178 messages
starting Jan 01 16 and
ending Jan 31 16
Date index |
Thread index |
Author index
Re: TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode) fgghy (Jan 11)
Exploiting XXE vulnerabilities in AMF libraries Nicolas Grégoire (Jan 11)
[SECURITY] [DSA 3440-1] sudo security update Ben Hutchings (Jan 11)
[SECURITY] [DSA 3441-1] perl security update Salvatore Bonaccorso (Jan 11)
SEC Consult whitepaper: Bypassing McAfee Application Whitelisting for Critical Infrastructure Systems SEC Consult Vulnerability Lab (Jan 12)
WP Symposium Pro Social Network Plugin XSS Vulnerability Rahul Pratap Singh (Jan 12)
[SECURITY] [DSA 3442-1] isc-dhcp security update Michael Gilbert (Jan 14)
Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability Cisco Systems Product Security Incident Response Team (Jan 14)
Cisco Security Advisory: Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability Cisco Systems Product Security Incident Response Team (Jan 14)
[SECURITY] [DSA 3445-1] pygments security update Salvatore Bonaccorso (Jan 14)
Cisco Security Advisory: Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jan 14)
Commentator Wordpress Plugin 2.5.2 XSS Vulnerability Rahul Pratap Singh (Jan 14)
[SECURITY] [DSA 3444-1] wordpress security update Salvatore Bonaccorso (Jan 14)
Cisco Security Advisory: Cisco Wireless LAN Controller Unauthorized Access Vulnerability Cisco Systems Product Security Incident Response Team (Jan 14)
[security bulletin] HPSBHF03535 rev.1 - HPE iMC OSS and iMC Plat running Adobe Flash, Multiple Remote Vulnerabilities security-alert (Jan 14)
Multiple SQL Injection Vulnerabilities in mcart.xls Bitrix Module High-Tech Bridge Security Research (Jan 14)
[security bulletin] HPSBGN03532 rev.1 - HPE ArcSight Logger, Multiple Vulnerabilities security-alert (Jan 14)
[CVE-2016-0014] Executable installers are vulnerable^WEVIL (case 1): Microsoft's IExpress resp. WExtract, SFXCab, BoxStub, ... Stefan Kanthak (Jan 14)
Remote Code Execution in Roundcube High-Tech Bridge Security Research (Jan 14)
[slackware-security] dhcp (SSA:2016-012-01) Slackware Security Team (Jan 14)
[SECURITY] [DSA 3443-1] libpng security update Salvatore Bonaccorso (Jan 14)
[security bulletin] HPSBUX03359 SSRT102094 rev.3 - HP-UX pppoec, local elevation of privilege security-alert (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:03.linux FreeBSD Security Advisories (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:05.tcp FreeBSD Security Advisories (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:02.ntp FreeBSD Security Advisories (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:01.sctp FreeBSD Security Advisories (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:06.bsnmpd FreeBSD Security Advisories (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:04.linux FreeBSD Security Advisories (Jan 14)
[SECURITY] [DSA 3446-1] openssh security update Yves-Alexis Perez (Jan 14)
Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Qualys Security Advisory (Jan 14)
[SECURITY] [DSA 3431-2] ganeti regression update Salvatore Bonaccorso (Jan 14)
FreeBSD bsnmpd information disclosure Pierre Kim (Jan 14)
FreeBSD Security Advisory FreeBSD-SA-16:07.openssh FreeBSD Security Advisories (Jan 14)
[slackware-security] openssh (SSA:2016-014-01) Slackware Security Team (Jan 14)
Executable installers are vulnerable^WEVIL (case 22): python.org's executable installers allow arbitrary (remote) code execution Stefan Kanthak (Jan 15)
Defense in depth -- the Microsoft way (part 38): does Microsoft follow their own security guidance/advisories? Stefan Kanthak (Jan 15)
[KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability Egidio Romano (Jan 15)
[CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 urikanonov (Jan 17)
[CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 urikanonov (Jan 17)
[SECURITY] [DSA 3447-1] tomcat7 security update Salvatore Bonaccorso (Jan 17)
Advanced Electron Forum v1.0.9 CSRF hyp3rlinx (Jan 17)
Advanced Electron Forum v1.0.9 Persistent XSS hyp3rlinx (Jan 17)
