Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
218 messages
starting Mar 09 16 and
ending Mar 03 16
Date index |
Thread index |
Author index
abdyfhie
Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference abdyfhie (Mar 09)
adrian . vollmer
[SYSS-2016-009] Sophos UTM 525 Web Application Firewall - Cross-Site Scripting in adrian . vollmer (Mar 01)
adrmm
Reflected Cross-Site Scripiting in CuteEditor adrmm (Mar 14)
Agazzini Maurizio
McAfee VirusScan Enterprise security restrictions bypass Agazzini Maurizio (Mar 04)
Alessandro Ghedini
[SECURITY] [DSA 3500-1] openssl security update Alessandro Ghedini (Mar 01)
amaris
Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) amaris (Mar 14)
Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) amaris (Mar 14)
Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) amaris (Mar 14)
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) amaris (Mar 14)
Apple Product Security
APPLE-SA-2016-03-21-1 iOS 9.3 Apple Product Security (Mar 21)
APPLE-SA-2016-03-21-7 OS X Server 5.1 Apple Product Security (Mar 21)
APPLE-SA-2016-03-21-4 Xcode 7.3 Apple Product Security (Mar 21)
APPLE-SA-2016-03-21-2 watchOS 2.2 Apple Product Security (Mar 21)
APPLE-SA-2016-03-21-3 tvOS 9.2 Apple Product Security (Mar 21)
APPLE-SA-2016-03-21-6 Safari 9.1 Apple Product Security (Mar 21)
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 Apple Product Security (Mar 21)
appsec
BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543) appsec (Mar 28)
BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542) appsec (Mar 28)
Berend-Jan Wever
Microsoft Edge CDOMTextNode::get_data type confusion Berend-Jan Wever (Mar 14)
Carlos Alberto Lopez Perez
WebKitGTK+ Security Advisory WSA-2016-0002 Carlos Alberto Lopez Perez (Mar 14)
Christopher Shannon
[ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking Christopher Shannon (Mar 14)
[ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Christopher Shannon (Mar 13)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco NX-OS Software TCP Netstack Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
Cisco Security Advisory: Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
Cisco Security Advisory: Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 Cisco Systems Product Security Incident Response Team (Mar 02)
Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Mar 30)
Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
Cisco Security Advisory: Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
contact
[CVE-2016-2345] Solarwinds Dameware Mini Remote Control Remote Code Execution Vulnerability contact (Mar 17)
CORE Advisories Team
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CORE Advisories Team (Mar 16)
[CORE-2016-0003] - Samsung SW Update Tool MiTM CORE Advisories Team (Mar 09)
[CORE-2016-0004] - SAP Download Manager Password Weak Encryption CORE Advisories Team (Mar 09)
David Coomber
Panda SM Manager iOS Application - MITM SSL Certificate Vulnerability David Coomber (Mar 02)
Derek Mahar
Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Derek Mahar (Mar 17)
disclosure
[SYSS-2015-053] innovaphone IP222/IP232 - Denial of Service disclosure (Mar 04)
Dubbju
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Dubbju (Mar 07)
Edsel Adap
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Edsel Adap (Mar 07)
erlijn . vangenuchten
[SYSS-2015-064] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten (Mar 04)
[SYSS-2015-059] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten (Mar 04)
[SYSS-2015-060] Thru Managed File Transfer Portal 9.0.2 - Improperly Implemented Security Check for Standard (REVISED) erlijn . vangenuchten (Mar 04)
