oss-sec: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

658 messages starting Jul 01 15 and ending Sep 30 15
Date index | Thread index | Author index

Wednesday, 01 July

Re: Google Chrome Address Spoofing (Request For Comment) 0pc0deFR
Re: Google Chrome Address Spoofing (Request For Comment) Big Whale
Re: [FD] Google Chrome Address Spoofing (Request For Comment) Roney Gomes
CVE request: persistent XSS in Wordpress Plugin NewStatPress v.1.0.3 Responsive Disclosure | HSASec
Re: Google Chrome Address Spoofing (Request For Comment) Valentinas Bakaitis
RE: Google Chrome Address Spoofing (Request For Comment) Zak Siddiqui
CVE Request: two security issues in openSSH 6.9 Andreas Stieger
Re: CVE request: persistent XSS in Wordpress Plugin NewStatPress v.1.0.3 Seaman, Chad
Re: Google Chrome Address Spoofing (Request For Comment) David Leo
Re: CVE Request: two security issues in openSSH 6.9 cve-assign
Re: CVE Request: UDP checksum DoS cve-assign

Thursday, 02 July

Re: [FD] Google Chrome Address Spoofing (Request For Comment) Mustafa Al-Bassam
Re: [FD] Google Chrome Address Spoofing (Request For Comment) Big Whale
CVE- Request for Wordpress Plugin Simple Ads Manager: DoS without authentication Responsive Disclosure | HSASec
Re: Re: [FD] Google Chrome Address Spoofing (Request For Comment) Tim Brown
SQL Injection in easy2map wordpress plugin v1.24 Larry W. Cashdollar
Re: [FD] Google Chrome Address Spoofing (Request For Comment) Daniel Wood
Re: Re: [FD] Google Chrome Address Spoofing (Request For Comment) anidear

Friday, 03 July

Re: CVE-2015-3258 CVE-2015-3279 cups-filters Stefan Cornelius
Re: CVE-2015-3258 CVE-2015-3279 cups-filters Salvatore Bonaccorso
Waiting Mitre response: AMD Bulldozer, Linux ASLR mmap and Offset2lib Hector Marco-Gisbert
Re: CVE-2015-3258 CVE-2015-3279 cups-filters Tim Waugh
Re: CVE-2015-3258 CVE-2015-3279 cups-filters Salvatore Bonaccorso
CVE Request: GetSimple CMS: Multiple Stored XSS Anirudh Anand
Newsletter Plugin for WordPress Unvalidated Redirects and Forwards URL Vulnerability - CVE Request Ryan King

Saturday, 04 July

Follow-up on Exploiting "BadIRET" vulnerability (CVE-2014-9322) Adam Zabrocki
please REJECT CVE-2015-3199 Kurt Seifried
Re: please REJECT CVE-2015-3199 cve-assign
CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131) Pere Orga

Sunday, 05 July

node.js out of band write Mark Felder
Re: CVE Request: UDP checksum DoS Ben Hutchings
CVE Request - Open Redirect Vulnerability in StageShow Wordpress Plugin v5.0.8 Nitin Venkatesh
Google Chrome Address Spoofing - Google's Opinion David Leo

Monday, 06 July

Re: node.js out of band write Florian Weimer
Out-of-bounds read in wget and curl using CVE-2015-2059 Gustavo Grieco
Re: CVE Request: UDP checksum DoS cve-assign
Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g Stefan Cornelius
Squid HTTP proxy CVE request Amos Jeffries
Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g Stefan Cornelius
CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 Andreas Stieger
Re: node.js out of band write Mark Felder
TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow jean-marie.bourbon () armaturetech com
How serious is undefined behavior? Hanno Böck
Re: How serious is undefined behavior? John Haxby
Re: How serious is undefined behavior? Daniel Micay
Re: TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow Adam D. Barratt
Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g a . furieri
Re: TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow Simon McVittie
Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 Larry W. Cashdollar
Re: How serious is undefined behavior? Solar Designer
Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0 Larry W. Cashdollar
Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 cve-assign

Tuesday, 07 July

Re: Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 Andreas Stieger
Re: node.js out of band write Luca Bruno
[ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Emmanuel Lecharny
Follow up: PowerDNS Security Advisory 2015-01 Pieter Lexis
Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Moritz Muehlenhoff
Xen Security Advisory 137 (CVE-2015-3259) - xl command line config handling stack overflow Xen . org security team
CVE Request for sogO Open Source Groupware (www.sogo.nu) Stefan Castille
CVE request CSRF in sogo Stefan Castille
Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released Yann Ylavic
CVE-2015-3281 HAProxy information leak vulnerability Solar Designer
Re: Follow up: PowerDNS Security Advisory 2015-01 Alessandro Ghedini

Wednesday, 08 July

Remote file download vulnerability in Wordpress Plugin wp-swimteam v1.44.10777 Larry W. Cashdollar
SQL Injection in easy2map-photos wordpress plugin v1.09 Larry W. Cashdollar
hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation Jouni Malinen
Re: Follow-up on Exploiting "BadIRET" vulnerability (CVE-2014-9322) Andy Lutomirski
[ANNOUNCE] Django security releases issued (1.4.21, 1.7.9, and 1.8.3) Tim Graham
Re: Squid HTTP proxy CVE request Amos Jeffries

Thursday, 09 July

Re: CVE request: pure-ftpd denial of service in glob_() Vasyl Kaigorodov
CVE request: XEE in ruby gem ruby-saml <1.0.0 Reed Loden
Re: TR : CVE request for dash 0.5.7-3 x86-64 local buffer overflow Jann Horn
Re: node.js out of band write cve-assign
Re: How serious is undefined behavior? Alexander Cherepanov
CVE request: Command injection in ruby gem ruby-saml <1.0.0 Reed Loden
Remote file download vulnerability in ibs-Mappro v0.6 Wordpress plugin Larry W. Cashdollar
Remote file download vulnerability in ibs-Mappro v0.6 Wordpress plugin Larry W. Cashdollar
Re: Squid HTTP proxy CVE request Reed Black
OpenSSL CVE-2015-1793 tester (alt.chain.fail) mancha
Re: Squid HTTP proxy CVE request Amos Jeffries