Advanced Electron Forum v1.0.9 RFI / CSRF hyp3rlinx (Jan 17)
Quick CMS v 6.1 XSS Vulnerability Rahul Pratap Singh (Jan 19)
[SECURITY] [DSA 3448-1] linux security update Salvatore Bonaccorso (Jan 19)
Quick Cart v6.6 XSS Vulnerability Rahul Pratap Singh (Jan 19)
[CORE-2016-0001] - Intel Driver Update Utility MiTM CORE Advisories Team (Jan 19)
Executable installers are vulnerable^WEVIL (case 21): Panda Security's installers allow arbitrary (remote) code execution AND escalation of privilege with PANDAIS16.exe Stefan Kanthak (Jan 19)
[security bulletin] HPSBGN03534 rev.1 - HPE Performance Center using Microsoft Report Viewer, Remote Disclosure of Information, Cross-Site Scripting (XSS) security-alert (Jan 19)
[SECURITY] [DSA 3449-1] bind9 security update Salvatore Bonaccorso (Jan 19)
APPLE-SA-2016-01-19-1 iOS 9.2.1 Apple Product Security (Jan 19)
APPLE-SA-2016-01-19-2 OS X El Capitan 10.11.3 and Security Update 2016-001 Apple Product Security (Jan 19)
APPLE-SA-2016-01-19-3 Safari 9.0.3 Apple Product Security (Jan 19)
LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability Onur Yilmaz (Jan 20)
[CVE-2016-1926] XSS in Greenbone Security Assistant ≥ 6.0.0 and < 6.0.8 bugtraq (Jan 20)
Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Jan 20)
[SECURITY] [DSA 3450-1] ecryptfs-utils security update Salvatore Bonaccorso (Jan 20)
Cisco Security Advisory: Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability Cisco Systems Product Security Incident Response Team (Jan 20)
QuickAuth - Google Authenticator Pebble app vulnerable to MITM attack when configuring TOTP keys issues (Jan 20)
Oracle HtmlConverter.exe Buffer Overflow hyp3rlinx (Jan 20)
SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices SEC Consult Vulnerability Lab (Jan 21)
Executable installers are vulnerable^WEVIL (case 3): WiX Toolset's bootstrapper "burn.exe" Stefan Kanthak (Jan 21)
[SECURITY] [DSA 3451-1] fuse security update Yves-Alexis Perez (Jan 21)
January 2016 - Bamboo - Critical Security Advisory David Black (Jan 21)
imageone Cms Multiple vulnerabilities iedb . team (Jan 25)
[SECURITY] [DSA 3452-1] claws-mail security update Ben Hutchings (Jan 25)
XMB - eXtreme Message Board v1.9.11.13 Weak Crypto hyp3rlinx (Jan 25)
HP LaserJet Fax Preview DLL side loading vulnerability Securify B.V. (Jan 25)
LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities Securify B.V. (Jan 25)
HP ToComMsg DLL side loading vulnerability Securify B.V. (Jan 25)
ZyXel WAP3205 v1 Multiple XSS graphx (Jan 25)
Remote shutdown vulnerability in Buffalo NAS (Linkstation 420) zemnmez (Jan 25)
PHP-FPM fpm_log.c memory leak and buffer overflow Imre RAD (Jan 25)
PHP LiteSpeed SAPI secret key improper disposal Imre RAD (Jan 25)
WP Easy Gallery v4.1.4 Stored XSS Vulnerability Rahul Pratap Singh (Jan 26)
[SECURITY] [DSA 3453-1] mariadb-10.0 security update Salvatore Bonaccorso (Jan 26)
glibc catopen() Multiple unbounded stack allocations cxsecurity (Jan 26)
Magento 1.9.x Multiple Man-In The Middle cxsecurity (Jan 26)
APPLE-SA-2016-01-25-1 tvOS 9.1.1 Apple Product Security (Jan 26)
Authentication bypass in PHP File Manager 0.9.8 Imre Rad (Jan 26)
[CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities CORE Advisories Team (Jan 26)
PHP LiteSpeed SAPI out of boundaries read due to missing input validation Imre RAD (Jan 26)
[security bulletin] HPSBGN03536 rev.1 - HP IceWall Products running OpenSSL, Remote and Local Denial of Service (DoS) security-alert (Jan 26)
[security bulletin] HPSBGN03537 rev.1 - HPE IceWall Federation Agent and IceWall File Manager running libXML2, Remote or Local Denial of Service (DoS) security-alert (Jan 26)
WP-Ultimate CSV Importer XSS Vulnerability Rahul Pratap Singh (Jan 26)
[SECURITY] [DSA 3454-1] virtualbox security update Moritz Muehlenhoff (Jan 26)
FreeBSD Security Advisory FreeBSD-SA-16:08.bind FreeBSD Security Advisories (Jan 27)
FreeBSD Security Advisory FreeBSD-SA-16:09.ntp FreeBSD Security Advisories (Jan 27)
FreeBSD Security Advisory FreeBSD-SA-16:10.linux FreeBSD Security Advisories (Jan 27)
