Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
145 messages
starting Aug 01 14 and
ending Aug 29 14
Date index |
Thread index |
Author index
Friday, 01 August
[ MDVSA-2014:145 ] php-ZendFramework security
[ MDVSA-2014:146 ] file security
[SECURITY] [DSA 2993-1] tor security update Salvatore Bonaccorso
TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities Vulnerability Lab
[SECURITY] [DSA 2994-1] nss security update Raphael Geissert
[ MDVSA-2014:147 ] sendmail security
[ MDVSA-2014:148 ] dbus security
[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure security-alert
C++11 <regex> insecure by default submit
Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability Vulnerability Lab
Monday, 04 August
Microsoft Exchange Multiple Vulnerabilities np
[slackware-security] samba (SSA:2014-213-01) Slackware Security Team
[slackware-security] dhcpcd (SSA:2014-213-02) Slackware Security Team
[SECURITY] [DSA 2995-1] lzo2 security update Salvatore Bonaccorso
[SECURITY] [DSA 2996-1] icedove security update Moritz Muehlenhoff
ownCloud Unencrypted Private Key Exposure Senderek Web Security
Video WiFi Transfer 1.01 - Directory Traversal Vulnerability Vulnerability Lab
FreeDisk v1.01 iOS - Multiple Web Vulnerabilities Vulnerability Lab
Tuesday, 05 August
Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability Vulnerability Lab
[security bulletin] HPSBMU03083 rev.1 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information security-alert
Re: ownCloud Unencrypted Private Key Exposure Frank Stanek
CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall Portcullis Advisories
[security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information security-alert
[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] Mike Antcliffe
Apache Cordova 3.5.1 Marcel Kinard
SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director SEC Consult Vulnerability Lab
Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities mike . manzotti
Wednesday, 06 August
Re: ownCloud Unencrypted Private Key Exposure Anthony Dubuissez
RE: ownCloud Unencrypted Private Key Exposure - version (6.0.4) reported not vulnerable Choulat, Trace
CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java Georg Lukas
[SECURITY] [DSA 2997-1] reportbug security update Salvatore Bonaccorso
Re: ownCloud Unencrypted Private Key Exposure Jack Brennan
[security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege security-alert
PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability Vulnerability Lab
[ MDVSA-2014:149 ] php security
PhotoSync v2.2 iOS - Command Inject Web Vulnerability Vulnerability Lab
Thursday, 07 August
[ MDVSA-2014:150 ] tor security
nullcon CFP is open nullcon
TomatoCart v1.x (latest-stable) Multiple Vulnerabilities Kenny Mathis
Re: ownCloud Unencrypted Private Key Exposure Frank Stanek
RE: ownCloud Unencrypted Private Key Exposure Mikhail A. Utin
RE: ownCloud Unencrypted Private Key Exposure Mikhail A. Utin
Cisco Security Advisory: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[ MDVSA-2014:151 ] cups security
[ MDVSA-2014:153 ] mediawiki security
[ MDVSA-2014:154 ] readline security
[ MDVSA-2014:152 ] glibc security
[SECURITY] [DSA 2998-1] openssl security update Raphael Geissert
(CVE-2014-3501/2/3) Apache Cordova for Android - Multiple Vulnerabilities David Kaplan
[ MDVSA-2014:155 ] kernel security
(kind of) new tool: american fuzzy lop Michal Zalewski
Friday, 08 August
[ MDVSA-2014:156 ] ocsinventory security
Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities Vulnerability Lab
[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code security-alert
[security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege security-alert
Beginners error: QuickTime for Windows runs rogue program C:\Program.exe when opening associated files Stefan Kanthak
[security bulletin] HPSBUX03087 SSRT101413 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access security-alert
[WorldCIST'15]: Call for Workshops Proposals - Proceedings by Springer ML
[ MDVSA-2014:157 ] ipython security
ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability Security Alert
[ MDVSA-2014:159 ] wireshark security
[ MDVSA-2014:158 ] openssl security
[security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities security-alert
Monday, 11 August
[slackware-security] openssl (SSA:2014-220-01) Slackware Security Team
[SECURITY] [DSA 2999-1] drupal7 security update Salvatore Bonaccorso
[SECURITY] [DSA 3000-1] krb5 security update Salvatore Bonaccorso
[SECURITY] [DSA 3001-1] wordpress security update Salvatore Bonaccorso
MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend Benjamin Kaduk
[SECURITY] [DSA 3002-1] wireshark security update Moritz Muehlenhoff
[SECURITY] [DSA 3003-1] libav security update Moritz Muehlenhoff
[SECURITY] [DSA 3004-1] kde4libs security update Moritz Muehlenhoff
Tuesday, 12 August
IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) Jamie Riden
[SECURITY] [DSA 2984-2] acpi-support regression update Raphael Geissert
[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information security-alert
Apache Cordova 3.5.1: CVE-2014-3502 update Marcel Kinard
CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service Gregory Pickett
Wednesday, 13 August
BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04] security
[oCERT-2014-006] Ganeti insecure archive permission Andrea Barisani
Reflected Cross-Site Scripting (XSS) in Jamroom High-Tech Bridge Security Research
[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information security-alert
Thursday, 14 August
[security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code security-alert
APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 Apple Product Security
[SECURITY] [DSA 3005-1] gpgme1.0 security update Salvatore Bonaccorso
Monday, 18 August
Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more) Stefan Kanthak
Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs Stefan Kanthak
Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more) Stefan Kanthak
CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request tekwizz123
Outlook.com for Android fails to validate server certificates Securify B.V.
CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack Dirk-Willem van Gulik
[SECURITY] [DSA 3006-1] xen security update Moritz Muehlenhoff
Tuesday, 19 August
ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities Security Alert
ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities Security Alert
ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability Security Alert
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities Security Alert
[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability Jacopo Cappellato
ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities Security Alert
Wednesday, 20 August
[Call For Papers] RiseCON - Rosario, Argentina Info RiseCON
[security bulletin] HPSBMU03094 rev.1 - HP Connect-IT, running OpenSSL, Remote Disclosure of Information or Unauthorized Access security-alert
[security bulletin] HPSBMU03101 rev.1 - HP Asset Manager, CloudSystem Chargeback, running OpenSSL, Remote Disclosure of Information or Unauthorized Access security-alert
[security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert
[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert
[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities security-alert
ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 jackie
Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities CERT
[SECURITY] [DSA 3007-1] cacti security update Moritz Muehlenhoff
CVE-2014-5307 - Privilege Escalation in Panda Security Products Portcullis Advisories
SQL Injection Vulnerability in ArticleFR High-Tech Bridge Security Research
CVE-2014-4973 - Privilege Escalation in ESET Windows Products Portcullis Advisories
Thursday, 21 August
ArcGIS for Server Vulnerability Disclosure Romano, Christian
ToorCon 16 Call For Papers! h1kari
[SECURITY] [DSA 3008-1] php5 security update Salvatore Bonaccorso
[SECURITY] [DSA 2940-1] libstruts1.2-java security update Moritz Muehlenhoff
Friday, 22 August
[SECURITY] [DSA 3008-2] php5 regression update Salvatore Bonaccorso
[CVE-2014-5335] CSRF in Innovaphone PBX rg
CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects Herbert Duerr
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability Herbert Duerr
[SECURITY] [DSA 3009-1] python-imaging security update Moritz Muehlenhoff
[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information security-alert
DoS attacks (ICMPv6-based) resulting from IPv6 EH drops Fernando Gont
Monday, 25 August
[security bulletin] HPSBMU03079 rev.1 - HP Service Manager, Multiple Vulnerabilities security-alert
[SECURITY] [DSA 3010-1] python-django security update Salvatore Bonaccorso
[SECURITY] [DSA 3011-1] mediawiki security update Salvatore Bonaccorso
Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) Vulnerability Lab
Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) Vulnerability Lab
DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config cseye_ut
DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config cseye_ut
MEHR Automation System Arbitrary File Download Vulnerability(persian portal) cseye_ut
[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. WorldCIST
Tuesday, 26 August
[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities security-alert
ntopng 1.2.0 XSS injection using monitored network traffic Steffen Bauch
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification advisories
ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability Security Alert
Wednesday, 27 August
Encore Discovery Solution Multiple Vulnerability Disclosure Romano, Christian
Mathematica10.0.0 on Linux /tmp/MathLink vulnerability paul . szabo
Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks Fernando Gont
SaaS Marketing platform Hubspot export vulnerability ehoward
[SECURITY] [DSA 3012-1] eglibc security update Florian Weimer
Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) jackie
Thursday, 28 August
[SECURITY] [DSA 3013-1] s3ql security update Florian Weimer
[The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert Pedro Ribeiro
Aerohive Hive Manager and Hive OS Multiple Vulnerabilities Disclosure
SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting SEC Consult Vulnerability Lab
[SECURITY] [DSA 3014-1] squid3 security update Salvatore Bonaccorso
Re: SaaS Marketing platform Hubspot export vulnerability security
Friday, 29 August
Sierra Library Services Platform Multiple Vulnerability Disclosure Romano, Christian