Mail Index
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED]
- From: FreeBSD Security Advisories
- CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- Personal File Share HTTP Server Remote Overflow Vulnerability
- WowzaMediaServer StorageDir escape (regression)
- WowzaMediaServer SecureToken bypass (and worse)
- Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability
- [security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS)
- [ MDVSA-2013:157 ] krb5
- [ MDVSA-2013:158 ] krb5
- [SECURITY] [DSA 2665-1] strongswan security update
- [ MDVSA-2013:159 ] clamav
- Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution
- From: az . bugreport . subscriber
- [HITB-Announce] #HITB2013KUL Call for Papers
- SQL Injection in b2evolution
- Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS
- WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability
- NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection
- NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal
- NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)
- NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth)
- [SECURITY] [DSA 2664-1] stunnel4 security update
- From: Salvatore Bonaccorso
- ESA-2013-034: EMC Avamar Improper Authorization vulnerability
- ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability
- ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability
- [ MDVSA-2013:160 ] phpmyadmin
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028)
- From: VUPEN Security Research
- Vulnerability in Microsoft Security Essentials <v4.2
- Multiple buffer overflows on Huawei SNMPv3 service
- Multiple Vulnerabilities in D-Link DSL-320B
- [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java
- From: Security Explorations
- VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6
- ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities
- [ MDVSA-2013:161 ] java-1.7.0-openjdk
- Apache VCL improper input validation
- SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2013:162 ] glibc
- [ MDVSA-2013:163 ] glibc
- Cross-Site Request Forgery (CSRF) in UMI.CMS
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software
- From: Cisco Systems Product Security Incident Response Team
- [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
- [security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code
- Vulnerability in "Fujitsu Desktop Update" (for Windows)
- ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability
- Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued]
- ESA-2013-021: EMC Documentum Multiple Vulnerabilities
- DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities
- CFP: Hacktivity 2013, October 11-12, Budapest, Hungary
- CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException
- [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator
- [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited
- ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability
- WASC Announcement: Static Analysis Technologies Evaluation Criteria Published
- [SECURITY] [DSA 2666-1] xen security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 2667-1] mysql-5.5 security update
- [ MDVSA-2013:164 ] mesa
- [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution
- From: RedTeam Pentesting GmbH
- Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities
- Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities
- Wifi Album v1.47 iOS - Command Injection Vulnerability
- Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities
- SimpleTransfer 2.2.1 - Command Injection Vulnerabilities
- File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities
- [SECURITY] [DSA 2668-1] linux-2.6 security update
- [security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
- [ MDVSA-2013:165 ] firefox
- Multiple Vulnerabilities in Exponent CMS
- Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2669-1] linux security update
- [slackware-security] mozilla-firefox (SSA:2013-135-01)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-135-02)
- From: Slackware Security Team
- ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability
- ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability
- APPLE-SA-2013-05-16-1 iTunes 11.0.3
- From: Apple Product Security
- [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)
- From: Slackware Security Team
- [slackware-security] ruby (SSA:2013-136-02)
- From: Slackware Security Team
- CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!
- Static analysis tool exposition (SATE) V Call for participation
- Defense in depth -- the Microsoft way
- Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt)
- CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall)
- Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [slackware-security] kernel (SSA:2013-140-01)
- From: Slackware Security Team
- [ MDVSA-2013:166 ] krb5
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own)
- From: VUPEN Security Research
- Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities
- [waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin
- [waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin
- [SECURITY] [DSA 2672-1] kfreebsd-9 security update
- APPLE-SA-2013-05-22-1 QuickTime 7.7.4
- From: Apple Product Security
- [ANN] Struts 2.3.14.1 GA (fast track | security)
- SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services
- From: SEC Consult Vulnerability Lab
- CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation
- [SECURITY] [DSA 2677-1] libxrender security update
- [SECURITY] [DSA 2678-1] mesa security update
- [SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update
- [SECURITY] [DSA 2680-1] libxt security update
- [SECURITY] [DSA 2681-1] libxcursor security update
- [SECURITY] [DSA 2682-1] libxext security update
- [SECURITY] [DSA 2683-1] libxi security update
- [SECURITY] [DSA 2684-1] libxrandr security update
- [SECURITY] [DSA 2685-1] libxp security update
- [SECURITY] [DSA 2686-1] libxcb security update
- [SECURITY] [DSA 2687-1] libfs security update
- [SECURITY] [DSA 2688-1] libxres security update
- [SECURITY] [DSA 2689-1] libxtst security update
- [SECURITY] [DSA 2676-1] libxfixes security update
- [SECURITY] [DSA 2675-1] libxvmc security update
- [SECURITY] [DSA 2674-1] libxv security update
- [SECURITY] [DSA 2673-1] libdmx security update
- [SECURITY] [DSA 2690-1] libxxf86dga security update
- [SECURITY] [DSA 2691-1] libxinerama security update
- [SECURITY] [DSA 2692-1] libxxf86vm security update
- [security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information
- [SECURITY] [DSA 2675-2] libxvmc regression update
- [SECURITY] [DSA 2693-1] libx11 security update
- DC4420 - London DEFCON - May meet - Tuesday 28th May 2013
- GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France
- [ MDVSA-2013:167 ] openvpn
- [ MDVSA-2013:168 ] python-httplib2
- Barracuda SSL VPN 680 2.2.2.203 - Redirect Web Vulnerability
- KDE Paste Applet
- ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities
- Monkey HTTPD 1.1.1 - Denial of Service Vulnerability
- CA20130528-01: Security Notice for CA Process Automation (CA PAM)
- [ MDVSA-2013:169 ] socat
- [ MDVSA-2013:170 ] socat
- RUCKUS ADVISORY ID 031813-1: Unauthenticated TCP tunneling on Ruckus devices via SSH server process
- From: Ruckus Product Security Team
- RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface
- From: Ruckus Product Security Team
- CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities
- From: CORE Security Technologies Advisories
- CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities
- From: CORE Security Technologies Advisories
- CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- [SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference
- [SECURITY] [DSA 2695-1] chromium-browser security update
- [SECURITY] [DSA 2696-1] otrs2 security update
- Re: [oss-security] KDE Paste Applet
- [SECURITY] [DSA 2697-1] gnutls26 security update
- [security bulletin] HPSBPI02869 SSRT100936 rev.2 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
Mail converted by MHonArc