Mail Thread Index

Date Index

[SECURITY] [DSA 3117-1] php5 security update, Salvatore Bonaccorso
[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability, Egidio Romano
[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability, Egidio Romano
[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability, Egidio Romano
[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability, Egidio Romano
[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability, Egidio Romano
[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360, Pedro Ribeiro
[ MDVSA-2015:004 ] php, security
[ MDVSA-2015:003 ] ntp, security
[SECURITY] [DSA 3118-1] strongswan security update, Yves-Alexis Perez
Open-Xchange Security Advisory 2015-01-05, Martin Heiland
[ MDVSA-2015:002 ] pcre, security
[ MDVSA-2015:001 ] c-icap, security
[SECURITY] [DSA 3119-1] libevent security update, Salvatore Bonaccorso
ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities, Security Alert
Re: [The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central, Pedro Ribeiro
[ MDVSA-2015:005 ] subversion, security
ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities, Vulnerability Lab
Self-XSS in Microsoft Dynamics CRM 2013 SP1, High-Tech Bridge Security Research
Brother MFC Administration Reflected Cross-Site Scripting, vulns
[SECURITY] [DSA 3120-1] mantis security update, Moritz Muehlenhoff
[security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities, security-alert
[ MDVSA-2015:006 ] mediawiki, security
[ MDVSA-2015:007 ] unrtf, security
[ MDVSA-2015:008 ] pwgen, security
[ MDVSA-2015:009 ] krb5, security
[ MDVSA-2015:010 ] file, security
[ MDVSA-2015:011 ] nail, security
[ MDVSA-2015:012 ] jasper, security
[ MDVSA-2015:013 ] znc, security
[ MDVSA-2015:014 ] libjpeg, security
[ MDVSA-2015:015 ] sox, security
[ MDVSA-2015:016 ] unzip, security
[ MDVSA-2015:017 ] libevent, security
[ MDVSA-2015:018 ] asterisk, security
Recon 2015 Call For Papers - June 19 - 21, 2015 - Montreal, Canada, root
[SECURITY] [DSA 3121-1] file security update, Moritz Muehlenhoff
[SECURITY] [DSA 3122-1] curl security update, Salvatore Bonaccorso
- <Possible follow-ups>
- Re: [SECURITY] [DSA 3122-1] curl security update, U2ME236
Re: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities, dan
[ MDVSA-2015:019 ] openssl, security
[security bulletin] HPSBOV03227 rev.1 - HP SSL for OpenVMS, Remote Disclosure of Information, Denial of Service (DoS) and Other Vulnerabilities, security-alert
Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities, Pietro Oliva
[SECURITY] [DSA 3124-1] otrs2 security update, Salvatore Bonaccorso
[SECURITY] [DSA 3125-1] openssl security update, Salvatore Bonaccorso
Blitz CMS Community - SQL Injection Web Vulnerability, Vulnerability Lab
Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability, Vulnerability Lab
Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability, Vulnerability Lab
ZTE Datacard PCW(Telecom MF180) - Multiple Software Vulnerabilities, Vulnerability Lab
[ MDVSA-2015:020 ] libssh, security
[ MDVSA-2015:021 ] curl, security
[ MDVSA-2015:022 ] wireshark, security
[RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0, RedTeam Pentesting GmbH
CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0, RedTeam Pentesting GmbH
Corel Software DLL Hijacking, CORE Advisories Team
[SECURITY] [DSA 3126-1] php5 security update, Thijs Kinkhorst
Stored XSS Vulnerability in F5 BIG-IP Application Security Manager, Peter Lapp
[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager, Peter Lapp
[security bulletin] HPSBOV03228 rev.1 - HP OpenVMS running Bash Shell, Remote Code Execution, security-alert
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense", Diéyǔ
SEC Consult SA-20150113-0 :: Multiple critical vulnerabilities in all snom desktop IP phones, SEC Consult Vulnerability Lab
CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user, Gordon Sim
SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower, SEC Consult Vulnerability Lab
SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi, SEC Consult Vulnerability Lab
[security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information, security-alert
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities, Vulnerability Lab
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability, Vulnerability Lab
[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update, Thijs Kinkhorst
[security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information, security-alert
AusCERT2015 Call for Papers: closes 18th January, AusCERT
MS14-080 CVE-2014-6365 Code, Diéyǔ
Two XSS vulnerabilities in Simple Security WordPress Plugin, High-Tech Bridge Security Research
[SECURITY] [DSA 3127-1] iceweasel security update, Moritz Muehlenhoff
FreeBSD Security Advisory FreeBSD-SA-15:01.openssl, FreeBSD Security Advisories
[SECURITY] [DSA 3128-1] linux security update, Salvatore Bonaccorso
[ MDVSA-2015:023 ] libvirt, security
[ MDVSA-2015:024 ] libsndfile, security
[ MDVSA-2015:026 ] untrf, security
[ MDVSA-2015:025 ] mpfr, security
Alienvault OSSIM/USM Command Execution Vulnerability, Peter Lapp
[SECURITY] [DSA 3129-1] rpm security update, Moritz Muehlenhoff
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability, Vulnerability Lab
VeryPhoto v3.0 iOS - Command Injection Vulnerability, Vulnerability Lab
WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability, Vulnerability Lab
Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability, admin@xxxxxxxxxxxxxxxxx
File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities, Vulnerability Lab
