Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
168 messages
starting Aug 01 16 and
ending Aug 01 16
Date index |
Thread index |
Author index
ak47464659484
Huawei eSpace IAD Remote Information Disclosure Vulnerability ak47464659484 (Aug 01)
Alessandro Ghedini
[SECURITY] [DSA 3638-1] curl security update Alessandro Ghedini (Aug 03)
Andrew Klaus
Telus Actiontec T2200H Modem Input Validation Flaw Allows Elevated Shell Access Andrew Klaus (Aug 18)
apparitionsec
WSO2-CARBON v4.4.5 LOCAL FILE INCLUSION apparitionsec (Aug 15)
Apple Product Security
APPLE-SA-2016-08-25-1 iOS 9.3.5 Apple Product Security (Aug 25)
bugtraq
[SYSS-2016-054] QNAP QTS - OS Command Injection bugtraq (Aug 18)
[SYSS-2016-049] QNAP QTS - Persistent Cross-Site Scripting bugtraq (Aug 18)
[SYSS-2016-054] QNAP QTS - OS Command Injection bugtraq (Aug 18)
[SYSS-2016-048] QNAP QTS - OS Command Injection bugtraq (Aug 18)
[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting bugtraq (Aug 18)
[SYSS-2016-048] QNAP QTS - OS Command Injection bugtraq (Aug 18)
[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting bugtraq (Aug 18)
[SYSS-2016-053] QNAP QTS - Arbitrary File Overwrite bugtraq (Aug 18)
[SYSS-2016-051] QNAP QTS - Reflected Cross-Site Scripting bugtraq (Aug 18)
[SYSS-2016-048] QNAP QTS - OS Command Injection bugtraq (Aug 18)
[SYSS-2016-055] QNAP QTS - OS Command Injection bugtraq (Aug 18)
[SYSS-2016-049] QNAP QTS - Persistent Cross-Site Scripting bugtraq (Aug 18)
[SYSS-2016-052] QNAP QTS - OS Command Injection bugtraq (Aug 18)
Carlos Alberto Lopez Perez
WebKitGTK+ Security Advisory WSA-2016-0005 Carlos Alberto Lopez Perez (Aug 24)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Firepower Management Center Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Aug 17)
Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability Cisco Systems Product Security Incident Response Team (Aug 03)
Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Aug 03)
Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Aug 18)
Cisco Security Advisory:Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Aug 17)
Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Aug 04)
Cisco Security Advisory: Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Aug 10)
Cisco Security Advisory: Cisco Firepower Management Center Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Aug 17)
Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability Cisco Systems Product Security Incident Response Team (Aug 03)
Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution Cisco Systems Product Security Incident Response Team (Aug 31)
Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Aug 03)
Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability Cisco Systems Product Security Incident Response Team (Aug 31)
Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Aug 31)
CORE Advisories Team
[CORE-2016-0006] - SAP CAR Multiple Vulnerabilities CORE Advisories Team (Aug 10)
David Coomber
Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) David Coomber (Aug 01)
Dawid Golunski
vBulletin <= 5.2.2 Preauth Server Side Request Forgery (SSRF) Dawid Golunski (Aug 08)
ERPScan inc
[ERPSCAN-16-022] SAP Hybris E-commerce Suite VirtualJDBC – Default Credentials ERPScan inc (Aug 16)
[ERPSCAN-16-023] Potential backdoor via hardcoded system ID ERPScan inc (Aug 16)
Florian Bogner
Horizontal Privilege Escalation/Code Injection in ownCloud’s Windows Client Florian Bogner (Aug 19)
hamedizadi
OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET) hamedizadi (Aug 15)
OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET) hamedizadi (Aug 15)
OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET) hamedizadi (Aug 15)
High-Tech Bridge Security Research
Arbitrary File Content Disclosure in Atutor High-Tech Bridge Security Research (Aug 03)
hyp3rlinx
WSO2 CARBON v4.4.5 PERSISTENT XSS COOKIE THEFT hyp3rlinx (Aug 15)
