Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
160 messages
starting May 20 15 and
ending May 04 15
Date index |
Thread index |
Author index
akashchavan0708
ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability akashchavan0708 (May 20)
Alessandro Ghedini
[SECURITY] [DSA 3258-1] quassel security update Alessandro Ghedini (May 12)
[SECURITY] [DSA 3247-1] ruby2.1 security update Alessandro Ghedini (May 04)
[SECURITY] [DSA 3246-1] ruby1.9.1 security update Alessandro Ghedini (May 04)
[SECURITY] [DSA 3250-1] wordpress security update Alessandro Ghedini (May 04)
[SECURITY] [DSA 3271-1] nbd security update Alessandro Ghedini (May 25)
[SECURITY] [DSA 3245-1] ruby1.8 security update Alessandro Ghedini (May 04)
[SECURITY] [DSA 3255-1] zeromq3 security update Alessandro Ghedini (May 11)
[SECURITY] [DSA 3265-2] zendframework regression update Alessandro Ghedini (May 25)
[SECURITY] [DSA 3175-2] kfreebsd-9 security update Alessandro Ghedini (May 19)
Amit Klein
Advisory: Filezilla FTP server is vulnerable to FTP PORT bounce Amit Klein (May 06)
Andrea Barisani
[oCERT-2015-006] dcraw input sanitization errors Andrea Barisani (May 11)
apparitionsec
JSPMyAdmin SQL Injection, CSRF & XSS Vulnerabilities apparitionsec (May 29)
DbNinja 3.2.6 Flash XSS Vulnerabilities apparitionsec (May 28)
Sidu 5.2 Admin XSS Vulnerability apparitionsec (May 14)
DbNinja 3.2.6 Flash XSS Vulnerabilities apparitionsec (May 28)
Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability apparitionsec (May 11)
Apple Product Security
APPLE-SA-2015-05-19-1 Watch OS 1.0.1 Apple Product Security (May 19)
APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 Apple Product Security (May 07)
Christoph Berg
[SECURITY] [DSA 3270-1] postgresql-9.4 security update Christoph Berg (May 22)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software Cisco Systems Product Security Incident Response Team (May 13)
Cisco Security Advisory: Cisco UCS Central Software Arbitrary Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (May 06)
Cisco Security Advisory: Command Injection Vulnerability in Multiple Cisco TelePresence Products Cisco Systems Product Security Incident Response Team (May 13)
CORE Advisories Team
[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities CORE Advisories Team (May 13)
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability CORE Advisories Team (May 22)
David Coomber
Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability David Coomber (May 27)
David Prévot
[SECURITY] [DSA 3265-1] zendframework security update David Prévot (May 20)
Dirk-Willem van Gulik on behalf of Apache Cordova
CVE-2015-1835: ... Dirk-Willem van Gulik on behalf of Apache Cordova (May 28)
Gergely Eberhardt
[SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices Gergely Eberhardt (May 28)
High-Tech Bridge Security Research
Arbitrary Variable Overwrite in eShop WordPress Plugin High-Tech Bridge Security Research (May 06)
Stored XSS in WP Photo Album Plus WordPress Plugin High-Tech Bridge Security Research (May 20)
hyp3rlinx
Webgrind XSS vulnerability hyp3rlinx (May 21)
Sqlbuddy Path Traversal Vulnerability hyp3rlinx (May 11)
Ivan Buetler
European Cyber Security Challenge 2015 Ivan Buetler (May 04)
Jeffrey Walton
CVE for Apple's ECDHE-ECDSA SecureTransport bug? Jeffrey Walton (May 21)
jplopezy
F5 BIG-IQ Enumeration of users and Information Disclosure jplopezy (May 06)
Julian Reschke
CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) Julian Reschke (May 21)
kingkaustubh
CSRF/XSSIn Ad_InSerter Wordpress kingkaustubh (May 06)
CSRF/XSS in embed-articles Wordpress Plugin kingkaustubh (May 07)
CSRF/XSS In Ad_Button Wordpress kingkaustubh (May 07)
CSRF/XSS In Ultimate Profile Builder by CMSLive Wordpress Plugin kingkaustubh (May 06)
CSRF/XSS In ClickBank ads Wordpress Plugin kingkaustubh (May 06)
CSRF/XSS In Manage Engine Asset Explorer kingkaustubh (May 06)
