Bugtraq: by thread
218 messages
starting Mar 01 16 and
ending Mar 31 16
Date index |
Thread index |
Author index
- WordPress plugin GravityForms Cross-site Scripting vulnerability Henri Salo (Mar 01)
- [SYSS-2016-009] Sophos UTM 525 Web Application Firewall - Cross-Site Scripting in adrian . vollmer (Mar 01)
- Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 01)
- [SECURITY] [DSA 3500-1] openssl security update Alessandro Ghedini (Mar 01)
- [SECURITY] [DSA 3501-1] perl security update Salvatore Bonaccorso (Mar 01)
- Vivint Sky Control Panel Unauthenticated Access Vulnerability jeremyscott (Mar 02)
- [security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (Mar 02)
- [security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities HP Security Alert (Mar 02)
- [REVIVE-SA-2016-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati (Mar 02)
- Cisco Security Advisory: Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
- Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
- Cisco Security Advisory: Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
- Cisco Security Advisory: Cisco NX-OS Software TCP Netstack Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 02)
- Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 Cisco Systems Product Security Incident Response Team (Mar 02)
- Open-Xchange Security Advisory 2016-03-02 Martin Heiland (Mar 02)
- Panda SM Manager iOS Application - MITM SSL Certificate Vulnerability David Coomber (Mar 02)
- [security bulletin] HPSBHF03436 rev.1 - HP Thin Client with ThinPro OS, running Linux, Local Elevated Privileges HP Security Alert (Mar 02)
- WordPress Bulk Delete Plugin [Privilege Escalation] Panagiotis Vagenas (Mar 03)
- [slackware-security] php (SSA:2016-062-03) Slackware Security Team (Mar 03)
- [slackware-security] openssl (SSA:2016-062-02) Slackware Security Team (Mar 03)
- [slackware-security] mailx (SSA:2016-062-01) Slackware Security Team (Mar 03)
- [SECURITY] [DSA 3502-1] roundup security update Yves-Alexis Perez (Mar 03)
- [SECURITY] [DSA 3426-2] ctdb regression update Salvatore Bonaccorso (Mar 03)
- [SECURITY] [DSA 3503-1] linux security update Salvatore Bonaccorso (Mar 03)
- [security bulletin] HPSBGN03550 rev.2 - HP Operations Manager i and BSM using Apache Flex BlazeDS, Remote Disclosure of Information security-alert (Mar 03)
- [security bulletin] HPSBHF03439 rev.1 - HP Commercial PCs with Sure Start, Local Denial of Service HP Security Alert (Mar 03)
- [security bulletin] HPSBPI03546 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Enterprise Printers, Remote Disclosure of Information HP Security Alert (Mar 03)
- [SYSS-2015-053] innovaphone IP222/IP232 - Denial of Service disclosure (Mar 04)
- [SYSS-2015-064] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten (Mar 04)
- [SYSS-2015-060] Thru Managed File Transfer Portal 9.0.2 - Improperly Implemented Security Check for Standard (REVISED) erlijn . vangenuchten (Mar 04)
- [SYSS-2015-059] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten (Mar 04)
- [SYSS-2015-058] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten (Mar 04)
- [SECURITY] [DSA 3506-1] libav security update Moritz Muehlenhoff (Mar 04)
- [SECURITY] [DSA 3505-1] wireshark security update Moritz Muehlenhoff (Mar 04)
- [SECURITY] [DSA 3504-1] bsh security update Sebastien Delafond (Mar 04)
- McAfee VirusScan Enterprise security restrictions bypass Agazzini Maurizio (Mar 04)
- Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 06)
- Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 06)
- [SECURITY] [DSA 3507-1] chromium-browser security update Michael Gilbert (Mar 06)
- Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager mail (Mar 06)
- [SECURITY] [DSA 3508-1] jasper security update Salvatore Bonaccorso (Mar 06)
- Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Vulnerability Lab (Mar 07)
- ESA-2016-012: EMC Documentum xCP – User Information Disclosure Vulnerability Security Alert (Mar 07)
- <Possible follow-ups>
- ESA-2016-012: EMC Documentum xCP – User Information Disclosure Vulnerability Security Alert (Mar 14)
- [slackware-security] php (SSA:2016-067-01) Slackware Security Team (Mar 07)
- [security bulletin] HPSBHF03557 rev.1 - HPE Networking Products using Comware 7 (CW7) running NTP, Remote Denial of Service (DoS) security-alert (Mar 08)
- Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 08)
- Re: Windows Mail Find People DLL side loading vulnerability Stefan Kanthak (Mar 09)
- Re: Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 09)
- Re: Windows Mail Find People DLL side loading vulnerability Stefan Kanthak (Mar 09)
- [slackware-security] samba (SSA:2016-068-02) Slackware Security Team (Mar 08)
- [slackware-security] mozilla-firefox (SSA:2016-068-01) Slackware Security Team (Mar 08)
- Thomson TWG850 Wireless Router Multiple Vulnerabilities Sebastian Perez (Mar 08)
- LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities LSE-Advisories (Mar 09)
- OS-S 2016-05 Linux aiptek Nullpointer Dereference CVE-2015-7515 Ralf Spenneberg (Mar 09)
- OS-S 2016-06 Linux cdc_acm Nullpointer Dereference Ralf Spenneberg (Mar 09)
- <Possible follow-ups>
- Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference abdyfhie (Mar 09)
- Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference vdronov (Mar 15)
- OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference Ralf Spenneberg (Mar 09)
- <Possible follow-ups>
- Re: OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference vdronov (Mar 15)
- OS-S 2016-08 Linux mct_u232 Nullpointer Dereference Ralf Spenneberg (Mar 09)
- <Possible follow-ups>
- Re: OS-S 2016-08 Linux mct_u232 Nullpointer Dereference vdronov (Mar 15)
- OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566 Ralf Spenneberg (Mar 09)
- OS-S 2016-10 Linux visor (treo_attach) Nullpointer Dereference CVE-2016-2782 Ralf Spenneberg (Mar 09)
- OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences Ralf Spenneberg (Mar 09)
- <Possible follow-ups>
- Re: OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences vdronov (Mar 15)
- OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference Ralf Spenneberg (Mar 09)
- <Possible follow-ups>
- Re: OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference vdronov (Mar 15)
- Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
- Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
- Cisco Security Advisory: Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
- [SECURITY] [DSA 3509-1] rails security update Luciano Bello (Mar 09)
- <Possible follow-ups>
- [SECURITY] [DSA 3509-1] rails security update Luciano Bello (Mar 09)
- [SECURITY] [DSA 3509-1] rails security update Luciano Bello (Mar 09)
- Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" X41 D-Sec GmbH Advisories (Mar 09)
- [CORE-2016-0004] - SAP Download Manager Password Weak Encryption CORE Advisories Team (Mar 09)
- Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 09)
- [SECURITY] [DSA 3510-1] iceweasel security update Moritz Muehlenhoff (Mar 09)
- [CORE-2016-0003] - Samsung SW Update Tool MiTM CORE Advisories Team (Mar 09)
- [SECURITY] [DSA 3511-1] bind9 security update Michael Gilbert (Mar 13)
- [SECURITY] [DSA 3512-1] libotr security update Salvatore Bonaccorso (Mar 13)
- [SE-2012-01] Broken security fix in Oracle Java SE 7/8/9 Security Explorations (Mar 13)
- [slackware-security] bind (SSA:2016-069-01) Slackware Security Team (Mar 13)
- [slackware-security] mozilla-nss (SSA:2016-069-02) Slackware Security Team (Mar 13)
- FreeBSD Security Advisory FreeBSD-SA-16:13.bind FreeBSD Security Advisories (Mar 13)
