Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

69 messages starting Jul 03 17 and ending Jul 10 17
Date index | Thread index | Author index

andys3c

[CVE-2017-9313] Webmin 1.840 Multiple XSS Vulnerabilities andys3c (Jul 03)

apparitionsec

Firefox v54.0.1 Denial Of Service apparitionsec (Jul 07)

Apple Product Security

APPLE-SA-2017-07-19-1 iOS 10.3.3 Apple Product Security (Jul 19)
APPLE-SA-2017-07-19-4 tvOS 10.2.2 Apple Product Security (Jul 19)
APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2 Apple Product Security (Jul 20)
APPLE-SA-2017-07-19-3 watchOS 3.2.2 Apple Product Security (Jul 19)
APPLE-SA-2017-07-19-2 macOS 10.12.6 Apple Product Security (Jul 19)
APPLE-SA-2017-07-19-5 Safari 10.1.2 Apple Product Security (Jul 20)
APPLE-SA-2017-07-19-6 iTunes 12.6.2 Apple Product Security (Jul 19)

bo Zhang

[CVE request]linux kernel xfrm migrate out-of-bound access bo Zhang (Jul 11)

ERPScan inc

File Upload in Integration Gateway (PSIGW) ERPScan inc (Jul 20)
Multiple XSS (POST request) Vulnerabilities in TestServlet (PeopleSoft) ERPScan inc (Jul 20)
Directory Traversal vulnerability in Integration Gateway (PSIGW) ERPScan inc (Jul 20)

Florian Bogner

CVE-2017-4918: Code Injection in VMware Horizon’s macOS Client Florian Bogner (Jul 11)

h1kari

ToorCon 19 Call For Papers Closing This Week! h1kari (Jul 10)

HPE Product Security Response Team

[security bulletin] HPESBNS03755 rev.1 - HPE NonStop Server using Samba, Multiple Remote Vulnerabilities HPE Product Security Response Team (Jul 10)
[security bulletin] HPESBHF03745 rev.2 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution HPE Product Security Response Team (Jul 11)
[security bulletin] HPESBGN03763 rev.1 - HPE SiteScope, Disclosure of Sensitive Information, Bypass Security Restriction, Remote Arbitrary Code Execution HPE Product Security Response Team (Jul 11)
[security bulletin] HPESBHF03765 rev.1 - HPE ConvergedSystem 700 Solution with Comware v7 Switches using OpenSSL, Remote Denial of Service (DoS) and Disclosure of Sensitive Information HPE Product Security Response Team (Jul 26)
[security bulletin] HPSBMU02933 rev.3 - HPE SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS) HPE Product Security Response Team (Jul 05)
[security bulletin] HPESBGN03762 rev.1 - HPE Network Node Manager i (NNMi) Software, Remote Bypass Security Restrictions, Cross-Site Scripting (XSS), URL Redirection HPE Product Security Response Team (Jul 11)

hyp3rlinx

CVE-2017-10974 Yaws Web Server v1.91 Unauthenticated Remote File Disclosure hyp3rlinx (Jul 09)

ilia . shnaidman

[CVE-2017-7728] - Authentication Bypass allows alarm's commands execution in iSmartAlarm ilia . shnaidman (Jul 14)

KoreLogic Disclosures

KL-001-2017-014 : Barracuda WAF Support Tunnel Hijack KoreLogic Disclosures (Jul 07)
KL-001-2017-011 : Barracuda WAF Internal Development Credential Disclosure KoreLogic Disclosures (Jul 07)
KL-001-2017-012 : Barracuda WAF Grub Password Complexity KoreLogic Disclosures (Jul 07)
KL-001-2017-015 : Solarwinds LEM Hardcoded Credentials KoreLogic Disclosures (Jul 07)

Maxim Solodovnik

CVE-2017-7664 - Apache OpenMeetings - Missing XML Validation Maxim Solodovnik (Jul 13)
CVE-2017-7684 - Apache OpenMeetings - Insecure File Upload Maxim Solodovnik (Jul 13)
CVE-2017-7663 - Apache OpenMeetings - XSS in chat Maxim Solodovnik (Jul 13)
CVE-2017-7688 - Apache OpenMeetings - Insecure Password Update Maxim Solodovnik (Jul 13)

Micha Borrmann

[SYSS-2017-011] Office 365: Insufficient Session Expiration (CWE-613) Micha Borrmann (Jul 07)