Nagios NA v2.2.1 XSS hyp3rlinx (Aug 09)
AirSnort v0.2.7 Stack Corruption DOS hyp3rlinx (Aug 09)
Lepton CMS PHP Code Injection hyp3rlinx (Aug 16)
WSO2-CARBON v4.4.5 CSRF / DOS hyp3rlinx (Aug 15)
Nagios Network Analyzer v2.2.1 Multiple CSRF hyp3rlinx (Aug 09)
Necroscan <= v0.9.1 Buffer Overflow hyp3rlinx (Aug 25)
Lepton CMS Archive Directory Traversal hyp3rlinx (Aug 16)
Any Video Converter DLL Hijack hyp3rlinx (Aug 09)
WSO2 IDENTITY-SERVER v5.1.0 XML External-Entity hyp3rlinx (Aug 15)
Jacobo Avariento
[0day] net2ftp multiple XSS on unauthenticated users Jacobo Avariento (Aug 05)
Justin Bull
[CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method Justin Bull (Aug 19)
klaus . eisentraut
[SYSS-2016-065] NASdeluxe NDL-2400r: OS Command Injection klaus . eisentraut (Aug 04)
Maria Lemos
WorldCIST'17 - Call for Workshops Proposals; Deadline: September 5 Maria Lemos (Aug 03)
matthias . deeg
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) matthias . deeg (Aug 05)
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) matthias . deeg (Aug 05)
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) matthias . deeg (Aug 05)
Maxim Solodovnik
[CVE-2016-3089] Apache OpenMeetings XSS in SWF panel Maxim Solodovnik (Aug 12)
mehta . himanshu21
Notepad++6.9.2 DLL Hijacking Vulnerability mehta . himanshu21 (Aug 09)
Micha Borrmann
[SYSS-2016-067] NetIQ Access Manager (iManager) - Temporary Second Order Cross-Site Scripting (CWE-79) Micha Borrmann (Aug 17)
Michael Gilbert
[SECURITY] [DSA 3645-1] chromium-browser security update Michael Gilbert (Aug 09)
[SECURITY] [DSA 3637-1] chromium-browser security update Michael Gilbert (Aug 01)
Moritz Muehlenhoff
[SECURITY] [DSA 3647-1] icedove security update Moritz Muehlenhoff (Aug 11)
[SECURITY] [DSA 3648-1] wireshark security update Moritz Muehlenhoff (Aug 15)
[SECURITY] [DSA 3640-1] firefox-esr security update Moritz Muehlenhoff (Aug 04)
[SECURITY] [DSA 3652-1] imagemagick security update Moritz Muehlenhoff (Aug 25)
[SECURITY] [DSA 3641-1] openjdk-7 security update Moritz Muehlenhoff (Aug 04)
nullcon
nullcon 8-bit Call for Papers is open nullcon (Aug 24)
Pedro Ribeiro
Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance Pedro Ribeiro (Aug 04)
Re: Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance Pedro Ribeiro (Aug 04)
[CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 Pedro Ribeiro (Aug 09)
reggie . dodd30
Taser Axon Dock (Body-Worn Camera Docking Station) v3.1 - Authentication Bypass reggie . dodd30 (Aug 15)
Rv3Lab.org
Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime Edition (Build 8) Rv3Lab.org (Aug 11)
Salvatore Bonaccorso
[SECURITY] [DSA 3646-1] postgresql-9.4 security update Salvatore Bonaccorso (Aug 11)
[SECURITY] [DSA 3649-1] gnupg security update Salvatore Bonaccorso (Aug 18)
[SECURITY] [DSA 3644-1] fontconfig security update Salvatore Bonaccorso (Aug 08)
[SECURITY] [DSA 3650-1] libgcrypt20 security update Salvatore Bonaccorso (Aug 18)
[SECURITY] [DSA 3639-1] wordpress security update Salvatore Bonaccorso (Aug 03)
[SECURITY] [DSA 3643-1] kde4libs security update Salvatore Bonaccorso (Aug 08)
samhuntley84
Linksys E1200 and E2500 (Missing authorization on parental control) samhuntley84 (Aug 15)
Linksys E2500 and E1200 (Unauth Command Injection) samhuntley84 (Aug 15)
Sebastien Delafond
[SECURITY] [DSA 3636-1] collectd security update Sebastien Delafond (Aug 01)
[SECURITY] [DSA 3634-1] redis security update Sebastien Delafond (Aug 01)
[SECURITY] [DSA 3654-1] quagga security update Sebastien Delafond (Aug 25)
[SECURITY] [DSA 3642-1] lighttpd security update Sebastien Delafond (Aug 08)
SEC Consult Vulnerability Lab
SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise SEC Consult Vulnerability Lab (Aug 25)
Secunia Research
Secunia Research: LibGD "_gdContributionsAlloc()" Integer Overflow Denial of Service Vulnerability Secunia Research (Aug 03)
Securify B.V.
