173 messages
starting Mar 01 12 and
ending Mar 30 12
Date index |
Thread index |
Author index
Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004 Lists (Mar 12)
APPLE-SA-2012-03-12-1 Safari 5.1.4 Apple Product Security (Mar 12)
[SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update Moritz Muehlenhoff (Mar 12)
[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code security-alert (Mar 13)
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability [CVE-2012-1417] Narendra Shinde (Mar 13)
ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities Security_Alert (Mar 13)
Announcing Hackademic CFP B Potter (Mar 13)
PrivaWall Antivirus Office XML Format Evasion/Bypass Vulnerability moshez (Mar 13)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Cisco Systems Product Security Incident Response Team (Mar 14)
Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 14)
Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 14)
Struts2 Security Challenge Ivan Buetler (Mar 14)
Oracle Exadata Infiniband Switch default logins and world readable shadow file larry0 (Mar 14)
nginx fix for malformed HTTP responses from upstream servers security-bulletin (Mar 15)
WikyBlog 1.7.3RC2 XSS vulnerability sschurtz (Mar 15)
[SECURITY] [DSA 2433-1] iceweasel security update Moritz Muehlenhoff (Mar 16)
AST-2012-002: Remote Crash Vulnerability in Milliwatt Application Asterisk Security Team (Mar 16)
AST-2012-003: Stack Buffer Overflow in HTTP Manager Asterisk Security Team (Mar 16)
VMSA-2012-0004 VMware View privilege escalation and cross-site scripting VMware Security Team (Mar 16)
[ MDVSA-2012:029 ] pidgin security (Mar 16)
[ MDVSA-2012:030 ] systemd security (Mar 16)
[Announcement] ClubHack Mag - Call for Articles abhijeet (Mar 16)
VMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues VMware Security Team (Mar 19)
[ MDVSA-2012:031 ] firefox security (Mar 19)
Android wipe unreliable Jan Schejbal (Mar 19)
[security bulletin] HPSBPI02728 SSRT100692 rev.5 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert (Mar 19)
at32 ReverseProxy - Multiple HTTP Header Field Denial Of Service Vulnerability demonalex (Mar 19)
ESA-2012-014: RSA enVision Multiple Vulnerabilities Security_Alert (Mar 19)
Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability nospam (Mar 19)
SEC Consult SA-20120315-0 :: Multiple permanent XSS vulnerabilities in EMC Documentum eRoom SEC Consult Vulnerability Lab (Mar 19)
Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug" CXySuYg5DuKktzX (Mar 19)
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability nospam (Mar 19)
VUPEN Security Research - Adobe Flash Player "Matrix3D" Remote Memory Corruption (CVE-2012-0768) VUPEN Security Research (Mar 19)
Evasion attacks expoliting file-parsing vulnerabilities in antivirus products sumanj (Mar 19)
Aruba Networks multiple advisories: OS command injection in RAP web interface and 802.1X EAP-TLS user authentication bypass RGill (Mar 19)
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update Thijs Kinkhorst (Mar 19)
Re: [oss-security] Case YVS Image Gallery Kurt Seifried (Mar 19)
[SECURITY] [DSA 2434-1] nginx security update Luciano Bello (Mar 20)
[SECURITY] [DSA 2435-1] gnash security update Gabriele Giacone (Mar 20)
[MajorSecurity-SA-2012-014]Apple Safari on iOS 5.1 - Adressbar spoofing vulnerability david . kurz (Mar 20)
[security bulletin] HPSBMU02752 SSRT100802 rev.1 HP Insight Control Software for Linux (IC-Linux), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Mar 20)
Regarding MS12-020 Thor (Hammer of God) (Mar 20)
[ MDVSA-2012:032 ] mozilla security (Mar 20)
Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 Security (Mar 21)
Cyberoam Unified Threat Management: Insecure Password Handling Saurabh Harit (Mar 21)
Cyberoam Unified Threat Management: OS Command Execution Saurabh Harit (Mar 21)
Multiple vulnerabilities in Open Journal Systems (OJS) advisory (Mar 21)
CMSimple_XH 1.5.2 Cross-site Scripting vulnerability sschurtz (Mar 21)
[ MDVSA-2012:033 ] libpng security (Mar 21)
Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter) Irene Abezgauz (Mar 21)
[SECURITY] [DSA 2437-1] icedove security update Moritz Muehlenhoff (Mar 21)
CA20120320-01: Security Notice for CA ARCserve Backup Kotas, Kevin J (Mar 22)
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability nospam (Mar 22)
struts2 xsltResult Local code execution vulnerability voidloafer (Mar 23)
[CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter Martin Grigorov (Mar 23)
[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability Martin Grigorov (Mar 23)