Moritz Muehlenhoff

[SECURITY] [DSA 3919-1] openjdk-8 security update Moritz Muehlenhoff (Jul 25)
[SECURITY] [DSA 3905-1] xorg-server security update Moritz Muehlenhoff (Jul 10)
[SECURITY] [DSA 3908-1] nginx security update Moritz Muehlenhoff (Jul 12)
[SECURITY] [DSA 3920-1] qemu security update Moritz Muehlenhoff (Jul 25)
[SECURITY] [DSA 3903-1] tiff security update Moritz Muehlenhoff (Jul 05)
[SECURITY] [DSA 3914-1] imagemagick security update Moritz Muehlenhoff (Jul 18)

msg

FortiOS <= 5.6.0 Multiple XSS Vulnerabilities msg (Jul 28)

RedTeam Pentesting GmbH

[RT-SA-2017-009] Remote Command Execution as root in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)
[RT-SA-2017-011] Remote Command Execution in PDNS Manager RedTeam Pentesting GmbH (Jul 11)
[RT-SA-2017-005] Unauthenticated Extraction of Session-IDs in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)
[RT-SA-2017-003] Cross-Site Scripting in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)
[RT-SA-2017-007] Undocumented Administrative Service Account in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)
[RT-SA-2017-006] Arbitrary File Disclosure with root Privileges via RdxEngine-API in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)
[RT-SA-2017-008] Unauthenticated Access to Diagnostic Functions in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)
[RT-SA-2017-004] Unauthenticated Arbitrary File Disclosure in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 24)

Sailesh Mukil

CVE-2017-5640 Apache Impala (incubating) Information Disclosure Sailesh Mukil (Jul 10)
[SECURITY] CVE-2017-5652 Apache Impala (incubating) Information Disclosure Sailesh Mukil (Jul 10)

Salvatore Bonaccorso

[SECURITY] [DSA 3902-1] jabberd2 security update Salvatore Bonaccorso (Jul 05)
[SECURITY] [DSA 3917-1] catdoc security update Salvatore Bonaccorso (Jul 24)
[SECURITY] [DSA 3901-1] libgcrypt20 security update Salvatore Bonaccorso (Jul 03)

SEC Consult Vulnerability Lab

SEC Consult SA-20170712-0 :: Multiple critical vulnerabilities in AGFEO smart home ES 5xx/6xx products SEC Consult Vulnerability Lab (Jul 12)
SEC Consult SA-20170724-1 :: Open Redirect issue in multiple Ubiquiti Networks products SEC Consult Vulnerability Lab (Jul 25)
SEC Consult SA-20170724-0 :: Cross-Site Scripting (XSS) issue in multiple Ubiquiti Networks products SEC Consult Vulnerability Lab (Jul 25)

Securify B.V.

InsomniaX loader allows loading of arbitrary Kernel Extensions Securify B.V. (Jul 03)

security-alert

[security bulletin] HPESBHF03745 rev.3 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution security-alert (Jul 24)
[security bulletin] HPESBHF03766 rev.1 - HPE ConvergedSystem 700 Solution with Comware v5 Switches using NTP, Remote Denial of Service (DoS), Unauthorized Modification and Local Denial of Service (DoS) security-alert (Jul 20)

Shalin Shekhar Mangar

[ANNOUNCE] [SECURITY] CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr Shalin Shekhar Mangar (Jul 07)

Slackware Security Team

[slackware-security] Slackware 14.0 kernel (SSA:2017-184-01) Slackware Security Team (Jul 03)
[slackware-security] kernel (SSA:2017-181-02) Slackware Security Team (Jul 02)
[slackware-security] seamonkey (SSA:2017-202-01) Slackware Security Team (Jul 24)
[slackware-security] php (SSA:2017-188-01) Slackware Security Team (Jul 09)
[slackware-security] glibc (SSA:2017-181-01) Slackware Security Team (Jul 02)
[slackware-security] tcpdump (SSA:2017-205-01) Slackware Security Team (Jul 25)
[slackware-security] irssi (SSA:2017-190-01) Slackware Security Team (Jul 10)

William A Rowe Jr

CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest William A Rowe Jr (Jul 13)
CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2 William A Rowe Jr (Jul 13)

Yves-Alexis Perez

[SECURITY] [DSA 3904-1] bind9 security update Yves-Alexis Perez (Jul 10)

Previous period

Next period