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability, Vulnerability Lab
[ MDVSA-2015:027 ] kernel, security
[slackware-security] mozilla-thunderbird (SSA:2015-016-03), Slackware Security Team
[slackware-security] freetype (SSA:2015-016-01), Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2015-016-02), Slackware Security Team
[slackware-security] seamonkey (SSA:2015-016-04), Slackware Security Team
CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability, Riley Baird
[SECURITY] [DSA 3131-1] xdg-utils security update, Michael Gilbert
MSA-2015-01: Wordpress Plugin Pixabay Images Multiple Vulnerabilities, Advisories
[SECURITY] [DSA 3132-1] icedove security update, Moritz Muehlenhoff
CVE-2015-1175-xss-prestashop, Sudhanshu Chauhan
ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities, Security Alert
[SECURITY] [DSA 3133-1] privoxy security update, Moritz Muehlenhoff
[SECURITY] [DSA 3134-1] sympa security update, Salvatore Bonaccorso
[security bulletin] HPSBUX03235 SSRT101750 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS), security-alert
[oCERT-2015-001] JasPer input sanitization errors, Andrea Barisani
PhotoSync v1.1.3 Android - Command Inject Vulnerability, Vulnerability Lab
[RT-SA-2014-010] AVM FRITZ!Box Firmware Signature Bypass, RedTeam Pentesting GmbH
iExplorer 3.6.3 - DLL Hijacking Exploit itunesmobiledevice.dll, Vulnerability Lab
Remote Desktop v0.9.4 Android - Multiple Vulnerabilities, Vulnerability Lab
[slackware-security] samba (SSA:2015-020-01), Slackware Security Team
CVE-2015-1176-xss-osticket, Sudhanshu Chauhan
SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP, SEC Consult Vulnerability Lab
CVE-2015-1177-xss-exponent, Sudhanshu Chauhan
CVE-2015-1178-xss-x-cart-ecommerce, Sudhanshu Chauhan
CVE-2015-1179-xss-mango-automation-scada, Sudhanshu Chauhan
CVE-2015-1180-xss-eventsentry, Sudhanshu Chauhan
Program-O v2.4.6 - Multiple Web Vulnerabilities, Vulnerability Lab
PhotoSync 1.1.3 Android - Command Inject Vulnerability, Vulnerability Lab
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days, Hafez Kamal
REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability, Rewterz - Research Group
REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability, Rewterz - Research Group
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability, Rewterz - Research Group
WebKitGTK+ Security Advisory WSA-2015-0001, Carlos Alberto Lopez Perez
[CORE-2015-0002] - Android WiFi-Direct Denial of Service, CORE Advisories Team
CVE-2015-0224: qpidd can be crashed by unauthenticated user, Gordon Sim
CVE-2015-0223: anonymous access to qpidd cannot be prevented, Gordon Sim
[SYSS-2014-012] FancyFon FAMOC - Session Fixation, matthias . deeg
[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting, matthias . deeg
[SYSS-2014-013] FancyFon FAMOC - Use of a One-Way Hash without a Salt, matthias . deeg
[SECURITY] [DSA 3140-1] xen security update, Moritz Muehlenhoff
[SYSS-2014-010] FancyFon FAMOC - SQL Injection, matthias . deeg
[SECURITY] [DSA 3141-1] wireshark security update, Moritz Muehlenhoff
[SECURITY] [DSA 3142-1] eglibc security update, Florian Weimer
Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow, Qualys Security Advisory
APPLE-SA-2015-01-27-1 Apple TV 7.0.3, Apple Product Security
APPLE-SA-2015-01-27-2 iOS 8.1.3, Apple Product Security
APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3, Apple Product Security
APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001, Apple Product Security
FreeBSD Security Advisory FreeBSD-SA-15:02.kmem, FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:03.sctp, FreeBSD Security Advisories
[CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities, CORE Advisories Team
NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues, VMware Security Response Center
[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability, Amplia Security Advisories
[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8, sven
[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8, sven
Two XSS Vulnerabilities in SupportCenter Plus, High-Tech Bridge Security Research
Multiple vulnerabilities in MantisBT, High-Tech Bridge Security Research
[SECURITY] [DSA 3143-1] virtualbox security update, Moritz Muehlenhoff
[slackware-security] glibc (SSA:2015-028-01), Slackware Security Team
AST-2015-001: File descriptor leak when incompatible codecs are offered, Asterisk Security Team
Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability, Cisco Systems Product Security Incident Response Team
[The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360), Pedro Ribeiro
CVE-2014-8779: SSH Host keys on Pexip Infinity, giles
Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385, Onur Yilmaz
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities, Security Alert
Reflected XSS vulnarbility in Asus RT-N10 Plus Router, kingkaustubh
Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router, kingkaustubh
Symantec Encryption Management Server < 3.2.0MP6 - Remote Command Injection, Paul Craig
NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability, VMware Security Response Center
[SECURITY] [DSA 3144-1] openjdk-7 security update, Moritz Muehlenhoff
[SECURITY] [DSA 3145-1] privoxy security update, Salvatore Bonaccorso
ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability, Security Alert
[SECURITY] [DSA 3146-1] requests security update, Sebastien Delafond
[SECURITY] [DSA 3147-1] openjdk-6 security update, Moritz Muehlenhoff
[security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities, security-alert

Mail converted by MHonArc