Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
166 messages
starting Aug 03 15 and
ending Aug 31 15
Date index |
Thread index |
Author index
Monday, 03 August
[SECURITY] [DSA 3322-1] ruby-rack security update Salvatore Bonaccorso
Multiple XSS vulnerabilities in FortiSandbox WebUI hyp3rlinx
[SECURITY] [DSA 3323-1] icu security update Laszlo Boszormenyi
[SECURITY] [DSA 3324-1] icedove security update Alessandro Ghedini
[SECURITY] [DSA 3325-1] apache2 security update Stefan Fritsch
[SECURITY] [DSA 3326-1] ghostscript security update Salvatore Bonaccorso
Tuesday, 04 August
[SECURITY] [DSA 3327-1] squid3 security update Salvatore Bonaccorso
[SECURITY] [DSA 3328-1] wordpress security update Thijs Kinkhorst
Mozilla extensions: a security nightmare Stefan Kanthak
[SECURITY] [DSA 3328-2] wordpress regression update Thijs Kinkhorst
Wednesday, 05 August
SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network SEC Consult Vulnerability Lab
Re: [FD] Mozilla extensions: a security nightmare Stefan Kanthak
Re: [FD] Mozilla extensions: a security nightmare Ansgar Wiechers
[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information security-alert
Thursday, 06 August
Re: [FD] Mozilla extensions: a security nightmare Stefan Kanthak
Vulnerable MSVC++ runtime distributed with LibreOffice 5.0.0 for Windows Stefan Kanthak
FreeBSD Security Advisory FreeBSD-SA-15:18.bsdpatch FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:19.routed FreeBSD Security Advisories
Re: [FD] Mozilla extensions: a security nightmare Reindl Harald
Re: [FD] Mozilla extensions: a security nightmare Bruce A. Peters
Re: [FD] Mozilla extensions: a security nightmare Christoph Gruber
Re: [FD] Mozilla extensions: a security nightmare Stefan Kanthak
Re: [FD] Mozilla extensions: a security nightmare Reindl Harald
Re: [FD] Mozilla extensions: a security nightmare Andrew Deck
Re: [FD] Mozilla extensions: a security nightmare Stefan Kanthak
Re: [FD] Mozilla extensions: a security nightmare Stefan Kanthak
RE: [FD] Mozilla extensions: a security nightmare Steve Friedl
Friday, 07 August
RE: [FD] Mozilla extensions: a security nightmare Frank Waarsenburg
Re: [FD] Mozilla extensions: a security nightmare Reindl Harald
Re: [FD] Mozilla extensions: a security nightmare Jakob Holderbaum
[SECURITY] [DSA 3329-1] linux security update Salvatore Bonaccorso
Re: [FD] Mozilla extensions: a security nightmare Teddy A PURWADI
Thomson Reuters FATCA - Arbitrary File Upload jakub . palaczynski
Monday, 10 August
Ferrari - PHP CGI Argument Injection (RCE) Vulnerability Vulnerability Lab
Device Inspector v1.5 iOS - Command Inject Vulnerabilities Vulnerability Lab
QNAP crypto keys logged on unencrypted disk partition in world accessible files Andreas Steinmetz
[SECURITY] [DSA 3330-1] activemq security update Moritz Muehlenhoff
[slackware-security] mozilla-nss (SSA:2015-219-02) Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2015-219-01) Slackware Security Team
Wednesday, 12 August
[Onapsis Security Advisory 2015-010] SAP Mobile Platform DataVault Keystream Recovery Onapsis Research Labs
[Onapsis Security Advisory 2015-012] SAP Mobile Platform DataVault Predictable Encryption Password for Secure Storage Onapsis Research Labs
[Onapsis Security Advisory 2015-011] SAP Mobile Platform DataVault Predictable encryption passwords for Configuration Values Onapsis Research Labs
[SECURITY] [DSA 3334-1] gnutls28 security update Salvatore Bonaccorso
Pdf Shaper Buffer Overflow metacom27
Windows Platform Binary Table (WPBT) - BIOS PE backdoor Kevin Beaumont
bizidea Design CMS 2015Q3 - SQL Injection Vulnerability Vulnerability Lab
