Mail Index
- [security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution
- [slackware-security] ntp (SSA:2016-120-01)
- From: Slackware Security Team
- [slackware-security] php (SSA:2016-120-02)
- From: Slackware Security Team
- [slackware-security] subversion (SSA:2016-121-01)
- From: Slackware Security Team
- Exploit-DB Captcha Bypass
- [SECURITY] [DSA 3562-1] tardiff security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3563-1] poppler security update
- [SECURITY] [DSA 3564-1] chromium-browser security update
- [SECURITY] [DSA 3565-1] botan1.10 security update
- ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities
- [slackware-security] mercurial (SSA:2016-123-01)
- From: Slackware Security Team
- CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection
- From: Timo Juhani Lindfors
- NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities
- [SECURITY] [DSA 3566-1] openssl security update
- LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability
- Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting
- [slackware-security] openssl (SSA:2016-124-01)
- From: Slackware Security Team
- CVE-2016-2784: CMS Made Simple < 2.1.3 & < 1.12.2 Web server Cache Poisoning
- Cisco Security Advisory: Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- APPLE-SA-2016-05-03-1 Xcode 7.3.1
- From: Apple Product Security
- [SECURITY] [DSA 3567-1] libpam-sshauth security update
- From: Salvatore Bonaccorso
- ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities
- Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
- From: Cisco Systems Product Security Incident Response Team
- FreeBSD Security Advisory FreeBSD-SA-16:17.openssl
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 3568-1] libtasn1-6 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3569-1] openafs security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3570-1] mercurial security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBMU03584 rev.1 - HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities
- Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities
- ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection.
- Re: ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection.
- [SECURITY] [DSA 3571-1] ikiwiki security update
- WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS
- [SECURITY] [DSA 3572-1] websvn security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3573-1] qemu security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBUX03577 SSRT102172 rev.1 - HP-UX VxFS, Local Unauthorized Access to Files
- Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability
- Skype Manager - (Email Change) Filter Bypass Vulnerability
- Notes v4.5 iOS - Arbitrary File Upload Vulnerability
- Stanford University - Multiple SQL Injection Vulnerabilities
- Trend Micro Direct Pass - Filter Bypass & Cross Site Scripting Vulnerability
- Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution
- [SECURITY] [DSA 3574-1] libarchive security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBUX03596 rev.1 - HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access
- [security bulletin] HPSBUX03574 rev.1 - HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, Unauthorized Information Disclosure
- BulletProof Security 53.3 - Security Advisory - Multiple XSS Vulnerabilities
- [slackware-security] imagemagick (SSA:2016-132-01)
- From: Slackware Security Team
- [SECURITY] [DSA 3565-2] monotone ovito pdns qtcreator softhsm regression update
- [security bulletin] HPSBHF03592 rev.1 - HPE VAN SDN Controller OVA using OpenSSL, Multiple Remote Vulnerabilities
- [security bulletin] HPSBNS03581 rev.2 - HPE NonStop Servers running Samba (NS-Samba), Multiple Remote Vulnerabilities
- Re: [slackware-security] imagemagick (SSA:2016-132-01)
- [security bulletin] HPSBST03586 rev.1 - HPE 3PAR OS, Remote Unauthorized Modification
- [security bulletin] HPSBST03598 rev.1 - HPE 3PAR OS using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution
- [security bulletin] HPSBST03599 rev.1 - HPE 3PAR OS running OpenSSH, Remote Denial of Service (DoS), Access Restriction Bypass
- [slackware-security] mozilla-thunderbird (SSA:2016-132-01)
- From: Slackware Security Team
- [security bulletin] HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS)
- [SECURITY] [DSA 3575-1] libxstream-java security update
- [security bulletin] HPSBMU03591 rev.1 - HPE Server Migration Pack, Remote Denial of Service (DoS)
- [security bulletin] HPSBMU03589 rev.1 - HPE Version Control Repository Manager (VCRM), Remote Denial of Service (DoS)
- May 2016 - HipChat Server - Critical Security Advisory
- [security bulletin] HPSBMU03590 rev.1 - HPE Systems Insight Manager (SIM) on Windows and Linux, Multiple Vulnerabilities
- [SECURITY] [DSA 3576-1] icedove security update
- eXtplorer v2.1.9 Archive Path Traversal
- dns_dhcp Web Interface SQL Injection