Internet Explorer iframe sandbox local file name disclosure vulnerability Securify B.V. (Aug 09)
DLL side loading vulnerability in VMware Host Guest Client Redirector Securify B.V. (Aug 05)
Security Alert
ESA-2016-070: RSA® Authentication Manager Prime SelfService Insecure Direct Object Reference Vulnerability Security Alert (Aug 08)
security-alert
[security bulletin] HPSBGN03637 rev.1 - HP Operations Manager for Unix, Solaris, and Linux, Remote Cross-Site Scripting (XSS) security-alert (Aug 31)
[security bulletin] HPSBGN03630 rev.2 - HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC), Remote Code Execution security-alert (Aug 12)
[security bulletin] HPSBUX03632 SSRT110194 rev.1 - HP-UX Mail Server running Sendmail, Local Unauthorized Disclosure of Information security-alert (Aug 01)
[security bulletin] HPSBHF03441 rev.1 - HPE ilO 3 and iLO 4 and iLO 4 mRCA, Remote Multiple Vulnerabilities security-alert (Aug 16)
[security bulletin] HPSBGN03633 rev.1 - HPE Release Control, Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access to Files or Server-Side Request Forgery(SSRF) security-alert (Aug 03)
[security bulletin] HPSBGN03634 rev.1 - HPE Enterprise Solution Sizers and Storage Sizer running Smart Update, Remote Arbitrary Code Execution security-alert (Aug 16)
[security bulletin] HPSBHF03641 rev.1 - HPE Integrated Lights-Out 3 (iLO 3), Remote Disclosure of Information security-alert (Aug 30)
[security bulletin] HPSBHF03440 rev.1 - HPE iLO 3 using JQuery, Remote Cross-Site Scripting (XSS) security-alert (Aug 12)
[security bulletin] HPSBNS03635 rev.1 - HPE NonStop Servers OSS Script Languages running Perl and PHP, Multiple Local and Remote Vulnerabilities security-alert (Aug 22)
[security bulletin] HPSBST03629 rev.1 - HP StoreFabric B-series Switches, Remote Disclosure of Privileged Information security-alert (Aug 16)
[security bulletin] HPSBGN03638 rev.1 - HPE Remote Device Access: Virtual Customer Access System (vCAS) using lighttpd and OpenSSH, Unauthorized Modification of Information, Remote Denial of Service (DoS), Remote Disclosure of Information security-alert (Aug 29)
[security bulletin] HPSBGN03564 rev.2 - HPE Release Control using Java Deserialization, Remote Code Execution security-alert (Aug 01)
Slackware Security Team
[slackware-security] gnupg (SSA:2016-236-01) Slackware Security Team (Aug 23)
[slackware-security] mozilla-firefox (SSA:2016-219-02) Slackware Security Team (Aug 08)
[slackware-security] kernel (SSA:2016-242-01) Slackware Security Team (Aug 29)
[slackware-security] stunnel (SSA:2016-219-04) Slackware Security Team (Aug 08)
[slackware-security] openssh (SSA:2016-219-03) Slackware Security Team (Aug 08)
[slackware-security] curl (SSA:2016-219-01) Slackware Security Team (Aug 08)
Stefan Kanthak
Defense in depth -- the Microsoft way (part 42): Sysinternals utilities load and execute rogue DLLs from %TEMP% Stefan Kanthak (Aug 11)
submit
Apple libc incomplete fix of Security Update for OS X El Capitan 10.11.2 submit (Aug 26)
Summer of Pwnage
Ajax Load More Local File Inclusion vulnerability Summer of Pwnage (Aug 16)
Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP Summer of Pwnage (Aug 01)
Cross-Site Scripting in Contact Bank WordPress Plugin Summer of Pwnage (Aug 01)
Cross-Site Scripting in Activity Log WordPress Plugin Summer of Pwnage (Aug 04)
Path traversal vulnerability in WordPress Core Ajax handlers Summer of Pwnage (Aug 22)
Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin Summer of Pwnage (Aug 16)
Stored Cross-Site Scripting vulnerability in Count per Day WordPress Plugin Summer of Pwnage (Aug 04)
Cross-Site Scripting vulnerability in Events Made Easy WordPress plugin Summer of Pwnage (Aug 04)
Cross-Site Scripting in Uji Countdown WordPress Plugin Summer of Pwnage (Aug 02)
Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin Summer of Pwnage (Aug 16)
Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows adding of images Summer of Pwnage (Aug 16)
Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Aug 05)
