oss-sec: by thread
658 messages
starting Jul 01 15 and
ending Sep 30 15
Date index |
Thread index |
Author index
- Re: Google Chrome Address Spoofing (Request For Comment) 0pc0deFR (Jul 01)
- <Possible follow-ups>
- Re: Google Chrome Address Spoofing (Request For Comment) Big Whale (Jul 01)
- Re: Google Chrome Address Spoofing (Request For Comment) Valentinas Bakaitis (Jul 01)
- Re: [FD] Google Chrome Address Spoofing (Request For Comment) Big Whale (Jul 02)
- Re: Re: [FD] Google Chrome Address Spoofing (Request For Comment) Tim Brown (Jul 02)
- Re: [FD] Google Chrome Address Spoofing (Request For Comment) Big Whale (Jul 02)
- RE: Google Chrome Address Spoofing (Request For Comment) Zak Siddiqui (Jul 01)
- Re: Google Chrome Address Spoofing (Request For Comment) David Leo (Jul 01)
- Re: [FD] Google Chrome Address Spoofing (Request For Comment) Roney Gomes (Jul 01)
- <Possible follow-ups>
- Re: [FD] Google Chrome Address Spoofing (Request For Comment) Mustafa Al-Bassam (Jul 02)
- Re: [FD] Google Chrome Address Spoofing (Request For Comment) Daniel Wood (Jul 02)
- Re: Re: [FD] Google Chrome Address Spoofing (Request For Comment) anidear (Jul 02)
- CVE request: persistent XSS in Wordpress Plugin NewStatPress v.1.0.3 Responsive Disclosure | HSASec (Jul 01)
- Re: CVE request: persistent XSS in Wordpress Plugin NewStatPress v.1.0.3 Seaman, Chad (Jul 01)
- CVE Request: two security issues in openSSH 6.9 Andreas Stieger (Jul 01)
- Re: CVE Request: two security issues in openSSH 6.9 cve-assign (Jul 01)
- Re: CVE Request: UDP checksum DoS cve-assign (Jul 01)
- Re: CVE Request: UDP checksum DoS Ben Hutchings (Jul 05)
- Re: CVE Request: UDP checksum DoS cve-assign (Jul 06)
- Re: Re: CVE Request: UDP checksum DoS Gsunde Orangen (Jul 10)
- Re: CVE Request: UDP checksum DoS cve-assign (Jul 06)
- Re: CVE Request: UDP checksum DoS Ben Hutchings (Jul 05)
- CVE- Request for Wordpress Plugin Simple Ads Manager: DoS without authentication Responsive Disclosure | HSASec (Jul 02)
- SQL Injection in easy2map wordpress plugin v1.24 Larry W. Cashdollar (Jul 02)
- Re: CVE-2015-3258 CVE-2015-3279 cups-filters Stefan Cornelius (Jul 03)
- Re: CVE-2015-3258 CVE-2015-3279 cups-filters Salvatore Bonaccorso (Jul 03)
- Re: CVE-2015-3258 CVE-2015-3279 cups-filters Tim Waugh (Jul 03)
- Re: CVE-2015-3258 CVE-2015-3279 cups-filters Salvatore Bonaccorso (Jul 03)
- Re: CVE-2015-3258 CVE-2015-3279 cups-filters Tim Waugh (Jul 03)
- Re: CVE-2015-3258 CVE-2015-3279 cups-filters Salvatore Bonaccorso (Jul 03)
- Waiting Mitre response: AMD Bulldozer, Linux ASLR mmap and Offset2lib Hector Marco-Gisbert (Jul 03)
- CVE Request: GetSimple CMS: Multiple Stored XSS Anirudh Anand (Jul 03)
- Newsletter Plugin for WordPress Unvalidated Redirects and Forwards URL Vulnerability - CVE Request Ryan King (Jul 03)
- Follow-up on Exploiting "BadIRET" vulnerability (CVE-2014-9322) Adam Zabrocki (Jul 04)
- Re: Follow-up on Exploiting "BadIRET" vulnerability (CVE-2014-9322) Andy Lutomirski (Jul 08)
- please REJECT CVE-2015-3199 Kurt Seifried (Jul 04)
- Re: please REJECT CVE-2015-3199 cve-assign (Jul 04)
- CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131) Pere Orga (Jul 04)
- node.js out of band write Mark Felder (Jul 05)
- Re: node.js out of band write Florian Weimer (Jul 06)
- Re: node.js out of band write Mark Felder (Jul 06)
- Re: node.js out of band write Luca Bruno (Jul 07)
- Re: node.js out of band write cve-assign (Jul 09)
- Re: node.js out of band write Florian Weimer (Jul 06)
- CVE Request - Open Redirect Vulnerability in StageShow Wordpress Plugin v5.0.8 Nitin Venkatesh (Jul 05)
- Google Chrome Address Spoofing - Google's Opinion David Leo (Jul 05)
- Out-of-bounds read in wget and curl using CVE-2015-2059 Gustavo Grieco (Jul 06)
- Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g Stefan Cornelius (Jul 06)
- Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g a . furieri (Jul 06)
- Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g Stefan Cornelius (Jul 06)
- Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g Stefan Cornelius (Jul 30)
- Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g a . furieri (Jul 06)
- Squid HTTP proxy CVE request Amos Jeffries (Jul 06)
- Re: Squid HTTP proxy CVE request Amos Jeffries (Jul 08)
- Re: Squid HTTP proxy CVE request Reed Black (Jul 09)
- Re: Squid HTTP proxy CVE request Amos Jeffries (Jul 09)
- Re: Squid HTTP proxy CVE request Amos Jeffries (Jul 14)
- Re: Squid HTTP proxy CVE request Mark Felder (Jul 17)
- Re: Squid HTTP proxy CVE request cve-assign (Jul 17)
- Re: Re: Squid HTTP proxy CVE request Amos Jeffries (Jul 17)
- Re: Squid HTTP proxy CVE request cve-assign (Jul 17)
- CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 Andreas Stieger (Jul 06)
- Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 cve-assign (Jul 06)
- Re: Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 Andreas Stieger (Jul 07)
- Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 cve-assign (Jul 06)
- TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow jean-marie.bourbon () armaturetech com (Jul 06)
- Re: TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow Adam D. Barratt (Jul 06)
- Re: TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow Simon McVittie (Jul 06)
- Re: TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow Jann Horn (Jul 09)
- How serious is undefined behavior? Hanno Böck (Jul 06)
- Re: How serious is undefined behavior? John Haxby (Jul 06)
- Re: How serious is undefined behavior? Daniel Micay (Jul 06)
- Re: How serious is undefined behavior? Solar Designer (Jul 06)
- Re: How serious is undefined behavior? Alexander Cherepanov (Jul 09)
- Re: How serious is undefined behavior? Solar Designer (Jul 12)
- Re: How serious is undefined behavior? Alexander Cherepanov (Jul 13)
- Re: How serious is undefined behavior? Xi Wang (Jul 13)
- Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 Larry W. Cashdollar (Jul 06)
- Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0 Larry W. Cashdollar (Jul 06)
- Re: Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0 cve-assign (Jul 10)
- [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Emmanuel Lecharny (Jul 07)
- Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Moritz Muehlenhoff (Jul 07)
- Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Yann Ylavic (Jul 07)
- Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Moritz Muehlenhoff (Jul 07)
- Follow up: PowerDNS Security Advisory 2015-01 Pieter Lexis (Jul 07)
- Re: Follow up: PowerDNS Security Advisory 2015-01 Alessandro Ghedini (Jul 07)
- Re: Follow up: PowerDNS Security Advisory 2015-01 cve-assign (Jul 10)
- Xen Security Advisory 137 (CVE-2015-3259) - xl command line config handling stack overflow Xen . org security team (Jul 07)
- CVE Request for sogO Open Source Groupware (www.sogo.nu) Stefan Castille (Jul 07)
- CVE request CSRF in sogo Stefan Castille (Jul 07)
- Re: CVE request CSRF in sogo cve-assign (Jul 10)
- CVE-2015-3281 HAProxy information leak vulnerability Solar Designer (Jul 07)
- Remote file download vulnerability in Wordpress Plugin wp-swimteam v1.44.10777 Larry W. Cashdollar (Jul 08)
- SQL Injection in easy2map-photos wordpress plugin v1.09 Larry W. Cashdollar (Jul 08)
- hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation Jouni Malinen (Jul 08)
- Re: hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation Moritz Muehlenhoff (Aug 16)
- [ANNOUNCE] Django security releases issued (1.4.21, 1.7.9, and 1.8.3) Tim Graham (Jul 08)
- Re: CVE request: pure-ftpd denial of service in glob_() Vasyl Kaigorodov (Jul 09)
- CVE request: XEE in ruby gem ruby-saml <1.0.0 Reed Loden (Jul 09)
- Re: CVE request: XEE in ruby gem ruby-saml <1.0.0 Reed Loden (Aug 02)
- CVE request: Command injection in ruby gem ruby-saml <1.0.0 Reed Loden (Jul 09)
- Re: CVE request: Command injection in ruby gem ruby-saml <1.0.0 Reed Loden (Aug 02)
- Remote file download vulnerability in ibs-Mappro v0.6 Wordpress plugin Larry W. Cashdollar (Jul 09)
- <Possible follow-ups>
- Remote file download vulnerability in ibs-Mappro v0.6 Wordpress plugin Larry W. Cashdollar (Jul 09)
- Re: Remote file download vulnerability in ibs-Mappro v0.6 Wordpress plugin cve-assign (Jul 10)
- OpenSSL CVE-2015-1793 tester (alt.chain.fail) mancha (Jul 09)
- Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Fernando Muñoz (Jul 10)
- Re: Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Mark Felder (Jul 12)
- <Possible follow-ups>
- Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow cve-assign (Jul 13)
- Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Alessandro Ghedini (Jul 13)
- Re: Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Alessandro Ghedini (Jul 13)
- Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Fernando Muñoz (Jul 13)
- Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Alessandro Ghedini (Jul 13)
- Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow cve-assign (Jul 14)
- CVE Request - Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5 Nitin Venkatesh (Jul 10)
- The Census Project (CII) Luca Carettoni (Jul 11)
- Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 Larry W. Cashdollar (Jul 12)
- Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 cve-assign (Jul 20)
- Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 Larry W. Cashdollar (Jul 26)
- Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 cve-assign (Jul 20)
- CVE request: IPython CSRF validation Kyle Kelley (Jul 12)
- Re: CVE request: IPython CSRF validation cve-assign (Jul 21)
- Re: CVE request: IPython CSRF validation Kyle Kelley (Jul 21)
- Re: CVE request: IPython CSRF validation cve-assign (Jul 21)
- moodle security announcements Marina Glancy (Jul 12)
- Retroactive CVE request for Ruby 1.9.2-p330 Tony Arcieri (Jul 13)
- Re: Retroactive CVE request for Ruby 1.9.2-p330 cve-assign (Jul 13)
- Remote file download vulnerability in Wordpress Plugin image-export v1.1 Larry W. Cashdollar (Jul 13)
- Re: Remote file download vulnerability in Wordpress Plugin image-export v1.1 cve-assign (Jul 20)
- CVE request: ansible zone/chroot/jail escape Martin Carpenter (Jul 14)
- Re: CVE request: ansible zone/chroot/jail escape cve-assign (Aug 17)
- [CVE-2015-3908] Improper TLS Certificate Validation in Ansible Cory Benfield (Jul 14)
- CVE Request: SQLite array overrun in the skip-scan optimization Marc Deslauriers (Jul 14)
- Re: CVE Request: SQLite array overrun in the skip-scan optimization cve-assign (Jul 15)
- CVE Request: AWS s2n Markus Vervier (Jul 14)
- Re: CVE Request: AWS s2n Kurt Seifried (Jul 14)
- Re: CVE Request: AWS s2n Markus Vervier (Jul 14)
- Re: CVE Request: AWS s2n Kurt Seifried (Jul 14)
- Re: CVE Request: AWS s2n Anthony Liguori (Jul 16)
- Re: CVE Request: AWS s2n MacCarthaigh, Colm (Jul 16)
- Re: CVE Request: AWS s2n Markus Vervier (Jul 22)
- Re: CVE Request: AWS s2n Markus Vervier (Jul 14)
- Re: CVE Request: AWS s2n Kurt Seifried (Jul 14)
- siege: off-by-one in load_conf() Agostino Sarubbo (Jul 14)
- Re: siege: off-by-one in load_conf() Seth Arnold (Jul 14)
- Re: siege: off-by-one in load_conf() Agostino Sarubbo (Jul 14)
- Re: siege: off-by-one in load_conf() Jason A. Donenfeld (Jul 20)
- Re: siege: off-by-one in load_conf() Agostino Sarubbo (Jul 14)
- Re: siege: off-by-one in load_conf() Seth Arnold (Jul 14)
- Remote file download vulnerability in recent-backups v0.7 wordpress plugin Larry W. Cashdollar (Jul 14)
- CVE Request: kmail: Attachments are not encrypted when "automatic encryption" is selected Salvatore Bonaccorso (Jul 15)
- CVE Request - Arbitrary File Download vulnerability in WP Attachment Export Wordpress Plugin v0.2.3 Nitin Venkatesh (Jul 15)
- CVE Request: use after free in PHP 5.6 and 7 (possibly others) Brian Carpenter (Jul 15)
- Re: CVE Request: use after free in PHP 5.6 and 7 (possibly others) Mark Felder (Jul 16)
