Mail Thread Index
[SECURITY] [DSA 3148-1] chromium-browser end of life,
Michael Gilbert
Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384,
Onur Yilmaz
Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities,
ITAS Team
Microweber 0.95 - SQL Injection Vulnerability,
ITAS Team
Fork CMS 3.8.3 - XSS Vulnerability,
ITAS Team
[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution,
security-alert
[SECURITY] [DSA 3150-1] vlc security update,
Alessandro Ghedini
[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information,
security-alert
[SECURITY] [DSA 3149-1] condor security update,
Sebastien Delafond
[security bulletin] HPSBGN03247 rev.1 - HP IceWall SSO Dfw using glibc, Remote Execution of Abitrary Code,
security-alert
[security bulletin] HPSBGN03237 rev.1 - HP Insight Remote Support v7 Clients running SSLv3, Remote Disclosure of Information,
security-alert
[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege,
security-alert
[CVE-2014-9331] ManageEngine Desktop Central CSRF vulnerability to add an Admin user advisory,
mohamed . idris
articleFR CMS 3.0.5 - XSS vulnerability,
Tien Tran Dinh
articleFR CMS 3.0.5 - SQL injection vulnerability,
Tien Tran Dinh
articleFR CMS 3.0.5 - Arbitrary File Upload,
Tien Tran Dinh
[SECURITY] [DSA 3151-1] python-django security update,
Salvatore Bonaccorso
CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability,
alex_haynes
[SECURITY] [DSA 3152-1] unzip security update,
Salvatore Bonaccorso
CVE-2015-1437 XSS In ASUS Router.,
kingkaustubh
MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token,
Greg Hudson
[SECURITY] [DSA 3153-1] krb5 security update,
Moritz Muehlenhoff
[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5,
sven
ESA-2014-158: RSA BSAFE® Micro Edition Suite, SSL-J and SSL-C Triple Handshake Vulnerability,
Security Alert
ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities,
Security Alert
Bitdefender Internet Security -,
jerold
Cisco Security Advisory: Cisco Security Advisory Cisco WebEx Meetings Server Command Injection Vulnerability,
Cisco Systems Product Security Incident Response Team
Very Important Info About "Major Internet Explorer Vulnerability - NOT Patched",
David Leo
CVE-2015-1172 Wordpress-theme remote arbitrary code,
borg
[ MDVSA-2015:030 ] bugzilla,
security
[ MDVSA-2015:029 ] binutils,
security
[oCERT-2015-002] e2fsprogs input sanitization errors,
Andrea Barisani
ESA-2015-012: EMC Captiva Capture Sensitive Information Disclosure Vulnerability,
Security Alert
[ MDVSA-2015:032 ] php,
security
[ MDVSA-2015:031 ] busybox,
security
[SECURITY] [DSA 3154-1] ntp security update,
Salvatore Bonaccorso
Re: [FD] Major Internet Explorer Vulnerability - NOT Patched,
David Leo
LG On Screen Phone authentication bypass (CVE-2014-8757),
Imre Rad
[ MDVSA-2015:033 ] java-1.7.0-openjdk,
security
[ MDVSA-2015:034 ] jasper,
security
[ MDVSA-2015:036 ] python-django,
security
[ MDVSA-2015:035 ] libvirt,
security
BMC Footprints Service Core 11.5 - Multiple Cross Site Scripting Vulnerabilities (XSS),
ayman . abdelaziz
[ MDVSA-2015:037 ] vorbis-tools,
security
[SECURITY] [DSA 3155-1] postgresql-9.1 security update,
Luciano Bello
[SECURITY] [DSA 2978-2] libxml2 security update,
Alessandro Ghedini
[security bulletin] HPSBUX03166 SSRT101489 rev.2 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass,
security-alert
[security bulletin] HPSBUX03235 SSRT101750 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS),
security-alert
[security bulletin] HPSBGN03253 rev.1 - HP Business Process Insight (BPI) running SSLv3, Remote Disclosure of Information,
security-alert
[security bulletin] HPSBMU03224 rev.1 - HP LoadRunner and Performance Center, Load Generator Virtual Machine Images, running Windows, Remote Elevation of Privilege,
security-alert
[security bulletin] HPSBGN03254 rev.1 - HP Service Health Analyzer running SSLv3, Remote Disclosure of Information,
security-alert
[security bulletin] HPSBMU03216 rev.2 - HP Service Manager running SSLv3, Multiple Remote Vulnerabilities,
security-alert
[SECURITY] [DSA 3154-2] ntp security update,
Salvatore Bonaccorso
