Bugtraq
[Prev Page][Next Page]
- [ MDVSA-2013:242 ] kernel
- XAMPP 1.8.1 Local Write Access Vulnerability
- From: ISecAuditors Security Advisories
- [SECURITY] [DSA 2764-1] libvirt security update
- joomla com_zimbcomment Components Local File Include vulnerability
- Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Queue Wedge Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBMU02872 SSRT101185 rev.2 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS)
- [ MDVSA-2013:240 ] glpi
- [ MDVSA-2013:241 ] perl-Crypt-DSA
- Multiple Vulnerabilities in X2CRM
- From: High-Tech Bridge Security Research
- GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN
- [SECURITY] [DSA 2763-1] pyopenssl security update
- From: Salvatore Bonaccorso
- CVE-2013-5118 - XSS Good for Enterprise iOS
- Re: DC4420 - London DEFCON - September meet - Tuesday 24th September 2013
- [IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin
- [SECURITY] [DSA 2762-1] icedove security update
- Re: [ANN] Struts 2.3.15.2 GA release available - security fix
- Wordpress fgallery_plus Plugin Xss vulnerabilities
- Wordpress fgallery_plus Plugin Xss vulnerabilities
- [ANN] Struts 2.3.15.2 GA release available - security fix
- Wordpress fgallery_plus Plugin Xss vulnerabilities
- [security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS)
- APPLE-SA-2013-09-20-1 Apple TV 6.0
- From: Apple Product Security
- Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability
- [iBliss Security Advisory] Blind SQL injection vulnerability in NOSpamPTI wordpress plugin
- [security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS)
- Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability
- [security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities
- [SECURITY] [DSA 2761-1] puppet security update
- [ MDVSA-2013:239 ] wordpress
- Re: %windir%\temp\sso\ssoexec.dll (or: howtrustworthy is Microsoft's build process)
- [ MDVSA-2013:238 ] wireshark
- [PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager
- An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism
- [slackware-security] glibc (SSA:2013-260-01)
- From: Slackware Security Team
- [security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
- Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
- [security bulletin] HPSBUX02927 SSRT101288 rev.1 - HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS
- APPLE-SA-2013-09-18-3 Xcode 5.0
- From: Apple Product Security
- APPLE-SA-2013-09-18-1 iTunes 11.1
- From: Apple Product Security
- APPLE-SA-2013-09-18-2 iOS 7
- From: Apple Product Security
- Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBMU02917 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Remote Command Execution and Privilege Escalation
- [SECURITY] [DSA 2760-1] chrony security update
- [SECURITY] [DSA 2759-1] iceweasel security update
- [ MDVSA-2013:237 ] firefox
- [slackware-security] mozilla-thunderbird (SSA:2013-260-03)
- From: Slackware Security Team
- SQL Injection in vtiger CRM
- From: High-Tech Bridge Security Research
- [slackware-security] mozilla-firefox (SSA:2013-260-02)
- From: Slackware Security Team
- [SECURITY] [DSA 2758-1] python-django security update
- From: Salvatore Bonaccorso
- APPLE-SA-2013-09-17-1 OS X Server v2.2.2
- From: Apple Product Security
- [ MDVSA-2013:236 ] subversion
- ExpressionEngine 2.6 Persistent XSS
- EarthVPN certificate configuration vulnerabilities
- OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption
- [ MDVSA-2013:235 ] mediawiki
- Botconf 2013 - Pre-programme pubished & registration open (Nantes, France, 5-6/12/2013)
- Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability
- [SECURITY] [DSA 2757-1] wordpress security update
- [ MDVSA-2013:234 ] python-django
- [ MDVSA-2013:232 ] libmodplug
- Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability
- [SECURITY] [DSA 2756-1] wireshark security update
- [ MDVSA-2013:233 ] python-OpenSSL
- [SECURITY] [DSA 2753-1] mediawiki security update
- OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability?
- WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release
- APPLE-SA-2013-09-12-2 Safari 5.1.10
- From: Apple Product Security
- APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
- From: Apple Product Security
- [iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin
- [ MDVSA-2013:231 ] openswan
- [security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS)
- [ MDVSA-2013:230 ] gdm
- OWASP Zed Attack Proxy 2.2.0
- [SECURITY] [DSA 2755-1] python-django security update
- From: Salvatore Bonaccorso
- ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication
- Cross-Site Scripting (XSS) in WikkaWiki
- From: High-Tech Bridge Security Research
- Insecure CHIASMUS encryption in GSTOOL
- Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability
- Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities
- [SECURITY] [DSA 2754-1] exactimage security update
- [security bulletin] HPSBUX02926 SSRT101281 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
- Synology DSM multiple vulnerabilities
- eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability
- [security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse
- [ MDVSA-2013:229 ] bzr
- FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED]
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile
- From: FreeBSD Security Advisories
- [ MDVSA-2013:228 ] cacti
- FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED]
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl
- From: FreeBSD Security Advisories
- Open-Xchange Security Advisory 2013-09-10
- Multiple vulnerabilities on D-Link Dir-505 devices
- From: alessandro . dipinto
- [ MDVSA-2013:227 ] python-setuptools
- Event Easy Calendar 1.0.0 WP plugin
- [slackware-security] subversion (SSA:2013-251-01)
- From: Slackware Security Team
- [CVE-2013-5701] Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability
- [SECURITY] [DSA 2752-1] phpbb3 security update
- [CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities
- From: CORE Advisories Team
- APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4
- From: Apple Product Security
- APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4
- From: Mihaela Popescu-Stanesti
- CFP: WorldCIST'14 - World Conference on IST; Best papers published in ISI Journals
- [ MDVSA-2013:226 ] roundcubemail
- [SECURITY] [DSA 2751-1] libmodplug security update
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
- From: Cisco Systems Product Security Incident Response Team
- SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities
- From: SEC Consult Vulnerability Lab
- Call for Paper/Event - nullcon Goa 2014
- [PSA-2013-0903-1] Apple Safari Heap Buffer Overflow
- [SECURITY] [DSA 2750-1] imagemagick security update
- PayPal's "invalid" aksession Padding Oracle Flaw
- ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities
- [ MDVSA-2013:225 ] libdigidoc
- [ MDVSA-2013:224 ] libtiff
- [SECURITY] [DSA 2749-1] asterisk security update
- Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption
- [SECURITY] [DSA 2748-1] exactimage security update
- [SECURITY] [DSA 2740-2] python-django regression update
- IndiaNIC Testimonail WP plugin - Multiple vulnerabilities
- Full Disclosure - Multiple vulnerabilities in five Zoom ADSL Modem/Routers
- Defense in depth -- the Microsoft way (part 9): erroneous documentation
- list of vulnerability discovered by RealPentesting
- [SECURITY] [DSA 2747-1] cacti security update
- [slackware-security] gnutls (SSA:2013-242-03)
- From: Slackware Security Team
- [slackware-security] gnutls (SSA:2013-242-01)
- From: Slackware Security Team
- VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free (MS13-059)
- From: VUPEN Security Research
- [ MDVSA-2013:223 ] asterisk
- VUPEN Security Research - Microsoft Internet Explorer Protected Mode Sandbox Bypass (Pwn2Own 2013 / MS13-059)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass (Pwn2Own 2013 / MS13-063)
- From: VUPEN Security Research
- [slackware-security] php (SSA:2013-242-02)
- From: Slackware Security Team
- NEW VMSA-2013-0011 VMware ESXi and ESX address an NFC Protocol Unhandled Exception
- From: VMware Security Team
- Microsoft MSRC RSS ASPX - CS Cross Site Web Vulnerability
- Department of Transport UK - SQL Injection Vulnerability
- UTA EDU University ENG - SQL Injection Vulnerability
- [SECURITY] [DSA 2746-1] icedove security update
- CyberArk User Enumeration - Multiple vulnerabilities
- CVE-2013-5216 CapaSystems Performance Guard Path Traversal Vulnerability
- Drupal Node View Permissions module and Flag module Vulnerabilities
- [SECURITY] [DSA 2745-1] linux security update
- 30C3 Call for Participation
- CORE-2013-0726 - AVTECH DVR multiple vulnerabilities
- From: CORE Advisories Team
- CORE-2013-0808 - EPS Viewer Buffer Overflow Vulnerability
- From: CORE Advisories Team
- [CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability
- From: CORE Advisories Team
- Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBHF02888 rev.3 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution
- Two Instagram Android App Security Vulnerabilities
- AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP
- From: Asterisk Security Team
- AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request
- From: Asterisk Security Team
- IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities
- [ MDVSA-2013:222 ] puppet
- [SECURITY] [DSA 2744-1] tiff security update
- [ MDVSA-2013:221 ] php
- [ MDVSA-2013:220 ] lcms
- POC2013 Call for Paper
- [SECURITY] [DSA 2743-1] kfreebsd-9 security update
- [SECURITY] [DSA 2742-1] php5 security update
- Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!
- Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!
- Defense in depth -- the Microsoft way (part 8): execute everywhere!
- Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!
- DC4420 - London DEFCON - August Meet - Tuesday 27th August 2013
- [SECURITY] [DSA 2741-1] chromium-browser security update
- Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!
- Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!
