Mail Index

• Thread Index

• [slackware-security] libpng (SSA:2016-365-01)
  • From: Slackware Security Team
• [slackware-security] mozilla-thunderbird (SSA:2016-365-02)
  • From: Slackware Security Team
• [slackware-security] seamonkey (SSA:2016-365-03)
  • From: Slackware Security Team
• Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability
  • From: Pedro Santos
• [SECURITY] [DSA 3750-1] libphp-phpmailer security update
  • From: Thijs Kinkhorst
• 0-day: QNAP NAS Devices suffer of heap overflow
  • From: bashis
• [SECURITY] [DSA 3750-2] libphp-phpmailer regression update
  • From: Thijs Kinkhorst
• [security bulletin] HPSBGN03688 rev.1 - HPE Operations Orchestration, Remote Code Execution
  • From: security-alert
• ESA-2016-157: EMC ScaleIO Multiple Vulnerabilities
  • From: EMC Product Security Response Center
• [SECURITY][UPDATE] CVE-2016-8745 Apache Tomcat Information Disclosure
  • From: Mark Thomas
• [SECURITY] [DSA 3753-1] libvncserver security update
  • From: Sebastien Delafond
• QuickBooks 2017 Admin Credentials Disclosure
  • From: info
• Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability
  • From: iedb . team
• ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability
  • From: EMC Product Security Response Center
• ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability
  • From: EMC Product Security Response Center
• Directadmin ControlPanel 1.50.1 denial of service Vulnerability
  • From: iedb . team
• ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability
  • From: EMC Product Security Response Center
• FreeBSD Security Advisory FreeBSD-SA-17:01.openssh
  • From: FreeBSD Security Advisories
• Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability
  • From: Vulnerability Lab
• BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability
  • From: Vulnerability Lab
• Bit Defender #39 - Auth Token Bypass Vulnerability
  • From: Vulnerability Lab
• Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability
  • From: Vulnerability Lab
• Re: [oss-security] Docker 1.12.6 - Security Advisory
  • From: Andreas Stieger
• [SECURITY] [DSA 3757-1] icedove security update
  • From: Moritz Muehlenhoff
• IKEv1 cipher suite configuration mismatch in Siemens SIMATIC CP 343-1 Advanced
  • From: Andrea Barisani
• Multiple Vulnerabilities in cPanel
  • From: Open Security
• [SECURITY] [DSA 3758-1] bind9 security update
  • From: Florian Weimer
• CA20170109-01: Security Notice for CA Service Desk Manager
  • From: Kotas, Kevin J
• [slackware-security] gnutls (SSA:2017-011-02)
  • From: Slackware Security Team
• [slackware-security] bind (SSA:2017-011-01)
  • From: Slackware Security Team
• CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application
  • From: unlimitsec
• [SECURITY] [DSA 3760-1] ikiwiki security update
  • From: Moritz Muehlenhoff
• ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers)
  • From: Fernando Gont
• [security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information
  • From: security-alert
• [SECURITY] [DSA 3764-1] pdns security update
  • From: Salvatore Bonaccorso
• [security bulletin] HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities
  • From: security-alert
• [security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking
  • From: security-alert
• [SECURITY] [DSA 3765-1] icoutils security update
  • From: Salvatore Bonaccorso
• [SECURITY] [DSA 3743-2] python-bottle regression update
  • From: Sebastien Delafond
• [SECURITY] CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue
  • From: Joe Witt
• ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability
  • From: EMC Product Security Response Center
• ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability
  • From: EMC Product Security Response Center
• [security bulletin] HPSBMU03685 rev.1 - HPE Insight Control server provisioning (ICsp), Multiple Remote Vulnerabilities
  • From: security-alert
• [RCESEC-2016-012] Mattermost <= 3.5.1 "/error" Unauthenticated Reflected Cross-Site Scripting / Content Injection
  • From: Julien Ahrens
• Novel Contributions to the Field - How I broke MySQL's codebase (Part 2) [CVE-2016-5541] MySQL Cluster 0day
  • From: lem . nikolas
• Novel Contributions to the field - How I broke MySQL's code-base (Part 2) [CVE-2016-5541] MySQL cluster remote 0day
  • From: Nicholas Lemonias.
