Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
123 messages
starting Nov 14 12 and
ending Nov 23 12
Date index |
Thread index |
Author index
advisory
Multiple vulnerabilities in BabyGekko advisory (Nov 14)
Cross-Site Request Forgery (CSRF) in CMS Made Simple advisory (Nov 07)
Multiple Vulnerabilities in LibreOffice advisory (Nov 06)
SQL Injection Vulnerability in OrangeHRM advisory (Nov 06)
Multiple vulnerabilities in dotProject advisory (Nov 21)
alien DC4420
DC4420 - London DEFCON - November meet - Tuesday 20th November alien DC4420 (Nov 16)
Andrea Barisani
[oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision Andrea Barisani (Nov 26)
Apple Product Security
APPLE-SA-2012-11-01-1 iOS 6.0.1 Apple Product Security (Nov 02)
APPLE-SA-2012-11-01-2 Safari 6.0.2 Apple Product Security (Nov 02)
APPLE-SA-2012-11-29-1 Apple TV 5.1.1 Apple Product Security (Nov 30)
APPLE-SA-2012-11-07-1 QuickTime 7.7.3 Apple Product Security (Nov 08)
bingxuefenggu
VideoLAN VLC Media Player <= 2.0.4 Crash Bug bingxuefenggu (Nov 05)
Carlos Reventlov
Twitter App 5.0 vulnerable to eavesdropping Carlos Reventlov (Nov 23)
Chris S
iCompel Digital Signage risks Chris S (Nov 05)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Nov 08)
Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities Cisco Systems Product Security Incident Response Team (Nov 09)
Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Nov 01)
Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue Cisco Systems Product Security Incident Response Team (Nov 08)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Cisco Systems Product Security Incident Response Team (Nov 01)
cjlacayo
[CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air cjlacayo (Nov 15)
David Sopas
PrestaShop <= 1.5.1 Persistent XSS David Sopas (Nov 01)
DefenseCode
[DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities DefenseCode (Nov 13)
[DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities DefenseCode (Nov 26)
Derek Martin
Re: rssh security announcement Derek Martin (Nov 28)
Florian Weimer
[SECURITY] [DSA 2574-1] typo3-src security update Florian Weimer (Nov 16)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-12:06.bind FreeBSD Security Advisories (Nov 23)
FreeBSD Security Advisory FreeBSD-SA-12:08.linux FreeBSD Security Advisories (Nov 23)
FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd FreeBSD Security Advisories (Nov 23)
Henri Salo
Re: [Full-disclosure] XSS, LFI and SQL Injection Vulnerabilities in Achievo Henri Salo (Nov 02)
Jakob Lell
CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Jakob Lell (Nov 19)
Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Jakob Lell (Nov 20)
Jan Lieskovsky
Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Jan Lieskovsky (Nov 14)
Jann Horn
Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework Jann Horn (Nov 13)
Joseph Sheridan
Safend Data Protector Multiple Vulnerabilities Joseph Sheridan (Nov 29)
Forescout NAC (Network Access Control) multiple vulnerabilities Joseph Sheridan (Nov 26)
larry0
Oracle Exadata leaf switch logins larry0 (Nov 29)
Lists
SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011 Lists (Nov 30)
LpSolit
Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12 LpSolit (Nov 14)
Luciano Bello
[SECURITY] [DSA 2573-1] radsecproxy security update Luciano Bello (Nov 12)
machuanlei
[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability machuanlei (Nov 05)
marcelavbx
XSS in answer my question plugin marcelavbx (Nov 05)
Sql injection in AJAX post Search wordpress plugin marcelavbx (Nov 07)
XSS in dokeos 2.1.1 marcelavbx (Nov 01)
Matan Azugi
FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= Matan Azugi (Nov 20)
Michal Ambroz
Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Michal Ambroz (Nov 14)
n0b0d13s
[CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability n0b0d13s (Nov 02)
nauty . me04
XSS Vulnerability in Simple Slider Wordpress Plugin nauty . me04 (Nov 23)
ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL nauty . me04 (Nov 29)
Reflective XSS in uk cookie plugin nauty . me04 (Nov 13)
Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability nauty . me04 (Nov 29)
NCC Group Research
NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL NCC Group Research (Nov 30)
NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection NCC Group Research (Nov 30)
NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection NCC Group Research (Nov 30)
NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator NCC Group Research (Nov 30)
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel NCC Group Research (Nov 30)
NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email NCC Group Research (Nov 30)
NGS000330 Technical Advisory: Squiz CMS File Path Traversal NCC Group Research (Nov 30)
NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout NCC Group Research (Nov 30)
NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection NCC Group Research (Nov 30)
NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow NCC Group Research (Nov 30)
Nico Golde
[SECURITY] [DSA 2575-1] tiff security update Nico Golde (Nov 19)