Friday, 10 July

Re: Re: CVE Request: UDP checksum DoS Gsunde Orangen
Re: Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 cve-assign
Re: Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0 cve-assign
Re: Remote file download vulnerability in Wordpress Plugin wp-swimteam v1.44.10777 cve-assign
Re: Remote file download vulnerability in ibs-Mappro v0.6 Wordpress plugin cve-assign
Re: Follow up: PowerDNS Security Advisory 2015-01 cve-assign
Re: CVE request CSRF in sogo cve-assign
Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Fernando Muñoz
CVE Request - Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5 Nitin Venkatesh

Saturday, 11 July

The Census Project (CII) Luca Carettoni

Sunday, 12 July

Re: Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Mark Felder
Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 Larry W. Cashdollar
CVE request: IPython CSRF validation Kyle Kelley
Re: How serious is undefined behavior? Solar Designer
moodle security announcements Marina Glancy

Monday, 13 July

Re: How serious is undefined behavior? Alexander Cherepanov
Re: How serious is undefined behavior? Xi Wang
Retroactive CVE request for Ruby 1.9.2-p330 Tony Arcieri
Re: Retroactive CVE request for Ruby 1.9.2-p330 cve-assign
Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow cve-assign
Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Alessandro Ghedini
Re: Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Alessandro Ghedini
Remote file download vulnerability in Wordpress Plugin image-export v1.1 Larry W. Cashdollar
Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow Fernando Muñoz

Tuesday, 14 July

Re: Squid HTTP proxy CVE request Amos Jeffries
CVE request: ansible zone/chroot/jail escape Martin Carpenter
[CVE-2015-3908] Improper TLS Certificate Validation in Ansible Cory Benfield
CVE Request: SQLite array overrun in the skip-scan optimization Marc Deslauriers
CVE Request: AWS s2n Markus Vervier
Re: CVE Request: AWS s2n Kurt Seifried
siege: off-by-one in load_conf() Agostino Sarubbo
Re: siege: off-by-one in load_conf() Seth Arnold
Re: siege: off-by-one in load_conf() Agostino Sarubbo
Remote file download vulnerability in recent-backups v0.7 wordpress plugin Larry W. Cashdollar
Re: CVE Request: AWS s2n Markus Vervier
Re: CVE Request: AWS s2n Kurt Seifried
Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow cve-assign

Wednesday, 15 July

Re: CVE Request: SQLite array overrun in the skip-scan optimization cve-assign
CVE Request: kmail: Attachments are not encrypted when "automatic encryption" is selected Salvatore Bonaccorso
CVE Request - Arbitrary File Download vulnerability in WP Attachment Export Wordpress Plugin v0.2.3 Nitin Venkatesh
CVE Request: use after free in PHP 5.6 and 7 (possibly others) Brian Carpenter

Thursday, 16 July

[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure Cédric Champeau
libav: divide-by-zero in ff_h263_decode_mba() Agostino Sarubbo
CVE request: Zenphoto before 1.4.9 multiple vulnerabilities Henri Salo
CVE request: WordPress plugin sp-client-document-manager Blind SQL Injection Henri Salo
Re: CVE Request: use after free in PHP 5.6 and 7 (possibly others) Mark Felder
Re: libav: divide-by-zero in ff_h263_decode_mba() Mark Felder
Re: libav: divide-by-zero in ff_h263_decode_mba() Agostino Sarubbo
Re: CVE Request: kmail: Attachments are not encrypted when "automatic encryption" is selected cve-assign
Remote file upload vulnerability in mailcwp v1.99 wordpress plugin Larry W. Cashdollar
Re: Remote file upload vulnerability in mailcwp v1.99 wordpress plugin Larry W. Cashdollar
Re: ezmlm warning Grant Ridder
Re: CVE Request: AWS s2n Anthony Liguori
Re: CVE Request: AWS s2n MacCarthaigh, Colm
Re: Re: ezmlm warning Reed Loden
Re: ezmlm warning Solar Designer
Remote file upload vulnerability in fast-image-adder v1.1 Wordpress plugin Larry W. Cashdollar
Re: Re: ezmlm warning Florian Weimer
Re: Re: ezmlm warning Reed Loden

Friday, 17 July

Re: Re: ezmlm warning Florian Weimer
Re: Squid HTTP proxy CVE request Mark Felder
CVE request: php - segmentation fault in Phar::convertToData; buffer overflow in phar_fix_filepath; Vasyl Kaigorodov
Re: Squid HTTP proxy CVE request cve-assign
Re: CVE Request: Graphviz format string vuln Tomas Hoger
Re: Re: Squid HTTP proxy CVE request Amos Jeffries
CVE Request: gdk-pixbuf heap overflow and DoS Gustavo Grieco
Re: Squid HTTP proxy CVE request cve-assign

Saturday, 18 July

Re: CVE request: php - segmentation fault in Phar::convertToData; buffer overflow in phar_fix_filepath; cve-assign
CVE-2014-8873 was fixed in DSA-3235-1 Florian Weimer
Re: CVE request: Zenphoto before 1.4.9 multiple vulnerabilities cve-assign
CVE Request: cacti multiple SQL injections Alessandro Ghedini
Re: Re: ezmlm warning Solar Designer

Sunday, 19 July

CVE Request - Information Exposure Vulnerability in WordPress Mobile Pack Wordpress Plugin v2.1.2 (and certain versions of v2.1.3 - prior to June 3, 2015) Nitin Venkatesh

Monday, 20 July

Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 cve-assign
Re: siege: off-by-one in load_conf() Jason A. Donenfeld
Re: Remote file download vulnerability in Wordpress Plugin image-export v1.1 cve-assign

Tuesday, 21 July

CVE Request for OpenSSH vulnerability - authentication limits bypass king cope
Re: CVE request: IPython CSRF validation cve-assign
CVE Request - Cross-Site Request Forgery Vulnerability in Portfolio Plugin Wordpress Plugin v1.0 Nitin Venkatesh
CVE Request: October CMS - Stored XSS in image caption tag Abhishek J.M
Re: CVE request: IPython CSRF validation Kyle Kelley
Re: CVE request: php - segmentation fault in Phar::convertToData; buffer overflow in phar_fix_filepath; Tomas Hoger

Wednesday, 22 July

Re: CVE Request for OpenSSH vulnerability - authentication limits bypass Jason A. Donenfeld
Re: CVE Request: AWS s2n Markus Vervier
Re: CVE Request: October CMS - Stored XSS in image caption tag cve-assign
Security issues in LXC (CVE-2015-1331 and CVE-2015-1334) Tyler Hicks
Re: Security issues in LXC (CVE-2015-1331 and CVE-2015-1334) Fiedler Roman
Multiple memory corruption vulnerabilities in SoX 14.4.2 Michele Spagnuolo
Linux x86_64 NMI security issues Andy Lutomirski
Re: CVE Request for OpenSSH vulnerability - authentication limits bypass mancha
Re: Linux x86_64 NMI security issues Solar Designer
Re: Security issues in LXC (CVE-2015-1331 and CVE-2015-1334) Solar Designer
Re: Multiple memory corruption vulnerabilities in SoX 14.4.2 Solar Designer
Re: CVE Request for OpenSSH vulnerability - authentication limits bypass cve-assign
Re: Linux x86_64 NMI security issues Kurt Seifried

Thursday, 23 July

CVE-2015-5158 Qemu: scsi stack buffer overflow P J P
Re: Re: CVE Request for OpenSSH vulnerability - authentication limits bypass mancha
Re: CVE Request for OpenSSH vulnerability - authentication limits bypass cve-assign
Re: Linux x86_64 NMI security issues Petr Matousek
Re: Linux x86_64 NMI security issues Andy Lutomirski
Re: Linux x86_64 NMI security issues Petr Matousek
CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw Kurt Seifried
Re: Re: CVE Request for OpenSSH vulnerability - authentication limits bypass mancha
CVE-2015-3228 - Ghostscript - Integer overflow William Robinet
CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability Henri Salo
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Qualys Security Advisory
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon
Re: CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability cve-assign
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Philip Pettersson
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Jamie Strandboge
CVE-2015-3208 hornetq: XXE/SSRF in XPath selector Kurt Seifried
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Kurt Seifried

Friday, 24 July

Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Martino Dell'Ambrogio
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Joshua Rogers
Re: Linux x86_64 NMI security issues Josh Boyer
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser mancha
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Brandon Perry
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Stephan Wiesand
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Brad Knowles
Re: Linux x86_64 NMI security issues Andy Lutomirski

Saturday, 25 July

CVE Request - Open Redirect Vulnerability in Music Store Wordpress Plugin v1.0.14 Nitin Venkatesh
CVE Request - Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite Wordpress Plugin v1.4.6 Nitin Venkatesh
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Leif Nixon
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Michal Zalewski
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Dave Horsfall
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Brad Knowles

Sunday, 26 July

Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser gremlin
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Hanno Böck
Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 Larry W. Cashdollar

Monday, 27 July

Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser mancha
Xen Security Advisory 138 (CVE-2015-5154) - QEMU heap overflow flaw while processing certain ATAPI commands. Xen . org security team
CVE request: Easy!Appointments 1.0 cross-site scripting vulnerability Henri Salo
CVE request: Easy!Appointments 1.0 Cross-Site Request Forgery and Insufficiently Protected Credentials vulnerabilities Henri Salo
CVE request: Easy!Appointments 1.0 Missing HTTPOnly flag Henri Salo
Security issue in Linux Kernel Keyring (CVE-2015-1333) Tyler Hicks
Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 cve-assign
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Ankeet Presswala
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Jeff Collins

Tuesday, 28 July

CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden
CVE request: Linux kernel - information leak in md driver Benjamin Randazzo
Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 cve-assign
Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Jan Rusnacko
CVE request: mktexlsr/texlive: insecure use of /tmp Vasyl Kaigorodov
[OSSA 2015-013] Glance task flow may fail to delete image from backend (CVE-2015-3289) Grant Murphy
CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes
Re: Security issue in Linux Kernel Keyring (CVE-2015-1333) Tyler Hicks
Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign
Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes
Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign
Re: Re: Linux x86_64 NMI security issues Luis Henriques
CVE request - remind 3.1.14 and earlier - buffer overflow Dianne Skoll
[BIND] CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure Michael McNally
Re: [BIND] CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure Solar Designer

Wednesday, 29 July

Re: CVE request: Linux kernel - information leak in md driver cve-assign
Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes
CVE Request - Go net/http library - HTTP smuggling Jason Buberel
CVE request: Froxlor - information leak oss-security-list
Re: CVE Request - Go net/http library - HTTP smuggling Florian Weimer
Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser z80
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Solar Designer
Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden
Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 Reed Loden
[CVE Request] WP Slimstat < 4.1.6 - Referer Header XSS Sam Pizzey
Re: Linux x86_64 NMI security issues Solar Designer
Re: CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw Dave Chinner
Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Solar Designer
Re: Linux x86_64 NMI security issues Daniel Micay
Re: CVE request: mktexlsr/texlive: insecure use of /tmp cve-assign

