Bugtraq: by author
142 messages
starting May 24 16 and
ending May 10 16
Date index |
Thread index |
Author index
Advisories Advisories
MSA-2016-01: PowerFolder Remote Code Execution Vulnerability Advisories Advisories (May 24)
Alessandro Ghedini
[SECURITY] [DSA 3566-1] openssl security update Alessandro Ghedini (May 03)
[SECURITY] [DSA 3577-1] jansson security update Alessandro Ghedini (May 16)
[SECURITY] [DSA 3578-1] libidn security update Alessandro Ghedini (May 16)
Andreas Lehmkuehler
[CVE-2016-2175] Apache PDFBox XML External Entity vulnerability Andreas Lehmkuehler (May 26)
andrew . hofmans
[SECURITY] Lorex ECO DVR Hard coded password andrew . hofmans (May 30)
apparitionsec
VMWare vSphere Web Client Flash XSS apparitionsec (May 25)
Apple Product Security
APPLE-SA-2016-05-16-1 tvOS 9.2.1 Apple Product Security (May 16)
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003 Apple Product Security (May 16)
APPLE-SA-2016-05-03-1 Xcode 7.3.1 Apple Product Security (May 04)
APPLE-SA-2016-05-16-2 iOS 9.3.2 Apple Product Security (May 16)
APPLE-SA-2016-05-16-6 iTunes 12.4 Apple Product Security (May 16)
APPLE-SA-2016-05-16-5 Safari 9.1.1 Apple Product Security (May 16)
APPLE-SA-2016-05-16-3 watchOS 2.2.1 Apple Product Security (May 16)
bhadresh . patel
NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities bhadresh . patel (May 03)
Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities bhadresh . patel (May 05)
Carlos Alberto Lopez Perez
WebKitGTK+ Security Advisory WSA-2016-0004 Carlos Alberto Lopez Perez (May 30)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 18)
Cisco Security Advisory: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 25)
Cisco Security Advisory: Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 04)
Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (May 04)
Cisco Security Advisory: Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 04)
Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 18)
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 Cisco Systems Product Security Incident Response Team (May 04)
Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 18)
Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 18)
Daniele Bianco
[oCERT 2016-001] Jetty path sanitization issues Daniele Bianco (May 30)
Daniel Schliebner
[CVE-2016-4945] Login Form Hijacking Vulnerability in Citrix NetScaler Gateway Daniel Schliebner (May 30)
David Black
May 2016 - HipChat Server - Critical Security Advisory David Black (May 12)
ERPScan inc
[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability ERPScan inc (May 19)
[ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet ERPScan inc (May 16)
[ERPSCAN-16-009] SAP xMII - directory traversal vulnerability ERPScan inc (May 16)
[ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability ERPScan inc (May 19)
Etnies
WSO2 SOA Enablement Server - Reflected Cross-Site Scripting Etnies (May 17)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:22.libarchive FreeBSD Security Advisories (May 31)
FreeBSD Security Advisory FreeBSD-SA-16:20.linux FreeBSD Security Advisories (May 31)
FreeBSD Security Advisory FreeBSD-SA-16:21.43bsd FreeBSD Security Advisories (May 31)
FreeBSD Security Advisory FreeBSD-SA-16:23.libarchive FreeBSD Security Advisories (May 31)
FreeBSD Security Advisory FreeBSD-SA-16:17.openssl FreeBSD Security Advisories (May 04)
FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd FreeBSD Security Advisories (May 17)
FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg FreeBSD Security Advisories (May 17)
Gergely Eberhardt
[SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast Gergely Eberhardt (May 19)
hyp3rlinx
eXtplorer v2.1.9 Archive Path Traversal hyp3rlinx (May 16)
dns_dhcp Web Interface SQL Injection hyp3rlinx (May 16)
Julien Ahrens
Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting Julien Ahrens (May 03)
[RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections Julien Ahrens (May 23)
[RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries Julien Ahrens (May 23)
Keith W
[CVE-2016-4432] Apache Qpid Java Broker - authentication bypass Keith W (May 27)
Lab I-Tracing
CVE-2016-2784: CMS Made Simple < 2.1.3 & < 1.12.2 Web server Cache Poisoning Lab I-Tracing (May 04)
Lorenz Quack
[CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability Lorenz Quack (May 27)
LpSolit
Security advisory for Bugzilla 5.0.3 and 4.4.12 LpSolit (May 16)