- FreeBSD Security Advisory FreeBSD-SA-16:12.openssl FreeBSD Security Advisories (Mar 13)
- [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Christopher Shannon (Mar 13)
- <Possible follow-ups>
- Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Derek Mahar (Mar 17)
- [ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking Christopher Shannon (Mar 14)
- [SECURITY] [DSA 3513-1] chromium-browser security update Michael Gilbert (Mar 14)
- oss-2016-13: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) Ralf Spenneberg (Mar 14)
- oss-2016-14: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (gtco driver) Ralf Spenneberg (Mar 14)
- oss-2016-15: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) Ralf Spenneberg (Mar 14)
- oss-2016-16: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver) Ralf Spenneberg (Mar 14)
- oss-2016-17: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) Ralf Spenneberg (Mar 14)
- oss-2016-18: Multiple Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) Ralf Spenneberg (Mar 14)
- [slackware-security] openssh (SSA:2016-070-01) Slackware Security Team (Mar 14)
- DW Question Answer Stored XSS Vulnerability Rahul Pratap Singh (Mar 14)
- WebKitGTK+ Security Advisory WSA-2016-0002 Carlos Alberto Lopez Perez (Mar 14)
- Microsoft Edge CDOMTextNode::get_data type confusion Berend-Jan Wever (Mar 14)
- [SECURITY] [DSA 3514-1] samba security update Salvatore Bonaccorso (Mar 14)
- Soundy Background Music XSS Vulnerability Rahul Pratap Singh (Mar 14)
- [SECURITY] [DSA 3515-1] graphite2 security update Moritz Muehlenhoff (Mar 14)
- [SECURITY] [DSA 3516-1] wireshark security update Moritz Muehlenhoff (Mar 14)
- Re: oss-2016-13: Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) amaris (Mar 14)
- <Possible follow-ups>
- Re: oss-2016-13: Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) vdronov (Mar 15)
- Re: oss-2016-15: Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) amaris (Mar 14)
- <Possible follow-ups>
- Re: oss-2016-15: Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) vdronov (Mar 15)
- Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) amaris (Mar 14)
- <Possible follow-ups>
- Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) vdronov (Mar 15)
- Re: oss-2016-17: Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) amaris (Mar 14)
- <Possible follow-ups>
- Re: oss-2016-17: Local RedHat Enterprise Linux DoS �?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) vdronov (Mar 15)
- Reflected Cross-Site Scripiting in CuteEditor adrmm (Mar 14)
- ChitaSoft (Web-Application) - SQL Injection Vulnerability Vulnerability Lab (Mar 14)
- Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability Vulnerability Lab (Mar 14)
- Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability Vulnerability Lab (Mar 14)
- [security bulletin] HPSBGN03373 rev.2 - HP Release Control running TLS, Remote Disclosure of Information security-alert (Mar 14)
- [security bulletin] HPSBMU03377 rev.2 - HP Release Control running RC4, Remote Disclosure of Information security-alert (Mar 14)
- [security bulletin] HPSBGN03556 rev.1 - ArcSight ESM and ESM Express, Remote Arbitrary File Download, Local Arbitrary Command Execution security-alert (Mar 15)
- Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing Stefan Kanthak (Mar 15)
- [ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases Romain Manni-Bucau (Mar 15)
- [slackware-security] git (SSA:2016-075-01) Slackware Security Team (Mar 15)
- [slackware-security] seamonkey (SSA:2016-075-02) Slackware Security Team (Mar 15)
- Reflected Cross-Site Scripting (XSS) Vulnerability in Litecart CMS rsrathoreravi (Mar 16)
- [SECURITY] [DSA 3518-1] spip security update Sebastien Delafond (Mar 16)
- [security bulletin] HPSBGN03558 rev.1 - ArcSight ESM and ESM Express, Remote Disclosure of Sensitive Information security-alert (Mar 16)
