Bugtraq
[Prev Page][Next Page]
- [CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities
- From: CORE Advisories Team
- [ MDVSA-2015:212 ] java-1.7.0-openjdk
- Open-Xchange Security Advisory 2015-04-27
- [ MDVSA-2015:211 ] glusterfs
- Elasticsearch vulnerability CVE-2015-3337
- [ MDVSA-2015:210 ] qemu
- [ MDVSA-2015:209 ] php
- [ MDVSA-2015:208 ] setup
- [ MDVSA-2015:207 ] perl-Module-Signature
- [ MDVSA-2015:206 ] asterisk
- [ MDVSA-2015:205 ] tor
- [ MDVSA-2015:204 ] librsync
- [SECURITY] [DSA 3238-1] chromium-browser security update
- WordPress 4.2 stored XSS
- [SECURITY] [DSA 3237-1] linux security update
- [SECURITY] [DSA 3236-1] libreoffice security update
- [SECURITY] [DSA 3235-1] openjdk-7 security update
- [SECURITY] [DSA 3234-1] openjdk-6 security update
- [security bulletin] HPSBHF03272 rev.1 - HP Servers with NVidia GPU Computing Driver running Windows Server 2008, Elevation of Privilege
- [security bulletin] HPSBPI03315 rev.1 - HP Capture and Route Software, Remote Information Disclosure
- [SECURITY] [DSA 3233-1] wpa security update
- From: Salvatore Bonaccorso
- 4k ULTRA HIGH DEFINITION Satellite Security Research - DVB-S2X Security Evaluation Draft Notes - Advanced Information Security Corporation
- Encaps PHP/Flash Gallery 2.3.22s Database Puffing Up Exploit
- Incorrect handling of self signed certificates in OpenFire XMPP Server
- SSH Network Security Assessment utility - Zeppelin - -=[Advanced Information Security Corp]=-
- Zeppelin - SSH script - Advanced Information Security Corporation
- 4k ULTRA HIGH DEFINITION Satellite Security Research - DVB-S2X Security Evaluation Draft Notes
- Avsarsoft Matbaa Script - Multiple Vulnerabilities
- Pligg CMS 2.0.2 - Stored XSS
- [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow
- Socrata Bug Bounty #1 - Persistent Encoding Vulnerability
- Dnsmasq 2.72 Unchecked returned value
- [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow
- [slackware-security] openssl (SSA:2015-111-09)
- From: Slackware Security Team
- [slackware-security] bind (SSA:2015-111-01)
- From: Slackware Security Team
- [slackware-security] httpd (SSA:2015-111-03)
- From: Slackware Security Team
- [slackware-security] ntp (SSA:2015-111-08)
- From: Slackware Security Team
- [slackware-security] gnupg (SSA:2015-111-02)
- From: Slackware Security Team
- [slackware-security] proftpd (SSA:2015-111-12)
- From: Slackware Security Team
- [slackware-security] seamonkey (SSA:2015-111-14)
- From: Slackware Security Team
- [slackware-security] ppp (SSA:2015-111-11)
- From: Slackware Security Team
- [slackware-security] php (SSA:2015-111-10)
- From: Slackware Security Team
- [slackware-security] mutt (SSA:2015-111-07)
- From: Slackware Security Team
- [slackware-security] libssh (SSA:2015-111-04)
- From: Slackware Security Team
- [slackware-security] qt (SSA:2015-111-13)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2015-111-06)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2015-111-05)
- From: Slackware Security Team
- [security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution
- Multiple Cross-Site Scripting (XSS) in FreePBX
- From: High-Tech Bridge Security Research
- Netgear WNR2000v4 Multiple Vulnerabilities
- [SECURITY] [DSA 3232-1] curl security update
- iPassword Manager v2.6 iOS - Persistent Vulnerabilities
- Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability
- Reflected XSS Vulnerability In Manage Engine Event Log Analyzer
- Reflected XSS Vulnerability In Manage Engine Firewall Analyzer
- Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin
- [SECURITY] [DSA 3231-1] subversion security update
- From: Salvatore Bonaccorso
- AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%
- From: Hector Marco-Gisbert
- Linux ASLR mmap weakness: Reducing entropy by half
- From: Hector Marco-Gisbert
- [security bulletin] HPSBGN03305 rev.1 - HP Business Service Management (BSM) products running SSLv3, Remote Disclosure of Information
- GoAutoDial 3.3 multiple vulnerabilities
- Google Analytics by Yoast stored XSS #2
- SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
- PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability
- Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability
- Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability
- Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability
- Photo Manager Pro v4.4.0 iOS - File Include Vulnerability
- Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability
- Mobile Drive HD v1.8 - File Include Web Vulnerability
- Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability
- [security bulletin] HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
- [SECURITY] [DSA 3230-1] django-markupfield security update
- [SECURITY] [DSA 3229-1] mysql-5.5 security update
- From: Salvatore Bonaccorso
- Security Audit Notes - OpenSSL v1.0.2a (latest) Issues - Advanced Information Security Corporation
- CVE-2014-7953 Android backup agent code execution
- CVE-2014-7951 adb backup archive path traversal file overwrite
- CVE-2014-7954 MTP path traversal vulnerability in Android
- 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges
- Lychee 2.7.1 remote code execution
- Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability
- [SECURITY] [DSA 3228-1] ppp security update
- [CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities
- Secunia Research: Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability
- [security bulletin] HPSBMU03264 rev.1 - HP Network Automation, Multiple Remote Vulnerabilities
- [SECURITY] [DSA 3227-1] movabletype-opensource security update
- From: Salvatore Bonaccorso
- Cisco Security Advisory: Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 3226-1] inspircd security update
- ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability
- [SECURITY] [DSA 3225-1] gst-plugins-bad0.10 security update
- [IMF2015] Call for Participation
- Security Advisory - Apache HTTP Server 2.2.29 / 2.4.12 NULL Pointer dereference in protocol.c
- Secunia Research: Microsoft Windows GDI "MRSETDIBITSTODEVICE ::bPlay()" EMF Parsing Memory Corruption Vulnerability
- Wordpress WP Statistics persistent cross site scripting
- several issues in SQLite (+ catching up on several other bugs)
- whitepaper: Identifier based XSSI attacks
- [SYSS-2015-015] Panda Gold Protection 2015 - Authentication Bypass
- [SYSS-2015-014] Panda Global Protection 2015 - Authentication Bypass
- [SYSS-2015-013] Panda Antivirus Pro 2015 - Authentication Bypass
- [SYSS-2015-012] Panda Internet Security 2015 - Authentication Bypass
- Security Advisory - Apache HTTP Server 2.2.29 / 2.4.12 NULL Pointer dereference in protocol.c
- Security Advisory - Apache HTTP Server 2.2.29 / 2.4.12 NULL Pointer dereference in protocol.c
- [CVE-2015-2810] Integer Overflow leading to heap corruption when assigning a long paragraph size value to a HanWord document
- [security bulletin] HPSBOV03318 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS) and other Vulnerabilities
- [security bulletin] HPSBHF03310 rev.2 - HP Thin Clients running Windows Embedded Standard 7 (WES7) or Windows Embedded Standard 2009 (WES09) with HP Easy Deploy, Remote Elevation of Privilege, Execution of Code
- Apache HTTPD 2.4.12, 2.2.29 Security Audit - Advanced Information Security Corp
- Apache HTTPD 2.4.12/ 2.2.29 Security Audit Notes - Advanced Information Security Corp
- Ruxcon 2015 Call For Presentations
- [SECURITY] [DSA 3224-1] libx11 security update
- [SECURITY] [DSA 3223-1] ntp security update
- [SECURITY] [DSA 3222-1] chrony security update
- [SECURITY] [DSA 3221-1] das-watchdog security update
- From: Salvatore Bonaccorso
- Safari iOS/OS X/Windows cookie access vulnerability
- [SECURITY] [DSA 3220-1] libtasn1-3 security update
- From: Salvatore Bonaccorso
- Hijacking any Weebly Website [Insecure Direct Object Reference Vulnerability]
- [SECURITY] [DSA 3219-1] libdbd-firebird-perl security update
- OrangeHRM Blind SQL Injection & XSS Vulnerabilities
- [ MDVSA-2015:203 ] batik
- [security bulletin] HPSBGN03316 rev.1 - HP Support Solution Framework on Windows, Remote Execution of Code, Disclosure of Information
- [SECURITY] [DSA 3218-1] wesnoth-1.10 security update