Thursday, 30 July

Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability Stefan Cornelius
Re: Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g Stefan Cornelius
CVE-2015-1416: vulnerability in patch(1) Adam Maris
CVE Request: PHP v7 - Code execution vulnerability Fourny Dimitri
Re: CVE Request: PHP v7 - Code execution vulnerability cve-assign
A new class of security vulns? Kurt Seifried
Re: A new class of security vulns? Scott Arciszewski
Re: A new class of security vulns? cve-assign
Re: A new class of security vulns? Joshua Rogers
Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability cve-assign
CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer Huzaifa Sidhpurwala

Friday, 31 July

Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser Qualys Security Advisory
CVE for crypto_get_random() from libsrtp Adam Maris
Re: CVE for crypto_get_random() from libsrtp Scott Arciszewski
Re: RE: strings /libbfd crash Tyler Hicks
CVE Request: devscripts: licensecheck: arbitrary shell command injection Salvatore Bonaccorso
CVE request: Multiple XSS and CSRF vulnerabilities in sidekiq ruby gem Reed Loden

Saturday, 01 August

Re: CVE for crypto_get_random() from libsrtp Michael Samuel
Re: CVE-2015-1416: vulnerability in patch(1) Mark Felder
CVE request: Use-after-free in path lookup in Linux 3.11-4.0 inclusive Ben Hutchings
CVE request: Integer overflow in SCSI generic driver in Linux <4.1 Ben Hutchings
Re: CVE Request: devscripts: licensecheck: arbitrary shell command injection cve-assign
Re: CVE-2015-1416: vulnerability in patch(1) Florian Weimer
Re: CVE-2015-1416: vulnerability in patch(1) Mark Felder

Sunday, 02 August

CVE request: Multiple spree ruby gems vulnerabilities (across multiple versions) Reed Loden
Re: WP Slimstat < 4.1.6 - Referer Header XSS Henri Salo
Re: CVE request: Use-after-free in path lookup in Linux 3.11-4.0 inclusive - Linux kernel cve-assign
Re: CVE request: Integer overflow in SCSI generic driver in Linux <4.1 - Linux kernel cve-assign
Re: CVE-2015-1416: vulnerability in patch(1) cve-assign
Re: WP Slimstat < 4.1.6 - Referer Header XSS Andrew Nacin
Re: CVE request: XEE in ruby gem ruby-saml <1.0.0 Reed Loden
Re: CVE request: Command injection in ruby gem ruby-saml <1.0.0 Reed Loden

Monday, 03 August

Xen Security Advisory 139 (CVE-2015-5166) - Use after free in QEMU/Xen block unplug protocol Xen . org security team
Xen Security Advisory 140 (CVE-2015-5165) - QEMU leak of uninitialized heap memory in rtl8139 device model Xen . org security team
Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer Huzaifa Sidhpurwala
CVE Request: Information disclosure in pcre Huzaifa Sidhpurwala
Re: CVE Request: Information disclosure in pcre Huzaifa Sidhpurwala

Tuesday, 04 August

Re: Linux x86_64 NMI security issues Jason A. Donenfeld
CVE request: WordPress 4.2.3 and earlier multiple vulnerabilities Henri Salo
Re: CVE request: WordPress 4.2.3 and earlier multiple vulnerabilities cve-assign
CVE-2015-3290: Linux privilege escalation due to nested NMIs interrupting espfix64 Andy Lutomirski
Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel

Wednesday, 05 August

Re: CVE Request: cacti multiple SQL injections Alessandro Ghedini
Re: CVE Request - Go net/http library - HTTP smuggling cve-assign
CVE Request: PCRE Library Heap Overflow Vulnerability Guanxing Wen
CVE Request: SuiteCRM Post-Auth Race Condition Shell Upload Remote Code Execution. Darren Martyn
CVEs fixed in Ranger 0.5 Velmurugan Periasamy
CVE-2015-5156 : virt-io max-skb-frags heap overflow. Wade Mealing

Thursday, 06 August

Re: Re: CVE Request - Go net/http library - HTTP smuggling Martin Prpic
CVE request: Qemu: buffer overflow in virtio-serial P J P
Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel
Re: CVE request: Qemu: buffer overflow in virtio-serial cve-assign
Re: CVE Request: SuiteCRM Post-Auth Race Condition Shell Upload Remote Code Execution. cve-assign
Re: CVE request - remind 3.1.14 and earlier - buffer overflow cve-assign

Friday, 07 August

Re: CVE request: Froxlor - information leak cve-assign

Sunday, 09 August

CVE request - simple-php-captcha - captcha bypass vulnerability François Labrèche
Re: CVE request - simple-php-captcha - captcha bypass vulnerability Solar Designer

Monday, 10 August

CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding Martin Prpic
Duplicate Wireshark CVEs? Martin Prpic
Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel
CVE Request: ippusbxd Seth Arnold
Re: Re: Linux x86_64 NMI security issues Thomas D.

Tuesday, 11 August

Re: CVE for crypto_get_random() from libsrtp Adam Maris
Re: CVE for crypto_get_random() from libsrtp Jeremy Stanley
Re: CVE for crypto_get_random() from libsrtp Adam Maris
Re: CVE for crypto_get_random() from libsrtp Jeremy Stanley
Re: Duplicate Wireshark CVEs? Siddharth Sharma
Terminal escape sequences - the new XSS for admins? Kurt Seifried
CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit
Re: Terminal escape sequences - the new XSS for admins? Daniel Kahn Gillmor
Re: Terminal escape sequences - the new XSS for admins? Steve Grubb
Re: Terminal escape sequences - the new XSS for admins? Stephane Chazelas
Re: Terminal escape sequences - the new XSS for admins? Florian Weimer
Re: Terminal escape sequences - the new XSS for admins? Andy Lutomirski
Re: Re: Terminal escape sequences - the new XSS for admins? Steve Grubb
Processor side channels using out of order execution Kurt Seifried

