Mail Index
- BEdita CMS - XSS & CSRF Vulnerability in Version 3.5.0
- [CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2
- [ MDVSA-2015:049 ] cups
- [security bulletin] HPSBST03274 rev.1 - HP XP P9000 Command View Advanced Edition Software Online Help for Windows and Linux, Remote Cross-site Scripting (XSS)
- [ MDVSA-2015:050 ] patch
- [SECURITY] [DSA 3178-1] unace security update
- From: Salvatore Bonaccorso
- [ MDVSA-2015:051 ] sympa
- [ MDVSA-2015:053 ] tomcat6
- [ MDVSA-2015:052 ] tomcat
- [security bulletin] HPSBST03265 rev.1 - HP VMA SAN Gateway running Bash Shell and OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information
- [SECURITY] [DSA 3179-1] icedove security update
- [CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection
- WeBid 1.1.1 Unrestricted File Upload Exploit
- [ MDVSA-2015:054 ] bind
- [ MDVSA-2015:055 ] freetype2
- Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability
- Last Call - Workhsops of CISTI'2015: 10th Iberian Conference on Information Systems and Technologies
- Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin
- [SECURITY] [DSA 3180-1] libarchive security update
- [slackware-security] samba (SSA:2015-064-01)
- From: Slackware Security Team
- [security bulletin] HPSBHF03279 rev.1 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code
- [security bulletin] HPSBPI03107 rev.2 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access
- Betster (PHP Betoffice) Authentication Bypass and SQL Injection
- H2HC 12th Edition - Call for Papers
- From: Rodrigo Rubira Branco (BSDaemon)
- [security bulletin] HPSBUX03235 SSRT101750 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS)
- MongoDB BSON Handling Remote Denial of Service Vulnerability
- From: noreply-secresearch
- [security bulletin] HPSBGN03277 rev.1 - HP Virtualization Performance Viewer, Remote Execution of Code, Denial of Service (DoS) and Other Vulnerabilities
- ocPortal 9.0.16 Multiply XSS Vulnerabilities
- [ MDVSA-2015:056 ] rpm
- APPLE-SA-2015-03-09-1 iOS 8.2
- From: Apple Product Security
- APPLE-SA-2015-03-09-2 AppleTV 7.1
- From: Apple Product Security
- APPLE-SA-2015-03-09-3 Security Update 2015-002
- From: Apple Product Security
- APPLE-SA-2015-03-09-4 Xcode 6.2
- From: Apple Product Security
- tcpdump 4.7.2 remote crashes
- Multiple Vulnerabilities with Kguard Digital Video Recorders
- From: Federick Joe P Fajardo
- Cisco Security Advisory: Row Hammer Privilege Escalation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- ProjectSend r561 - SQL injection vulnerability
- Reflected cross-site scripting(XSS) Vulnerability in Manage Engine AD Audit Manager Plus Admin Panel(Build 6270)
- [ MDVSA-2015:057 ] kernel
- Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Product
- From: Cisco Systems Product Security Incident Response Team
- ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities
- [security bulletin] HPSBUX03281 SSRT101968 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [SECURITY] [DSA 3181-1] xen security update
- [SECURITY] [DSA 3177-1] mod-gnutls security update
- Community Gallery - Srored Corss-Site Scripting vulnerability
- [SECURITY] [DSA 3182-1] libssh2 security update
- From: Salvatore Bonaccorso
- Vulnerability in the Dropbox SDK for Android (CVE-2014-8889)
- ESA-2015-014: RSA® Digital Certificate Solution Multiple Vulnerabilities
- OpenSSL v1.0.2 for Linux affected by CVE-2015-0235
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway and Cisco TelePresence Conductor
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Microsoft Office Compatibility Pack tries to execute path without quotes
- Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- SQL Injection in Huge IT Slider WordPress Plugin
- From: High-Tech Bridge Security Research
- [SECURITY] [DSA 3183-1] movabletype-opensource security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBGN03249 rev.1 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities
- [security bulletin] HPSBMU02895 SSRT101253 rev.5 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
- [SECURITY] [DSA 3184-1] gnupg security update
- [SECURITY] [DSA 3185-1] libgcrypt11 security update
- MSA-2015-03: iPass Mobile Client Service Local Privilege Escalation
- WPML WordPress plug-in SQL injection etc.
