Bugtraq: by thread
99 messages
starting Mar 01 17 and
ending Mar 31 17
Date index |
Thread index |
Author index
- Cross-Site Request Forgery in Global Content Blocks WordPress Plugin Summer of Pwnage (Mar 01)
- Cross-Site Scripting vulnerability in Gwolle Guestbook WordPress Plugin Summer of Pwnage (Mar 01)
- Persistent Cross-Site Scripting in the WordPress NewStatPress plugin Summer of Pwnage (Mar 01)
- Cross-Site Request Forgery in WordPress Download Manager Plugin Summer of Pwnage (Mar 01)
- Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery Summer of Pwnage (Mar 01)
- Cross-Site Request Forgery in Atahualpa WordPress Theme Summer of Pwnage (Mar 01)
- Cross-Site Scripting in Magic Fields 1 WordPress Plugin Summer of Pwnage (Mar 01)
- Stored Cross-Site Scripting vulnerability in User Login Log WordPress Plugin Summer of Pwnage (Mar 01)
- Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin Summer of Pwnage (Mar 01)
- Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin Summer of Pwnage (Mar 01)
- [SECURITY] [DSA 3798-1] tnef security update Sebastien Delafond (Mar 01)
- Joomla com_webgrouper Component - 'Itemid' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- Joomla com_jdownloads Component - 'cid' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- Joomla com_phocadownload Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- Joomla com_frontpage Component - 'Itemid' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- Joomla com_filecabinet Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- Joomla com_news Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- Joomla com_publication Component - 'sid' Parameter Sql Injection Vulnerability iedb . team (Mar 01)
- [SECURITY] [DSA 3794-2] munin regression update Salvatore Bonaccorso (Mar 01)
- Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0 Larry W. Cashdollar (Mar 02)
- [SECURITY] [DSA 3801-1] ruby-zip security update Salvatore Bonaccorso (Mar 06)
- EasyCom SQL iPlug Denial Of Service hyp3rlinx (Mar 06)
- CVE-2017-6429: Buffer overflow vulnerability in Tcpreplay tcpcapinfo utility ddos2me (Mar 06)
- OpenElec: Remote Code Execution Vulnerability through Man-In-The-Middle(CVE-2017-6445) Wolfgang (Mar 06)
- CVE-2017-6430: Out-of-Bounds Read (DOS) Vulnerability in Ettercap Etterfilter utility ddos2me (Mar 06)
- CVE-2016-7955 - Alienvault OSSIM/USM Authentication Bypass Peter Lapp (Mar 06)
- Sawmill Enterprise v8.7.9 Pass The Hash Authentication Bypass hyp3rlinx (Mar 06)
- EasyCom PHP API Stack Buffer Overflow hyp3rlinx (Mar 06)
- WordPress audio playlist functionality is affected by Cross-Site Scripting Summer of Pwnage (Mar 06)
- SEC Consult SA-20170307-0 :: Unauthenticated OS command injection & arbitrary file upload in Western Digital WD My Cloud SEC Consult Vulnerability Lab (Mar 07)
- Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution Securify B.V. (Mar 07)
- [security bulletin] HPESBHF03710 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Multiple Remote Vulnerabilities security-alert (Mar 07)
- Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in GoAhead Pierre Kim (Mar 08)
- [slackware-security] mozilla-firefox (SSA:2017-066-01) Slackware Security Team (Mar 08)
- SEC Consult SA-20170308-0 :: Multiple vulnerabilities in Navetti PricePoint SEC Consult Vulnerability Lab (Mar 08)
- [security bulletin] HPESBGN03712 rev.1 - HPE LoadRunner and Performance Center, Remote Code Execution security-alert (Mar 08)
- [security bulletin] HPESBHF03713 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution security-alert (Mar 08)
- [SECURITY] [DSA 3804-1] linux security update Salvatore Bonaccorso (Mar 08)
- [security bulletin] HPESBHF03714 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Local Arbitrary File Download security-alert (Mar 08)
- RE: CVE-2017-3241 - [ERPSCAN-17-006] Oracle OpenJDK - Java Serialization DoS Melissa Mayer (Mar 08)
- [SECURITY] [DSA 3805-1] firefox-esr security update Moritz Muehlenhoff (Mar 09)
- CVE-2016-10143: Vulnerability to read arbitrary files in "Tiki Wiki" Leon . Zhao . 7 (Mar 10)
- [security bulletin] HPESBHF03716 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Remote Authentication Bypass security-alert (Mar 10)
- [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege security-alert (Mar 10)
- [security bulletin] HPESBHF03711 rev.1 - HPE 2620 Series Network Switches, Remote Cross Site Request Forgery (CSRF) security-alert (Mar 10)
- [security bulletin] HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities security-alert (Mar 10)
- Joomla com_eventlist Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 12)
- Joomla com_kide Component - 'view' Parameter Sql Injection Vulnerability iedb . team (Mar 12)
- Joomla com_carocci Component - 'isbn' Parameter Sql Injection Vulnerability iedb . team (Mar 12)