Wednesday, 12 August

Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Adam Maris
CVE request - Processor side channels using out of order execution sophia
CVE Request: ATutor LMS Version 2.2 with stored XSS and file upload issue sreepriya
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Adam Maris
Is CVE-2015-4650 a duplicate, leak, or just a typo? Florian Weimer
CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10 Chris Steipp
Re: Is CVE-2015-4650 a duplicate, leak, or just a typo? ISC Security Officer
Re: CVE request - Processor side channels using out of order execution Solar Designer
CVE Request: libbfd in binutils (was: strings /libbfd crash) Tyler Hicks
Re: Re: Terminal escape sequences - the new XSS for admins? Robert Święcki
Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel
Re: Re: Terminal escape sequences - the new XSS for admins? Dave Horsfall
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Solar Designer
Re: CVE request - Processor side channels using out of order execution sophia
Re: Re: CVE Request - Go net/http library - HTTP smuggling Jason Buberel
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Solar Designer
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit
Re: CVE Request: Information disclosure in pcre Shannon Sabens
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Moritz Jodeit
CVE request - php 7 use after free 牛保龙

Thursday, 13 August

Re: CVE Request: gdk-pixbuf heap overflow and DoS Huzaifa Sidhpurwala
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities Solar Designer
CVE request for saltstack Kurt Seifried
[CVE-2015-3271] Apache Tika information disclosure vulnerability David Meikle
Re: CVE request for saltstack Solar Designer
Re: CVE request for saltstack Kurt Seifried
CVE Request: Request Tracker: cross-site scripting in cryptography interface Salvatore Bonaccorso
Audit: log terminal emulator escape sequences handling CVE-2015-5186 Kurt Seifried
[OSSA 2015-014] Glance v2 API host file disclosure through qcow2 backing file (CVE-2015-5163) Tristan Cacqueray
Re: Duplicate Wireshark CVEs? cve-assign

Friday, 14 August

Re: Re: Duplicate Wireshark CVEs? Stuart Henderson
Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding Salvatore Bonaccorso
CVE request: conntrackd denial of service with unusual network traffic Florian Weimer
Alleged libstdc++ vulnerabilities Florian Weimer
Re: Alleged libstdc++ vulnerabilities Jonathan Wakely
Re: Alleged libstdc++ vulnerabilities Jonathan Wakely
Re: Is CVE-2015-4650 a duplicate, leak, or just a typo? Michael McNally

Saturday, 15 August

Re: CVE request: 2 issues in inspircd Moritz Mühlenhoff

Sunday, 16 August

Re: hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation Moritz Muehlenhoff
Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Gustavo Grieco
CVE request: UnrealIRCd crash issue if SASL is enabled Reed Loden
Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha

Monday, 17 August

Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Raphael Geissert
[ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ Dejan Bosanac
CVE-2015-5706: kernel: Use-after-free in path lookup Jan Kara
Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Tomas Hoger
Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha
Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding cve-assign
Re: CVE request - simple-php-captcha - captcha bypass vulnerability cve-assign
Re: CVE request - simple-php-captcha - captcha bypass vulnerability Solar Designer
Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski
Re: CVE request: ansible zone/chroot/jail escape cve-assign
Re: Terminal escape sequences - the new XSS for admins? Solar Designer
Re: CVE request: conntrackd denial of service with unusual network traffic cve-assign
CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD Wade Mealing
Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD cve-assign
CVE request - Linux kernel - perf on ppp64 - unbounded checks in perf_callchain_user_64 denial of service. Wade Mealing
Re: CVE Request: Request Tracker: cross-site scripting in cryptography interface cve-assign

Tuesday, 18 August

CVE Request for glusterfs: fuse check return value of setuid Siddharth Sharma
Re: CVE Request for glusterfs: fuse check return value of setuid Florian Weimer
Re: CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131) cve-assign
CVE REJECT CVE-2015-5192/CVE-2015-5193 Kurt Seifried
[ANNOUNCE] Django security releases issued (1.4.22, 1.7.10, and 1.8.4) Tim Graham
Re: CVE Request: ippusbxd cve-assign
Re: CVE Request: ATutor LMS Version 2.2 with stored XSS and file upload issue cve-assign
Re: CVE Request: PCRE Library Heap Overflow Vulnerability Guanxing Wen

Wednesday, 19 August

CVE Request: more php unserializing issues Marcus Meissner
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability Christofer Dutz
Re: CVE request - Processor side channels using out of order execution sophia
Re: CVE request - Processor side channels using out of order execution Kurt Seifried
Re: CVE request - Processor side channels using out of order execution sophia
Re: CVE request - Processor side channels using out of order execution Solar Designer
CVE REJECT noise Solar Designer
Re: CVE REJECT noise Kurt Seifried
Re: CVE REJECT noise David Walser
Re: CVE REJECT noise Solar Designer
Re: CVE REJECT noise Reed Loden
CVE request: libgpf: use-after-free vulnerability in Decoder.cpp Pengsu Cheng
Re: CVE request - Processor side channels using out of order execution sophia

Thursday, 20 August

Re: CVE REJECT noise P J P
[oCERT-2015-009] VLC arbitrary pointer dereference Andrea Barisani
Use-after-free (and double-free) in Jasper JPEG-200 (CVE-2015-5221) FEIST Josselin
Re: [oCERT-2015-009] VLC arbitrary pointer dereference Alessandro Ghedini
Re: CVE request - Linux kernel - perf on ppp64 - unbounded checks in perf_callchain_user_64 denial of service. cve-assign
Re: CVE Request: PHP v7 - Code execution vulnerability cve-assign
Re: [oCERT-2015-009] VLC arbitrary pointer dereference Loren
Re: CVE for crypto_get_random() from libsrtp Michael Samuel
CVE-2015-5185 sblim-sfcb: lookupProviders() null pointer dereference Kurt Seifried

Friday, 21 August

CVE Request: twig remote code execution Alessandro Ghedini
Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha
CVEs requests for Drupal Core (SA-CORE-2015-003) Pere Orga
CVE-2015-5225 Qemu: ui: vnc: heap memory corruption issue P J P
Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities cve-assign