CSRF/XSS In Embed ArticlesWordpress Plugin kingkaustubh (May 06)
Mark Thomas
[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass Mark Thomas (May 14)
[SECURITY] CVE-2014-0230: Apache Tomcat DoS Mark Thomas (May 06)
matthias . deeg
[SYSS-2015-019] BullGuard Antivirus - Authentication Bypass matthias . deeg (May 07)
[SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass matthias . deeg (May 07)
[SYSS-2015-017] BullGuard Internet Security - Authentication Bypass matthias . deeg (May 07)
metacom27
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability metacom27 (May 19)
Staff FTP v3.04 Software - DLL Hijacking Vulnerability metacom27 (May 20)
Michael Gilbert
[SECURITY] [DSA 3267-1] chromium-browser security update Michael Gilbert (May 22)
[SECURITY] [DSA 3242-1] chromium-browser security update Michael Gilbert (May 04)
Moritz Muehlenhoff
[SECURITY] [DSA 3259-1] qemu security update Moritz Muehlenhoff (May 13)
[SECURITY] [DSA 3273-1] tiff security update Moritz Muehlenhoff (May 26)
[SECURITY] [DSA 3264-1] icedove security update Moritz Muehlenhoff (May 20)
[SECURITY] [DSA 3248-1] libphp-snoopy security update Moritz Muehlenhoff (May 04)
[SECURITY] [DSA 3262-1] xen security update Moritz Muehlenhoff (May 19)
[SECURITY] [DSA 3260-1] iceweasel security update Moritz Muehlenhoff (May 13)
[SECURITY] [DSA 3274-1] virtualbox security update Moritz Muehlenhoff (May 29)
[SECURITY] [DSA 3252-1] sqlite3 security update Moritz Muehlenhoff (May 07)
mystyle_rahul
Audacity 2.0.5 contains Arbitrary DLL Injection Code Execution mystyle_rahul (May 28)
Onapsis Research Labs
[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability Onapsis Research Labs (May 27)
[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement Onapsis Research Labs (May 27)
Onur Yilmaz
Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250 Onur Yilmaz (May 13)
Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429 Onur Yilmaz (May 07)
pan . vagenas
CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] pan . vagenas (May 22)
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] pan . vagenas (May 22)
CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] pan . vagenas (May 27)
Pedro Ribeiro
[CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL Pedro Ribeiro (May 05)
Peter Lapp
Alienvault OSSIM/USM Multiple Vulnerabilities Peter Lapp (May 07)
F5 ASM JSON Profile Bypass Peter Lapp (May 07)
Salvatore Bonaccorso
[SECURITY] [DSA 3266-1] fuse security update Salvatore Bonaccorso (May 21)
[SECURITY] [DSA 3261-1] libmodule-signature-perl security update Salvatore Bonaccorso (May 15)
[SECURITY] [DSA 3243-1] libxml-libxml-perl security update Salvatore Bonaccorso (May 04)
[SECURITY] [DSA 3256-1] libtasn1-6 security update Salvatore Bonaccorso (May 11)
[SECURITY] [DSA 3254-1] suricata security update Salvatore Bonaccorso (May 11)
[SECURITY] [DSA 3268-2] ntfs-3g security update Salvatore Bonaccorso (May 27)
[SECURITY] [DSA 3251-2] dnsmasq regression update Salvatore Bonaccorso (May 08)
[SECURITY] [DSA 3251-1] dnsmasq security update Salvatore Bonaccorso (May 05)
[SECURITY] [DSA 3272-1] ipsec-tools security update Salvatore Bonaccorso (May 25)
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update Salvatore Bonaccorso (May 21)
[SECURITY] [DSA 3257-1] mercurial security update Salvatore Bonaccorso (May 12)
[SECURITY] [DSA 3268-1] ntfs-3g security update Salvatore Bonaccorso (May 22)
[SECURITY] [DSA 3244-1] owncloud security update Salvatore Bonaccorso (May 04)
Sebastien Delafond
[SECURITY] [DSA 3249-1] jqueryui security update Sebastien Delafond (May 04)
[SECURITY] [DSA 3263-1] proftpd-dfsg security update Sebastien Delafond (May 20)
SEC Consult Vulnerability Lab
SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2) SEC Consult Vulnerability Lab (May 14)
SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server SEC Consult Vulnerability Lab (May 13)
Securify B.V.