LSE-Advisories
LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability LSE-Advisories (May 03)
Luciano Bello
[SECURITY] [DSA 3588-1] symfony security update Luciano Bello (May 30)
[SECURITY] [DSA 3580-1] imagemagick security update Luciano Bello (May 16)
WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS mail (May 09)
mandy
TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4 mandy (May 19)
Martin Heiland
Open-Xchange Security Advisory 2016-05-25 Martin Heiland (May 25)
mehmet . ince
AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection mehmet . ince (May 23)
Michael Gilbert
[SECURITY] [DSA 3564-1] chromium-browser security update Michael Gilbert (May 02)
mohitreload
Multiple Vulnerabilities in Intex Wireless N150 Easy Setup Router mohitreload (May 30)
Moritz Muehlenhoff
[SECURITY] [DSA 3585-1] wireshark security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 3586-1] atheme-services security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 3563-1] poppler security update Moritz Muehlenhoff (May 02)
[SECURITY] [DSA 3583-1] swift-plugin-s3 security update Moritz Muehlenhoff (May 18)
[SECURITY] [DSA 3575-1] libxstream-java security update Moritz Muehlenhoff (May 12)
[SECURITY] [DSA 3576-1] icedove security update Moritz Muehlenhoff (May 13)
[SECURITY] [DSA 3571-1] ikiwiki security update Moritz Muehlenhoff (May 09)
Onur Yilmaz
BulletProof Security 53.3 - Security Advisory - Multiple XSS Vulnerabilities Onur Yilmaz (May 11)
Rahul Pratap Singh
Exploit-DB Captcha Bypass Rahul Pratap Singh (May 02)
RedTeam Pentesting GmbH
[RT-SA-2016-004] Websockify: Remote Code Execution via Buffer Overflow RedTeam Pentesting GmbH (May 31)
[RT-SA-2015-012] XML External Entity Expansion in Paessler PRTG Network Monitor RedTeam Pentesting GmbH (May 31)
[RT-SA-2016-005] Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution RedTeam Pentesting GmbH (May 31)
Saif El-Sherei
Re: ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. Saif El-Sherei (May 06)
ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. Saif El-Sherei (May 06)
Salvatore Bonaccorso
[SECURITY] [DSA 3589-1] gdk-pixbuf security update Salvatore Bonaccorso (May 30)
[SECURITY] [DSA 3572-1] websvn security update Salvatore Bonaccorso (May 09)
[SECURITY] [DSA 3562-1] tardiff security update Salvatore Bonaccorso (May 02)
[SECURITY] [DSA 3573-1] qemu security update Salvatore Bonaccorso (May 09)
[SECURITY] [DSA 3582-1] expat security update Salvatore Bonaccorso (May 17)
[SECURITY] [DSA 3568-1] libtasn1-6 security update Salvatore Bonaccorso (May 05)
[SECURITY] [DSA 3569-1] openafs security update Salvatore Bonaccorso (May 05)
[SECURITY] [DSA 3584-1] librsvg security update Salvatore Bonaccorso (May 19)
[SECURITY] [DSA 3579-1] xerces-c security update Salvatore Bonaccorso (May 16)
[SECURITY] [DSA 3574-1] libarchive security update Salvatore Bonaccorso (May 11)
[SECURITY] [DSA 3587-1] libgd2 security update Salvatore Bonaccorso (May 27)
[SECURITY] [DSA 3567-1] libpam-sshauth security update Salvatore Bonaccorso (May 04)
[SECURITY] [DSA 3570-1] mercurial security update Salvatore Bonaccorso (May 05)
[SECURITY] [DSA 3581-1] libndp security update Salvatore Bonaccorso (May 17)
Sebastien Delafond
[SECURITY] [DSA 3565-1] botan1.10 security update Sebastien Delafond (May 02)
[SECURITY] [DSA 3565-2] monotone ovito pdns qtcreator softhsm regression update Sebastien Delafond (May 11)
Security Alert
ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities Security Alert (May 02)
ESA-2016-061: EMC Isilon OneFS SMB Signing Vulnerability Security Alert (May 26)
ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities Security Alert (May 04)
security-alert
[security bulletin] HPSBST03598 rev.1 - HPE 3PAR OS using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (May 11)
[security bulletin] HPSBMU03611 rev.1 - HPE Matrix Operating Environment on Windows and Linux, Multiple Remote Vulnerabilities security-alert (May 25)
[security bulletin] HPSBST03599 rev.1 - HPE 3PAR OS running OpenSSH, Remote Denial of Service (DoS), Access Restriction Bypass security-alert (May 11)
[security bulletin] HPSBMU03591 rev.1 - HPE Server Migration Pack, Remote Denial of Service (DoS) security-alert (May 12)
[security bulletin] HPSBST03586 rev.1 - HPE 3PAR OS, Remote Unauthorized Modification security-alert (May 11)