- [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CORE Advisories Team (Mar 16)
- Re: [FD] [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow jungle Boogie (Mar 16)
- FreeBSD Security Advisory FreeBSD-SA-16:14.openssh FreeBSD Security Advisories (Mar 16)
- FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch FreeBSD Security Advisories (Mar 16)
- Multiple (persistent) XSS in ProjectSend mail (Mar 17)
- CVE-2016-1518: GrandStream Android VoIP Phone / App Provisioning Vulnerability Georg Lukas (Mar 17)
- CVE-2016-1519: GrandStream Android VoIP App TLS MitM Vulnerability Georg Lukas (Mar 17)
- CVE-2016-1520: GrandStream Android VoIP App Update Redirection Georg Lukas (Mar 17)
- [CVE-2016-2345] Solarwinds Dameware Mini Remote Control Remote Code Execution Vulnerability contact (Mar 17)
- [SECURITY] [DSA 3519-1] xen security update Moritz Muehlenhoff (Mar 17)
- [slackware-security] mozilla-firefox (SSA:2016-077-01) Slackware Security Team (Mar 17)
- Xoops 2.5.7.2 CSRF - Arbitrary User Deletions hyp3rlinx (Mar 17)
- Xoops 2.5.7.2 Directory Traversal Bypass hyp3rlinx (Mar 17)
- Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier (Mar 18)
- Remote Code Execution via CSRF in iTop High-Tech Bridge Security Research (Mar 18)
- Admin Password Reset & RCE via CSRF in Dating Pro High-Tech Bridge Security Research (Mar 18)
- SQL Injection and RCE in WebsiteBaker High-Tech Bridge Security Research (Mar 18)
- [SECURITY] [DSA 3520-1] icedove security update Moritz Muehlenhoff (Mar 19)
- [security bulletin] HPSBGN03438 rev.1 - HP Support Assistant, Local Authentication Bypass HP Security Alert (Mar 19)
- [SECURITY] [DSA 3521-1] git security update Salvatore Bonaccorso (Mar 20)
- [SECURITY] [DSA 3522-1] squid3 security update Salvatore Bonaccorso (Mar 20)
- [SECURITY] [DSA 3523-1] iceweasel security update Moritz Muehlenhoff (Mar 20)
- [SECURITY] [DSA 3524-1] activemq security update Moritz Muehlenhoff (Mar 20)
- AbsoluteTelnet 10.14 DLL Hijack Code Exec hyp3rlinx (Mar 20)
- [security bulletin] HPSBGN03551 rev.1 - HPE Helion Development Platform using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert (Mar 21)
- [security bulletin] HPSBGN03560 rev.1 - HP Operations Orchestration using Java Deserialization, Remote Arbitrary Code Execution security-alert (Mar 21)
- [security bulletin] HPSBMU03562 rev.1 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution security-alert (Mar 21)
- APPLE-SA-2016-03-21-1 iOS 9.3 Apple Product Security (Mar 21)
- APPLE-SA-2016-03-21-2 watchOS 2.2 Apple Product Security (Mar 21)
- APPLE-SA-2016-03-21-4 Xcode 7.3 Apple Product Security (Mar 21)
- APPLE-SA-2016-03-21-7 OS X Server 5.1 Apple Product Security (Mar 21)
- APPLE-SA-2016-03-21-3 tvOS 9.2 Apple Product Security (Mar 21)
- APPLE-SA-2016-03-21-6 Safari 9.1 Apple Product Security (Mar 21)
- APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 Apple Product Security (Mar 21)
- [RT-SA-2016-002] Cross-site Scripting in Securimage 3.6.2 RedTeam Pentesting GmbH (Mar 22)
- [SECURITY] [DSA 3525-1] pixman security update Salvatore Bonaccorso (Mar 22)
- Remote Code Execution in DVR affecting over 70 different vendors rotem kerner (Mar 23)
- [SECURITY] [DSA 3526-1] libmatroska security update Sebastien Delafond (Mar 23)
- CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported Ken Giusti (Mar 23)
- CA20160323-01: Security Notice for CA Single Sign-On Web Agents Kotas, Kevin J (Mar 23)
- Hardcoded root password in Zyxel MAX3XX series Wimax CPEs Gianni Carabelli (Mar 23)
- Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
- Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
- Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
- Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
- Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
- Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 23)
- [SECURITY] [DSA 3528-1] pidgin-otr security update Sebastien Delafond (Mar 23)
- [SECURITY] [DSA 3529-1] redmine security update Moritz Muehlenhoff (Mar 23)
- XSS (Cross Site Scripting) in Social CRM & Community Solutions powered by Lithium in Knowledge base section netizen01k (Mar 24)
- [SECURITY] [DSA 3527-1] inspircd security update Sebastien Delafond (Mar 24)
- [SYSS-2016-017] innovaphone IP222 - Improper Input Validation sven . freund (Mar 24)
- [SYSS-2016-018] innovaphone IP222 - Improper Restriction of Excessive Authentication Attempts sven . freund (Mar 24)
- [SYSS-2016-016] innovaphone IP222 - Improper Input Validation sven . freund (Mar 24)
- [security bulletin] HPSBMU03562 rev.2 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution security-alert (Mar 25)
- [security bulletin] HPSBGN03563 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Local Denial of Service (DoS), Disclosure of Information security-alert (Mar 25)
- [CVE-2016-0783] Predictable password reset token Maxim Solodovnik (Mar 25)
- [CVE-2016-2164] Arbitrary file read via SOAP API Maxim Solodovnik (Mar 25)
- [CVE-2016-2163] Stored Cross Site Scripting in Event description Maxim Solodovnik (Mar 25)
- [SECURITY] [DSA 3530-1] tomcat6 security update Moritz Muehlenhoff (Mar 26)
- [slackware-security] libevent (SSA:2016-085-01) Slackware Security Team (Mar 26)
- [slackware-security] mozilla-thunderbird (SSA:2016-085-02) Slackware Security Team (Mar 26)
- [SECURITY] [DSA 3531-1] chromum-browser security update Michael Gilbert (Mar 26)
- TrendMicro DDI Cross Site Request Forgerys hyp3rlinx (Mar 26)
- [SECURITY] [DSA 3532-1] quagga security update Salvatore Bonaccorso (Mar 27)
- Validation Bypass in C2Box application : CVE - 2015-4626 harish . ramadoss (Mar 28)
- BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542) appsec (Mar 28)
- BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543) appsec (Mar 28)
- [SECURITY] [DSA 3533-1] openvswitch security update Salvatore Bonaccorso (Mar 28)
- Fireware XTM Web UI - Open Redirect Manuel Mancera (Mar 29)
- [SECURITY] [DSA 3534-1] dhcpcd security update Salvatore Bonaccorso (Mar 29)
- [security bulletin] HPSBGN03444 rev.2 - HPE Network Automation, Remote Code Execution, Disclosure of Sensitive Information security-alert (Mar 29)
- [SECURITY] [DSA 3535-1] kamailio security update Moritz Muehlenhoff (Mar 30)
- Easy Hosting Control Panel (EHCP) - Multiple Vulnerabilities kyle Lovett (Mar 30)
- CVE-2016-2385 Kamailio SEAS module heap buffer overflow Stelios Tsampas (Mar 30)
- Multiple Vulnerabilities in CubeCart High-Tech Bridge Security Research (Mar 30)
- [CVE-2016-0784] Apache OpenMeetings ZIP file path traversal Maxim Solodovnik (Mar 30)
- Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Mar 30)
- RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Murray, Mike (Mar 30)
- [SECURITY] [DSA 3536-1] libstruts1.2-java security update Sebastien Delafond (Mar 31)
- [SECURITY] [DSA 3537-1] imlib2 security update Sebastien Delafond (Mar 31)
- [SECURITY] [DSA 3538-1] libebml security update Sebastien Delafond (Mar 31)
- Patron Info System - SQL Injection Vulnerability Vulnerability Lab (Mar 31)
- Hi Technology & Services CMS - SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
- WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Mar 31)
- Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities Vulnerability Lab (Mar 31)
- Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
- Dorsa Web CMS - Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
- Docker UI v0.10.0 - Multiple Persistent Vulnerabilities Vulnerability Lab (Mar 31)
- Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability Vulnerability Lab (Mar 31)