Mail Thread Index

Date Index

[ MDVSA-2013:264 ] firefox, security
[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution, security-alert
[security bulletin] HPSBMU02872 SSRT101185 rev.3 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS), security-alert
[security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code, security-alert
[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution, security-alert
[SECURITY] [DSA 2789-1] strongswan security update, Yves-Alexis Perez
[security bulletin] HPSBMU02874 SSRT101184 rev.2 - HP Service Manager, Java Runtime Environment (JRE) Security Update, security-alert
[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution, security-alert
pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities, Vulnerability Lab
[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS), security-alert
[SECURITY] [DSA 2790-1] nss security update, Salvatore Bonaccorso
[slackware-security] mozilla-thunderbird (SSA:2013-307-01), Slackware Security Team
XSS and CSRF Horde Groupware Web mail Edition, m . benetrix
CSRF Horde Groupware Web mail Edition, m . benetrix
XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability, geinblues
[SECURITY] [DSA 2791-1] tryton-client security update, Florian Weimer
Cisco Mars Cross-Site Scripting Vulnerability - CVE-2013-5563, g . delvecchio
[SECURITY] [DSA 2792-1] wireshark security update, Salvatore Bonaccorso
ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability., Security Alert
ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities., Security Alert
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system, ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA", ISecAuditors Security Advisories
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability, ISecAuditors Security Advisories
wordpress jigoshop Plugin path disclosure vulnerabilities, iedb . team
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting, advisories
Open-Xchange Security Advisory 2013-11-06, Martin Braun
SQL Injection in appRain, High-Tech Bridge Security Research
CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass, CORE Advisories Team
Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability, Cisco Systems Product Security Incident Response Team
CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application), Dirk-Willem van Gulik
Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability, Cisco Systems Product Security Incident Response Team
CFP BugCON 2014 - Mexico City, Carlos A. Lozano
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team
Apple MacOSX 10.9 Hard Link Memory Corruption, submit
- Re: Apple MacOSX 10.9 Hard Link Memory Corruption, Stefan Arentz
RE: FP BugCON 2014 - Mexico City, Tamara Vera
Word 2003 SP2 .doc fork bomb on WinXP SP3, jsibley1
- Re: Word 2003 SP2 .doc fork bomb on WinXP SP3, Stefan Kanthak
- <Possible follow-ups>
- Re: Word 2003 SP2 .doc fork bomb on WinXP SP3, jsibley1
WorldCIST'14 - World Conference on IST; Submission deadline: November 29, Maria Lemos
Belkin WiFi NetCam video stream backdoor with unchangeable admin/admin credentials, Johannes . Ernst
[SECURITY] [DSA 2793-1] libav security update, Moritz Muehlenhoff
XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow, geinblues
[ MDVSA-2013:265 ] kernel, security
Vulnerability in Pydio/AjaXplorer < = 5.0.3, advisories
Vulnerability in Pydio/AjaXplorer <= 5.0.3, advisories
[SECURITY] [DSA 2794-1] spip security update, Salvatore Bonaccorso
vulnerability issue for DB2 express, bhavyasethi . atcs
- Message not available
  - Fwd: vulnerability issue for DB2 express, Jonathan Yu
- <Possible follow-ups>
- Re: Fwd: vulnerability issue for DB2 express, shatter
XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3, info
WebSurgery v1.1 released (Web application security testing suite), John Stamatakis
- <Possible follow-ups>
- WebSurgery v1.1 released (Web application security testing suite), John Stamatakis
RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface, Ruckus Product Security Team
Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers, Ruckus Product Security Team
[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information, security-alert
[SECURITY] [DSA 2795-1] lighttpd security update, Michael Gilbert
LastPass Android container PIN and auto-wipe security feature bypass (CVE-2013-5113/5114), Chris John Riley
Cross-Site Scripting (XSS) in Zikula Application Framework, High-Tech Bridge Security Research
[SECURITY] [DSA 2796-1] torque security update, Salvatore Bonaccorso
Android Superuser shell character escape vulnerability, Kevin Cernekee
Superuser "su --daemon" vulnerability on Android >= 4.3, Kevin Cernekee
Superuser unsanitized environment vulnerability on Android <= 4.2.x, Kevin Cernekee
- Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x, Gleb O. Raiko
  - Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x, Kevin Cernekee
[SECURITY] [DSA 2797-1] icedove security update, Moritz Muehlenhoff
Dahua DVR Authentication Bypass - CVE-2013-6117, Jake Reynolds
Re: DS3 Authentication Server - Multiple Issues, support