[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption ERPScan inc (Jan 27)
[SECURITY] [DSA 3455-1] curl security update Alessandro Ghedini (Jan 27)
[SECURITY] [DSA 3456-1] chromium-browser security update Michael Gilbert (Jan 27)
BK Mobile CMS SQLi and XSS Vulnerability Rahul Pratap Singh (Jan 27)
Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jan 27)
Apple WatchOS v2.1 - Denial of Service Vulnerability Vulnerability Lab (Jan 27)
Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities Vulnerability Lab (Jan 27)
Telegram (API) - Cross Site Request Forgery Vulnerabilities Vulnerability Lab (Jan 27)
Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability Vulnerability Lab (Jan 27)
Kleefa v1.7 (IR) - Multiple Web Vulnerabilities Vulnerability Lab (Jan 27)
Classic Infomedia (Login) - Auth Bypass Web Vulnerability Vulnerability Lab (Jan 27)
WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability Vulnerability Lab (Jan 27)
los818 CMS 2016 Q1 - SQL Injection Web Vulnerability Vulnerability Lab (Jan 27)
Netgear GS105Ev2 - Multiple Vulnerabilities benedikt . westermann (Jan 27)
Cisco Security Advisory: Cisco Wide Area Application Service CIFS DoS Vulnerability Cisco Systems Product Security Incident Response Team (Jan 27)
Cisco Security Advisory: Cisco RV220 Management Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Jan 27)
Log2Space Central v 6.2 Multiple XSS Vulnerability Rahul Pratap Singh (Jan 27)
[SECURITY] [DSA 3457-1] iceweasel security update Moritz Muehlenhoff (Jan 27)
[SECURITY] [DSA 3458-1] openjdk-7 security update Moritz Muehlenhoff (Jan 27)
HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase Hacking Corporation Sàrl (Jan 28)
Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Jan 28)
New Era Company CMS - (id) SQL Injection Vulnerability Vulnerability Lab (Jan 28)
[SECURITY] [DSA 3459-1] mysql-5.5 security update Salvatore Bonaccorso (Jan 28)
CVE-2015-7521: Apache Hive authorization bug disclosure Sushanth Sowmyan (Jan 28)
[security bulletin] HPSBHF03535 rev.3 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Multiple Remote Vulnerabilities security-alert (Jan 28)
[security bulletin] HPSBHF03538 rev.1 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Remote Code Execution, Denial of Service (DoS) security-alert (Jan 28)
ProjectSend multiple vulnerabilities Filippo Cavallarin (Jan 29)
Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Jan 29)
[security bulletin] HPSBGN03542 rev.1 - HPE Operations Manager for Windows using Java Deserialization, Remote Arbitrary Code Execution security-alert (Jan 29)
[security bulletin] HPSBHF03510 rev.1 - HP Integrated Lights-Out 2/3/4, Remote Unauthorized Modification security-alert (Jan 29)
[security bulletin] HPSBHF03539 rev.1 - HPE VCX running OpenSSH or BIND, Remote Denial of Service (DoS) security-alert (Jan 29)
[security bulletin] HPSBOV03540 rev.1 - HPE OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS, Remote Disclosure of Information, Execution of Code, Denial of Service (DoS) security-alert (Jan 29)
ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation graphx (Jan 29)
[security bulletin] HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Unauthorized Modification security-alert (Jan 29)
Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network kingkaustubh (Jan 29)
[security bulletin] HPSBHF03419 rev.3 - HPE Networking Products, Remote Denial of Service (DoS), Unauthorized Access security-alert (Jan 29)
FreeBSD Security Advisory FreeBSD-SA-16:11.openssl FreeBSD Security Advisories (Jan 30)
CVE-2015-5344 - Apache Camel medium disclosure vulnerability Claus Ibsen (Jan 31)
[SECURITY] [DSA 3460-1] privoxy security update Sebastien Delafond (Jan 31)
VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability t . schughart (Jan 31)
OpenXchange | Information Disclosure t . schughart (Jan 31)
WP-Comment-Rating XSS Vulnerability Rahul Pratap Singh (Jan 31)
Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege Stefan Kanthak (Jan 31)
eClinicalWorks (CCMR) - Multiple Vulnerabilities jerold (Jan 31)