Saturday, 22 August

CVE Request Blind SQL Injection in wordpress plugin dukapress v2.5.9 Larry W Cashdollar

Sunday, 23 August

CVE Request: PCRE Library Heap Overflow in compile_regex() Guanxing Wen

Monday, 24 August

SEH Local buffer overflow vulnerability Arjun Basnet
CVE-2015-5224 login-utils: file name collision due to incorrect mkstemp use Qualys Security Advisory
Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) Mark Felder
CVE request: uglify-js node.js module <2.4.24 incorrectly handles non-boolean comparisons during minification Reed Loden
Re: CVE request: uglify-js node.js module <2.4.24 incorrectly handles non-boolean comparisons during minification Reed Loden
Re: CVE request: uglify-js node.js module <2.4.24 incorrectly handles non-boolean comparisons during minification Florian Weimer
Re: CVE request: uglify-js node.js module <2.4.24 incorrectly handles non-boolean comparisons during minification Reed Loden
CVE Request: Linux x86_64 NT flag issue Andy Lutomirski
Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel cve-assign

Tuesday, 25 August

Several low impact ntp.org ntpd issues Florian Weimer
Re: CVE Request for glusterfs: fuse check return value of setuid Siddharth Sharma
CVE-2015-5228 & CVE-2015-5231 in the criu service daemon Florian Weimer
Re: Several low impact ntp.org ntpd issues Mark Felder
Re: Several low impact ntp.org ntpd issues Noel Kuntze
[OSSA 2015-015] Nova instance migration process does not stop when instance is deleted (CVE-2015-3241) Tristan Cacqueray
Re: CVE request: libgpf: use-after-free vulnerability in Decoder.cpp cve-assign
Re: CVE request: 2 issues in inspircd cve-assign

Wednesday, 26 August

CVE Request : Serenity Media Player Buffer Overflow Dis close
New security vulnerability for Apache CXF Fediz - CVE-2015-5175 Colm O hEigeartaigh
Re: CVE Request : Serenity Media Player Buffer Overflow cve-assign
[OSSA 2015-016] Information leak via Swift tempurls (CVE-2015-5223) Tristan Cacqueray
Multiple memory corruptions caused by uninitialized values in JasPer 1.900 Gustavo Grieco
Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Salvatore Bonaccorso

Thursday, 27 August

CVE-2015-5237: Integer overflow in protobuf serialization (currently minor) Florian Weimer
Re: CVE Request : Serenity Media Player Buffer Overflow Dis close
Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Pere Orga
CVE-2014-8177 gluster-swift metadata constraints are not correctly enforced Siddharth Sharma
Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10 cve-assign
CVE-2015-0852 [FreeImage] Integer overflow in PluginPCX.cpp pcheng pcheng
Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) mancha

Friday, 28 August

CVE request: XSS vulnerability in jsoup related to incomplete tags at EOF Florian Weimer
CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close
Re: CVE request: XSS vulnerability in jsoup related to incomplete tags at EOF cve-assign
CVE request: vorbis-tools: buffer overflow in aiff_open() pcheng pcheng

Saturday, 29 August

Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel Andy Lutomirski

Sunday, 30 August

Re: CVE request: vorbis-tools: buffer overflow in aiff_open() cve-assign
KnowledgeTree OSS 3.0.3b Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug Jing Wang
Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug Jing Wang

Monday, 31 August

Out of bounds read using malformed tar archive in GNU Tar and BSD Tar Gustavo Grieco
Re: Out of bounds read using malformed tar archive in GNU Tar and BSD Tar Hanno Böck
CVE request: screen stack overflow (deep recursion) Florian Weimer
Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski
Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski
Re: CVE Request: more php unserializing issues Marcus Meissner
Re: CVE Request: more php unserializing issues Marcus Meissner

Tuesday, 01 September

Re: CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close
Re: CVE Request - LFI/Path Traversal in NextGen Gallery WordPress Plugin. Dis close
CSRF to RCE in Jenkins Nicolas Grégoire
Xen Security Advisory 141 (CVE-2015-6654) - printk is not rate-limited in xenmem_add_to_physmap_one Xen . org security team
[OSSA 2015-017] Nova may fail to delete images in resize state (CVE-2015-3280) Tristan Cacqueray
CVE REJECT CVE-2015-3287 Kurt Seifried
Re: CVE REJECT CVE-2015-3287 cve-assign

Wednesday, 02 September

CVE Request : CSRF in IPython/Jupyter notebook Tree. Matthias Bussonnier
Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. Juan Broullón
PowerDNS Security Advisory 2015-02 Pieter Lexis
Factoring RSA Keys With TLS Perfect Forward Secrecy Florian Weimer
CVE-2015-5239 Qemu: vnc infinite loop issue P J P
Re: CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131) Pere Orga
Re: CVE-2015-5239 Qemu: vnc infinite loop issue Kurt Seifried
Re: CVE-2015-5239 Qemu: vnc infinite loop issue Julien Cristau
OpenSSH: CVE-2015-6565 (pty issue in 6.8-6.9) can lead to local privesc on Linux Jann Horn
Two new vulnerabilities in BIND: CVE-2015-5722 and CVE-2015-5986 are now public ISC Security Officer
Re: CVE-2015-5239 Qemu: vnc infinite loop issue P J P
Re: CVE request: screen stack overflow (deep recursion) cve-assign
AW: Re: CVE request: screen stack overflow (deep recursion) Fiedler Roman
Re: CVE Request for glusterfs: fuse check return value of setuid Siddharth Sharma
Re: CVE request: screen stack overflow (deep recursion) Solar Designer
CVE Request: Memory corruption in libvncserver < 0.9.8 Huzaifa Sidhpurwala