- [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure Cédric Champeau (Jul 16)
- libav: divide-by-zero in ff_h263_decode_mba() Agostino Sarubbo (Jul 16)
- Re: libav: divide-by-zero in ff_h263_decode_mba() Mark Felder (Jul 16)
- Re: libav: divide-by-zero in ff_h263_decode_mba() Agostino Sarubbo (Jul 16)
- Re: libav: divide-by-zero in ff_h263_decode_mba() Mark Felder (Jul 16)
- CVE request: Zenphoto before 1.4.9 multiple vulnerabilities Henri Salo (Jul 16)
- Re: CVE request: Zenphoto before 1.4.9 multiple vulnerabilities cve-assign (Jul 18)
- CVE request: WordPress plugin sp-client-document-manager Blind SQL Injection Henri Salo (Jul 16)
- Remote file upload vulnerability in mailcwp v1.99 wordpress plugin Larry W. Cashdollar (Jul 16)
- Re: Remote file upload vulnerability in mailcwp v1.99 wordpress plugin Larry W. Cashdollar (Jul 16)
- Re: ezmlm warning Grant Ridder (Jul 16)
- Re: Re: ezmlm warning Reed Loden (Jul 16)
- Re: Re: ezmlm warning Florian Weimer (Jul 16)
- Re: Re: ezmlm warning Reed Loden (Jul 16)
- Re: Re: ezmlm warning Florian Weimer (Jul 17)
- Re: Re: ezmlm warning Solar Designer (Jul 18)
- Re: Re: ezmlm warning Florian Weimer (Jul 16)
- Re: ezmlm warning Solar Designer (Jul 16)
- Re: Re: ezmlm warning Reed Loden (Jul 16)
- Remote file upload vulnerability in fast-image-adder v1.1 Wordpress plugin Larry W. Cashdollar (Jul 16)
- CVE request: php - segmentation fault in Phar::convertToData; buffer overflow in phar_fix_filepath; Vasyl Kaigorodov (Jul 17)
- Re: CVE Request: Graphviz format string vuln Tomas Hoger (Jul 17)
- CVE Request: gdk-pixbuf heap overflow and DoS Gustavo Grieco (Jul 17)
- Re: CVE Request: gdk-pixbuf heap overflow and DoS Huzaifa Sidhpurwala (Aug 13)
- CVE-2014-8873 was fixed in DSA-3235-1 Florian Weimer (Jul 18)
- CVE Request: cacti multiple SQL injections Alessandro Ghedini (Jul 18)
- Re: CVE Request: cacti multiple SQL injections Alessandro Ghedini (Aug 05)
- Re: CVE Request: cacti multiple SQL injections Alessandro Ghedini (Sep 30)
- CVE Request - Information Exposure Vulnerability in WordPress Mobile Pack Wordpress Plugin v2.1.2 (and certain versions of v2.1.3 - prior to June 3, 2015) Nitin Venkatesh (Jul 19)
- CVE Request for OpenSSH vulnerability - authentication limits bypass king cope (Jul 21)
- Re: CVE Request for OpenSSH vulnerability - authentication limits bypass Jason A. Donenfeld (Jul 22)
- Re: CVE Request for OpenSSH vulnerability - authentication limits bypass mancha (Jul 22)
- Re: CVE Request for OpenSSH vulnerability - authentication limits bypass cve-assign (Jul 22)
- CVE Request - Cross-Site Request Forgery Vulnerability in Portfolio Plugin Wordpress Plugin v1.0 Nitin Venkatesh (Jul 21)
- CVE Request: October CMS - Stored XSS in image caption tag Abhishek J.M (Jul 21)
- Re: CVE Request: October CMS - Stored XSS in image caption tag cve-assign (Jul 22)
- Security issues in LXC (CVE-2015-1331 and CVE-2015-1334) Tyler Hicks (Jul 22)
- <Possible follow-ups>
- Re: Security issues in LXC (CVE-2015-1331 and CVE-2015-1334) Fiedler Roman (Jul 22)
- Re: Security issues in LXC (CVE-2015-1331 and CVE-2015-1334) Solar Designer (Jul 22)
- Multiple memory corruption vulnerabilities in SoX 14.4.2 Michele Spagnuolo (Jul 22)
- Re: Multiple memory corruption vulnerabilities in SoX 14.4.2 Solar Designer (Jul 22)
- Linux x86_64 NMI security issues Andy Lutomirski (Jul 22)
- Re: Linux x86_64 NMI security issues Solar Designer (Jul 22)
- Re: Linux x86_64 NMI security issues Kurt Seifried (Jul 22)
- Re: Linux x86_64 NMI security issues Petr Matousek (Jul 23)
- Re: Linux x86_64 NMI security issues Andy Lutomirski (Jul 23)
- Re: Linux x86_64 NMI security issues Petr Matousek (Jul 23)
- Re: Linux x86_64 NMI security issues Andy Lutomirski (Jul 23)
- Re: Linux x86_64 NMI security issues Josh Boyer (Jul 24)
- Re: Linux x86_64 NMI security issues Andy Lutomirski (Jul 24)
- Re: Re: Linux x86_64 NMI security issues Luis Henriques (Jul 28)
- Re: Re: Linux x86_64 NMI security issues Thomas D. (Aug 10)
- Re: Linux x86_64 NMI security issues Andy Lutomirski (Jul 24)
- Re: Linux x86_64 NMI security issues Solar Designer (Jul 29)
- Re: Linux x86_64 NMI security issues Daniel Micay (Jul 29)
- Re: Linux x86_64 NMI security issues Jason A. Donenfeld (Aug 04)
- CVE-2015-3290: Linux privilege escalation due to nested NMIs interrupting espfix64 Andy Lutomirski (Aug 04)
- Re: Linux x86_64 NMI security issues Solar Designer (Jul 22)
- CVE-2015-5158 Qemu: scsi stack buffer overflow P J P (Jul 23)
- CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw Kurt Seifried (Jul 23)
- Re: CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw Dave Chinner (Jul 29)
- CVE-2015-3228 - Ghostscript - Integer overflow William Robinet (Jul 23)
- CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability Henri Salo (Jul 23)
- Re: CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability cve-assign (Jul 23)
- Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Qualys Security Advisory (Jul 23)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon (Jul 23)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Philip Pettersson (Jul 23)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Jamie Strandboge (Jul 23)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Kurt Seifried (Jul 23)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Martino Dell'Ambrogio (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Joshua Rogers (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Brad Knowles (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon (Jul 25)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Michal Zalewski (Jul 25)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Dave Horsfall (Jul 25)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Brad Knowles (Jul 25)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Hanno Böck (Jul 26)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser mancha (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Brandon Perry (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser mancha (Jul 27)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Ankeet Presswala (Jul 27)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser z80 (Jul 29)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Solar Designer (Jul 29)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Stephan Wiesand (Jul 24)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Philip Pettersson (Jul 23)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser gremlin (Jul 26)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Solar Designer (Jul 29)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Qualys Security Advisory (Jul 31)