- Wordpress post-gallery Plugin Xss vulnerabilities
- libtiff <= 3.9.5 integer overflow bug
- [SECURITY] [DSA 2740-1] python-django security update
- From: Salvatore Bonaccorso
- PayPal Bug Bounty #110 - Auth Bypass (Session) Vulnerability
- Wordpress videowhisper-live-streaming-integration Plugin Xss vulnerabilities
- [ MDVSA-2013:219 ] libtiff
- [ MDVSA-2013:218 ] python-django
- [ MDVSA-2013:216 ] perl-Proc-ProcessTable
- [ MDVSA-2013:217 ] spice
- NEW VMSA-2013-0010 VMware Workstation host privilege escalation vulnerability
- From: VMware Security Team
- CVE-2013-4124 samba dos exploit
- [security bulletin] HPSBST02897 rev.1 - HP StoreOnce D2D Backup System, Remote Denial of Service (DoS)
- Joomla! VirtueMart component <= 2.0.22a - SQL Injection
- CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework
- From: Pivotal Security Team
- [ MDVSA-2013:215 ] cacti
- FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast
- From: FreeBSD Security Advisories
- [slackware-security] xpdf (SSA:2013-233-02)
- From: Slackware Security Team
- [slackware-security] hplip (SSA:2013-233-01)
- From: Slackware Security Team
- [slackware-security] poppler (SSA:2013-233-03)
- From: Slackware Security Team
- FreeBSD Security Advisory FreeBSD-SA-13:10.sctp
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 2739-1] cacti security update
- [security bulletin] HPSBGN02905 rev.2 - HP LoadRunner, HP Business Process Monitor, Remote Code Execution and Denial of Service (DoS)
- Windows Embedded POSReady 2009: cruft, not craft
- Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
- From: Cisco Systems Product Security Incident Response Team
- Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service
- [ MDVSA-2013:214 ] python
- CVE-2013-4124 samba nttrans dos private exploit
- Cross-Site Scripting (XSS) in Twilight CMS
- From: High-Tech Bridge Security Research
- Cross-Site Scripting (XSS) in BackWPup WordPress Plugin
- From: High-Tech Bridge Security Research
- Path Traversal in DeWeS Web Server (Twilight CMS)
- From: High-Tech Bridge Security Research
- [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Samsung DVR authentication bypass
- ESA-2013-047: RSA® Authentication Agent for PAM Unlimited Login Attempts Vulnerability
- [PSA-2013-0819-1] Oracle Java BytePackedRaster.verify() Signed Integer Overflow
- [security bulletin] HPSBMU02902 rev.2 - HP Integrated Lights-Out iLO3, iLO4, and iLO CM IPMI, Cipher Suite 0 Authentication Bypass Vulnerability
- Multiple vulnerabilities on Sitecom N300/N600 devices
- [SECURITY] [DSA 2738-1] ruby1.9.1 security update
- Defense in depth -- the Microsoft way (part 7): executable files in data directories
- x90c WOFF Firefox 1day exploit
- MS Excel 2002/2003 CRN record 0day PoC
- Open-Xchange Security Advisory 2013-08-16
- Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities
- Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access
- Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities
- CFP: WorldCIST'14 - World Conference on IST; Best papers published in JCR/ISI Journals
- [security bulletin] HPSBMU02915 rev.1 - HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege
- Subverting BIND's SRTT Algorithm: Derandomizing NS Selection
- [PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- [ MDVSA-2013:213 ] xymon
- [ MDVSA-2013:212 ] otrs
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Struts2 Prefixed Parameters Open Redirect Vulnerability
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Struts2 Prefixed Parameters OGNL Injection Vulnerability
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- CakePHP AssetDispatcher Local File Inclusion Vulnerability
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- RE: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- [SECURITY] [DSA 2737-1] swift security update
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- [ MDVSA-2013:211 ] lcms2
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- [PSA-2013-0811-1] Oracle Java storeImageArray() Invalid Array Indexing
- [SECURITY] [DSA 2736-1] putty security update
- From: Salvatore Bonaccorso
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- From: Gichuki John Chuksjonia
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Re: Apache suEXEC privilege elevation / information disclosure
- ReviewBoard Vulnerabilities
- RE: [Full-disclosure] Apache suEXEC privilege elevation /
- Re: Apache suEXEC privilege elevation / information disclosure
- Re: Apache suEXEC privilege elevation / information disclosure
- [RCA-201308-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities
- OUTDATED, UNSUPPORTED and VULNERABLE 3rd party components installed with Exact Audio Copy
- [security bulletin] HPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and Switches, OSPF Remote Information Disclosure and Denial of Service
- Joomla! redSHOP component v1.2 SQL Injection
- Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- [slackware-security] mozilla-thunderbird (SSA:2013-219-02)
- From: Slackware Security Team
- [slackware-security] seamonkey (SSA:2013-219-03)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-219-01)
- From: Slackware Security Team
- HP Data Protector Arbitrary Remote Command Execution
- From: alessandro . dipinto
- Two Vulnerabilities in NetworkMiner : DLL Hijacking + Directory Traversal
- PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities
- Updated [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity
- CORE-2013-0708 - Hikvision IP Cameras Multiple Vulnerabilities
- From: CORE Advisories Team
- Cisco Security Advisory: Cisco TelePresence System Default Credentials Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
- Trustport Webfilter Remote File Access Vulnerability
- Apache suEXEC privilege elevation / information disclosure
- [SECURITY] [DSA 2735-1] iceweasel security update
- [ MDVSA-2013:210 ] firefox
- Multiple Vulnerabilities in BigTree CMS
- Defense in depth -- the Microsoft way (part 6): beginner's errors, QA sound asleep or out of sight!