[SECURITY] [DSA 3333-1] iceweasel security update Moritz Muehlenhoff
PHPfileNavigator 2.3.3 Persistent & Reflected XSS apparitionsec
BFS-SA-2015-001: Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability Blue Frost Security Research Lab
phpipam-1.1.010 XSS Vulnerability apparitionsec
PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users apparitionsec
phpipam-1.1.010 XSS Vulnerability apparitionsec
[CVE-2015-4624] Predictable CSRF tokens in WiFi Pineapple firmware <= 2.3.0 Ken
[SECURITY] [DSA 3332-1] wordpress security update Thijs Kinkhorst
Thursday, 13 August
[SECURITY] [DSA 3335-1] request-tracker4 security update Salvatore Bonaccorso
RE: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Limanovski, Dimitri
Cisco Unified Communications Manager Multiple Vulnerabilities (VP2015-001) Bernhard Mueller
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Jerome Athias
Update: Backdoor and RCE found in 8 TOTOLINK router models Pierre Kim
[security bulletin] HPSBGN03386 rev.1 - HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, Subscription Fraud Prevention, Remote Disclosure of Information, Local Disclosure of Information security-alert
[security bulletin] HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code Execution security-alert
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Stefan Kanthak
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 Apple Product Security
APPLE-SA-2015-08-13-3 iOS 8.4.1 Apple Product Security
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 Apple Product Security
APPLE-SA-2015-08-13-4 OS X Server v4.1.5 Apple Product Security
Nuance PowerPDF Advanced Metadata Information Disclosure Vulnerability (low|local) Christopher Hudel
Sunday, 16 August
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Kevin Beaumont
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Kevin Beaumont
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Kevin Beaumont
Monday, 17 August
BFS-SA-2015-002: OpenSSH PAM Privilege Separation Vulnerabilities Blue Frost Security Research Lab
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor simon
[slackware-security] mozilla-thunderbird (SSA:2015-226-02) Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2015-226-01) Slackware Security Team
vBulletin x.x.x rce "0day" Joshua Rogers
Re: PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability ahmadshafique
Re: [FD] Mozilla extensions: a security nightmare Stefan Kanthak
Re: Windows Platform Binary Table (WPBT) - BIOS PE backdoor Pedro Ribeiro
Re: [MORNINGSTAR-2009-01] Multiple security issues in Open Auto Classifieds version <= 1.5.9 li0252130467
Re: NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE 13669185678
Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco, arash . yazdanfare
Poor security in SOHO routers, again. Changing configuration parameters with a click. DonVallejo .
Oracle CSO numbers, security hygiene and fixes at the same time Security Explorations
failure notice postmaster
ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities Security Alert
ESA-2015-094: RSA Archer® GRC Multiple Cross-Site Request Forgery Vulnerabilities Security Alert
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities Security Alert
ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability Security Alert
[ERPSCAN-15-012] SAP Afaria 7 XComms – Buffer Overflow ERPScan inc
[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD – XXE ERPScan inc
Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal Securify B.V.
Insufficient certificate validation in EMC Secure Remote Services Virtual Edition Securify B.V.