[SYSS-2015-058] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten (Mar 04)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:12.openssl FreeBSD Security Advisories (Mar 13)
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch FreeBSD Security Advisories (Mar 16)
FreeBSD Security Advisory FreeBSD-SA-16:14.openssh FreeBSD Security Advisories (Mar 16)
FreeBSD Security Advisory FreeBSD-SA-16:13.bind FreeBSD Security Advisories (Mar 13)
Georg Lukas
CVE-2016-1519: GrandStream Android VoIP App TLS MitM Vulnerability Georg Lukas (Mar 17)
CVE-2016-1518: GrandStream Android VoIP Phone / App Provisioning Vulnerability Georg Lukas (Mar 17)
CVE-2016-1520: GrandStream Android VoIP App Update Redirection Georg Lukas (Mar 17)
Gianni Carabelli
Hardcoded root password in Zyxel MAX3XX series Wimax CPEs Gianni Carabelli (Mar 23)
harish . ramadoss
Validation Bypass in C2Box application : CVE - 2015-4626 harish . ramadoss (Mar 28)
Henri Salo
WordPress plugin GravityForms Cross-site Scripting vulnerability Henri Salo (Mar 01)
High-Tech Bridge Security Research
Admin Password Reset & RCE via CSRF in Dating Pro High-Tech Bridge Security Research (Mar 18)
Remote Code Execution via CSRF in iTop High-Tech Bridge Security Research (Mar 18)
Multiple Vulnerabilities in CubeCart High-Tech Bridge Security Research (Mar 30)
SQL Injection and RCE in WebsiteBaker High-Tech Bridge Security Research (Mar 18)
HP Security Alert
[security bulletin] HPSBPI03546 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Enterprise Printers, Remote Disclosure of Information HP Security Alert (Mar 03)
[security bulletin] HPSBGN03438 rev.1 - HP Support Assistant, Local Authentication Bypass HP Security Alert (Mar 19)
[security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities HP Security Alert (Mar 02)
[security bulletin] HPSBHF03439 rev.1 - HP Commercial PCs with Sure Start, Local Denial of Service HP Security Alert (Mar 03)
[security bulletin] HPSBHF03436 rev.1 - HP Thin Client with ThinPro OS, running Linux, Local Elevated Privileges HP Security Alert (Mar 02)
hyp3rlinx
Xoops 2.5.7.2 CSRF - Arbitrary User Deletions hyp3rlinx (Mar 17)
Xoops 2.5.7.2 Directory Traversal Bypass hyp3rlinx (Mar 17)
AbsoluteTelnet 10.14 DLL Hijack Code Exec hyp3rlinx (Mar 20)
TrendMicro DDI Cross Site Request Forgerys hyp3rlinx (Mar 26)
jeremyscott
Vivint Sky Control Panel Unauthenticated Access Vulnerability jeremyscott (Mar 02)
jungle Boogie
Re: [FD] [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow jungle Boogie (Mar 16)
Ken Giusti
CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported Ken Giusti (Mar 23)
Kotas, Kevin J
CA20160323-01: Security Notice for CA Single Sign-On Web Agents Kotas, Kevin J (Mar 23)
kyle Lovett
Easy Hosting Control Panel (EHCP) - Multiple Vulnerabilities kyle Lovett (Mar 30)
Laël Cellier
Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier (Mar 18)
LSE-Advisories
LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities LSE-Advisories (Mar 09)
Luciano Bello
[SECURITY] [DSA 3509-1] rails security update Luciano Bello (Mar 09)
[SECURITY] [DSA 3509-1] rails security update Luciano Bello (Mar 09)
[SECURITY] [DSA 3509-1] rails security update Luciano Bello (Mar 09)
Multiple (persistent) XSS in ProjectSend mail (Mar 17)
Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager mail (Mar 06)
Manuel Mancera
Fireware XTM Web UI - Open Redirect Manuel Mancera (Mar 29)
Martin Heiland
Open-Xchange Security Advisory 2016-03-02 Martin Heiland (Mar 02)
Matteo Beccati
[REVIVE-SA-2016-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati (Mar 02)
Maxim Solodovnik
[CVE-2016-2164] Arbitrary file read via SOAP API Maxim Solodovnik (Mar 25)
[CVE-2016-0783] Predictable password reset token Maxim Solodovnik (Mar 25)
[CVE-2016-0784] Apache OpenMeetings ZIP file path traversal Maxim Solodovnik (Mar 30)