- Microsoft Yammer Social Network - oAuth Bypass (Session Token) Vulnerability
- Attacking Google Accounts with 'weblogin:' Tokens
- Re: XSS vulnerability in guestbook-php-script
- [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity
- [ MDVSA-2013:209 ] subversion
- [ MDVSA-2013:208 ] libtiff
- [ MDVSA-2013:207 ] samba
- [slackware-security] bind (SSA:2013-218-01)
- From: Slackware Security Team
- [slackware-security] httpd (SSA:2013-218-02)
- From: Slackware Security Team
- [slackware-security] samba (SSA:2013-218-03)
- From: Slackware Security Team
- [SECURITY] [DSA 2734-1] wireshark security update
- Re: Joomla core <= 3.1.5 reflected XSS vulnerability
- SocialEngine 4.5 TimeLine 4.2.5p9 upload file "PHP" in the Cover Image
- Usernoise 3.7.8 WP plugin cross-site scripting vulnerability
- Re: Joomla core <= 3.1.5 reflected XSS vulnerability
- Huawei B153 3G/UMTS router WPS weakness
- Joomseller "Events Booking Pro" and "JSE Event" reflected XSS
- Joomla com_sectionex v2.5.96 SQL Injection vulnerabilities
- [ MDVSA-2013:206 ] owncloud
- HP LaserJet Pro printers remote admin password extraction
- Joomla core <= 3.1.5 reflected XSS vulnerability
- PuTTY SSH handshake heap overflow
- SEC Consult SA-20130805-0 :: Vodafone EasyBox Default WPS PIN Algorithm Weakness
- From: SEC Consult Vulnerability Lab
- Rgpg 0.2.2 Ruby Gem Remote Command Injection
- FTP OnConnect v1.4.11 iOS - Multiple Web Vulnerabilities
- withU Music Share v1.3.7 iOS - Command Inject Vulnerability
- [slackware-security] gnupg / libgcrypt (SSA:2013-215-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2732-1] chromium-browser security update
- [SECURITY] [DSA 2733-1] otrs2 security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBUX02909 SSRT101289 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
- Multiple vulnerabilities on D-Link DIR-645 devices
- [security bulletin] HPSBUX02908 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [security bulletin] HPSBUX02907 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [ MDVSA-2013:205 ] gnupg
- Cisco Security Advisory: OSPF LSA Manipulation Vulnerability in Multiple Cisco Products
- From: Cisco Systems Product Security Incident Response Team
- SilverStripe(R) Information Exposure Through Query Strings in GET Request (CWE-598)
- From: Rustein, Fara Denise (LATCO - Buenos Aires)
- Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials
- [KIS-2013-06] vtiger CRM <= 5.4.0 (SOAP Services) Multiple SQL Injection Vulnerabilities
- Multiple XSS Vulnerabilities in Jahia xCM
- Cisco Security Advisory: Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products
- From: Cisco Systems Product Security Incident Response Team
- [KIS-2013-08] vtiger CRM <= 5.4.0 (SOAP Services) Authentication Bypass Vulnerability
- [KIS-2013-07] vtiger CRM <= 5.4.0 (vtigerolservice.php) PHP Code Injection Vulnerability
- [KIS-2013-05] vtiger CRM <= 5.4.0 (customerportal.php) Two Local File Inclusion Vulnerabilities
- Cisco Security Advisory: Cisco WAAS Central Manager Remote Code Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBMU02902 rev.1 - HP Integrated Lights-Out iLO3, iLO4 IPMI Cipher Suite 0 Authentication Bypass Vulnerability
- SQL Injection in Cotonti
- Open-Xchange Security Advisory 2013-07-31
- CORE-2013-0618 - Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras
- From: CORE Advisories Team
- NGS00500 Technical Advisory: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE
- NGS00434 Technical Advisory: Oracle Hyperion 11 Directory Traversal
- MojoPortal XSS
- [ MDVSA-2013:204 ] wireshark
- [ MDVSA-2013:203 ] phpmyadmin
- [SECURITY] [DSA 2730-1] gnupg security update
- [SECURITY] [DSA 2731-1] libgcrypt11 security update
- [security bulletin] HPSBGN02904 rev.1 - HP SiteScope running SOAP, Remote Code Execution
- WorldCIST'14 - World Conference on IST, 15 - 18 April 2014, at Madeira Island
- ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability
- Private Photos v1.0 iOS - Persistent Path Web Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-13:08.nfsserver
- From: FreeBSD Security Advisories
- DEFCON London - DC4420 July - social event - Tuesday 30th July 2013
- [ MDVSA-2013:202 ] bind
- WebDisk 3.0.2 PhotoViewer iOS - Command Execution Vulnerability
- Private Photos v1.0 iOS - Persistent Path Web Vulnerability
- [SECURITY] [DSA 2729-1] openafs security update
- Re: DEFCON London - DC4420 July - social event - Tuesday 30th July 2013
- [Announcement] CHMag - Call for Articles
- Defense in depth -- the Microsoft way (part 5): sticky, persistent vulnerabilities
- FreeBSD Security Advisory FreeBSD-SA-13:07.bind
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 2728-1] bind9 security update
- From: Salvatore Bonaccorso
- [ MDVSA-2013:201 ] ruby
- [ MDVSA-2013:200 ] ruby
- [SECURITY] [DSA 2726-1] php-radius security update
- Meet the folks of ws-attacker, BeEF, WAHH, sqlmap, Zed Attack Proxy, OWASP Top10, DOMinator, Minion, Mallodroid, and the inglorious bastards aka HackPra Allstars
- SEC Consult SA-20130726-0 :: Multiple vulnerabilities - Surveillance via Symantec Web Gateway
- From: SEC Consult Vulnerability Lab
- Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets
- CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability
- CVE-2013-2189: OpenOffice DOC Memory Corruption Vulnerability
- CA20130725-01: Security Notice for CA Service Desk Manager
- [SECURITY] [DSA 2727-1] openjdk-6 security update
- [security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code
- Xymon Systems and Network Monitor - remote file deletion vulnerability
- [ MDVSA-2013:199 ] squid
- [security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS)
- iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability
- [security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS)
- Basic Forum by JM LLC - Multiple Vulnerabilities
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager
- From: Cisco Systems Product Security Incident Response Team
- Easy Blog by JM LLC - Multiple Vulnerabilities
- Cross-Site Scripting (XSS) in Duplicator WordPress Plugin
- Cross-Site Scripting (XSS) in Magnolia CMS
- [ MDVSA-2013:198 ] libxml2
- Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets
- From: Albert Puigsech Galicia
- CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions
- From: CORE Advisories Team
- Orbit Downloader versions causing massive SYN flooding. Cyberoam cautions!
- From: bhadresh . k . patel
- [ MDVSA-2013:197 ] mysql
- CORE-2013-0705 - XnView Buffer Overflow Vulnerability
- From: CORE Advisories Team
- CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability
- From: CORE Advisories Team
- Re: Samsung TV - DoS vulnerability
- Juniper Secure Access XSS Vulnerability
- Photo Server 2.0 iOS - Multiple Critical Vulnerabilities
- Defense in depth -- the Microsoft way (part 4)
- SurgeFtp Server BufferOverflow Vulnerability
- Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities
- Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials
- Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability
- [CVE-2013-2137] Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application
- [CVE-2013-2250] Apache OFBiz Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz
- DirectShow Arbitrary Memory Overwrite Vulnerability ms13-056
- From: Andres Gomez Ramirez
- Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities
- Samsung TV - DoS vulnerability
- Re: [Full-disclosure] [SE-2012-01] New Reflection API affected by a known 10+ years old attack
- Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability
- Download Lite v4.3 iOS - Persistent File Web Vulnerability
- [security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
- Re: [Full-disclosure] XSS Vulnerabilities in Serendipity
- [SECURITY] [DSA 2724-1] chromium-browser security update
- SEC Consult SA-20130719-0 :: Multiple vulnerabilities in Sybase EAServer
- From: SEC Consult Vulnerability Lab
- Western Digital My Net N600, N750, N900 and N900C - Plain text disclosure of administrative credentials
- DeepSec 2013 - Call for Papers - REMINDER
- [SECURITY] [DSA 2725-1] tomcat6 security update
- [security bulletin] HPSBMU02900 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
- Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit
- [SE-2012-01] New Reflection API affected by a known 10+ years old attack
- From: Security Explorations
- [security bulletin] HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access
- Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities
- ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities
- Barracuda CudaTel 2.6.02.04 - Multiple Client Side Cross Site Vulnerabilities (Bug Bounty #17)
- Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability
- WiFly 1.0 Pro iOS - Multiple Web Vulnerabilities
- [SECURITY] [DSA 2723-1] php5 security update
- Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units
- [security bulletin] HPSBHF02888 rev.2 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution
- Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
- From: Cisco Systems Product Security Incident Response Team
- [slackware-security] php (SSA:2013-197-01)
- From: Slackware Security Team
- ESA-2013-055: EMC Avamar Multiple Vulnerabilities
- XSS Vulnerabilities in OpenCms
- [security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information
- [security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
- Voice Logger astTECS - bypass login & arbitrary file download
- [CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4
- Re: [ MDVSA-2013:195 ] php
- Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities
- Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities
- Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability
- FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability
- Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue
- Re: Multiple vulnerabilities in McAfee ePO 4.6.6
- [CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities
- CVE-2013-4788 - Eglibc PTR MANGLE bug
- Squid-3.3.5 DoS PoC
- [security bulletin] HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure
- [SECURITY] [DSA 2722-1] openjdk-7 security update
- [CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection
- Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability
- [ MDVSA-2013:196 ] java-1.6.0-openjdk
- [ MDVSA-2013:195 ] php
- Ruxcon 2013 Final Call For Papers
- Botconf 2013 - Call for short talks - Deadline Aug 31 2013
- [CVE-2012-6458] Multiple Persistent XSS in silverstripe-ecommerce
- [waraxe-2013-SA#106] - Multiple Vulnerabilities in Saurus CMS 4.7.1
- Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units
- Re: MiniUPnPd Information Disclosure (CVE-2013-2600)
- MiniUPnPd Information Disclosure (CVE-2013-2600)
- [Foreground Security 2013-002]: Corda Path Disclosure and XSS
- [security bulletin] HPSBST02890 rev.3 - HP StoreOnce D2D Backup System, Remote Unauthorized Access, Modification, and Escalation of Privilege
- Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95
- Multiple vulnerabilities in McAfee ePO 4.6.6
- Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets
- CVE-2013-3568 - Linksys CSRF + Root Command Injection
- Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets
- CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2
- Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets
- Windows 7/8 admin account installation password stored in the clear in LSA Secrets
- Re: Facebook Url Redirection Vuln.
