Bugtraq: by thread
145 messages
starting Aug 01 14 and
ending Aug 29 14
Date index |
Thread index |
Author index
- [ MDVSA-2014:145 ] php-ZendFramework security (Aug 01)
- [ MDVSA-2014:146 ] file security (Aug 01)
- [SECURITY] [DSA 2993-1] tor security update Salvatore Bonaccorso (Aug 01)
- TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities Vulnerability Lab (Aug 01)
- [SECURITY] [DSA 2994-1] nss security update Raphael Geissert (Aug 01)
- [ MDVSA-2014:147 ] sendmail security (Aug 01)
- [ MDVSA-2014:148 ] dbus security (Aug 01)
- [security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure security-alert (Aug 01)
- C++11 <regex> insecure by default submit (Aug 01)
- Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability Vulnerability Lab (Aug 01)
- Microsoft Exchange Multiple Vulnerabilities np (Aug 04)
- [slackware-security] samba (SSA:2014-213-01) Slackware Security Team (Aug 04)
- [slackware-security] dhcpcd (SSA:2014-213-02) Slackware Security Team (Aug 04)
- [SECURITY] [DSA 2995-1] lzo2 security update Salvatore Bonaccorso (Aug 04)
- [SECURITY] [DSA 2996-1] icedove security update Moritz Muehlenhoff (Aug 04)
- ownCloud Unencrypted Private Key Exposure Senderek Web Security (Aug 04)
- Re: ownCloud Unencrypted Private Key Exposure Frank Stanek (Aug 05)
- Re: ownCloud Unencrypted Private Key Exposure Anthony Dubuissez (Aug 06)
- RE: ownCloud Unencrypted Private Key Exposure Mikhail A. Utin (Aug 07)
- RE: ownCloud Unencrypted Private Key Exposure - version (6.0.4) reported not vulnerable Choulat, Trace (Aug 06)
- Re: ownCloud Unencrypted Private Key Exposure Jack Brennan (Aug 06)
- Re: ownCloud Unencrypted Private Key Exposure Frank Stanek (Aug 07)
- RE: ownCloud Unencrypted Private Key Exposure Mikhail A. Utin (Aug 07)
- Re: ownCloud Unencrypted Private Key Exposure Anthony Dubuissez (Aug 06)
- Re: ownCloud Unencrypted Private Key Exposure Frank Stanek (Aug 05)
- Video WiFi Transfer 1.01 - Directory Traversal Vulnerability Vulnerability Lab (Aug 04)
- FreeDisk v1.01 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Aug 04)
- Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability Vulnerability Lab (Aug 05)
- [security bulletin] HPSBMU03083 rev.1 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information security-alert (Aug 05)
- CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall Portcullis Advisories (Aug 05)
- [security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information security-alert (Aug 05)
- [CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] Mike Antcliffe (Aug 05)
- Apache Cordova 3.5.1 Marcel Kinard (Aug 05)
- SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director SEC Consult Vulnerability Lab (Aug 05)
- Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities mike . manzotti (Aug 05)
- CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java Georg Lukas (Aug 06)
- [SECURITY] [DSA 2997-1] reportbug security update Salvatore Bonaccorso (Aug 06)
- [security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege security-alert (Aug 06)
- PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability Vulnerability Lab (Aug 06)
- [ MDVSA-2014:149 ] php security (Aug 06)
- PhotoSync v2.2 iOS - Command Inject Web Vulnerability Vulnerability Lab (Aug 06)
- [ MDVSA-2014:150 ] tor security (Aug 07)
- nullcon CFP is open nullcon (Aug 07)
- TomatoCart v1.x (latest-stable) Multiple Vulnerabilities Kenny Mathis (Aug 07)
- Cisco Security Advisory: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Aug 07)
- [ MDVSA-2014:151 ] cups security (Aug 07)
- [ MDVSA-2014:153 ] mediawiki security (Aug 07)
- [ MDVSA-2014:154 ] readline security (Aug 07)
- [ MDVSA-2014:152 ] glibc security (Aug 07)
- [SECURITY] [DSA 2998-1] openssl security update Raphael Geissert (Aug 07)
- (CVE-2014-3501/2/3) Apache Cordova for Android - Multiple Vulnerabilities David Kaplan (Aug 07)
- [ MDVSA-2014:155 ] kernel security (Aug 07)
- (kind of) new tool: american fuzzy lop Michal Zalewski (Aug 07)