[CVE-2016-2163] Stored Cross Site Scripting in Event description Maxim Solodovnik (Mar 25)
Michael Gilbert
[SECURITY] [DSA 3513-1] chromium-browser security update Michael Gilbert (Mar 14)
[SECURITY] [DSA 3511-1] bind9 security update Michael Gilbert (Mar 13)
[SECURITY] [DSA 3507-1] chromium-browser security update Michael Gilbert (Mar 06)
[SECURITY] [DSA 3531-1] chromum-browser security update Michael Gilbert (Mar 26)
Michael Lima
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Michael Lima (Mar 08)
Moritz Muehlenhoff
[SECURITY] [DSA 3520-1] icedove security update Moritz Muehlenhoff (Mar 19)
[SECURITY] [DSA 3523-1] iceweasel security update Moritz Muehlenhoff (Mar 20)
[SECURITY] [DSA 3505-1] wireshark security update Moritz Muehlenhoff (Mar 04)
[SECURITY] [DSA 3530-1] tomcat6 security update Moritz Muehlenhoff (Mar 26)
[SECURITY] [DSA 3506-1] libav security update Moritz Muehlenhoff (Mar 04)
[SECURITY] [DSA 3529-1] redmine security update Moritz Muehlenhoff (Mar 23)
[SECURITY] [DSA 3516-1] wireshark security update Moritz Muehlenhoff (Mar 14)
[SECURITY] [DSA 3515-1] graphite2 security update Moritz Muehlenhoff (Mar 14)
[SECURITY] [DSA 3535-1] kamailio security update Moritz Muehlenhoff (Mar 30)
[SECURITY] [DSA 3519-1] xen security update Moritz Muehlenhoff (Mar 17)
[SECURITY] [DSA 3510-1] iceweasel security update Moritz Muehlenhoff (Mar 09)
[SECURITY] [DSA 3524-1] activemq security update Moritz Muehlenhoff (Mar 20)
Murray, Mike
RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Murray, Mike (Mar 30)
netizen01k
XSS (Cross Site Scripting) in Social CRM & Community Solutions powered by Lithium in Knowledge base section netizen01k (Mar 24)
Panagiotis Vagenas
WordPress Bulk Delete Plugin [Privilege Escalation] Panagiotis Vagenas (Mar 03)
Rahul Pratap Singh
DW Question Answer Stored XSS Vulnerability Rahul Pratap Singh (Mar 14)
Soundy Background Music XSS Vulnerability Rahul Pratap Singh (Mar 14)
Ralf Spenneberg
OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference Ralf Spenneberg (Mar 09)
OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences Ralf Spenneberg (Mar 09)
OS-S 2016-10 Linux visor (treo_attach) Nullpointer Dereference CVE-2016-2782 Ralf Spenneberg (Mar 09)
oss-2016-18: Multiple Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) Ralf Spenneberg (Mar 14)
OS-S 2016-05 Linux aiptek Nullpointer Dereference CVE-2015-7515 Ralf Spenneberg (Mar 09)
OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference Ralf Spenneberg (Mar 09)
OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566 Ralf Spenneberg (Mar 09)
OS-S 2016-08 Linux mct_u232 Nullpointer Dereference Ralf Spenneberg (Mar 09)
oss-2016-16: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver) Ralf Spenneberg (Mar 14)
oss-2016-15: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) Ralf Spenneberg (Mar 14)
oss-2016-13: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) Ralf Spenneberg (Mar 14)
oss-2016-17: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) Ralf Spenneberg (Mar 14)
oss-2016-14: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (gtco driver) Ralf Spenneberg (Mar 14)
OS-S 2016-06 Linux cdc_acm Nullpointer Dereference Ralf Spenneberg (Mar 09)
RedTeam Pentesting GmbH
[RT-SA-2016-002] Cross-site Scripting in Securimage 3.6.2 RedTeam Pentesting GmbH (Mar 22)
Romain Manni-Bucau
[ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases Romain Manni-Bucau (Mar 15)
rotem kerner
Remote Code Execution in DVR affecting over 70 different vendors rotem kerner (Mar 23)
rsrathoreravi
Reflected Cross-Site Scripting (XSS) Vulnerability in Litecart CMS rsrathoreravi (Mar 16)
Salvatore Bonaccorso
[SECURITY] [DSA 3501-1] perl security update Salvatore Bonaccorso (Mar 01)