Thursday, 03 September

Re: CVE request: screen stack overflow (deep recursion) Solar Designer
Re: Two new vulnerabilities in BIND: CVE-2015-5722 and CVE-2015-5986 are now public Florian Weimer
Re: CVE request: screen stack overflow (deep recursion) Kuang-che Wu
Re: Two new vulnerabilities in BIND: CVE-2015-5722 and CVE-2015-5986 are now public Mark Andrews

Friday, 04 September

CVE request: Ganglia-web auth bypass Ivan Novikov
CVE Request: PgBouncer: failed auth_query lookup leads to connection as auth_user Salvatore Bonaccorso
CVE Request Qemu: net: e1000 infinite loop issue P J P
Re: CVE Request for glusterfs: fuse check return value of setuid cve-assign
Re: Re: CVE Request for glusterfs: fuse check return value of setuid Seth Arnold
Re: CVE Request for glusterfs: fuse check return value of setuid cve-assign

Saturday, 05 September

Some Wordpress Plugin Stuff Scott Arciszewski
Re: CVE Request Qemu: net: e1000 infinite loop issue cve-assign
Re: CVE request: Ganglia-web auth bypass cve-assign
Re: CVE Request: PgBouncer: failed auth_query lookup leads to connection as auth_user cve-assign
CVE Request: Glibc Pointer guarding weakness Hector Marco-Gisbert
Re: CVE Request Qemu: net: e1000 infinite loop issue Qinghao Tang

Sunday, 06 September

CVE Request: TOTP Replay Attack in Ruby library "devise-two-factor" Justin Bull
Re: Some Wordpress Plugin Stuff cve-assign
Re: CVE Request Blind SQL Injection in wordpress plugin dukapress v2.5.9 Larry Cashdollar
Re: Re: CVE Request Qemu: net: e1000 infinite loop issue Huzaifa Sidhpurwala

Monday, 07 September

Re: Re: CVE Request Qemu: net: e1000 infinite loop issue Qinghao Tang
Re: CVE request: Ganglia-web auth bypass Raphael Geissert
Heap overflow and DoS in unzip 6.0 Gustavo Grieco
CVE Request: PHP remote exploits (even more) Marcus Meissner
nss: SSL_ImplementedCiphers ABI incompatibility may lead to incorrect cipher suites Florian Weimer
Re: nss: SSL_ImplementedCiphers ABI incompatibility may lead to incorrect cipher suites cve-assign
CVE request for wget Austin English
Re: Re: CVE Request Qemu: net: e1000 infinite loop issue Huzaifa Sidhpurwala

Tuesday, 08 September

Pending CVE requests for glibc Huzaifa Sidhpurwala
CVE Request: Wireshark 1.12.7 Marcus Meissner
Re: CVE Request: Wireshark 1.12.7 Marcus Meissner
CVE Request: libgcrypt hardening for RSA-CRT leak Marcus Meissner
Re: CVE Request: libgcrypt hardening for RSA-CRT leak Florian Weimer
Re: CVE Request: more php unserializing issues cve-assign
Re: CVE Request: PHP remote exploits (even more) cve-assign
[OSSA 2015-018] Neutron firewall rules bypass through port update (CVE-2015-5240) Tristan Cacqueray

Wednesday, 09 September

Re: CVE request for wget Victor Pereira
Re: CVE request for wget Andreas Stieger
Re: nss: SSL_ImplementedCiphers ABI incompatibility may lead to incorrect cipher suites Florian Weimer
Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. Kyle Kelley
CVE request Qemu: ide: divide by zero issue P J P

Thursday, 10 September

Re: CVE request Qemu: ide: divide by zero issue cve-assign
CVE request: Use-after-free in Linux kernel with aufs mmap patch Ben Hutchings
Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro
Re: CVE request Qemu: ide: divide by zero issue P J P
CVE Request: OpenLDAP: ber_get_next denial of service vulnerability Salvatore Bonaccorso

Friday, 11 September

Re: CVE request Qemu: ide: divide by zero issue Qinghao Tang
CVE Request: 2 FreeType issues Marc Deslauriers
Re: CVE Request: OpenLDAP: ber_get_next denial of service vulnerability cve-assign

Saturday, 12 September

CVE request: Flash based XSS in FileAPI.flash.swf mala

Sunday, 13 September

Re: libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment Salvatore Bonaccorso
CVE-2015-0854: Insecure use of system() in shutter Luke Faraone
CVE-2015-0853: insecure use of os.system() in svn-workbench Luke Faraone

Monday, 14 September

CVE-Request for stored WCI (a.k.a XSS) in Visual Form Builder 2.7.5 - 2.8.4 Anti Räis
Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. cve-assign
CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c cve-assign
Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel cve-assign

Tuesday, 15 September

CVE-2015-6584: XSS in DataTables Martin Prpic
CVE-2015-5278 Qemu: net: avoid infinite loop when receiving packets P J P
CVE-2015-5279 Qemu: net: add checks to validate ring buffer pointers P J P
CVE Request : Use-after-free in openjpeg FEIST Josselin
Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius
Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco
Re: Heap overflow and DoS in unzip 6.0 Hanno Böck
Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco
Re: CVE-2015-6584: XSS in DataTables Kurt Grutzmacher

Wednesday, 16 September

CVE Request: Use-after-free in optipng 0.6.4 Gustavo Grieco
Re: CVE Request: TOTP Replay Attack in Ruby library "devise-two-factor" Justin Bull
CVE Request: Maliciously crafted text files in IPython/Jupyter editor MinRK
CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability Qinghao Tang
New release (2.6.) of testssl.sh Dirk Wetter

