec 07)
- Microsoft Remote Desktop Client for Mac Remote Code Execution Filippo Cavallarin (Dec 07)
- [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information security-alert (Dec 07)
- CVE-2013-1306: MSIE 9 MSHTML CDispNode::InsertSiblingNode use-after-free details Berend-Jan Wever (Dec 08)
- AST-2016-008: Crash on SDP offer or answer from endpoint using Opus Asterisk Security Team (Dec 08)
- AST-2016-009: <br> Asterisk Security Team (Dec 08)
- Symantec VIP Access Desktop Arbitrary DLL Execution apparitionsec (Dec 08)
- MSIE 9 MSHTML CElement::HasFlag memory corruption Berend-Jan Wever (Dec 09)
- [SECURITY] [DSA 3730-1] icedove security update Salvatore Bonaccorso (Dec 12)
- [SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure Mark Thomas (Dec 12)
- APPLE-SA-2016-12-12-1 iOS 10.2 Apple Product Security (Dec 12)
- APPLE-SA-2016-12-12-3 tvOS 10.1 Apple Product Security (Dec 12)
- APPLE-SA-2016-12-12-2 watchOS 3.1.1 Apple Product Security (Dec 12)
- Apple iOS/tvOS/watchOS Remote memory corruption through certificate submit (Dec 13)
- [slackware-security] php (SSA:2016-347-03) Slackware Security Team (Dec 13)
- [slackware-security] kernel (SSA:2016-347-01) Slackware Security Team (Dec 13)
- APPLE-SA-2016-12-13-3 iTunes 12.5.4 Apple Product Security (Dec 13)
- APPLE-SA-2016-12-13-2 Safari 10.0.2 Apple Product Security (Dec 14)
- APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 Apple Product Security (Dec 14)
- APPLE-SA-2016-12-13-8 Transporter 1.9.2 Apple Product Security (Dec 14)
- APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 Apple Product Security (Dec 14)
- MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free Berend-Jan Wever (Dec 14)
- [slackware-security] mozilla-firefox (SSA:2016-348-01) Slackware Security Team (Dec 14)
- CVE-2013-3143: MSIE 9 IEFRAME CMarkup..RemovePointerPos use-after-free Berend-Jan Wever (Dec 14)
- Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability Secunia Research (Dec 14)
- Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability hyp3rlinx (Dec 14)
- Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] Dawid Golunski (Dec 15)
- MSIE 9 IEFRAME CMarkupPointer::MoveToGap use-after-free Berend-Jan Wever (Dec 15)
- CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free Berend-Jan Wever (Dec 16)
- CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom unlimitsec (Dec 16)
- [SECURITY] [DSA 3736-1] libupnp security update Sebastien Delafond (Dec 16)
- [security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities security-alert (Dec 16)
- Samsung DVR credentials encoded in base64 in cookie header Jacobo Avariento (Dec 19)
- [SECURITY] [DSA 3738-1] tomcat7 security update Sebastien Delafond (Dec 19)
- [SYSS-2016-115] Cisco Expressway: Security Bypass Vulnerability (CWE-20) Micha Borrmann (Dec 19)
- CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free Berend-Jan Wever (Dec 20)
- [SECURITY] [DSA 3743-1] python-bottle security update Sebastien Delafond (Dec 21)
- ASP.NET Core 5-RC1 HTTP Header Injection Advisories (Dec 21)
- [SECURITY] [DSA 3732-2] php-ssh2 regression update Sebastien Delafond (Dec 21)
- CVE-2014-4138: MSIE 11 MSHTML CPasteCommand::ConvertBitmaptoPng heap-based buffer overflow Berend-Jan Wever (Dec 22)
- FreeBSD Security Advisory FreeBSD-SA-16:39.ntp FreeBSD Security Advisories (Dec 22)
- [SECURITY] [DSA 3744-1] libxml2 security update Salvatore Bonaccorso (Dec 23)
- XAMPP Control Panel Memory Corruption Denial Of Service HYP3RLINX (Dec 25)
- [slackware-security] httpd (SSA:2016-358-01) Slackware Security Team (Dec 25)
- [slackware-security] openssh (SSA:2016-358-02) Slackware Security Team (Dec 25)
- [slackware-security] expat (SSA:2016-359-01) Slackware Security Team (Dec 25)
- [SECURITY] [DSA 3746-1] graphicsmagick security update Luciano Bello (Dec 25)
- PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] Dawid Golunski (Dec 27)
- PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) Dawid Golunski (Dec 27)
- [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage Oleksandr Rudyy (Dec 28)