- [SECURITY] [DSA 3577-1] jansson security update
- [SECURITY] [DSA 3578-1] libidn security update
- [SECURITY] [DSA 3579-1] xerces-c security update
- From: Salvatore Bonaccorso
- [ERPSCAN-16-009] SAP xMII - directory traversal vulnerability
- [ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet
- [SECURITY] [DSA 3580-1] imagemagick security update
- Security advisory for Bugzilla 5.0.3 and 4.4.12
- APPLE-SA-2016-05-16-1 tvOS 9.2.1
- From: Apple Product Security
- APPLE-SA-2016-05-16-2 iOS 9.3.2
- From: Apple Product Security
- APPLE-SA-2016-05-16-3 watchOS 2.2.1
- From: Apple Product Security
- APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003
- From: Apple Product Security
- APPLE-SA-2016-05-16-5 Safari 9.1.1
- From: Apple Product Security
- APPLE-SA-2016-05-16-6 iTunes 12.4
- From: Apple Product Security
- [SECURITY] [DSA 3581-1] libndp security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBHF03594 rev.1 - HPE ConvergedSystem and AppSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities
- WSO2 SOA Enablement Server - Reflected Cross-Site Scripting
- [security bulletin] HPSBGN03587 rev.1 - HPE Helion OpenStack using OpenSSL and Open vSwitch, Remote Arbitrary Command Execution, Denial of Service (DoS), Disclosure of Information
- FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 3582-1] expat security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilities
- [security bulletin] HPSBHF03579 rev.1 - HPE ConvergedSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities
- Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information
- [SECURITY] [DSA 3583-1] swift-plugin-s3 security update
- TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4
- [ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability
- [ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability
- [SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast
- [SECURITY] [DSA 3584-1] librsvg security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution
- [slackware-security] curl (SSA:2016-141-01)
- From: Slackware Security Team
- [RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries
- [SECURITY] [DSA 3585-1] wireshark security update
- [RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections
- [SECURITY] [DSA 3586-1] atheme-services security update
- AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection
- MSA-2016-01: PowerFolder Remote Code Execution Vulnerability
- From: Advisories Advisories
- [security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information
- [slackware-security] libarchive (SSA:2016-145-01)
- From: Slackware Security Team
- Open-Xchange Security Advisory 2016-05-25
- Cisco Security Advisory: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- VMWare vSphere Web Client Flash XSS
- [security bulletin] HPSBMU03601 rev.1 - HPE Insight Control server deployment using OpenSSL, Multiple Vulnerabilities
- [security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities
- [security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS)
- [security bulletin] HPSBMU03611 rev.1 - HPE Matrix Operating Environment on Windows and Linux, Multiple Remote Vulnerabilities
- [security bulletin] HPSBGN03610 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Arbitrary Code Execution
- ESA-2016-061: EMC Isilon OneFS SMB Signing Vulnerability
- [CVE-2016-4434] Apache Tika XML External Entity vulnerability
- [CVE-2016-2175] Apache PDFBox XML External Entity vulnerability
- From: Andreas Lehmkuehler
- [SECURITY] [DSA 3587-1] libgd2 security update
- From: Salvatore Bonaccorso
- [CVE-2016-3094] Apache Qpid Java Broker denial of service vulnerability
- [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass
- [CVE-2016-4945] Login Form Hijacking Vulnerability in Citrix NetScaler Gateway
- [slackware-security] libxml2 (SSA:2016-148-01)
- From: Slackware Security Team
- [slackware-security] libxslt (SSA:2016-148-02)
- From: Slackware Security Team
- [slackware-security] php (SSA:2016-148-03)
- From: Slackware Security Team
- Multiple Vulnerabilities in Intex Wireless N150 Easy Setup Router
- [SECURITY] [DSA 3588-1] symfony security update
- [oCERT 2016-001] Jetty path sanitization issues
- WebKitGTK+ Security Advisory WSA-2016-0004
- From: Carlos Alberto Lopez Perez
- [SECURITY] [DSA 3589-1] gdk-pixbuf security update
- From: Salvatore Bonaccorso
- [SECURITY] Lorex ECO DVR Hard coded password
- [slackware-security] imagemagick (SSA:2016-152-01)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2016-152-02)
- From: Slackware Security Team
- [RT-SA-2015-012] XML External Entity Expansion in Paessler PRTG Network Monitor
- From: RedTeam Pentesting GmbH
- [RT-SA-2016-004] Websockify: Remote Code Execution via Buffer Overflow
- From: RedTeam Pentesting GmbH
- [RT-SA-2016-005] Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution
- From: RedTeam Pentesting GmbH
Mail converted by MHonArc