- Re: Facebook Url Redirection Vuln.
- Re: [Full-disclosure] XSS and SQL Injection Vulnerabilities in MiniBB
- [ MDVSA-2013:194 ] kernel
- Re: Wordpress wp-private-messages Plugin Sql Injection vulnerability
- Facebook Url Redirection Vuln.
- [ MDVSA-2013:193 ] apache
- Hard-coded accounts on multiple network cameras
- [SECURITY] [DSA 2719-1] poppler security update
- Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability
- [Foreground Security 2013-001]: Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability
- From: Jose Carlos de Arriba
- VULNERABLE (3rd party) components in Adobe Reader 11.0.03, and dangling reference to Acrobat.exe
- [slackware-security] dbus (SSA:2013-191-01)
- From: Slackware Security Team
- Re: Cisco/Linksys E1200 N300 Reflected XSS
- Re: Project Pier Web Vulnerabilities
- [security bulletin] HPSBST02896 rev.1 - HP StoreVirtual Storage, Remote Unauthorized Access
- (CVE-2013-1059) Linux Kernel libceph Null Pointer Dereference Vulnerability
- Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution
- Re: re: Real player resource exhaustion Vulnerability
- SEC Consult SA-20130709-0 :: Denial of service vulnerability in Apache CXF
- From: SEC Consult Vulnerability Lab
- [HITB-Announce] REMINDER: #HITB2013KUL CFP Closes 25th July
- Re: re: Real player resource exhaustion Vulnerability
- Re: WordPress feed plugin Sql Injection
- Re: [security bulletin] HPSBST02890 rev.2 - HP StoreOnce D2D Backup System, Remote Unauthorized Access and Modification
- [security bulletin] HPSBST02890 rev.2 - HP StoreOnce D2D Backup System, Remote Unauthorized Access and Modification
- Re: OS-Command Injection via UPnP Interface in multiple D-Link devices
- Re: OS-Command Injection via UPnP Interface in multiple D-Link devices
- Authentication bypass in D-Link devices (session cookies not validated)
- ESA-2013-052: RSA(r) Authentication Manager Sensitive Information Disclosure Vulnerability
- ESA-2013-050: EMC Replication Manager Sensitive Information Disclosure Vulnerability
- Authentication bypass in D-Link routers
- Avira Analysis Web Service - SQL Injection Vulnerability
- VUPEN Security Research - Oracle Java Preloader Click-2-Play Warning Bypass Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Mozilla Firefox Maintenance Service Privilege Escalation Vulnerabilities
- From: VUPEN Security Research
- [SECURITY] [DSA 2721-1] nginx security update
- [oCERT-2013-001] File Roller path sanitization errors
- OS-Command Injection via UPnP Interface in multiple D-Link devices
- [SECURITY] [DSA 2720-1] icedove security update
- Paypal Bug Bounty #102 QR Dev Labs - Auth Bypass Vulnerability
- LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin
- From: LSE Leading Security Experts GmbH (Security Advisories)
- Mobile Atlas Creator 1.9.12 - Persistent Command Injection Vulnerability
- AVAST Antivirus v8.0.1489 - Multiple Core Vulnerabilities
- AVAST Universal Core Installer - Multiple Vulnerabilities
- AVAST Internet Security Suite - Persistent Vulnerabilities
- re: Real player resource exhaustion Vulnerability
- From: security curmudgeon
- Re: Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access
- Multiple Vulnerabilities in OpenX
- Multiple Vulnerabilities in Kasseler CMS
- Slots open for Security Projects :Open Source Showcase at AppSec Research / EU 2013
- APPLE-SA-2013-07-02-1 Security Update 2013-003
- From: Apple Product Security
- [security bulletin] HPSBUX02889 SSRT101252 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [security bulletin] HPSBUX02893 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Cross Site Scripting (XSS)
- [SECURITY] [DSA 2718-1] wordpress security update
- [ MDVSA-2013:192 ] php-radius
- [ MDVSA-2013:191 ] fail2ban
- Real player resource exhaustion Vulnerability
- WordPress category-grid-view-galler plugin Cross-Site Scripting Vulnerabilities
- [ MDVSA-2013:190 ] autotrace
- [ MDVSA-2013:189 ] wordpress
- [ MDVSA-2013:188 ] otrs
- WordPress feed plugin Sql Injection
- [ MDVSA-2013:187 ] apache-mod_security
- Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access
- Re: joomla com_football Components Sql Injection vulnerability
- [CVE-2013-4695] WinAmp v5.63 gen_ff.dll links.xml Value Parsing Invalid Pointer Dereference
- [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows
- [SECURITY] CVE-2013-1777: Apache Geronimo 3 RMI classloader exposure
- [security bulletin] HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution
- [security bulletin] HPSBST02846 SSRT100798 rev.2 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code
- Re: ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability
- [slackware-security] mozilla-firefox (SSA:2013-180-01)
- From: Slackware Security Team
- joomla com_football Components Sql Injection vulnerability
- [slackware-security] mozilla-thunderbird (SSA:2013-180-02)
- From: Slackware Security Team
- GreHack 2013 - CFP EXTENDED TO JULY,16 - Conf: Nov. 15, Grenoble, France
- Wordpress wp-private-messages Plugin Sql Injection vulnerability
- [SECURITY] [DSA 2717-1] xml-security-c security update
- From: Salvatore Bonaccorso
- Re: EMC Avamar: World writable cache files
- [ MDVSA-2013:186 ] puppet
- Re: Barracuda CudaTel 2.6.02.04 - Persistent Web Vulnerability
- Barracuda CudaTel 2.6.02.04 - Multiple Web Vulnerabilities
- [slackware-security] ruby (SSA:2013-178-01)
- From: Slackware Security Team
- Barracuda CudaTel 2.6.02.04 - Persistent Web Vulnerability
- Mobile USB Drive HD 1.2 - Arbitrary File Upload Vulnerability
- eFile Wifi Transfer Manager 1.0 iOS - Multiple Vulnerabilities
- Re: Re: EMC Avamar: World writable cache files
- [ MDVSA-2013:185 ] perl-Module-Signature
- [ MDVSA-2013:184 ] perl-Dancer
- [ MDVSA-2013:183 ] java-1.7.0-openjdk
- [ MDVSA-2013:182 ] mesa
- [ MDVSA-2013:181 ] mesa
- [ MDVSA-2013:180 ] curl
- CVE-2013-2210
- [security bulletin] HPSBUX02886 rev.1 - HP-UX Running HP Secure Shell, Remote Denial of Service (DoS)
- [security bulletin] HPSBST02890 rev.1 - HP StoreOnce D2D Backup System, Unauthorized Remote Access and Modification
- [SECURITY] [DSA 2715-1] puppet security update
- Cisco Security Advisory: Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Content Security Management Appliance
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2013:179 ] firefox
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Web Security Appliance
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Email Security Appliance
- From: Cisco Systems Product Security Incident Response Team
- Security focus, we need your help
- [SECURITY] [DSA 2716-1] iceweasel security update
- Multiple XSS Vulnerabilities in Xaraya
- [SECURITY] [DSA 2714-1] kfreebsd-9 security update
- [Full-disclosure] Magnolia CMS multiple access control vulnerabilities
- [ MDVSA-2013:178 ] nfs-utils
- [ MDVSA-2013:177 ] dbus
- Barnraiser Prairie OpenID idp: Directory traversal attack
- SEC Consult SA-20130625-0 :: Multiple vulnerabilities in IceWarp Mail Server
- From: SEC Consult Vulnerability Lab
- Re: Facebook Information Disclosure
- [ MDVSA-2013:176 ] kernel
- [SECURITY] [DSA 2713-1] curl security update
- From: Salvatore Bonaccorso
- Re: Facebook Information Disclosure
- [security bulletin] HPSBHF02878 rev.1 - HP Smart Zero Client, Unauthorized Access
- CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation (Deadline Extended)
- [slackware-security] curl (SSA:2013-174-01)
- From: Slackware Security Team
- Linksys X3000 - Multiple Vulnerabilities
- GreHack 2013 - CFP ends on June, 30 - Conf: Nov. 15, Grenoble, France
- ASUS RT-N66U Router - HTTPS Directory traversal and full file access and credential disclosure vuln
- Facebook Information Disclosure
- FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED]
- From: FreeBSD Security Advisories
- DC4420 - London DEFCON - June meet - Lightning Talks!!! - Tuesday 25th June 2013
- [security bulletin] HPSBUX02876 SSRT101148 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
- Android ICS "adb restore" directory traversal vulnerability (resending after bounce)
- [SECURITY] [DSA 2712-1] otrs2 security update
- Joomla crypto vulnerability (all versions)
- Re: Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :)
- Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :)
- [CVE-2013-0523] IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks
- [SECURITY] [DSA 2711-1] haproxy security update
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
- From: Cisco Systems Product Security Incident Response Team
- Facebook critical design flaw
- Remote code execution in Puppet
- From: andreas . lindqvist
- ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability
- ESA-2013-032 RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability
- ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities
- [SECURITY] [DSA 2628-2] nss-pam-ldapd update
- [SECURITY] [DSA 2698-1] tiff security update