- [security bulletin] HPSBMU03267 rev.1 - HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL, Remote Disclosure of Information
- [security bulletin] HPSBMU03259 rev.1 - HP Version Control Repository Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information
- [security bulletin] HPSBMU03283 rev.1 - HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows, Remote Disclosure of Information, Denial of Service (DoS)
- [security bulletin] HPSBMU03262 rev.1 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
- Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities
- [SECURITY] [DSA 3186-1] nss security update
- From: Salvatore Bonaccorso
- Jolla Phone tel URI Spoofing
- [ MDVSA-2015:058 ] kernel
- Serendipity CMS - XSS Vulnerability in Version 2.0
- [ MDVSA-2015:059 ] nss
- [ MDVSA-2015:060 ] yaml
- [ MDVSA-2015:061 ] qemu
- [SECURITY] [DSA 3187-1] icu security update
- Defense in depth -- the Mozilla way: return and exit codes are dispensable
- [SECURITY] [DSA 3188-1] freetype security update
- Defense in depth -- the Microsoft way (part 30): on exploitable Win32 functions
- [SECURITY] [DSA 3190-1] putty security update
- [SE-2014-02] Google App Engine Java security sandbox bypasses (details)
- From: Security Explorations
- [SECURITY] [DSA 3189-1] libav security update
- Defense in depth -- the Microsoft way (part 31): UAC is for binary planting
- [SECURITY] [DSA 3191-1] gnutls26 security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBST03298 rev.1 - HP XP Service Processor Software for Windows, Multiple Vulnerabilities
- [SECURITY] [DSA 3192-1] checkpw security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash, Remote Denial of Service (DoS), Code Execution, Disclosure of Information
- [SECURITY] [DSA 3193-1] tcpdump security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3194-1] libxfont security update
- APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
- From: Apple Product Security
- Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security
- [SECURITY] [DSA 3195-1] php5 security update
- Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting
- Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view
- Command injection vulnerability in network diagnostics tool of Websense Appliance Manager
- Source code disclosure of Websense Triton JSP files via double quote character
- Cross-Site Scripting vulnerability in Websense Data Security block page
- Missing access control on Websense Explorer web folder
- Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting
- Multiple Cross-Site Scripting vulnerabilities in Websense Reporting
- Cross-Site Scripting vulnerability in Websense Explorer report scheduler
- [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow
- From: CORE Advisories Team
- [SECURITY] [DSA 3196-1] file security update
- Re: Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security
- EMC M&R (Watch4net) data storage collector credentials are not properly protected
- Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites
- Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend
- Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console
- Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery
- Command injection vulnerability in EMC Secure Remote Services Virtual Edition
- Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser
- EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection
- [SECURITY] [DSA 3197-1] openssl security update
- Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users
- Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting
- Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting
- Command injection vulnerability in Citrix NITRO SDK xen_hotfix page
- Google Analytics by Yoast stored XSS
- FreeBSD Security Advisory FreeBSD-SA-15:06.openssl
- From: FreeBSD Security Advisories
- cve-assign delays
- Xerces-C Security Advisory [CVE-2015-0252]
- APPLE-SA-2015-03-19-1 Security Update 2015-003