- <Possible follow-ups>
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Jeff Collins (Jul 27)
- Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon (Jul 23)
- CVE-2015-3208 hornetq: XXE/SSRF in XPath selector Kurt Seifried (Jul 23)
- CVE Request - Open Redirect Vulnerability in Music Store Wordpress Plugin v1.0.14 Nitin Venkatesh (Jul 25)
- CVE Request - Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite Wordpress Plugin v1.4.6 Nitin Venkatesh (Jul 25)
- Xen Security Advisory 138 (CVE-2015-5154) - QEMU heap overflow flaw while processing certain ATAPI commands. Xen . org security team (Jul 27)
- CVE request: Easy!Appointments 1.0 cross-site scripting vulnerability Henri Salo (Jul 27)
- CVE request: Easy!Appointments 1.0 Cross-Site Request Forgery and Insufficiently Protected Credentials vulnerabilities Henri Salo (Jul 27)
- CVE request: Easy!Appointments 1.0 Missing HTTPOnly flag Henri Salo (Jul 27)
- Security issue in Linux Kernel Keyring (CVE-2015-1333) Tyler Hicks (Jul 27)
- Re: Security issue in Linux Kernel Keyring (CVE-2015-1333) Tyler Hicks (Jul 28)
- CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden (Jul 28)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 cve-assign (Jul 28)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden (Jul 29)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Jan Rusnacko (Jul 28)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden (Jul 29)
- Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 cve-assign (Jul 28)
- CVE request: Linux kernel - information leak in md driver Benjamin Randazzo (Jul 28)
- Re: CVE request: Linux kernel - information leak in md driver cve-assign (Jul 29)
- CVE request: mktexlsr/texlive: insecure use of /tmp Vasyl Kaigorodov (Jul 28)
- Re: CVE request: mktexlsr/texlive: insecure use of /tmp cve-assign (Jul 29)
- [OSSA 2015-013] Glance task flow may fail to delete image from backend (CVE-2015-3289) Grant Murphy (Jul 28)
- CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes (Jul 28)
- Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign (Jul 28)
- Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes (Jul 28)
- Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign (Jul 28)
- Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes (Jul 29)
- Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign (Jul 28)
- CVE request - remind 3.1.14 and earlier - buffer overflow Dianne Skoll (Jul 28)
- Re: CVE request - remind 3.1.14 and earlier - buffer overflow cve-assign (Aug 06)
- [BIND] CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure Michael McNally (Jul 28)
- CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Jul 29)
- Re: CVE Request - Go net/http library - HTTP smuggling Florian Weimer (Jul 29)
- Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Jul 29)
- Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Aug 04)
- Re: CVE Request - Go net/http library - HTTP smuggling cve-assign (Aug 05)
- Re: Re: CVE Request - Go net/http library - HTTP smuggling Martin Prpic (Aug 06)
- Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Aug 06)
- Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Aug 10)
- Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Aug 12)
- Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Aug 12)
- Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel (Jul 29)
- Re: CVE Request - Go net/http library - HTTP smuggling Florian Weimer (Jul 29)
- CVE request: Froxlor - information leak oss-security-list (Jul 29)
- Re: CVE request: Froxlor - information leak cve-assign (Aug 07)
- [CVE Request] WP Slimstat < 4.1.6 - Referer Header XSS Sam Pizzey (Jul 29)
- Re: WP Slimstat < 4.1.6 - Referer Header XSS Henri Salo (Aug 02)
- Re: WP Slimstat < 4.1.6 - Referer Header XSS Andrew Nacin (Aug 02)
- Re: WP Slimstat < 4.1.6 - Referer Header XSS Henri Salo (Aug 02)
- Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability Stefan Cornelius (Jul 30)
- <Possible follow-ups>
- Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability cve-assign (Jul 30)
- CVE-2015-1416: vulnerability in patch(1) Adam Maris (Jul 30)
- Re: CVE-2015-1416: vulnerability in patch(1) Mark Felder (Aug 01)
- Re: CVE-2015-1416: vulnerability in patch(1) Florian Weimer (Aug 01)
- Re: CVE-2015-1416: vulnerability in patch(1) Mark Felder (Aug 01)
- Re: CVE-2015-1416: vulnerability in patch(1) cve-assign (Aug 02)
- Re: CVE-2015-1416: vulnerability in patch(1) Florian Weimer (Aug 01)
- Re: CVE-2015-1416: vulnerability in patch(1) Mark Felder (Aug 01)
- CVE Request: PHP v7 - Code execution vulnerability Fourny Dimitri (Jul 30)
- Re: CVE Request: PHP v7 - Code execution vulnerability cve-assign (Jul 30)
- Re: CVE Request: PHP v7 - Code execution vulnerability cve-assign (Aug 20)
- A new class of security vulns? Kurt Seifried (Jul 30)
- Re: A new class of security vulns? Scott Arciszewski (Jul 30)
- Re: A new class of security vulns? cve-assign (Jul 30)
- Re: A new class of security vulns? Joshua Rogers (Jul 30)
- CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer Huzaifa Sidhpurwala (Jul 30)
- CVE for crypto_get_random() from libsrtp Adam Maris (Jul 31)
- Re: CVE for crypto_get_random() from libsrtp Scott Arciszewski (Jul 31)