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager, Rodzbry27
- <Possible follow-ups>
- Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager, Rodzbry27
Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities, Rodzbry27
APPLE-SA-2013-11-14-1 iOS 7.0.4, Apple Product Security
NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability, "VMware Security Response Center"
Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin, High-Tech Bridge Security Research
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability, Julien Ahrens
XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug, geinblues
XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs, geinblues
[SECURITY] [DSA 2795-2] lighttpd regression update, Michael Gilbert
[SECURITY] [DSA 2797-1] chromium-browser security update, Michael Gilbert
[SECURITY] [DSA 2798-1] curl security update, Michael Gilbert
Information Security Forecast 2014, Jeimy Cano
[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass, Tim Brown
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities, advisories
[slackware-security] mozilla-firefox (SSA:2013-322-01), Slackware Security Team
[slackware-security] openssh (SSA:2013-322-02), Slackware Security Team
[slackware-security] samba (SSA:2013-322-03), Slackware Security Team
PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability, Vulnerability Lab
[slackware-security] seamonkey (SSA:2013-322-04), Slackware Security Team
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability, Vulnerability Lab
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability, Vulnerability Lab
SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution, Dennis Kelly
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh, FreeBSD Security Advisories
16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India), Gregory Panakkal
[ MDVSA-2013:266 ] java-1.6.0-openjdk, security
[ MDVSA-2013:267 ] java-1.7.0-openjdk, security
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities, Security Alert
pineapp mailsecure remote no authenticated privilege escalation & remote execution code, rubengarrote
XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow, geinblues
XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption, geinblues
XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow, geinblues
Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install), bruk0ut . sec
[ MDVSA-2013:268 ] torque, security
Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability, Vulnerability Lab
Mybb Ajaxfs Plugin Sql Injection vulnerability, iedb . team
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities, Vulnerability Lab
[ MDVSA-2013:269 ] firefox, security
[ MDVSA-2013:270 ] nss, security
[SECURITY] [DSA 2798-2] curl security update, Salvatore Bonaccorso
[ MDVSA-2013:273 ] libjpeg, security
[ MDVSA-2013:271 ] pmake, security
[ MDVSA-2013:272 ] poppler, security
[ MDVSA-2013:275 ] krb5, security
[ MDVSA-2013:277 ] lighttpd, security
Facebook Vulnerability Discloses Friends Lists Defined as Private, qsrc Quotium
Instagram Photo Upload and Flattr Money Redirection Vulnerability, pfohl
[ MDVSA-2013:276 ] curl, security
[ MDVSA-2013:274 ] libjpeg, security
[ MDVSA-2013:278 ] samba, security
[SECURITY] [DSA 2801-1] libhttp-body-perl security update, Salvatore Bonaccorso
DC4420 (DefCon London) meeting next Tuesday, 26th November 2013, Tony Naggs
ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities, Security Alert
[SECURITY] [DSA 2802-1] nginx security update, Thijs Kinkhorst
CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater, andrew
Unauthorized console access on Satechi travel router v1.5, Luc Dore
[ MDVSA-2013:279 ] wireshark, security
[ MDVSA-2013:280 ] memcached, security
[ MDVSA-2013:281 ] nginx, security
Defense in depth -- the Microsoft way (part 14): incomplete, misleading and dangerous documentation, Stefan Kanthak
Open-Xchange Security Advisory 2013-11-25, Martin Braun
[ MDVSA-2013:282 ] perl-HTTP-Body, security
[ MDVSA-2013:283 ] glibc, security
[ MDVSA-2013:284 ] glibc, security
[SECURITY] [DSA 2800-1] nss security update, Salvatore Bonaccorso
[ MDVSA-2013:285 ] bugzilla, security
[ MDVSA-2013:286 ] ruby, security
[SECURITY] [DSA 2803-1] quagga security update, Moritz Muehlenhoff
[ MDVSA-2013:287 ] drupal, security
[SECURITY] [DSA 2804-1] drupal7 security update, Moritz Muehlenhoff
[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution, security-alert
Multiple Cross-Site Scripting (XSS) in Claroline, High-Tech Bridge Security Research
SQL Injection in Dokeos, High-Tech Bridge Security Research
SQL Injection in Chamilo LMS, High-Tech Bridge Security Research
[HITB-Announce] #HITB2014AMS Call for Papers Now Open, Hafez Kamal
[SECURITY] [DSA 2805-1] sup-mail security update, Luciano Bello
RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface, Ruckus Product Security Team
NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability, Vulnerability Lab
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED], FreeBSD Security Advisories
[SECURITY] [DSA 2806-1] nbd security update, Thijs Kinkhorst

Mail converted by MHonArc