Nico Kadel-Garcia
Re: rssh security announcement Nico Kadel-Garcia (Nov 28)
osoriojr
Re: [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] osoriojr (Nov 01)
Raphael Geissert
[SECURITY] [DSA 2571-1] libproxy security update Raphael Geissert (Nov 05)
research
PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls research (Nov 05)
ReVuln
0-day vulnerabilities in Call of Duty MW3 and CryEngine 3 ReVuln (Nov 14)
roberto . paleari
Weak password encryption on Huawei products roberto . paleari (Nov 13)
roman . fiedler
OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures roman . fiedler (Nov 20)
Russ Allbery
Re: rssh security announcement Russ Allbery (Nov 28)
Re: rssh security announcement Russ Allbery (Nov 29)
SEC Consult Vulnerability Lab
SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability SEC Consult Vulnerability Lab (Nov 15)
security
[ MDVSA-2012:169 ] java-1.6.0-openjdk security (Nov 01)
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security (Nov 20)
[ MDVSA-2012:170 ] firefox security (Nov 05)
[ MDVSA-2012:173 ] firefox security (Nov 21)
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security (Nov 19)
[ MDVSA-2012:171 ] icedtea-web security (Nov 09)
[ MDVSA-2012:172 ] libproxy security (Nov 19)
[ MDVSA-2012:175 ] libssh security (Nov 29)
[ MDVSA-2012:174 ] libtiff security (Nov 22)
Security Alert
ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities Security Alert (Nov 26)
ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities Security Alert (Nov 26)
ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities Security Alert (Nov 13)
security-alert
[security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data security-alert (Nov 02)
[security bulletin] HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities security-alert (Nov 02)
[security bulletin] HPSBHF02699 SSRT100592 rev.2 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure security-alert (Nov 06)
[security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information security-alert (Nov 20)
[security bulletin] HPSBMU02815 SSRT100715 rev.4 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert (Nov 02)
Security Explorations
Re: [SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations (Nov 20)
[SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations (Nov 16)
[SE-2011-01] Additional materials released for SAT TV research Security Explorations (Nov 27)
Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2012-326-02) Slackware Security Team (Nov 22)
[slackware-security] seamonkey (SSA:2012-326-01) Slackware Security Team (Nov 22)
[slackware-security] mozilla-thunderbird (SSA:2012-326-03) Slackware Security Team (Nov 22)
Sooel Postman
Vulnerability Report on AWCM 2.2 Sooel Postman (Nov 08)
Stefan Fritsch
[SECURITY] [DSA 2579-1] apache2 security update Stefan Fritsch (Nov 30)
Stefan Kanthak
Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0 Stefan Kanthak (Nov 06)
Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client Stefan Kanthak (Nov 05)
Tavis Ormandy
multiple critical vulnerabilities in sophos products Tavis Ormandy (Nov 06)
Thijs Kinkhorst
[SECURITY] [DSA 2572-1] iceape security update Thijs Kinkhorst (Nov 05)
Tim Brown
[OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 13)
Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 13)
Medium risk security flaws in Konqueror Tim Brown (Nov 01)
Vikas N Kumar
Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework Vikas N Kumar (Nov 13)
Wisecracker 1.0 - A high performance distributed cryptanalysis framework Vikas N Kumar (Nov 06)
Vulnerability Lab
BananaDance Wiki b2.2 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 12)
Eventy CMS v1.8 Plus - Multiple Web Vulnerablities Vulnerability Lab (Nov 13)
VaM Shop v1.69 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 01)
Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites Vulnerability Lab (Nov 19)
Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Vulnerability Lab (Nov 13)
ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities Vulnerability Lab (Nov 21)
Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local) Vulnerability Lab (Nov 19)
NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 01)
PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Vulnerability Lab (Nov 01)
iDev Rentals v1.0 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 14)
Wordpress Facebook Survey v1 - SQL Injection Vulnerability Vulnerability Lab (Nov 20)
SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities Vulnerability Lab (Nov 20)
VUPEN Security Research
VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability VUPEN Security Research (Nov 26)
VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability VUPEN Security Research (Nov 30)
YGN Ethical Hacker Group
Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Nov 16)
Yves-Alexis Perez
[SECURITY] [DSA 2570-1] openoffice.org security update Yves-Alexis Perez (Nov 01)
[SECURITY] [DSA 2578-1] rssh security update Yves-Alexis Perez (Nov 28)
[SECURITY] [DSA 2576-1] trousers security update Yves-Alexis Perez (Nov 23)