[SECURITY] [DSA 3514-1] samba security update Salvatore Bonaccorso (Mar 14)
[SECURITY] [DSA 3503-1] linux security update Salvatore Bonaccorso (Mar 03)
[SECURITY] [DSA 3525-1] pixman security update Salvatore Bonaccorso (Mar 22)
[SECURITY] [DSA 3522-1] squid3 security update Salvatore Bonaccorso (Mar 20)
[SECURITY] [DSA 3534-1] dhcpcd security update Salvatore Bonaccorso (Mar 29)
[SECURITY] [DSA 3532-1] quagga security update Salvatore Bonaccorso (Mar 27)
[SECURITY] [DSA 3426-2] ctdb regression update Salvatore Bonaccorso (Mar 03)
[SECURITY] [DSA 3508-1] jasper security update Salvatore Bonaccorso (Mar 06)
[SECURITY] [DSA 3512-1] libotr security update Salvatore Bonaccorso (Mar 13)
[SECURITY] [DSA 3533-1] openvswitch security update Salvatore Bonaccorso (Mar 28)
[SECURITY] [DSA 3521-1] git security update Salvatore Bonaccorso (Mar 20)
Sebastian Perez
Thomson TWG850 Wireless Router Multiple Vulnerabilities Sebastian Perez (Mar 08)
Sebastien Delafond
[SECURITY] [DSA 3526-1] libmatroska security update Sebastien Delafond (Mar 23)
[SECURITY] [DSA 3527-1] inspircd security update Sebastien Delafond (Mar 24)
[SECURITY] [DSA 3528-1] pidgin-otr security update Sebastien Delafond (Mar 23)
[SECURITY] [DSA 3518-1] spip security update Sebastien Delafond (Mar 16)
[SECURITY] [DSA 3536-1] libstruts1.2-java security update Sebastien Delafond (Mar 31)
[SECURITY] [DSA 3504-1] bsh security update Sebastien Delafond (Mar 04)
[SECURITY] [DSA 3537-1] imlib2 security update Sebastien Delafond (Mar 31)
[SECURITY] [DSA 3538-1] libebml security update Sebastien Delafond (Mar 31)
Securify B.V.
Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 08)
Re: Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 09)
Security Alert
ESA-2016-012: EMC Documentum xCP – User Information Disclosure Vulnerability Security Alert (Mar 07)
ESA-2016-012: EMC Documentum xCP – User Information Disclosure Vulnerability Security Alert (Mar 14)
security-alert
[security bulletin] HPSBGN03563 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Local Denial of Service (DoS), Disclosure of Information security-alert (Mar 25)
[security bulletin] HPSBGN03550 rev.2 - HP Operations Manager i and BSM using Apache Flex BlazeDS, Remote Disclosure of Information security-alert (Mar 03)
[security bulletin] HPSBMU03562 rev.2 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution security-alert (Mar 25)
[security bulletin] HPSBGN03373 rev.2 - HP Release Control running TLS, Remote Disclosure of Information security-alert (Mar 14)
[security bulletin] HPSBMU03377 rev.2 - HP Release Control running RC4, Remote Disclosure of Information security-alert (Mar 14)
[security bulletin] HPSBGN03560 rev.1 - HP Operations Orchestration using Java Deserialization, Remote Arbitrary Code Execution security-alert (Mar 21)
[security bulletin] HPSBGN03558 rev.1 - ArcSight ESM and ESM Express, Remote Disclosure of Sensitive Information security-alert (Mar 16)
[security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (Mar 02)
[security bulletin] HPSBGN03444 rev.2 - HPE Network Automation, Remote Code Execution, Disclosure of Sensitive Information security-alert (Mar 29)
[security bulletin] HPSBHF03557 rev.1 - HPE Networking Products using Comware 7 (CW7) running NTP, Remote Denial of Service (DoS) security-alert (Mar 08)
[security bulletin] HPSBGN03556 rev.1 - ArcSight ESM and ESM Express, Remote Arbitrary File Download, Local Arbitrary Command Execution security-alert (Mar 15)
[security bulletin] HPSBGN03551 rev.1 - HPE Helion Development Platform using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (Mar 21)
[security bulletin] HPSBMU03562 rev.1 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution security-alert (Mar 21)