- [SECURITY] [DSA 3808-1] imagemagick security update Moritz Muehlenhoff (Mar 14)
- Atlassian - March 2017 - Bamboo, Crowd and HipChat Server - Critical Security Advisory David Black (Mar 14)
- Joomla com_easyblog Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 14)
- Joomla com_registrationpro Component - 'did' Parameter Sql Injection Vulnerability iedb . team (Mar 14)
- Joomla com_fidecalendar Component - 'aid' Parameter Sql Injection Vulnerability iedb . team (Mar 14)
- Joomla com_sngevents Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 14)
- Joomla com_kunena Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 14)
- Joomla com_virtuemart Component - 'id' Parameter Sql Injection Vulnerability iedb . team (Mar 14)
- Microsoft Edge Fetch API allows setting of arbitrary request headers Securify B.V. (Mar 14)
- Cisco Security Advisory: Cisco StarOS SSH Privilege Escalation Vulnerability psirt (Mar 15)
- Cisco Security Advisory: Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability psirt (Mar 15)
- Cisco Security Advisory: Cisco Workload Automation and Tidal Enterprise Scheduler Client Manager Server Arbitrary File Read Vulnerability psirt (Mar 15)
- CVE-2017-0045 Windows DVD Maker XML External Entity File Disclosure hyp3rlinx (Mar 15)
- Path Traversal Remote File Disclosure hyp3rlinx (Mar 15)
- [slackware-security] pidgin (SSA:2017-074-01) Slackware Security Team (Mar 15)
- CVE-2017-6911: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability wsachin092 (Mar 16)
- SEC Consult SA-20170316-0 :: Authenticated command injection in multiple Ubiquiti Networks products SEC Consult Vulnerability Lab (Mar 16)
- CVE-2017-6805 MobaXterm Personal Edition v9.4 Path Traversal Remote File Disclosure hyp3rlinx (Mar 16)
- MS Internet Information Services XSS / HTML Injection vulnerability David FM (Mar 16)
- Cisco Security Advisory: Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability psirt (Mar 20)
- [SECURITY] [DSA 3811-1] wireshark security update Moritz Muehlenhoff (Mar 20)
- [SECURITY] [DSA 3812-1] ioquake3 security update Moritz Muehlenhoff (Mar 20)
- [SECURITY] [DSA 3813-1] r-base security update Moritz Muehlenhoff (Mar 20)
- CVE-2017-7183 ExtraPuTTY v029_RC2 TFTP Denial Of Service hyp3rlinx (Mar 20)
- [security bulletin] HPSBUX03596 rev.2 - HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access security-alert (Mar 20)
- [SECURITY] [DSA 3796-2] sitesummary regression update Sebastien Delafond (Mar 20)
- ESA-2017-010: EMC RecoverPoint SSL Stripping Vulnerability EMC Product Security Response Center (Mar 20)
- [ERPSCAN-16-041] SAP NETWEAVER DIRECTORY CREATION OUTSIDE OF THE JVM ERPScan inc (Mar 21)
- Defense in depth -- the Microsoft way (part 47): "AppLocker bypasses are not serviced via monthly security roll-ups" Stefan Kanthak (Mar 21)
- SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices SEC Consult Vulnerability Lab (Mar 22)
- Cisco Security Advisory: Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability psirt (Mar 22)
- Cisco Security Advisory: Cisco IOS and IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability psirt (Mar 22)
- Cisco Security Advisory: Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability psirt (Mar 22)
- Cisco Security Advisory: Cisco IOx Data in Motion Stack Overflow Vulnerability psirt (Mar 22)
- APPLE-SA-2017-03-22-1 iTunes for Windows 12.6 Apple Product Security (Mar 22)
- [SECURITY] [DSA 3816-1] samba security update Salvatore Bonaccorso (Mar 23)
- [SECURITY] [DSA 3817-1] jbig2dec security update Moritz Muehlenhoff (Mar 26)
- APPLE-SA-2017-03-27-1 Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS Apple Product Security (Mar 27)
- [SECURITY] [DSA 3821-1] gst-plugins-ugly1.0 security update Moritz Muehlenhoff (Mar 27)
- APPLE-SA-2017-03-27-7 macOS Server 5.3 Apple Product Security (Mar 27)
- [SECURITY] [DSA 3823-1] eject security update Salvatore Bonaccorso (Mar 28)
- APPLE-SA-2017-03-28-1 iCloud for Windows 6.2 Apple Product Security (Mar 28)
- [slackware-security] mariadb (SSA:2017-087-01) Slackware Security Team (Mar 28)
- [SECURITY] [DSA 3798-2] tnef regression update Sebastien Delafond (Mar 29)
- [SECURITY] [DSA 3824-1] firebird2.5 security update Sebastien Delafond (Mar 29)
- ESA-2017-028: EMC Isilon OneFS Path Traversal Vulnerability EMC Product Security Response Center (Mar 29)
- ESA-2017-013: RSA ArcherĀ® GRC Security Operations Management Sensitive Information Disclosure Vulnerability EMC Product Security Response Center (Mar 29)
- [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities security-alert (Mar 29)
- [security bulletin] HPESBHF03723 rev.1 - HPE Aruba ClearPass Policy Manager, using Apache Struts, Remote Code Execution security-alert (Mar 29)
- [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege security-alert (Mar 31)