- From: Apple Product Security
- FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 3198-1] php5 security update
- [SECURITY] [DSA 3199-1] xerces-c security update
- From: Salvatore Bonaccorso
- Viber for Android exposes insecure Javascript interface
- [SECURITY] [DSA 3200-1] drupal7 security update
- CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin
- Reflected XSS Vulnerability in XSS In Manage Engine Device Expert
- Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration
- CSRF to add admin user Vulnerability In Manage Engine Device Expert
- Stored XSS Vulnerability In Manage Engine Device Expert
- [SECURITY] [DSA 3201-1] iceweasel security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3202-1] mono security update
- [SECURITY] [DSA 3203-1] tor security update
- DokuWiki persistent Cross Site Scripting
- ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability
- [security bulletin] HPSBST03196 rev.1- HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Code Execution
- Hacky Easter 2015
- [security bulletin] HPSBGN03299 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information, Unauthorized Access
- [security bulletin] HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code
- [security bulletin] HPSBHF03289 rev.1- HP ThinClient PCs running ThinPro Linux, Remote Code Execution, Denial of Service, Disclosure of information
- [security bulletin] HPSBMU03220 rev.1 - HP Shunra Network Appliance / HP Shunra Wildcat Appliance, Remote Execution of Code
- [security bulletin] HPSBGN03249 rev.2 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities
- [security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege
- [security bulletin] HPSBMU03301 rev.1 - HP BladeSystem c-Class Onboard Administrator running OpenSSL, Remote Disclosure of Information
- [security bulletin] HPSBHF03275 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4), Remote Disclosure of Information
- [security bulletin] HPSBHF03276 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4), Remote Unauthorized Access, Denial of Service (Dos)
- [security bulletin] HPSBMU03262 rev.2 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
- [security bulletin] HPSBMU03292 rev.1 - HP Operations Orchestration Authentication Bypass
- [security bulletin] HPSBMU03291 rev.1 - HP Operations Orchestration running Powershell Operations, Remote Disclosure of Information
- [security bulletin] HPSBMU03263 rev.1 - HP Insight Control running OpenSSL, Remote Disclosure of Information
- [security bulletin] HPSBGN03285 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vulnerabilities
- [security bulletin] HPSBGN03282 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vulnerabilities
- [security bulletin] HPSBGN03288 rev.1 - HP Server Automation, Remote Arbitrary Code Execution
- [SECURITY] [DSA 3197-2] openssl regression update
- From: Salvatore Bonaccorso
- Arbitrary file deletion and multiple XSS vulnerabilities in pfSense
- From: High-Tech Bridge Security Research
- WSO2 Identity Server multiple vulnerabilities
- From: Bartlomiej Balcerek
- Cisco Security Advisory: Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers
- From: Cisco Systems Product Security Incident Response Team
- canada goose uk db39m1
- ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability
- Insecure file upload in Berta CMS
- [security bulletin] HPSBMU03294 rev.1 - HP Process Automation running OpenSSL, Remote Disclosure of Information
- Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset
- [SECURITY] [DSA 3205-1] batik security update
- [ MDVSA-2015:062 ] openssl
- [ MDVSA-2015:063 ] openssl
- [ MDVSA-2015:064 ] cabextract
- [ MDVSA-2015:065 ] cpio
- [ MDVSA-2015:066 ] cpio
- [ MDVSA-2015:067 ] e2fsprogs
- [ MDVSA-2015:068 ] e2fsprogs
- [ MDVSA-2015:070 ] libvirt
- [ MDVSA-2015:071 ] libpng12
- [ MDVSA-2015:072 ] gnutls
- [ MDVSA-2015:073 ] openldap
- [ MDVSA-2015:074 ] openldap
- [ MDVSA-2015:075 ] python
- [ MDVSA-2015:076 ] python3