- APPLE-SA-2013-06-18-1 Java for OS X 2013-004 and Mac OS X v10.6 Update 16
- From: Apple Product Security
- Apple and Wifi Hotspot Credentials Management Vulnerability
- Re: Apple and Wifi Hotspot Credentials Management Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-13:06.mmap
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 2710-1] xml-security-c security update
- From: Salvatore Bonaccorso
- Re: CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability
- CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability
- CVE-2013-2155: Apache Santuario C++ denial of service vulnerability
- CVE-2013-2153: Apache Santuario C++ signature bypass vulnerability
- [security bulletin] HPSBHF02885 rev.2 - HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO), Remote Unauthorized Access
- [ MDVSA-2013:173 ] subversion
- Re: WordPress 3.5.1, Denial of Service
- LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Engine
- From: LSE Leading Security Experts GmbH (Security Advisories)
- [SECURITY] [DSA 2707-1] dbus security update
- Slideware of recent presentations about IPv6 security
- [ MDVSA-2013:172 ] wireshark
- CORE-2013-0430 - Buffer overflow in Ubiquiti airCam RTSP service
- From: CORE Security Technologies Advisories
- SQL Injection in Dolphin
- Re: WordPress 3.5.1, Denial of Service
- [security bulletin] HPSBMU02884 rev.1 - HP Service Manager and HP ServiceCenter, Cross Site Scripting (XSS) and Disclosure of Information
- Re: WordPress 3.5.1, Denial of Service
- t2'13: Call for Papers 2013 (Helsinki / Finland)
- [security bulletin] HPSBHF02885 rev.1 - HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO), Remote Unauthorized Access
- [SECURITY] [DSA 2704-1] mesa security update
- CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation
- [slackware-security] php (SSA:2013-161-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2706-1] chromium-browser security update
- [SECURITY] [DSA 2705-1] pymongo security update
- CVE-2013-3739 Local File Inclusion in Weathermap <= 0.97C
- [SECURITY] [DSA 2703-1] subversion security update
- From: Salvatore Bonaccorso
- Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities
- Fail2ban 0.8.9, Denial of Service (Apache rules only)
- From: Krzysztof Katowicz-Kowalewski
- Re: Re: Netgear FVG318 is vunerable to DOS attack
- Re: Netgear FVG318 is vunerable to DOS attack
- WordPress 3.5.1, Denial of Service
- From: Krzysztof Katowicz-Kowalewski
- DEFCON London - DC4420 - June CFP - Lightning talks!!! - Tuesday 25th June 2013
- Re: [#1298868584] Copy&paste from web browser considered dangerous
- APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002
- From: Apple Product Security
- APPLE-SA-2013-06-04-2 Safari 6.0.5
- From: Apple Product Security
- CORE-2013-0517 - Xpient Cash Drawer Operation Vulnerability
- From: CORE Security Technologies Advisories
- CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response
- SEC Consult SA-20130605-0 :: Multiple vulnerabilities in CTERA Portal
- From: SEC Consult Vulnerability Lab
- [ANN] Struts 2.3.14.3 GA (fast-track) release available
- [CORE-2013-0103] Mac OSX Server DirectoryService buffer overflow
- From: CORE Security Technologies Advisories
- [security bulletin] HPSBMU02883 SSRT101227 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
- Re: Monkey HTTPD 1.1.1 - Denial of Service Vulnerability
- [SECURITY] [DSA 2702-1] telepathy-gabble security update
- From: Salvatore Bonaccorso
- CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution
- CVE-2013-3724 Monkey HTTPD 1.1.1 - Denial of Service Vulnerability
- [SECURITY] [DSA 2699-1] iceweasel security update
- [ISecAuditors Security Advisories] Multiple Vulnerabilities in Telaen <= 1.3.0
- From: ISecAuditors Security Advisories
- Open-Xchange Security Advisory 2013-06-03
- DS3 Authentication Server - Multiple Issues
- Imperva SecureSphere Operations Manager version 9.0.0.5 - Multiple issues
- Unauthenticated command execution on Netgear DGN devices
- CVE-2013-3664 - Sketchup Multiple Vulnerabilities
- CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow
- CVE-2013-3662 - Sketchup MAC Pict Material Palette Stack Corruption
- Vulnerable Microsoft VC++ 2005 RTM runtime libraries installed with "Microsoft Security Essentials" (and numerous other Microsoft products)
- [SECURITY] [DSA 2701-1] krb5 security update
- [SECURITY] [DSA 2700-1] wireshark security update
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