- Re: CVE for crypto_get_random() from libsrtp Michael Samuel (Aug 01)
- Re: CVE for crypto_get_random() from libsrtp Adam Maris (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Jeremy Stanley (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Adam Maris (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Jeremy Stanley (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Michael Samuel (Aug 20)
- Re: CVE for crypto_get_random() from libsrtp Adam Maris (Aug 11)
- Re: RE: strings /libbfd crash Tyler Hicks (Jul 31)
- CVE Request: libbfd in binutils (was: strings /libbfd crash) Tyler Hicks (Aug 12)
- CVE Request: devscripts: licensecheck: arbitrary shell command injection Salvatore Bonaccorso (Jul 31)
- Re: CVE Request: devscripts: licensecheck: arbitrary shell command injection cve-assign (Aug 01)
- CVE request: Multiple XSS and CSRF vulnerabilities in sidekiq ruby gem Reed Loden (Jul 31)
- CVE request: Use-after-free in path lookup in Linux 3.11-4.0 inclusive Ben Hutchings (Aug 01)
- CVE request: Integer overflow in SCSI generic driver in Linux <4.1 Ben Hutchings (Aug 01)
- CVE request: Multiple spree ruby gems vulnerabilities (across multiple versions) Reed Loden (Aug 02)
- Xen Security Advisory 139 (CVE-2015-5166) - Use after free in QEMU/Xen block unplug protocol Xen . org security team (Aug 03)
- Xen Security Advisory 140 (CVE-2015-5165) - QEMU leak of uninitialized heap memory in rtl8139 device model Xen . org security team (Aug 03)
- CVE Request: Information disclosure in pcre Huzaifa Sidhpurwala (Aug 03)
- Re: CVE Request: Information disclosure in pcre Huzaifa Sidhpurwala (Aug 03)
- Re: CVE Request: Information disclosure in pcre Shannon Sabens (Aug 12)
- CVE request: WordPress 4.2.3 and earlier multiple vulnerabilities Henri Salo (Aug 04)
- Re: CVE request: WordPress 4.2.3 and earlier multiple vulnerabilities cve-assign (Aug 04)
- CVE Request: PCRE Library Heap Overflow Vulnerability Guanxing Wen (Aug 05)
- Re: CVE Request: PCRE Library Heap Overflow Vulnerability Guanxing Wen (Aug 18)
- CVE Request: SuiteCRM Post-Auth Race Condition Shell Upload Remote Code Execution. Darren Martyn (Aug 05)
- CVEs fixed in Ranger 0.5 Velmurugan Periasamy (Aug 05)
- CVE-2015-5156 : virt-io max-skb-frags heap overflow. Wade Mealing (Aug 05)
- CVE request: Qemu: buffer overflow in virtio-serial P J P (Aug 06)
- Re: CVE request: Qemu: buffer overflow in virtio-serial cve-assign (Aug 06)
- CVE request - simple-php-captcha - captcha bypass vulnerability François Labrèche (Aug 09)
- Re: CVE request - simple-php-captcha - captcha bypass vulnerability Solar Designer (Aug 09)
- Re: CVE request - simple-php-captcha - captcha bypass vulnerability cve-assign (Aug 17)
- Re: CVE request - simple-php-captcha - captcha bypass vulnerability Solar Designer (Aug 17)
- CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding Martin Prpic (Aug 10)
- Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding Salvatore Bonaccorso (Aug 14)
- Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding cve-assign (Aug 17)
- Duplicate Wireshark CVEs? Martin Prpic (Aug 10)
- Re: Duplicate Wireshark CVEs? Siddharth Sharma (Aug 11)
- Re: Duplicate Wireshark CVEs? cve-assign (Aug 13)
- Re: Re: Duplicate Wireshark CVEs? Stuart Henderson (Aug 14)
- CVE Request: ippusbxd Seth Arnold (Aug 10)
- Re: CVE Request: ippusbxd cve-assign (Aug 18)
- Terminal escape sequences - the new XSS for admins? Kurt Seifried (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Daniel Kahn Gillmor (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Steve Grubb (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Stephane Chazelas (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Florian Weimer (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Andy Lutomirski (Aug 11)
- Re: Re: Terminal escape sequences - the new XSS for admins? Steve Grubb (Aug 11)
- Re: Re: Terminal escape sequences - the new XSS for admins? Robert Święcki (Aug 12)
- Re: Re: Terminal escape sequences - the new XSS for admins? Dave Horsfall (Aug 12)
- Re: Terminal escape sequences - the new XSS for admins? Steve Grubb (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski (Aug 17)
- Re: Terminal escape sequences - the new XSS for admins? Solar Designer (Aug 17)
- Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski (Aug 31)
- Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski (Aug 31)
- Re: Terminal escape sequences - the new XSS for admins? Solar Designer (Aug 17)
- Re: Terminal escape sequences - the new XSS for admins? Daniel Kahn Gillmor (Aug 11)
- CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit (Aug 11)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Adam Maris (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Adam Maris (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Solar Designer (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Solar Designer (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Solar Designer (Aug 13)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities cve-assign (Aug 21)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit (Aug 12)
- Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Adam Maris (Aug 12)
- Processor side channels using out of order execution Kurt Seifried (Aug 11)
- CVE request - Processor side channels using out of order execution sophia (Aug 12)
- Re: CVE request - Processor side channels using out of order execution Solar Designer (Aug 12)
- Re: CVE request - Processor side channels using out of order execution sophia (Aug 12)
- Re: CVE request - Processor side channels using out of order execution sophia (Aug 19)
- Re: CVE request - Processor side channels using out of order execution Kurt Seifried (Aug 19)
- Re: CVE request - Processor side channels using out of order execution sophia (Aug 19)
- Re: CVE request - Processor side channels using out of order execution Solar Designer (Aug 19)