- Hidden backdoor API to root privileges in Apple OS X
- SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2015:201 ] arj
- [ MDVSA-2015:202 ] ntp
- [ MDVSA-2015:200 ] mediawiki
- [ MDVSA-2015:199 ] less
- [SECURITY] [DSA 3217-1] dpkg security update
- From: Salvatore Bonaccorso
- SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2015:198 ] java-1.8.0-openjdk
- APPLE-SA-2015-04-08-5 Xcode 6.3
- From: Apple Product Security
- AST-2015-003: TLS Certificate Common name NULL byte exploit
- From: Asterisk Security Team
- [security bulletin] HPSBUX03240 SSRT101872 rev.2 - HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilities
- APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
- From: Apple Product Security
- APPLE-SA-2015-04-08-3 iOS 8.3
- From: Apple Product Security
- APPLE-SA-2015-04-08-4 Apple TV 7.2
- From: Apple Product Security
- APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
- From: Apple Product Security
- Cisco Security Advisory: Cisco ASA FirePOWER Services and Cisco ASA CX Services Crafted Packets Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software
- From: Cisco Systems Product Security Incident Response Team
- [HITB-Announce] HITB GSEC 2015 Singapore - Call for Papers
- [CVE-2015-2926] XSS vuln in phpTrafficA
- FreeBSD Security Advisory FreeBSD-SA-15:04.igmp [REVISED]
- From: FreeBSD Security Advisories
- [security bulletin] HPSBHF03310 rev.1 - HP Thin Clients running Windows Embedded Standard 7 (WES7) or Windows Embedded Standard 2009 (WES09) with HP Easy Deploy, Remote Elevation of Privilege, Execution of Code
- FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415)
- FreeBSD Security Advisory FreeBSD-SA-15:07.ntp
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-15:09.ipv6
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall
- From: FreeBSD Security Advisories
- CA20150407-01: Security Notice for CA Spectrum
- Reflected Cross-Site Scripting vulnerability in asdoc generated documentation
- [SECURITY] [DSA 3057-2] libxml2 regression update
- From: Salvatore Bonaccorso
- CVE-2015-1773 Apache Flex reflected XSS vulnerability
- [CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution
- [ MDVSA-2015:196 ] cups-filters
- [ MDVSA-2015:195 ] python-django
- [ MDVSA-2015:193 ] libtasn1
- [security bulletin] HPSBGN03306 rev.1 - HP IceWall SSO MCRP, SSO Dfw, and SSO Agent running OpenSSL, Remote Denial of Service (DoS)
- [SECURITY] [DSA 3216-1] tor security update
- [security bulletin] HPSBMU03296 rev.1 - HP BladeSystem c-Class Onboard Administrator running OpenSSL, Remote Denial of Service (DoS)
- [SECURITY] [DSA 3215-1] libgd2 security update
- [SECURITY] [DSA 3214-1] mailman security update
- [SECURITY] [DSA 3213-1] arj security update
- From: Salvatore Bonaccorso
- Security Audit Notes = Kerberos (krb5-1.13) issues - Advanced Information Security Corp
- Security Audit Notes - Kerberos Security Issues (krb5-1.13 stable) - Advanced Information Security Corp.
- HotExBilling Manager Cross-site scripting (XSS) vulnerability
- [ MDVSA-2015:192 ] subversion
- Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17
- From: Larry W. Cashdollar
- Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8
- From: Larry W. Cashdollar
- NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE
- From: VMware Security Response Center
- [security bulletin] HPSBST03195 rev.1 - HP 3PAR Service Processor (SP) running OpenSSL and Bash, Remote Code Execution, Unauthorized Access, Disclosure of Information
- [SECURITY] [DSA 3212-1] icedove security update
- [security bulletin] HPSBHF03300 rev.1 - HP Network Products running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information
- [security bulletin] HPSBGN03302 rev.1 - HP IceWall Federation Agent, Remote Denial of Service (DoS)
- Security Audit Notes - OpenSSH 6.8 - Advanced Information Security Corp
- [ MDVSA-2015:161-1 ] icu
- [ MDVSA-2015:191 ] owncloud
- [ MDVSA-2015:190 ] owncloud
- [ MDVSA-2015:189 ] tor
- Wordpress plugin Simple Ads Manager - Information Disclosure
- Wordpress plugin Simple Ads Manager - