Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
149 messages
starting Jul 01 15 and
ending Jul 31 15
Date index |
Thread index |
Author index
Wednesday, 01 July
APPLE-SA-2015-06-30-5 QuickTime 7.7.7 Apple Product Security
[SECURITY] [DSA 3298-1] jackrabbit security update Moritz Muehlenhoff
APPLE-SA-2015-06-30-6 iTunes 12.2 Apple Product Security
Extra information for CVE-2014-4626 - EMC Documentum Content Server: authenticated user is able to elevate privileges, hijack Content Server filesystem, execute arbitrary commands by creating malicious dm_job objects andrew
Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability Vulnerability Lab
Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability Vulnerability Lab
FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability Vulnerability Lab
Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability Vulnerability Lab
Path Traversal in BlackCat CMS High-Tech Bridge Security Research
ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities Security Alert
ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities Security Alert
ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability Security Alert
Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) Pierre Kim
iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... Stefan Kanthak
Monday, 06 July
ToorCon 17 Call For Papers! h1kari
[SECURITY] [DSA 3299-1] stunnel4 security update Salvatore Bonaccorso
ipTIME n104r3 vulnerable to CSRF and XSS attacks Pierre Kim
SQL Injection in easy2map wordpress plugin v1.24 Larry W. Cashdollar
CVE-2015-3442 Authentication Bypass in Xpert.Line Version 3.0 Alessandro Zala
Ruxcon 2015 Final Call For Presentations cfp
WK UDID v1.0.1 iOS - Command Inject Vulnerability Vulnerability Lab
[SECURITY] [DSA 3300-1] iceweasel security update Moritz Muehlenhoff
Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab
Microsoft Office - OLE Packager allows code execution in all versions, with macros disabled Kevin Beaumont
Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability Federico Fazzi
Ebay Inc Magento Bug Bounty #16 - CSRF Web Vulnerability Vulnerability Lab
127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request Pierre Kim
[SECURITY] [DSA 3301-1] haproxy security update Salvatore Bonaccorso
Google Chrome Address Spoofing - Google's Opinion David Leo
phpLiteAdmin v1.1 CSRF & XSS Vulnerabilities apparitionsec
Re: Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability Reindl Harald
[CORE-2015-0012] - AirLive Multiple Products OS Command Injection CORE Advisories Team
Tuesday, 07 July
[SECURITY] [DSA 3302-1] libwmf security update Moritz Muehlenhoff
[SECURITY] [DSA 3303-1] cups-filters security update Alessandro Ghedini
[security bulletin] HPSBMU03234 rev.1 - HP Vertica Analytics Platform running SSLv3, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN03361 rev.1 - HP UCMDB, HP UCMDB Configuration Manager, HP UCMDB Browser, and HP Universal Discovery running TLS, Remote Disclosure of Information security-alert
RE: [security bulletin] HPSBGN03351 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information (UNCLASSIFIED) Patterson, Derrick A CTR (US)
[security bulletin] HPSBGN03354 rev.1 - HP Connect-IT Using RC4, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN03352 rev.2 - HP Asset Manager Using RC4, Remote Disclosure of Information security-alert
Wednesday, 08 July
FreeBSD Security Advisory FreeBSD-SA-15:11.bind FreeBSD Security Advisories
[slackware-security] mozilla-firefox (SSA:2015-188-02) Slackware Security Team
[slackware-security] cups (SSA:2015-188-01) Slackware Security Team
[slackware-security] ntp (SSA:2015-188-03) Slackware Security Team
[slackware-security] bind (SSA:2015-188-04) Slackware Security Team
Symantec EP 12.1.4013 Disabling Vulnerability apparitionsec
Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 Larry W. Cashdollar
SQL Injection in easy2map-photos wordpress plugin v1.09 Larry W. Cashdollar
Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution hdau
[security bulletin] HPSBUX03363 rev.1 - HP-UX Apache Web Server running OpenSSL, Remote Disclosure of Information security-alert
[CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection CORE Advisories Team
Friday, 10 July
[SECURITY] [DSA 3305-1] python-django security update Alessandro Ghedini
Extra information for CVE-2014-2513 - EMC Documentum Content Server: arbitrary code execution andrew
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Cisco Systems Product Security Incident Response Team
FreeBSD Security Advisory FreeBSD-SA-15:12.openssl FreeBSD Security Advisories
[slackware-security] openssl (SSA:2015-190-01) Slackware Security Team
[SECURITY] [DSA 3306-1] pdns security update Alessandro Ghedini
[SECURITY] [DSA 3307-1] pdns-recursor security update Alessandro Ghedini
NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability VMware Security Response Center
CVE-2014-7952, Android ADB backup APK injection vulnerability Imre RAD
ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability Security Alert
[security bulletin] HPSBGN03371 rev.1 - HP IceWall Products running OpenSSL, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBGN03351 rev.2 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information security-alert
Cisco Security Advisory: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products Cisco Systems Product Security Incident Response Team
[security bulletin] HPSBGN03373 rev.1 - HP Release Control running TLS, Remote Disclosure of Information security-alert
SQL Injection, Reflected XSS, Path Traversal, Function Execution in ZenPhoto 1.4.8 Tim Coen
Monday, 13 July
[slackware-security] mozilla-thunderbird (SSA:2015-192-01) Slackware Security Team
phpSQLiteCMS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS apparitionsec
[SYSS-2015-031] sysPass - SQL Injection disclosure
CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal Brian Cardinale
CFP: Passwords 2015, Dec 7-9, Cambridge, UK Per Thorsheim
Tuesday, 14 July
[CVE-2015-2862/2863 / CERT VU#919604] Kaseya VSA arbitrary file download / open redirect Pedro Ribeiro
Wednesday, 15 July
XSS vulnerability in OFBiz forms lilian_iatco
XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 Tim Coen
Cisco Security Advisory: Cisco Videoscape Delivery System Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
15 TOTOLINK router models vulnerable to multiple RCEs Pierre Kim
4 TOTOLINK router models vulnerable to CSRF and XSS attacks Pierre Kim
Backdoor credentials found in 4 TOTOLINK router models Pierre Kim
Thursday, 16 July
Backdoor and RCE found in 8 TOTOLINK router models Pierre Kim
[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure Cédric Champeau
Re: [FD] 15 TOTOLINK router models vulnerable to multiple RCEs Joshua Wright
ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability Security Alert
ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability Security Alert
Elasticsearch CVE-2015-5377 Kevin Kluge
Elasticsearch CVE-2015-5531 Kevin Kluge
SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express SEC Consult Vulnerability Lab
Friday, 17 July
Novell GroupWise 2014 WebAccess vulnerable to XSS attacks adrian . vollmer
Oracle E-Business Suite Servlet URL Redirection Vulnerability owais . md . khan
Monday, 20 July
UDID+ v2.5 iOS - Mail Command Inject Vulnerability Vulnerability Lab
FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability Vulnerability Lab
AirDroid ID - Client Side JSONP Callback Vulnerability Vulnerability Lab
[slackware-security] php (SSA:2015-198-02) Slackware Security Team
[slackware-security] httpd (SSA:2015-198-01) Slackware Security Team
[SECURITY] [DSA 3308-1] mysql-5.5 security update Salvatore Bonaccorso
[SECURITY] [DSA 3309-1] tidy security update Alessandro Ghedini
[SECURITY] [DSA 3310-1] freexl security update Moritz Muehlenhoff
[SECURITY] [DSA 3311-1] mariadb-10.0 security update Salvatore Bonaccorso
[security bulletin] HPSBUX03379 SSRT101976 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBMU03377 rev.1 - HP Release Control running RC4, Remote Disclosure of Information security-alert
Tuesday, 21 July
[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities security-alert
CVE-2015-5379: Axigen XSS vulnerability for html attachments Ioan Indreias
WorldCIST'2016 - Brazil: Call for Workshops Proposals - Best Papers published by ISI/SCI Journals Maria Lemos
Wednesday, 22 July
Logstash vulnerability CVE-2015-5378 Kevin Kluge
FreeBSD Security Advisory FreeBSD-SA-15:13.tcp FreeBSD Security Advisories
Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities apparitionsec
NetCracker Resource Management 8.0 - XSS Vulnerability jychia . sec
NetCracker Resource Management 8.0 - SQL Injection Vulnerability jychia . sec
[SECURITY] [DSA 3312-1] cacti security update Alessandro Ghedini
SQL Injection in Count Per Day WordPress Plugin High-Tech Bridge Security Research
Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin High-Tech Bridge Security Research
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] modzero
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability Security Alert
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Thursday, 23 July
[SECURITY] [DSA 3313-1] linux security update Salvatore Bonaccorso
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability Vulnerability Lab
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Qualys Security Advisory
Friday, 24 July
[SECURITY] [DSA 3314-1] typo3-src end of life Moritz Muehlenhoff
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 apparitionsec
[SECURITY] [DSA 3315-1] chromium-browser security update Michael Gilbert
Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] apparitionsec
Monday, 27 July
Hawkeye-G v3.0.1 Persistent XSS & Information Leakage apparitionsec
Integer overflow in .NET Framework System.DirectoryServices.Protocols.Utility class Securify B.V.
[SECURITY] [DSA 3316-1] openjdk-7 security update Moritz Muehlenhoff
[SECURITY] [DSA 3317-1] lxc security update Salvatore Bonaccorso
[SECURITY] [DSA 3318-1] expat security update Laszlo Boszormenyi
Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability Vulnerability Lab
Tuesday, 28 July
Another Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability Federico Fazzi
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne Samuel Lavitt - CVE-2015-0942
SEC Consult SA-20150728-0 :: McAfee Application Control Multiple Vulnerabilities SEC Consult Vulnerability Lab
[SECURITY] [DSA 3319-1] bind9 security update Salvatore Bonaccorso
Wednesday, 29 July
[security bulletin] HPSBGN03372 rev.1 - HP Business Process Monitor using RC4, Remote Disclosure of Information security-alert
FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:15.tcp FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:17.bind FreeBSD Security Advisories
[slackware-security] bind (SSA:2015-209-01) Slackware Security Team
phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability apparitionsec
[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information security-alert
Cross-Site Scripting (XSS) in qTranslate WordPress Plugin High-Tech Bridge Security Research
[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information security-alert
Thursday, 30 July
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] FreeBSD Security Advisories
Dell Netvault Backup Remote Denial of Service epoide
Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 3320-1] openafs security update Sebastien Delafond
viagra generic singapore info
Friday, 31 July
[SECURITY] [DSA 3321-1] xmltooling security update Alessandro Ghedini
HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators roberto
phpFileManager 0.9.8 Remote Command Execution hyp3rlinx