- Re: CVE request - Processor side channels using out of order execution sophia (Aug 19)
- Re: CVE request - Processor side channels using out of order execution sophia (Aug 12)
- Re: CVE request - Processor side channels using out of order execution Solar Designer (Aug 12)
- CVE Request: ATutor LMS Version 2.2 with stored XSS and file upload issue sreepriya (Aug 12)
- Re: CVE Request: ATutor LMS Version 2.2 with stored XSS and file upload issue cve-assign (Aug 18)
- Is CVE-2015-4650 a duplicate, leak, or just a typo? Florian Weimer (Aug 12)
- Re: Is CVE-2015-4650 a duplicate, leak, or just a typo? ISC Security Officer (Aug 12)
- Re: Is CVE-2015-4650 a duplicate, leak, or just a typo? Michael McNally (Aug 14)
- Re: Is CVE-2015-4650 a duplicate, leak, or just a typo? ISC Security Officer (Aug 12)
- CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10 Chris Steipp (Aug 12)
- Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10 cve-assign (Aug 27)
- CVE request - php 7 use after free 牛保龙 (Aug 12)
- CVE request for saltstack Kurt Seifried (Aug 13)
- Re: CVE request for saltstack Solar Designer (Aug 13)
- Re: CVE request for saltstack Kurt Seifried (Aug 13)
- Re: CVE request for saltstack Solar Designer (Aug 13)
- [CVE-2015-3271] Apache Tika information disclosure vulnerability David Meikle (Aug 13)
- CVE Request: Request Tracker: cross-site scripting in cryptography interface Salvatore Bonaccorso (Aug 13)
- Re: CVE Request: Request Tracker: cross-site scripting in cryptography interface cve-assign (Aug 17)
- Audit: log terminal emulator escape sequences handling CVE-2015-5186 Kurt Seifried (Aug 13)
- [OSSA 2015-014] Glance v2 API host file disclosure through qcow2 backing file (CVE-2015-5163) Tristan Cacqueray (Aug 13)
- CVE request: conntrackd denial of service with unusual network traffic Florian Weimer (Aug 14)
- Re: CVE request: conntrackd denial of service with unusual network traffic cve-assign (Aug 17)
- Alleged libstdc++ vulnerabilities Florian Weimer (Aug 14)
- Re: Alleged libstdc++ vulnerabilities Jonathan Wakely (Aug 14)
- Re: Alleged libstdc++ vulnerabilities Jonathan Wakely (Aug 14)
- Re: Alleged libstdc++ vulnerabilities Jonathan Wakely (Aug 14)
- Re: CVE request: 2 issues in inspircd Moritz Mühlenhoff (Aug 15)
- <Possible follow-ups>
- Re: CVE request: 2 issues in inspircd cve-assign (Aug 25)
- Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Gustavo Grieco (Aug 16)
- Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha (Aug 16)
- Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Raphael Geissert (Aug 17)
- Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Tomas Hoger (Aug 17)
- Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha (Aug 17)
- Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha (Aug 21)
- Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha (Aug 16)
- CVE request: UnrealIRCd crash issue if SASL is enabled Reed Loden (Aug 16)
- [ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ Dejan Bosanac (Aug 17)
- CVE-2015-5706: kernel: Use-after-free in path lookup Jan Kara (Aug 17)
- CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD Wade Mealing (Aug 17)
- Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD cve-assign (Aug 17)
- CVE request - Linux kernel - perf on ppp64 - unbounded checks in perf_callchain_user_64 denial of service. Wade Mealing (Aug 17)
- CVE Request for glusterfs: fuse check return value of setuid Siddharth Sharma (Aug 18)
- Re: CVE Request for glusterfs: fuse check return value of setuid Florian Weimer (Aug 18)
- Re: CVE Request for glusterfs: fuse check return value of setuid Siddharth Sharma (Aug 25)
- Re: CVE Request for glusterfs: fuse check return value of setuid Siddharth Sharma (Sep 02)
- Re: CVE Request for glusterfs: fuse check return value of setuid cve-assign (Sep 04)
- Re: Re: CVE Request for glusterfs: fuse check return value of setuid Seth Arnold (Sep 04)
- Re: CVE Request for glusterfs: fuse check return value of setuid cve-assign (Sep 04)
- Re: Re: CVE Request for glusterfs: fuse check return value of setuid Seth Arnold (Sep 04)
- Re: CVE Request for glusterfs: fuse check return value of setuid Florian Weimer (Aug 18)
- CVE REJECT CVE-2015-5192/CVE-2015-5193 Kurt Seifried (Aug 18)
- [ANNOUNCE] Django security releases issued (1.4.22, 1.7.10, and 1.8.4) Tim Graham (Aug 18)
- CVE Request: more php unserializing issues Marcus Meissner (Aug 19)
- Re: CVE Request: more php unserializing issues Marcus Meissner (Aug 31)
- Re: CVE Request: more php unserializing issues Marcus Meissner (Aug 31)
- Re: CVE Request: more php unserializing issues cve-assign (Sep 08)
- CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability Christofer Dutz (Aug 19)
- CVE REJECT noise Solar Designer (Aug 19)
- Re: CVE REJECT noise Kurt Seifried (Aug 19)
- Re: CVE REJECT noise Solar Designer (Aug 19)
- Re: CVE REJECT noise Reed Loden (Aug 19)
- Re: CVE REJECT noise P J P (Aug 20)
- Re: CVE REJECT noise Solar Designer (Aug 19)
- Re: CVE REJECT noise David Walser (Aug 19)
- Re: CVE REJECT noise Kurt Seifried (Aug 19)
- CVE request: libgpf: use-after-free vulnerability in Decoder.cpp Pengsu Cheng (Aug 19)
- Re: CVE request: libgpf: use-after-free vulnerability in Decoder.cpp cve-assign (Aug 25)
- [oCERT-2015-009] VLC arbitrary pointer dereference Andrea Barisani (Aug 20)
- Re: [oCERT-2015-009] VLC arbitrary pointer dereference Alessandro Ghedini (Aug 20)
- <Possible follow-ups>
- Re: [oCERT-2015-009] VLC arbitrary pointer dereference Loren (Aug 20)
- Use-after-free (and double-free) in Jasper JPEG-200 (CVE-2015-5221) FEIST Josselin (Aug 20)
- CVE-2015-5185 sblim-sfcb: lookupProviders() null pointer dereference Kurt Seifried (Aug 20)
- CVE Request: twig remote code execution Alessandro Ghedini (Aug 21)
- Re: CVE Request: twig remote code execution Alessandro Ghedini (Sep 30)
- CVEs requests for Drupal Core (SA-CORE-2015-003) Pere Orga (Aug 21)
- Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Salvatore Bonaccorso (Aug 26)
- Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Pere Orga (Aug 27)
- Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Salvatore Bonaccorso (Aug 26)
- CVE-2015-5225 Qemu: ui: vnc: heap memory corruption issue P J P (Aug 21)
- CVE Request Blind SQL Injection in wordpress plugin dukapress v2.5.9 Larry W Cashdollar (Aug 22)
- Re: CVE Request Blind SQL Injection in wordpress plugin dukapress v2.5.9 Larry Cashdollar (Sep 06)
- CVE Request: PCRE Library Heap Overflow in compile_regex() Guanxing Wen (Aug 23)
- SEH Local buffer overflow vulnerability Arjun Basnet (Aug 24)
- CVE-2015-5224 login-utils: file name collision due to incorrect mkstemp use Qualys Security Advisory (Aug 24)
- CVE request: uglify-js node.js module <2.4.24 incorrectly handles non-boolean comparisons during minification Reed Loden (Aug 24)
- CVE Request: Linux x86_64 NT flag issue Andy Lutomirski (Aug 24)
- Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel cve-assign (Aug 24)
- Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel Andy Lutomirski (Aug 29)
- Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel cve-assign (Sep 14)
- Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel Andy Lutomirski (Aug 29)
- Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel cve-assign (Aug 24)
- Several low impact ntp.org ntpd issues Florian Weimer (Aug 25)
- Re: Several low impact ntp.org ntpd issues Mark Felder (Aug 25)
- Re: Several low impact ntp.org ntpd issues Noel Kuntze (Aug 25)
- Re: Several low impact ntp.org ntpd issues Mark Felder (Aug 25)
- CVE-2015-5228 & CVE-2015-5231 in the criu service daemon Florian Weimer (Aug 25)
- [OSSA 2015-015] Nova instance migration process does not stop when instance is deleted (CVE-2015-3241) Tristan Cacqueray (Aug 25)
- CVE Request : Serenity Media Player Buffer Overflow Dis close (Aug 26)
- Re: CVE Request : Serenity Media Player Buffer Overflow cve-assign (Aug 26)
- Re: CVE Request : Serenity Media Player Buffer Overflow Dis close (Aug 27)
- Re: CVE Request : Serenity Media Player Buffer Overflow cve-assign (Aug 26)
- New security vulnerability for Apache CXF Fediz - CVE-2015-5175 Colm O hEigeartaigh (Aug 26)
- [OSSA 2015-016] Information leak via Swift tempurls (CVE-2015-5223) Tristan Cacqueray (Aug 26)
- Multiple memory corruptions caused by uninitialized values in JasPer 1.900 Gustavo Grieco (Aug 26)
- CVE-2015-5237: Integer overflow in protobuf serialization (currently minor) Florian Weimer (Aug 27)
- CVE-2014-8177 gluster-swift metadata constraints are not correctly enforced Siddharth Sharma (Aug 27)
- CVE-2015-0852 [FreeImage] Integer overflow in PluginPCX.cpp pcheng pcheng (Aug 27)
- CVE request: XSS vulnerability in jsoup related to incomplete tags at EOF Florian Weimer (Aug 28)
- Re: CVE request: XSS vulnerability in jsoup related to incomplete tags at EOF cve-assign (Aug 28)
- CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close (Aug 28)
- Re: CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close (Sep 01)
- Re: CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close (Sep 01)
- Re: CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close (Sep 01)
- CVE request: vorbis-tools: buffer overflow in aiff_open() pcheng pcheng (Aug 28)
- Re: CVE request: vorbis-tools: buffer overflow in aiff_open() cve-assign (Aug 30)
- KnowledgeTree OSS 3.0.3b Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug Jing Wang (Aug 30)
- Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug Jing Wang (Aug 30)
- Out of bounds read using malformed tar archive in GNU Tar and BSD Tar Gustavo Grieco (Aug 31)
- Re: Out of bounds read using malformed tar archive in GNU Tar and BSD Tar Hanno Böck (Aug 31)
- CVE request: screen stack overflow (deep recursion) Florian Weimer (Aug 31)
- Re: CVE request: screen stack overflow (deep recursion) cve-assign (Sep 02)
- AW: Re: CVE request: screen stack overflow (deep recursion) Fiedler Roman (Sep 02)
- Re: CVE request: screen stack overflow (deep recursion) Solar Designer (Sep 02)
- Re: CVE request: screen stack overflow (deep recursion) Solar Designer (Sep 03)
- Re: CVE request: screen stack overflow (deep recursion) Kuang-che Wu (Sep 03)
- AW: Re: CVE request: screen stack overflow (deep recursion) Fiedler Roman (Sep 02)
- Re: CVE request: screen stack overflow (deep recursion) cve-assign (Sep 02)
- CSRF to RCE in Jenkins Nicolas Grégoire (Sep 01)
- Xen Security Advisory 141 (CVE-2015-6654) - printk is not rate-limited in xenmem_add_to_physmap_one Xen . org security team (Sep 01)
- [OSSA 2015-017] Nova may fail to delete images in resize state (CVE-2015-3280) Tristan Cacqueray (Sep 01)
- CVE REJECT CVE-2015-3287 Kurt Seifried (Sep 01)
- Re: CVE REJECT CVE-2015-3287 cve-assign (Sep 01)
- CVE Request : CSRF in IPython/Jupyter notebook Tree. Matthias Bussonnier (Sep 02)
- Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. Juan Broullón (Sep 02)
- Message not available
- Message not available
- Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. Kyle Kelley (Sep 09)
- Message not available
- Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. Juan Broullón (Sep 02)
- Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. cve-assign (Sep 14)
- Re: CVE-2015-5239 Qemu: vnc infinite loop issue Kurt Seifried (Sep 02)
- Re: CVE-2015-5239 Qemu: vnc infinite loop issue Julien Cristau (Sep 02)
- Re: CVE-2015-5239 Qemu: vnc infinite loop issue P J P (Sep 02)
- Re: CVE-2015-5239 Qemu: vnc infinite loop issue Julien Cristau (Sep 02)
- Re: Two new vulnerabilities in BIND: CVE-2015-5722 and CVE-2015-5986 are now public Florian Weimer (Sep 03)
- Re: Two new vulnerabilities in BIND: CVE-2015-5722 and CVE-2015-5986 are now public Mark Andrews (Sep 03)
- Re: CVE request: Ganglia-web auth bypass cve-assign (Sep 05)
- Re: CVE request: Ganglia-web auth bypass Raphael Geissert (Sep 07)