- [ MDVSA-2014:156 ] ocsinventory security (Aug 08)
- Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities Vulnerability Lab (Aug 08)
- [security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code security-alert (Aug 08)
- [security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege security-alert (Aug 08)
- Beginners error: QuickTime for Windows runs rogue program C:\Program.exe when opening associated files Stefan Kanthak (Aug 08)
- [security bulletin] HPSBUX03087 SSRT101413 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access security-alert (Aug 08)
- [WorldCIST'15]: Call for Workshops Proposals - Proceedings by Springer ML (Aug 08)
- [ MDVSA-2014:157 ] ipython security (Aug 08)
- ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability Security Alert (Aug 08)
- [ MDVSA-2014:159 ] wireshark security (Aug 08)
- [ MDVSA-2014:158 ] openssl security (Aug 08)
- [security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities security-alert (Aug 08)
- [slackware-security] openssl (SSA:2014-220-01) Slackware Security Team (Aug 11)
- [SECURITY] [DSA 2999-1] drupal7 security update Salvatore Bonaccorso (Aug 11)
- [SECURITY] [DSA 3000-1] krb5 security update Salvatore Bonaccorso (Aug 11)
- [SECURITY] [DSA 3001-1] wordpress security update Salvatore Bonaccorso (Aug 11)
- MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend Benjamin Kaduk (Aug 11)
- [SECURITY] [DSA 3002-1] wireshark security update Moritz Muehlenhoff (Aug 11)
- [SECURITY] [DSA 3003-1] libav security update Moritz Muehlenhoff (Aug 11)
- [SECURITY] [DSA 3004-1] kde4libs security update Moritz Muehlenhoff (Aug 11)
- IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) Jamie Riden (Aug 12)
- [SECURITY] [DSA 2984-2] acpi-support regression update Raphael Geissert (Aug 12)
- [security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information security-alert (Aug 12)
- Apache Cordova 3.5.1: CVE-2014-3502 update Marcel Kinard (Aug 12)
- CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service Gregory Pickett (Aug 12)
- BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04] security (Aug 13)
- [oCERT-2014-006] Ganeti insecure archive permission Andrea Barisani (Aug 13)
- Reflected Cross-Site Scripting (XSS) in Jamroom High-Tech Bridge Security Research (Aug 13)
- [security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information security-alert (Aug 13)
- [security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code security-alert (Aug 14)
- APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 Apple Product Security (Aug 14)
- [SECURITY] [DSA 3005-1] gpgme1.0 security update Salvatore Bonaccorso (Aug 14)
- Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more) Stefan Kanthak (Aug 18)
- Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs Stefan Kanthak (Aug 18)
- Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more) Stefan Kanthak (Aug 18)
- CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request tekwizz123 (Aug 18)
- Outlook.com for Android fails to validate server certificates Securify B.V. (Aug 18)
- CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack Dirk-Willem van Gulik (Aug 18)
- [SECURITY] [DSA 3006-1] xen security update Moritz Muehlenhoff (Aug 18)
- ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities Security Alert (Aug 19)
- ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities Security Alert (Aug 19)
- ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability Security Alert (Aug 19)
- ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities Security Alert (Aug 19)
- [CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability Jacopo Cappellato (Aug 19)
- ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities Security Alert (Aug 19)
- [Call For Papers] RiseCON - Rosario, Argentina Info RiseCON (Aug 20)
- [security bulletin] HPSBMU03094 rev.1 - HP Connect-IT, running OpenSSL, Remote Disclosure of Information or Unauthorized Access security-alert (Aug 20)