Command injection vulnerability in Synology Photo Station Securify B.V. (May 25)
Reflected Cross-Site Scripting in Synology DiskStation Manager Securify B.V. (May 25)
Synology Photo Station multiple Cross-Site Scripting vulnerabilities Securify B.V. (May 25)
security
[ MDVSA-2015:231 ] perl-XML-LibXML security (May 07)
[ MDVSA-2015:223 ] directfb security (May 04)
[ MDVSA-2015:219 ] curl security (May 04)
[ MDVSA-2015:229 ] net-snmp security (May 06)
[ MDVSA-2015:225 ] cherokee security (May 04)
[ MDVSA-2015:220 ] curl security (May 04)
[ MDVSA-2015:222 ] ppp security (May 04)
[ MDVSA-2015:226 ] fcgi security (May 04)
[ MDVSA-2015:228 ] nodejs security (May 06)
[ MDVSA-2015:221 ] clamav security (May 04)
[ MDVSA-2015:224 ] ruby security (May 04)
[ MDVSA-2015:230 ] squid security (May 06)
[ MDVSA-2015:232 ] libtasn1 security (May 08)
[ MDVSA-2015:227 ] mariadb security (May 05)
Security Alert
ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability Security Alert (May 18)
ESA-2015-077: EMC SourceOne Email Management Account Lockout Security Alert (May 04)
ESA-2015-084: EMC AutoStart Packet Injection Vulnerability Security Alert (May 04)
security-alert
[security bulletin] HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure security-alert (May 11)
[security bulletin] HPSBMU03263 rev.3 - HP Insight Control running OpenSSL, Remote Disclosure of Information security-alert (May 29)
[security bulletin] HPSBMU03330 rev.1 - HP Matrix Operating Environment (MOE) running glibc on Linux, Remote Disclosure of Information security-alert (May 12)
[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow security-alert (May 20)
[security bulletin] HPSBMU03261 rev.2 - HP Systems Insight Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information security-alert (May 29)
[security bulletin] HPSBMU03223 rev.1 - HP Insight Control server provisioning running SSLv3, Remote Denial of Service (DoS), Disclosure of Information security-alert (May 29)
[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities security-alert (May 20)
[security bulletin] HPSBUX03334 SSRT102000 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities security-alert (May 20)
[security bulletin] HPSBUX03194 rev.1 - HP-UX running sendmail(1M), Remote Disclosure of Information security-alert (May 07)
[security bulletin] HPSBGN03325 rev.1 - HP SiteScope, Remote Elevation of Privilege security-alert (May 25)
[security bulletin] HPSBHF03340 rev.1 - HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege security-alert (May 28)
[security bulletin] HPSBGN03332 rev.1 - HP Operations Analytics running SSLv3, Remote Denial of Service (DoS), Disclosure of Information security-alert (May 29)
[security bulletin] HPSBMU03267 rev.2 - HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL, Remote Disclosure of Information security-alert (May 29)
[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access security-alert (May 19)
[security bulletin] HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service (DoS), Execution of Arbitrary Code security-alert (May 22)
[security bulletin] HPSBGN03329 rev.1 - HP SDN VAN Controller, Remote Denial of Service (DoS), Distributed Denial of Service (DDoS) security-alert (May 11)
Security Explorations
[SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine Security Explorations (May 15)
[SE-2014-02] Some additional GAE Java security sandbox bypasses Security Explorations (May 07)
Slackware Security Team
[slackware-security] wpa_supplicant (SSA:2015-132-03) Slackware Security Team (May 12)
[slackware-security] mariadb (SSA:2015-132-01) Slackware Security Team (May 12)
[slackware-security] mozilla-thunderbird (SSA:2015-137-01) Slackware Security Team (May 18)
[slackware-security] mysql (SSA:2015-132-02) Slackware Security Team (May 12)
[slackware-security] mozilla-firefox (SSA:2015-132-04) Slackware Security Team (May 13)
soulsgetnothing
Server buffer overflow in Pure Faction <= 3.0c soulsgetnothing (May 13)
Steve Shockley
Certificate trust vulnerability in Websense Content Gateway Steve Shockley (May 14)
submit
phpMyAdmin 4.4.6 Man-In-the-Middle API Github submit (May 15)
Thijs Kinkhorst
[SECURITY] [DSA 3253-1] pound security update Thijs Kinkhorst (May 08)
Vulnerability Lab
CRUCMS Crucial Networking - SQL Injection Vulnerability Vulnerability Lab (May 19)
Grindr v2.1.1 iOS Bounty #1 - (Session) Auth Bypass Vulnerabilities Vulnerability Lab (May 04)
Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability Vulnerability Lab (May 07)
Web India Solutions CMS 2015 - SQL Injection Vulnerability Vulnerability Lab (May 13)
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability Vulnerability Lab (May 19)
Grindr 2.1.1 iOS Bug Bounty #2 - Denial of Service Software Vulnerability Vulnerability Lab (May 04)
Grindr v2.1.1 iOS - (eMail) Session Vulnerability Vulnerability Lab (May 04)
Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities Vulnerability Lab (May 08)
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities Vulnerability Lab (May 19)
PDF Converter & Editor 2.1 iOS - File Include Vulnerability Vulnerability Lab (May 06)
HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation Vulnerability Vulnerability Lab (May 04)
Album Streamer v2.0 iOS - Directory Traversal Vulnerability Vulnerability Lab (May 07)
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability Vulnerability Lab (May 20)
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability Vulnerability Lab (May 20)
vPhoto-Album v4.2 iOS - File Include Web Vulnerability Vulnerability Lab (May 05)
Staff FTP v3.04 Software - DLL Hijacking Vulnerability Vulnerability Lab (May 20)
TORNADO Computer Trading CMS - SQL Injection Vulnerability Vulnerability Lab (May 06)
Yahoo eMarketing Bug Bounty #31 - Cross Site Scripting Vulnerability Vulnerability Lab (May 07)
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability Vulnerability Lab (May 20)
Cisco (Newsroom) - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (May 04)
PhotoWebsite v3.1 iOS - File Include Web Vulnerability Vulnerability Lab (May 04)
Wireless Photo Transfer v3.0 iOS - File Include Vulnerability Vulnerability Lab (May 19)
Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (May 05)
webmaster
Code Injection in Epicor Retail Store 3.2.03.01.008 webmaster (May 04)