sysadmin privilege in EMC Documentum Content Server andrew
[SECURITY] [DSA 3336-1] nss security update Salvatore Bonaccorso
EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) andrew
Re: [SECURITY] [DSA 3336-1] nss security update miguelmellolopes
Tuesday, 18 August
Re: Re: [SECURITY] [DSA 3336-1] nss security update rahfsk
Re: [ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD â?? XXE rahfsk
[SECURITY] [DSA 3325-2] apache2 regression update Stefan Fritsch
[SECURITY] [DSA 3337-1] gdk-pixbuf security update Moritz Muehlenhoff
[SECURITY] [DSA 3338-1] python-django security update Alessandro Ghedini
Wednesday, 19 August
FreeBSD Security Advisory FreeBSD-SA-15:20.expat FreeBSD Security Advisories
CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation Gregory Pickett
Re: Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] aabbccdd05407
Trend Micro Deep Discovery Authentication Bypass apparitionsec
Trend Micro Deep Discovery XSS apparitionsec
[SYSS-2015-041] XSS in OpenText Secure MFT adrian . vollmer
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information Asher995
RE: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information Chillman, Paul, Vodafone UK
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information paul . szabo
Re: EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) andrew
Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) andrew
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability Christofer Dutz
[security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert
Thursday, 20 August
[SECURITY] [DSA 3339-1] openjdk-6 security update Moritz Muehlenhoff
[SECURITY] [DSA 3340-1] zendframework security update Alessandro Ghedini
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information Steve Shockley
ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability Security Alert
[SECURITY] [DSA 3341-1] conntrack security update Salvatore Bonaccorso
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064) Vulnerability Lab
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability Vulnerability Lab
ChiefPDF Software v2.x - Buffer Overflow Vulnerability Vulnerability Lab
WebSolutions India Design CMS - SQL Injection Vulnerability Vulnerability Lab
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability Vulnerability Lab
UBNT Bug Bounty #3 - Persistent Filename Vulnerability Vulnerability Lab
[oCERT-2015-009] VLC arbitrary pointer dereference Andrea Barisani
[SECURITY] [DSA 3342-1] vlc security update Alessandro Ghedini
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege security-alert
Friday, 21 August
Re: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability anonymous
APPLE-SA-2015-08-20-1 QuickTime 7.7.8 Apple Product Security
Re: [SECURITY] [DSA 3325-2] apache2 regression update franzskinn
[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert
Logstash vulnerability CVE-2015-5619 Suyog Rao
Tuesday, 25 August
[security bulletin] HPSBGN03404 rev.1 - HP Service Health Reporter, Remote Unauthorized Modification security-alert
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities security-alert
[security bulletin] HPSBMU03396 rev.1 - HP Version Control Repository Manager (VCRM) on Windows and Linux, Multiple Vulnerabilities security-alert
[security bulletin] HPSBMU03413 rev.1 - HP Virtual Connect Enterprise Manager SDK, Multiple Vulnerabilities security-alert
[security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities security-alert
Wednesday, 26 August
FreeBSD Security Advisory FreeBSD-SA-15:22.openssh FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:21.amd64 FreeBSD Security Advisories
RE: [security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities M.H.P. van Diem
[SECURITY] [DSA 3343-1] twig security update Sebastien Delafond
[security bulletin] HPSBGN03414 rev.1 - HP Operations Agent, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN03415 rev.1 - HP Operations Agent Virtual Appliance, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN03399 rev.1 - HP BSM Connector (BSMC), Remote Unauthorized Modification, Disclosure of Information security-alert
[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information security-alert
CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins grajalerts . noreply
[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information security-alert
Thursday, 27 August
[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code security-alert
UAC Bypass Vulnerability on "Windows 7" in Windows Script Host vozzie
[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information security-alert
[SECURITY] [DSA 3344-1] php5 security update Sebastien Delafond
Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host Rich Pieri
Monday, 31 August
Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host kev . r
[slackware-security] mozilla-firefox (SSA:2015-241-01) Slackware Security Team
[SECURITY] [DSA 3345-1] iceweasel security update Salvatore Bonaccorso
[security bulletin] HPSBMU03416 rev.1 - HP Data Protector, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution, Unauthorized Access security-alert
[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modification, Disclosure of Information security-alert
PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability Vulnerability Lab
LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability Vulnerability Lab
Jenkins 1.626 - Cross Site Request Forgery / Code Execution smash
[SECURITY] [DSA 3346-1] drupal7 security update Alessandro Ghedini
Dogma India dogmaindia CMS - Auth Bypass Vulnerability Vulnerability Lab
[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information security-alert
[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information security-alert