- Re: CVE Request Qemu: net: e1000 infinite loop issue cve-assign (Sep 05)
- Re: CVE Request Qemu: net: e1000 infinite loop issue Qinghao Tang (Sep 05)
- Re: Re: CVE Request Qemu: net: e1000 infinite loop issue Huzaifa Sidhpurwala (Sep 06)
- Re: Re: CVE Request Qemu: net: e1000 infinite loop issue Qinghao Tang (Sep 07)
- Re: Re: CVE Request Qemu: net: e1000 infinite loop issue Huzaifa Sidhpurwala (Sep 07)
- Re: CVE Request Qemu: net: e1000 infinite loop issue Qinghao Tang (Sep 05)
- Re: Some Wordpress Plugin Stuff cve-assign (Sep 06)
- Re: CVE Request: TOTP Replay Attack in Ruby library "devise-two-factor" Justin Bull (Sep 16)
- Re: CVE Request: TOTP Replay Attack in Ruby library "devise-two-factor" cve-assign (Sep 17)
- Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Hanno Böck (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Mark Felder (Sep 17)
- Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius (Sep 21)
- Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 15)
- Re: CVE Request: PHP remote exploits (even more) cve-assign (Sep 08)
- Re: nss: SSL_ImplementedCiphers ABI incompatibility may lead to incorrect cipher suites cve-assign (Sep 07)
- Re: nss: SSL_ImplementedCiphers ABI incompatibility may lead to incorrect cipher suites Florian Weimer (Sep 09)
- Re: CVE request for wget Victor Pereira (Sep 09)
- Re: CVE request for wget Andreas Stieger (Sep 09)
- Re: CVE request for wget Austin English (Sep 24)
- Re: CVE request for wget cve-assign (Sep 25)
- Re: CVE request for wget Austin English (Sep 28)
- Re: Re: CVE request for wget Andreas Stieger (Sep 29)
- Re: CVE Request: Wireshark 1.12.7 Marcus Meissner (Sep 08)
- Re: CVE Request: libgcrypt hardening for RSA-CRT leak Florian Weimer (Sep 08)
- Re: CVE request Qemu: ide: divide by zero issue cve-assign (Sep 10)
- Re: CVE request Qemu: ide: divide by zero issue Qinghao Tang (Sep 11)
- Re: CVE request Qemu: ide: divide by zero issue P J P (Sep 10)
- Re: CVE request Qemu: ide: divide by zero issue Qinghao Tang (Sep 11)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro (Sep 10)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch Salvatore Bonaccorso (Sep 21)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch cve-assign (Sep 22)
- Re: CVE Request: OpenLDAP: ber_get_next denial of service vulnerability cve-assign (Sep 11)
- Re: CVE Request: 2 FreeType issues cve-assign (Sep 25)
- Re: CVE-2015-0854: Insecure use of system() in shutter Mark Felder (Sep 17)
- Re: CVE-2015-6584: XSS in DataTables Kurt Grutzmacher (Sep 15)
- Re: CVE Request: Use-after-free in optipng 0.6.4 Mark Felder (Sep 17)
- Re: CVE Request: Use-after-free in optipng 0.6.4 Stefan Cornelius (Sep 19)
- Re: CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability Stefan Cornelius (Sep 19)
- Re: CVE Request: remote triggerable use-after-free in rpcbind cve-assign (Sep 17)
- Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson (Sep 17)
- Re: CVE Request: remote triggerable use-after-free in rpcbind Marcus Meissner (Sep 17)
- Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson (Sep 17)
- Re: CVE Request: remote triggerable use-after-free in rpcbind Marcus Meissner (Sep 17)
- Re: Re: CVE Request: remote triggerable use-after-free in rpcbind Kurt Seifried (Sep 17)
- Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson (Sep 17)
- Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson (Sep 17)
- Re: Re: CVE Request: remote triggerable use-after-free in rpcbind Olaf Kirch (Sep 18)
- Re: s/party/hack like it's 1999 Manuel Gómez (Sep 17)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 Rich Felker (Sep 19)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 David Holland (Sep 21)
- Re: s/party/hack like it's 1999 Greg KH (Sep 21)
- Re: s/party/hack like it's 1999 Florian Weimer (Sep 21)
- Re: s/party/hack like it's 1999 David Holland (Sep 26)
- Re: s/party/hack like it's 1999 Daniel Micay (Sep 26)
- Re: s/party/hack like it's 1999 Rich Felker (Sep 29)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Message not available
- Re: s/party/hack like it's 1999 up201407890 (Sep 18)
- <Possible follow-ups>
- CVE Request: Squid HTTP Proxy Denial of Service Amos Jeffries (Sep 17)
- CVE Request: Squid HTTP Proxy Denial of Service Amos Jeffries (Sep 17)
- Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. cve-assign (Sep 18)
- Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. David Black (Sep 20)
- Re: CVE request Qemu: net: virtio-net possible remote DoS cve-assign (Sep 18)
- Re: CVE Request: Plone Unauthorized user creation cve-assign (Sep 22)
- Re: CVE Request: Plone XSS cve-assign (Sep 22)
- Re: CVE Request: Plone Privilege Escalation cve-assign (Sep 22)
- Re: CVE Request: Plone header injection cve-assign (Sep 22)
- Re: CVE Request: gollum information disclosure vulnerability cve-assign (Sep 22)
- Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay (Sep 21)
- Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay (Sep 21)
- Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay (Sep 21)
- Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Florian Weimer (Sep 22)
- Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay (Sep 22)
- Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay (Sep 21)
- Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann (Sep 21)
- Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann (Sep 21)
- Re: DoS in libtiff cve-assign (Sep 22)
- Re: DoS in libtiff Gustavo Grieco (Sep 23)
- Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege cve-assign (Sep 24)
- Re: Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257 Greg KH (Sep 22)
- Re: Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257 Greg KH (Sep 23)
- Re: DoS attack through Email-Address perl module v1.907 (CVE id request) cve-assign (Sep 30)
- Re: CVE request: urlfetch range handling flaw in Cyrus IMAP Florian Weimer (Sep 30)
- Re: CVE Request: zendframework SQL injections Alessandro Ghedini (Sep 30)