Thursday, 17 September

CVE Request: remote triggerable use-after-free in rpcbind Marcus Meissner
Re: CVE Request: TOTP Replay Attack in Ruby library "devise-two-factor" cve-assign
Re: CVE Request: Use-after-free in optipng 0.6.4 Mark Felder
Re: CVE-2015-0854: Insecure use of system() in shutter Mark Felder
s/party/hack like it's 1999 up201407890
Re: CVE Request: remote triggerable use-after-free in rpcbind cve-assign
Re: Heap overflow and DoS in unzip 6.0 Mark Felder
Re: s/party/hack like it's 1999 Manuel Gómez
Re: CVE Request: remote triggerable use-after-free in rpcbind Marcus Meissner
Re: CVE Request: remote triggerable use-after-free in rpcbind Marcus Meissner
Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson
Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson
Re: Re: CVE Request: remote triggerable use-after-free in rpcbind Kurt Seifried
Re: CVE Request: remote triggerable use-after-free in rpcbind Steve Dickson
CVE Request: Squid HTTP Proxy Denial of Service Amos Jeffries
CVE Request: Squid HTTP Proxy Denial of Service Amos Jeffries
CVE Request: Squid HTTP Proxy Denial of Service Amos Jeffries
CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. David Black

Friday, 18 September

CVE request Qemu: net: virtio-net possible remote DoS P J P
Re: s/party/hack like it's 1999 up201407890
Re: Re: CVE Request: remote triggerable use-after-free in rpcbind Olaf Kirch
Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. cve-assign
Re: CVE request Qemu: net: virtio-net possible remote DoS cve-assign
Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro

Saturday, 19 September

Re: CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability Stefan Cornelius
CVE Request: Plone Unauthorized user creation Nathan Van Gheem
CVE Request: Plone XSS Nathan Van Gheem
CVE Request: Plone Privilege Escalation Nathan Van Gheem
CVE Request: Plone header injection Nathan Van Gheem
Re: CVE Request: Use-after-free in optipng 0.6.4 Stefan Cornelius
Re: s/party/hack like it's 1999 Solar Designer
Re: s/party/hack like it's 1999 Rich Felker
Re: s/party/hack like it's 1999 Solar Designer

Sunday, 20 September

CVE Request: gollum information disclosure vulnerability Dawa Ometto
Moodle security release Marina Glancy
Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. David Black

Monday, 21 September

CVE-2015-5282: Foreman stored XSS in parameter hide checkbox Dominic Cleal
Samsung S4 (GT-I9500) multiple kernel vulnerabilities Jonathan Salwan
CVE request: zarafa-autorespond suffers from a potential local privilege escalation Martin Prpic
Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius
DoS in libtiff Gustavo Grieco
Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch Salvatore Bonaccorso
Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann
Re: s/party/hack like it's 1999 David Holland
Re: s/party/hack like it's 1999 Greg KH
Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann
Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay
Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay
Re: s/party/hack like it's 1999 Florian Weimer
Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay

Tuesday, 22 September

Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor MinRK
Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Florian Weimer
Xen Security Advisory 142 - libxl fails to honour readonly flag on disks with qemu-xen Xen . org security team
CVE Request: Arm Mali gpu driver Dos vulnerability Gengjia Chen
Xen Security Advisory 142 (CVE-2015-7311) - libxl fails to honour readonly flag on disks with qemu-xen Xen . org security team
CVE requests - Contact Form 7, eZPublish (EZSA-2015-001), Prestashop us3r777
CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege VeraCrypt Team
CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android Joe Bowser
[OSSA-2015-019] Glance image status manipulation (CVE-2015-5251) Grant Murphy
Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch cve-assign
Re: DoS in libtiff cve-assign
Re: CVE Request: gollum information disclosure vulnerability cve-assign
Re: CVE Request: Plone Unauthorized user creation cve-assign
Re: CVE Request: Plone XSS cve-assign
Re: CVE Request: Plone Privilege Escalation cve-assign
Re: CVE Request: Plone header injection cve-assign
CVE-2015-5232: various /tmp races in opa-fm, opa-ff Florian Weimer
Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities Daniel Micay
Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257 Moein Ghasemzadeh
Re: Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257 Greg KH

Wednesday, 23 September

Re: DoS in libtiff Gustavo Grieco
CVE Request: Buffer overflow in global memory affecting optipng 0.7.5 Gustavo Grieco
Re: Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257 Greg KH
Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor cve-assign

Thursday, 24 September

Re: CVE request: BD-J implementation in libbluray Florian Weimer
Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege cve-assign
Pulp 2.6.4 released for CVE-2015-5263 Randy Barlow
Re: CVE request for wget Austin English

Friday, 25 September

VuFind 1.0 Web Application Reflected XSS (Cross-site Scripting) 0-Day Bug Security Issue Jing Wang
Re: CVE request for wget cve-assign
Re: CVE Request: 2 FreeType issues cve-assign

Saturday, 26 September

Re: s/party/hack like it's 1999 David Holland
Re: s/party/hack like it's 1999 Daniel Micay

Sunday, 27 September

DoS attack through Email-Address perl module v1.907 (CVE id request) Pali Rohár

Monday, 28 September

Re: CVE request for wget Austin English

Tuesday, 29 September

CVE request: urlfetch range handling flaw in Cyrus IMAP Martin Prpic
Re: Re: CVE request for wget Andreas Stieger
Security issue in LXC (CVE-2015-1335) Tyler Hicks
Re: s/party/hack like it's 1999 Rich Felker

Wednesday, 30 September

Re: DoS attack through Email-Address perl module v1.907 (CVE id request) cve-assign
Re: CVE request: urlfetch range handling flaw in Cyrus IMAP Florian Weimer
Re: CVE Request: cacti multiple SQL injections Alessandro Ghedini
Re: CVE Request: twig remote code execution Alessandro Ghedini
CVE Request: zendframework SQL injections Alessandro Ghedini
Apache James Server 2.3.2 security vulnerability fixed Eric Charles
Re: CVE Request: zendframework SQL injections Alessandro Ghedini
CVE Request: squid: Nonce replay vulnerability in Digest authentication Huzaifa Sidhpurwala

Previous period

Next period