[security bulletin] HPSBGN03587 rev.1 - HPE Helion OpenStack using OpenSSL and Open vSwitch, Remote Arbitrary Command Execution, Denial of Service (DoS), Disclosure of Information security-alert (May 17)
[security bulletin] HPSBHF03592 rev.1 - HPE VAN SDN Controller OVA using OpenSSL, Multiple Remote Vulnerabilities security-alert (May 11)
[security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS) security-alert (May 25)
[security bulletin] HPSBHF03594 rev.1 - HPE ConvergedSystem and AppSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities security-alert (May 17)
[security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities security-alert (May 25)
[security bulletin] HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS) security-alert (May 12)
[security bulletin] HPSBMU03601 rev.1 - HPE Insight Control server deployment using OpenSSL, Multiple Vulnerabilities security-alert (May 25)
[security bulletin] HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilities security-alert (May 18)
[security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution security-alert (May 02)
[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information security-alert (May 18)
[security bulletin] HPSBMU03584 rev.1 - HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities security-alert (May 05)
[security bulletin] HPSBNS03581 rev.2 - HPE NonStop Servers running Samba (NS-Samba), Multiple Remote Vulnerabilities security-alert (May 11)
[security bulletin] HPSBMU03590 rev.1 - HPE Systems Insight Manager (SIM) on Windows and Linux, Multiple Vulnerabilities security-alert (May 13)
[security bulletin] HPSBUX03574 rev.1 - HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, Unauthorized Information Disclosure security-alert (May 11)
[security bulletin] HPSBUX03596 rev.1 - HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access security-alert (May 11)
[security bulletin] HPSBGN03610 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (May 25)
[security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution security-alert (May 19)
[security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information security-alert (May 24)
[security bulletin] HPSBMU03589 rev.1 - HPE Version Control Repository Manager (VCRM), Remote Denial of Service (DoS) security-alert (May 12)
[security bulletin] HPSBUX03577 SSRT102172 rev.1 - HP-UX VxFS, Local Unauthorized Access to Files security-alert (May 09)
[security bulletin] HPSBHF03579 rev.1 - HPE ConvergedSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities security-alert (May 18)
Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2016-152-02) Slackware Security Team (May 31)
[slackware-security] imagemagick (SSA:2016-152-01) Slackware Security Team (May 31)
[slackware-security] libxml2 (SSA:2016-148-01) Slackware Security Team (May 30)
[slackware-security] libxslt (SSA:2016-148-02) Slackware Security Team (May 30)
[slackware-security] mozilla-thunderbird (SSA:2016-132-01) Slackware Security Team (May 11)
[slackware-security] imagemagick (SSA:2016-132-01) Slackware Security Team (May 11)
[slackware-security] libarchive (SSA:2016-145-01) Slackware Security Team (May 25)
[slackware-security] ntp (SSA:2016-120-01) Slackware Security Team (May 02)
[slackware-security] php (SSA:2016-120-02) Slackware Security Team (May 02)
[slackware-security] openssl (SSA:2016-124-01) Slackware Security Team (May 03)
[slackware-security] mercurial (SSA:2016-123-01) Slackware Security Team (May 02)
[slackware-security] subversion (SSA:2016-121-01) Slackware Security Team (May 02)
[slackware-security] php (SSA:2016-148-03) Slackware Security Team (May 30)
[slackware-security] curl (SSA:2016-141-01) Slackware Security Team (May 23)
support
Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution support (May 11)
Tim Allison
[CVE-2016-4434] Apache Tika XML External Entity vulnerability Tim Allison (May 26)
Timo Juhani Lindfors
CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Timo Juhani Lindfors (May 03)
U2ME236
Re: [slackware-security] imagemagick (SSA:2016-132-01) U2ME236 (May 11)
Vulnerability Lab
Notes v4.5 iOS - Arbitrary File Upload Vulnerability Vulnerability Lab (May 10)
Skype Manager - (Email Change) Filter Bypass Vulnerability Vulnerability Lab (May 10)
Trend Micro Direct Pass - Filter Bypass & Cross Site Scripting Vulnerability Vulnerability Lab (May 10)
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (May 10)
Stanford University - Multiple SQL Injection Vulnerabilities Vulnerability Lab (May 10)