[SECURITY] [DSA 3156-1] liblivemedia security update,
Alessandro Ghedini
Radexscript CMS 2.2.0 - SQL Injection vulnerability,
ITAS Team
Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072),
bhdresh
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling,
Mark Thomas
[SECURITY] [DSA 3157-1] ruby1.9.1 security update,
Alessandro Ghedini
[security bulletin] HPSBGN03252 rev.1 - HP AppPulse Active running SSLv3, Remote Disclosure of Information,
security-alert
[SECURITY] [DSA 3158-1] unrtf security update,
Salvatore Bonaccorso
[security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information,
security-alert
Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC,
saman . j . l33t
[ MDVSA-2015:039 ] glibc,
security
[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page,
RedTeam Pentesting GmbH
[security bulletin] HPSBGN03255 rev.1 - HP OpenCall Media Platform (OCMP) running SSLv3, Remote Denial of Service (DoS),Disclosure of Information,
security-alert
[security bulletin] HPSBMU03245 rev.1 - HP Insight Control server deployment Linux Preboot Execution Environment running Bash Shell, Multiple Vulnerabilities,
security-alert
[security bulletin] HPSBMU03246 rev.1 - HP Insight Control for Linux Central Management Server Pre-boot Execution Environment running Bash Shell, Multiple Vulnerabilities,
security-alert
[ MDVSA-2015:040 ] zarafa,
security
[ MDVSA-2015:041 ] cabextract,
security
[ MDVSA-2015:042 ] clamav,
security
[ MDVSA-2015:043 ] otrs,
security
[SECURITY] [DSA 3159-1] ruby1.8 security update,
Alessandro Ghedini
Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin,
High-Tech Bridge Security Research
Multiple Vulnerabilities in my little forum,
High-Tech Bridge Security Research
Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability,
Vulnerability Lab
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability,
Vulnerability Lab
Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability,
Vulnerability Lab
T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll),
Vulnerability Lab
[ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft),
Stefan Kanthak
Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability,
Cisco Systems Product Security Incident Response Team
Elasticsearch vulnerability CVE-2015-1427,
Kevin Kluge
[SECURITY] [DSA 3160-1] xorg-server security update,
Moritz Muehlenhoff
Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability,
sn
[SECURITY] [DSA 3161-1] dbus security update,
Salvatore Bonaccorso
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software,
Cisco Systems Product Security Incident Response Team
Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii),
Jonathan Brossard
Open-Xchange Security Advisory 2015-02-12,
Martin Heiland
[ MDVSA-2015:044 ] perl-Gtk2,
security
[ MDVSA-2015:045 ] e2fsprogs,
security
[ MDVSA-2015:046 ] ntp,
security
[ MDVSA-2015:048 ] postgresql,
security
[ MDVSA-2015:047 ] elfutils,
security
CVE-2015-1574 - Google Email App 4.2.2 remote denial of service,
Hector Marco
[security bulletin] HPSBGN03258 rev.1 - HP Insight Control server deployment Windows Pre-boot Execution Environment, Microsoft Schannel (Winshock) Remote Code Execution,
security-alert
UNIT4 Prosoft HRMS XSS Vulnerability,
jerold
CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak,
jullrich
CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four,
Hector Marco
[CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5,
sven
Cosmoshop - XSS on Admin-Login Mask,
innate
Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher,
kingkaustubh
Reflected File Download in AOL Search Website,
Ricardo Iramar dos Santos
[slackware-security] seamonkey (SSA:2015-047-02),
Slackware Security Team
[slackware-security] patch (SSA:2015-047-01),
Slackware Security Team
[slackware-security] sudo (SSA:2015-047-03),
Slackware Security Team
CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher,
kingkaustubh
Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability,
Vulnerability Lab
NetGear WNDR Authentication Bypass / Information Disclosure,
Peter Adkins
Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilities,
Rehan Ahmed
[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite,
RedTeam Pentesting GmbH
[CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3,
sven
PHP Code Execution in jui_filter_rules Parsing Library,
Timo Schmid
[SECURITY] [DSA 3162-1] bind9 security update,
Florian Weimer
[SECURITY] [DSA 3163-1] libreoffice security update,
Alessandro Ghedini
Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames),
Stefan Kanthak
iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...,
Stefan Kanthak
[security bulletin] HPSBPV03266 rev.1 - Certain HP Networking and H3C Switches and Routers running NTP, Remote Execution of Code, Disclosure of Information, and Denial of Service (DoS),
security-alert
Cisco Security Advisory: Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
[security bulletin] HPSBUX03240 SSRT101872 rev.1 - HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilties,
security-alert
Stored XSS Vulnerability in ADPlugg Wordpress Plugin,
kingkaustubh
Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation,
Stefan Kanthak
[SECURITY] [DSA 3164-1] typo3-src security update,
Moritz Muehlenhoff
[SECURITY] [DSA 3165-1] xdg-utils security update,
Michael Gilbert
[SECURITY] [DSA 3166-1] e2fsprogs security update,
Michael Gilbert
[SECURITY] [DSA 3167-1] sudo security update,
Salvatore Bonaccorso
CVE-2014-8487: Kony EMM insecurity Direct Object Reference,
michael . hendrickx
[SECURITY] [DSA 3168-1] ruby-redcloth security update,
Sebastien Delafond
[SECURITY] [DSA 3169-1] eglibc security update,
Aurelien Jarno
[SECURITY] [DSA 3171-1] samba security update,
Salvatore Bonaccorso
[SECURITY] [DSA 3170-1] linux security update,
Moritz Muehlenhoff
N.E.T. E-Commerce Group Cross Site Scripting Vulnerability,
iedb . team
FreeBSD Security Advisory FreeBSD-SA-15:04.igmp,
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-15:05.bind,
FreeBSD Security Advisories
[Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench,
Onapsis Research Labs
[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA,
Onapsis Research Labs
[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA,
Onapsis Research Labs
[Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA,
Onapsis Research Labs
[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA,
Onapsis Research Labs
[security bulletin] HPSBMU03260 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Disclosure of Information,
security-alert
TangoBB 1.5.0-A3 XSS Vulnerability,
dennis . veninga
EnanoCMS 1.1.8pl1 XSS Vulnerability,
dennis . veninga
GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server,
rgutierrez
[SECURITY] [DSA 3172-1] cups security update,
Sebastien Delafond
[SECURITY] [DSA 3173-1] libgtk2-perl security update,
Salvatore Bonaccorso
[SECURITY] [DSA 3174-1] iceweasel security update,
Moritz Muehlenhoff
[security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites,
security-alert
[SECURITY] [DSA 3175-1] kfreebsd-9 security update,
Moritz Muehlenhoff
[security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites,
security-alert
[security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities,
security-alert
[slackware-security] mozilla-thunderbird (SSA:2015-056-02),
Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2015-056-01),
Slackware Security Team
D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities,
Peter Adkins
DSS TFTP 1.0 Server - Path Traversal Vulnerability,
Vulnerability Lab
Data Source: Scopus CMS - SQL Injection Web Vulnerability,
Vulnerability Lab
Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities,
Vulnerability Lab
[SECURITY] [DSA 3176-1] request-tracker4 security update,
Salvatore Bonaccorso
Cross-Site-Scripting (XSS) in tcllib's html::textarea,
Ben Fuhrmannek
HelpDezk 1.0.1 Multiple Vulnerabilities,
dennis . veninga
[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags,
Jeremy Boynes
Wordpress Media Cleaner Plugin - XSS Vulnerability,
iletisim
SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home,
SEC Consult Vulnerability Lab
Mail converted by MHonArc