Prado TJavaScript::encode() script injection vulnerability gabor . berczi (Mar 23)
'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) Mark Stanislav (Mar 23)
'phpMoneyBooks' Local File Inclusion (CVE-2012-1669) Mark Stanislav (Mar 23)
[SECURITY] [DSA 2438-1] raptor security update Moritz Muehlenhoff (Mar 23)
[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 Leif Hedstrom (Mar 23)
[SECURITY] [DSA 2439-1] libpng security update Moritz Muehlenhoff (Mar 23)
[ MDVSA-2012:034 ] libzip security (Mar 23)
[ MDVSA-2012:035 ] file security (Mar 23)
[ MDVSA-2012:036 ] libsoup security (Mar 23)
[ MDVSA-2012:037 ] cyrus-imapd security (Mar 23)
CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) VSR Advisories (Mar 27)
[SECURITY] [DSA 2440-1] libtasn1-3 security update Florian Weimer (Mar 27)
SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver Steffen Dettmer (Mar 27)
[SECURITY] [DSA 2441-1] gnutls26 security update Florian Weimer (Mar 27)
Traffic amplification via Quake 3-based servers Simon McVittie (Mar 27)
[ MDVSA-2012:038 ] openssl security (Mar 27)
Matthew1471s ASP BlogX - XSS Vulnerabilities demonalex (Mar 27)
[SECURITY] [DSA 2442-1] openarena security update Florian Weimer (Mar 27)
[SECURITY] [DSA 2443-1] linux-2.6 security update dann frazier (Mar 27)
[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip Timo Warns (Mar 27)
[ MDVSA-2012:039 ] libtasn1 security (Mar 27)
[waraxe-2012-SA#080] - Multiple Vulnerabilities in NextBBS 0.6.0 come2waraxe (Mar 27)
PcwRunAs Password Obfuscation Design Flaw otr (Mar 27)
[ MDVSA-2012:040 ] gnutls security (Mar 27)
[ MDVSA-2012:041 ] expat security (Mar 27)
[ MDVSA-2012:042 ] wireshark security (Mar 28)
[security bulletin] HPSBMU02747 SSRT100771 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache Tomcat, Remote Denial of Service (DoS) security-alert (Mar 28)
[security bulletin] HPSBMU02748 SSRT100772 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache HTTP Server, Remote Unauthorized Disclosure of Information, Unauthorized Modification, Denial of Service (DoS) security-alert (Mar 28)
[security bulletin] HPSBMU02744 SSRT100776 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information security-alert (Mar 28)
[security bulletin] HPSBUX02755 SSRT100667 rev.1 - HP-UX WBEM, Remote Unauthorized Access to Diagnostic Data security-alert (Mar 28)
[security bulletin] HPSBMU02756 SSRT100596 rev.1 - HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Mar 28)
Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Internet Key Exchange Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow nospam (Mar 28)
Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution nospam (Mar 28)
D-Link SecuriCam DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability nospam (Mar 28)
Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite Vulnerability nospam (Mar 28)
OWASP AppSec Research EU CFP/CFT OWASP AppSec EU (Mar 29)
[SECURITY] [DSA 2444-1] tryton-server security update Florian Weimer (Mar 29)
NGS00153 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Reflective XSS allowing an attacker to gain session tokens Research@NGSSecure (Mar 29)
NGS00154 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Session hijacking and bypassing client-side session timeouts Research@NGSSecure (Mar 29)
NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Any logged-in user can bypass controls to reset passwords of other administrators Research@NGSSecure (Mar 29)
NGS00156 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Active sesssion tokens of other users are disclosed within the UI Research@NGSSecure (Mar 29)
NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked Research@NGSSecure (Mar 29)
NGS00158 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Arbitrary file download is possible with a crafted URL when logged in as any user Research@NGSSecure (Mar 29)
[ MDVSA-2012:043 ] nginx security (Mar 29)
[ MDVSA-2012:044 ] cvs security (Mar 29)
Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Netsparker Advisories (Mar 29)
[waraxe-2012-SA#081] - Multiple Vulnerabilities in Coppermine 1.5.18 come2waraxe (Mar 29)
Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Research (Mar 30)
PHP 5.4/5.3 deprecated eregi() memory_limit bypass cxib (Mar 30)
[ MDVSA-2012:045 ] gnutls security (Mar 30)
Intuit Help System Protocol URL Heap Corruption and Memory Leak ds . adv . pub (Mar 30)
Intuit Help System Protocol File Retrieval ds . adv . pub (Mar 30)
VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation ds . adv . pub (Mar 30)