Cross-Site Scripting in Link Library WordPress Plugin Summer of Pwnage (Aug 16)
Cross-Site Scripting vulnerability in Booking Calendar WordPress Plugin Summer of Pwnage (Aug 01)
Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin Summer of Pwnage (Aug 01)
Cross-Site Scripting vulnerability in search function Activity Log WordPress Plugin Summer of Pwnage (Aug 04)
Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows deleting of galleries Summer of Pwnage (Aug 16)
Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA Summer of Pwnage (Aug 01)
Cross-Site Request Forgery vulnerability in Add From Server WordPress Plugin Summer of Pwnage (Aug 09)
Cross-Site Scripting in FormBuilder WordPress Plugin Summer of Pwnage (Aug 04)
Cross-Site Scripting in WangGuard WordPress Plugin Summer of Pwnage (Aug 02)
Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress Plugin Summer of Pwnage (Aug 01)
Cross-Site Scripting in Count per Day WordPress Plugin Summer of Pwnage (Aug 04)
Cross-Site Scripting/Cross-Site Request Forgery in Peter's Login Redirect WordPress Plugin Summer of Pwnage (Aug 16)
SQL injection vulnerability in Booking Calendar WordPress Plugin Summer of Pwnage (Aug 01)
Cross-Site Request Forgery vulnerability in Email Users WordPress Plugin Summer of Pwnage (Aug 16)
Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows deleting of images Summer of Pwnage (Aug 16)
Stored Cross-Site Scripting vulnerability in Photo Gallery WordPress Plugin Summer of Pwnage (Aug 16)
Cross-Site Scripting in WordPress Landing Pages Plugin Summer of Pwnage (Aug 04)
Cross-Site Scripting vulnerability in Google Maps WordPress Plugin Summer of Pwnage (Aug 16)
tal argoni
Reflected Cross Site Scripting (XSS) Vulnerability in nopcommerce 3.70 tal argoni (Aug 15)
Tim Kretschmann
Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability (CVE-2016-6597) Tim Kretschmann (Aug 05)
Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability (CVE-2016-6597) Tim Kretschmann (Aug 05)
unlimitsec
Elevation of Privilege Vulnerability in MediaTek Driver ( CVE-2016-6492) unlimitsec (Aug 01)
Vulnerability Lab
FortiVoice v5.0 - Filter Bypass & Persistent Validation Vulnerability Vulnerability Lab (Aug 09)
Nuke Evolution 2.0.9d - Multiple Client Side Cross Site Scripting Vulnerabilities Vulnerability Lab (Aug 09)
FortiManager (Series) - Multiple Web Vulnerabilities Vulnerability Lab (Aug 02)
FortiCloud - (Reports Summary) Multiple Persistent Vulnerabilities Vulnerability Lab (Aug 05)
WinSaber - Unquoted Service Path Privilege Escalation Vulnerability Lab (Aug 02)
QuickerBB 0.7.0 - Register Cross Site Scripting Vulnerability Vulnerability Lab (Aug 11)
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability Vulnerability Lab (Aug 01)
PayPal Inc BB #127 - 2FA Bypass Vulnerability Vulnerability Lab (Aug 15)
FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Aug 04)
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability Vulnerability Lab (Aug 02)
Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities Vulnerability Lab (Aug 02)
Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability Vulnerability Lab (Aug 01)
Typesettercms v5.0.1 - (Delete Files) CSRF Vulnerability Vulnerability Lab (Aug 05)
Facebook Bug Bounty #33 - Bypass ID user to linked Phone Number Vulnerability Vulnerability Lab (Aug 09)
Microsoft Education - Stored Cross Site Web Vulnerability Vulnerability Lab (Aug 11)
Subrion v4.0.5 CMS - SQL Injection Vulnerability Vulnerability Lab (Aug 05)
phpCollab v2.5 CMS - SQL Injection Vulnerability Vulnerability Lab (Aug 08)
Stash v1.0.3 CMS - SQL Injection Vulnerability Vulnerability Lab (Aug 15)
Docebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability Vulnerability Lab (Aug 02)
FortiManager (Series) - (Bookmark) Persistent Vulnerability Vulnerability Lab (Aug 04)
Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Aug 02)
wpengfeinudt
[CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c wpengfeinudt (Aug 01)