- [ MDVSA-2015:077 ] python-numpy
- CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS
- Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1
- Advisory: CVE-2014-9708: Appweb Web Server
- [ MDVSA-2015:078 ] mutt
- [ MDVSA-2015:079 ] php
- [ MDVSA-2015:080 ] php
- [ MDVSA-2015:081 ] samba
- [ MDVSA-2015:083 ] samba4
- [ MDVSA-2015:082 ] samba
- [ MDVSA-2015:084 ] tomcat
- [ MDVSA-2015:086 ] libssh
- [ MDVSA-2015:088 ] udisks2
- [ MDVSA-2015:085 ] subversion
- [ MDVSA-2015:087 ] egroupware
- [ MDVSA-2015:089 ] freetype2
- [ MDVSA-2015:092 ] net-snmp
- [ MDVSA-2015:093 ] apache
- [ MDVSA-2015:094 ] nginx
- [ MDVSA-2015:090 ] libpng
- [ MDVSA-2015:097 ] php-ZendFramework
- [ MDVSA-2015:099 ] python-pillow
- [ MDVSA-2015:095 ] openssh
- [ MDVSA-2015:096 ] stunnel
- [ MDVSA-2015:098 ] curl
- [SECURITY] [DSA 3206-1] dulwich security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3207-1] shibboleth-sp2 security update
- [SECURITY] [DSA 3198-2] php5 regression update
- From: Salvatore Bonaccorso
- [ MDVSA-2015:100 ] cups-filters
- [ MDVSA-2015:101 ] jbigkit
- [ MDVSA-2015:102 ] json-c
- [ MDVSA-2015:104 ] elfutils
- [ MDVSA-2015:103 ] squid
- [ MDVSA-2015:106 ] apache-mod_security
- [ MDVSA-2015:107 ] lcms2
- [ MDVSA-2015:108 ] cups
- [ MDVSA-2015:109 ] python-django
- [ MDVSA-2015:105 ] imagemagick
- [ MDVSA-2015:111 ] libxml2
- [ MDVSA-2015:110 ] postgresql
- [ MDVSA-2015:113 ] dovecot
- [ MDVSA-2015:112 ] python-lxml
- [ MDVSA-2015:114 ] cifs-utils
- [ MDVSA-2015:115 ] libvirt
- [ MDVSA-2015:116 ] libtasn1
- [ MDVSA-2015:117 ] emacs
- [ MDVSA-2015:119 ] x11-server
- [ MDVSA-2015:118 ] xlockmore
- [ MDVSA-2015:121 ] wget
- [ MDVSA-2015:123 ] unzip
- [ MDVSA-2015:120 ] wpa_supplicant
- [ MDVSA-2015:122 ] util-linux
- [ MDVSA-2015:124 ] torque
- [ MDVSA-2015:125 ] tcpdump
- [ MDVSA-2015:126 ] sudo
- [ MDVSA-2015:127 ] serf
- [ MDVSA-2015:128 ] sendmail
- [ MDVSA-2015:129 ] ruby
- [ MDVSA-2015:130 ] rsyslog
- [ MDVSA-2015:132 ] readline
- [ MDVSA-2015:131 ] rsync
- [ MDVSA-2015:133 ] python-requests
- [ MDVSA-2015:134 ] pulseaudio
- [ MDVSA-2015:135 ] ppp
- [ MDVSA-2015:136 ] perl
- [ MDVSA-2015:137 ] pcre
- [ MDVSA-2015:139 ] openvpn
- [ MDVSA-2015:140 ] ntp
- [ MDVSA-2015:138 ] patch
- [ MDVSA-2015:141 ] not-yet-commons-ssl
- [ MDVSA-2015:142 ] nodejs
- [ MDVSA-2015:143 ] mpfr
- [ MDVSA-2015:144 ] lua
- [ MDVSA-2015:145 ] libxfont
- [ MDVSA-2015:146 ] libvncserver
- [ MDVSA-2015:150 ] liblzo
- [ MDVSA-2015:151 ] libksba
- [ MDVSA-2015:149 ] libsndfile
- [ MDVSA-2015:147 ] libtiff
- [ MDVSA-2015:152 ] libjpeg
- [ MDVSA-2015:148 ] libssh2
- [ MDVSA-2015:154 ] gnupg
- [ MDVSA-2015:153 ] libgd
- [ MDVSA-2015:148-1 ] libssh2
- [ MDVSA-2015:155 ] gnupg
- [ MDVSA-2015:017-1 ] libevent
- [ MDVSA-2015:156 ] libcap-ng
- CVE-2015-2223: Palo Alto Traps Server Stored XSS
- From: michael . hendrickx
- [ MDVSA-2015:157 ] libarchive
- [ MDVSA-2015:158 ] jython
- [SECURITY] [DSA 3208-1] freexl security update
- [ MDVSA-2015:159 ] jasper
- [ MDVSA-2015:160 ] ipython
- [ MDVSA-2015:162 ] gtk+3.0
- [ MDVSA-2015:163 ] grub2
- [ MDVSA-2015:161 ] icu
- [ MDVSA-2015:165 ] bind
- [ MDVSA-2015:166 ] clamav
- [ MDVSA-2015:167 ] glpi
- [ MDVSA-2015:169 ] git
- [ MDVSA-2015:170 ] gcc
- [ MDVSA-2015:168 ] glibc
- [ MDVSA-2015:171 ] freerdp
- [ MDVSA-2015:172 ] firebird
- [ MDVSA-2015:173 ] ffmpeg
- [ MDVSA-2015:174 ] erlang
- [ MDVSA-2015:175 ] ejabberd
- [ MDVSA-2015:176 ] dbus
- [ MDVSA-2015:177 ] ctdb
- [ MDVSA-2015:029-1 ] binutils
- [ MDVSA-2015:180 ] apache-mod_wsgi
- [ MDVSA-2015:179 ] coreutils
- [ MDVSA-2015:178 ] ctags
- [ MDVSA-2015:181 ] drupal
- [ MDVSA-2015:147-1 ] libtiff
- [ MDVSA-2015:145-1 ] libxfont
- [ MDVSA-2015:182 ] tcpdump
- [CORE-2015-0007] - Schneider Vampset Stack and Heap Buffer Overflow
- From: CORE Advisories Team
- [ MDVSA-2015:183 ] wireshark
- [ MDVSA-2015:184 ] setup
- [security bulletin] HPSBGN03270 rev.1 - HP Operations Analytics, Remote Execution of Code
Mail converted by MHonArc