• [SECURITY] [DSA 3767-1] mysql-5.5 security update
  • From: Salvatore Bonaccorso
• NTOPNG Web Interface v2.4 CSRF Token Bypass
  • From: hyp3rlinx
• Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution
  • From: Stefan Kanthak
• [SECURITY] [DSA 3769-1] libphp-swiftmailer security update
  • From: Sebastien Delafond
• [SECURITY] [DSA 3770-1] mariadb-10.0 security update
  • From: Salvatore Bonaccorso
• Microsoft Remote Desktop Client for Mac Remote Code Execution - Update
  • From: Filippo Cavallarin
• ESA-2016-146: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability
  • From: EMC Product Security Response Center
• ESA-2016-150: RSA® Security Analytics Reflected Cross-Site Scripting Vulnerability
  • From: EMC Product Security Response Center
• APPLE-SA-2017-01-23-1 iOS 10.2.1
  • From: Apple Product Security
• APPLE-SA-2017-01-23-3 watchOS 3.1.3
  • From: Apple Product Security
• APPLE-SA-2017-01-23-4 tvOS 10.1.1
  • From: Apple Product Security
• APPLE-SA-2017-01-23-5 Safari 10.0.3
  • From: Apple Product Security
• APPLE-SA-2017-01-23-2 macOS 10.12.3
  • From: Apple Product Security
• APPLE-SA-2017-01-23-6 iCloud for Windows 6.1.1
  • From: Apple Product Security
• APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5
  • From: Apple Product Security
• [slackware-security] mozilla-firefox (SSA:2017-023-01)
  • From: Slackware Security Team
• [ERPSCAN-17-005] Oracle PeopleSoft - XSS vulnerability CVE-2017-3300
  • From: ERPScan inc
• CVE-2017-3241 - [ERPSCAN-17-006] Oracle OpenJDK - Java Serialization DoS
  • From: ERPScan inc
• [security bulletin] HPSBGN03690 rev.1 - HPE Real User Monitor (RUM), Remote Disclosure of Information
  • From: security-alert
• Cisco Security Advisory: Cisco WebEx Browser Extension Remote Code Execution Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• [security bulletin] HPSBHF03441 rev.2 - HPE iLO 3, iLO 4 and iLO 4 mRCA, Remote Multiple Vulnerabilities
  • From: security-alert
• [security bulletin] HPSBHF03695 rev.1 - HPE Ethernet Adaptors, Remote Denial of Service (DoS)
  • From: security-alert
• [security bulletin] HPSBST03642 rev.3 - HPE StoreVirtual Products running LeftHand OS using OpenSSL and OpenSSH, Remote Arbitrary Code Execution, Denial of Service (DoS), Disclosure of Sensitive Information, Unauthorized Access
  • From: security-alert
• OpenCart 2.3.0.2 CSRF - User Account Takeover
  • From: Open Security
• ESA-2016-166: EMC Isilon OneFS Privilege Escalation Vulnerability
  • From: EMC Product Security Response Center
• Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability
  • From: Summer of Pwnage
• [SECURITY] [DSA 3771-1] firefox-esr security update
  • From: Moritz Muehlenhoff
• PEAR HTTP_Upload v1.0.0b3 Arbitrary File Upload
  • From: hyp3rlinx
• ESA-2016-092: RSA® Web Threat Detection Cross Site Scripting Vulnerability
  • From: EMC Product Security Response Center
• ESA-2016-132: EMC RecoverPoint Multiple Vulnerabilities
  • From: EMC Product Security Response Center
• ESA-2016-160: EMC Data Domain DD OS Command Injection Vulnerability
  • From: EMC Product Security Response Center
• ESA-2016-167: EMC Documentum D2 Multiple Vulnerabilities
  • From: EMC Product Security Response Center
• [SECURITY] [DSA 3772-1] libxpm security update
  • From: Salvatore Bonaccorso
• CA20170126-01: Security Notice for CA Common Services casrvc
  • From: Kotas, Kevin J
• [slackware-security] mozilla-thunderbird (SSA:2017-026-01)
  • From: Slackware Security Team
• Secunia Research: Oracle Outside In VSDX Use-After-Free Vulnerability
  • From: Secunia Research
• ESA-2016-037: EMC PowerPath Management Appliance Information Disclosure Vulnerability
  • From: EMC Product Security Response Center
• ESA-2016-154: RSA BSAFE® Crypto-J Multiple Security Vulnerabilities
  • From: EMC Product Security Response Center
• ESA-2016-133: EMC Data Protection Advisor Path Traversal Vulnerability
  • From: EMC Product Security Response Center
• [SECURITY] [DSA 3773-1] openssl security update
  • From: Moritz Muehlenhoff
• CVE-2017-3160: Gradle Distribution URL used by Cordova-Android does not use https by default
  • From: bowserj
• Multiple blind SQL injection vulnerabilities in FormBuilder WordPress Plugin
  • From: Summer of Pwnage
• Persistent Cross-Site Scripting vulnerability in User Access Manager WordPress Plugin
  • From: Summer of Pwnage
• secuvera-SA-2017-01: Privilege escalation in an OPSI Managed Client environment ("rise of the machines")
  • From: sbieber
• Secunia Research: libarchive "lha_read_file_header_1()" Out-Of-Bounds Memory Access Denial of Service Vulnerability
  • From: Secunia Research
• [security bulletin] HPESBMU03701 rev.1 - HPE Smart Storage Administrator, Remote Arbitrary Code Execution
  • From: security-alert
• [REVIVE-SA-2017-001] Revive Adserver - Multiple vulnerabilities
  • From: Matteo Beccati
• ESA-2016-094: RSA BSAFE Micro Edition Suite Multiple Vulnerabilities
  • From: EMC Product Security Response Center