- [security bulletin] HPSBMU03101 rev.1 - HP Asset Manager, CloudSystem Chargeback, running OpenSSL, Remote Disclosure of Information or Unauthorized Access security-alert (Aug 20)
- [security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Aug 20)
- [security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Aug 20)
- [security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities security-alert (Aug 20)
- ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 jackie (Aug 20)
- Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities CERT (Aug 20)
- [SECURITY] [DSA 3007-1] cacti security update Moritz Muehlenhoff (Aug 20)
- CVE-2014-5307 - Privilege Escalation in Panda Security Products Portcullis Advisories (Aug 20)
- SQL Injection Vulnerability in ArticleFR High-Tech Bridge Security Research (Aug 20)
- CVE-2014-4973 - Privilege Escalation in ESET Windows Products Portcullis Advisories (Aug 20)
- ArcGIS for Server Vulnerability Disclosure Romano, Christian (Aug 21)
- ToorCon 16 Call For Papers! h1kari (Aug 21)
- [SECURITY] [DSA 3008-1] php5 security update Salvatore Bonaccorso (Aug 21)
- [SECURITY] [DSA 2940-1] libstruts1.2-java security update Moritz Muehlenhoff (Aug 21)
- [SECURITY] [DSA 3008-2] php5 regression update Salvatore Bonaccorso (Aug 22)
- [CVE-2014-5335] CSRF in Innovaphone PBX rg (Aug 22)
- CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects Herbert Duerr (Aug 22)
- CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability Herbert Duerr (Aug 22)
- [SECURITY] [DSA 3009-1] python-imaging security update Moritz Muehlenhoff (Aug 22)
- [security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information security-alert (Aug 22)
- DoS attacks (ICMPv6-based) resulting from IPv6 EH drops Fernando Gont (Aug 22)
- [security bulletin] HPSBMU03079 rev.1 - HP Service Manager, Multiple Vulnerabilities security-alert (Aug 25)
- [SECURITY] [DSA 3010-1] python-django security update Salvatore Bonaccorso (Aug 25)
- [SECURITY] [DSA 3011-1] mediawiki security update Salvatore Bonaccorso (Aug 25)
- Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) Vulnerability Lab (Aug 25)
- Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) Vulnerability Lab (Aug 25)
- DNN(DotNetNuke�) Iconbar Control Panel Bad Access Level config cseye_ut (Aug 25)
- DNN(DotNetNuke�) Ribbon Bar Control Panel Bad Access Level config cseye_ut (Aug 25)
- MEHR Automation System Arbitrary File Download Vulnerability(persian portal) cseye_ut (Aug 25)
- [WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. WorldCIST (Aug 25)
- [security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities security-alert (Aug 26)
- ntopng 1.2.0 XSS injection using monitored network traffic Steffen Bauch (Aug 26)
- LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification advisories (Aug 26)
- ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability Security Alert (Aug 26)
- Encore Discovery Solution Multiple Vulnerability Disclosure Romano, Christian (Aug 27)
- Mathematica10.0.0 on Linux /tmp/MathLink vulnerability paul . szabo (Aug 27)
- Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks Fernando Gont (Aug 27)
- SaaS Marketing platform Hubspot export vulnerability ehoward (Aug 27)
- <Possible follow-ups>
- Re: SaaS Marketing platform Hubspot export vulnerability security (Aug 28)
- [SECURITY] [DSA 3012-1] eglibc security update Florian Weimer (Aug 27)
- Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) jackie (Aug 27)
- [SECURITY] [DSA 3013-1] s3ql security update Florian Weimer (Aug 28)
- [The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert Pedro Ribeiro (Aug 28)
- Aerohive Hive Manager and Hive OS Multiple Vulnerabilities Disclosure (Aug 28)
- SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting SEC Consult Vulnerability Lab (Aug 28)
- [SECURITY] [DSA 3014-1] squid3 security update Salvatore Bonaccorso (Aug 28)
- Sierra Library Services Platform Multiple Vulnerability Disclosure Romano, Christian (Aug 29)