Security Explorations
[SE-2012-01] Broken security fix in Oracle Java SE 7/8/9 Security Explorations (Mar 13)
Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2016-085-02) Slackware Security Team (Mar 26)
[slackware-security] git (SSA:2016-075-01) Slackware Security Team (Mar 15)
[slackware-security] php (SSA:2016-067-01) Slackware Security Team (Mar 07)
[slackware-security] samba (SSA:2016-068-02) Slackware Security Team (Mar 08)
[slackware-security] seamonkey (SSA:2016-075-02) Slackware Security Team (Mar 15)
[slackware-security] libevent (SSA:2016-085-01) Slackware Security Team (Mar 26)
[slackware-security] mozilla-firefox (SSA:2016-077-01) Slackware Security Team (Mar 17)
[slackware-security] openssl (SSA:2016-062-02) Slackware Security Team (Mar 03)
[slackware-security] openssh (SSA:2016-070-01) Slackware Security Team (Mar 14)
[slackware-security] mozilla-nss (SSA:2016-069-02) Slackware Security Team (Mar 13)
[slackware-security] mailx (SSA:2016-062-01) Slackware Security Team (Mar 03)
[slackware-security] mozilla-firefox (SSA:2016-068-01) Slackware Security Team (Mar 08)
[slackware-security] bind (SSA:2016-069-01) Slackware Security Team (Mar 13)
[slackware-security] php (SSA:2016-062-03) Slackware Security Team (Mar 03)
Stefan Kanthak
Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing Stefan Kanthak (Mar 15)
Re: Windows Mail Find People DLL side loading vulnerability Stefan Kanthak (Mar 09)
Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 06)
Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 06)
Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 01)
Stelios Tsampas
CVE-2016-2385 Kamailio SEAS module heap buffer overflow Stelios Tsampas (Mar 30)
sven . freund
[SYSS-2016-018] innovaphone IP222 - Improper Restriction of Excessive Authentication Attempts sven . freund (Mar 24)
[SYSS-2016-017] innovaphone IP222 - Improper Input Validation sven . freund (Mar 24)
[SYSS-2016-016] innovaphone IP222 - Improper Input Validation sven . freund (Mar 24)
vdronov
Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) vdronov (Mar 15)
Re: OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences vdronov (Mar 15)
Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference vdronov (Mar 15)
Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) vdronov (Mar 15)
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) vdronov (Mar 15)
Re: OS-S 2016-08 Linux mct_u232 Nullpointer Dereference vdronov (Mar 15)
Re: OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference vdronov (Mar 15)
Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) vdronov (Mar 15)
Re: OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference vdronov (Mar 15)
Vulnerability Lab
ChitaSoft (Web-Application) - SQL Injection Vulnerability Vulnerability Lab (Mar 14)
Docker UI v0.10.0 - Multiple Persistent Vulnerabilities Vulnerability Lab (Mar 31)
WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Mar 31)
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability Vulnerability Lab (Mar 14)
Dorsa Web CMS - Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Patron Info System - SQL Injection Vulnerability Vulnerability Lab (Mar 31)
Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Vulnerability Lab (Mar 07)
Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities Vulnerability Lab (Mar 31)
Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability Vulnerability Lab (Mar 31)
Hi Technology & Services CMS - SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability Vulnerability Lab (Mar 14)
X41 D-Sec GmbH Advisories
Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" X41 D-Sec GmbH Advisories (Mar 09)
Yves-Alexis Perez
[SECURITY] [DSA 3502-1] roundup security update Yves-Alexis Perez (Mar 03)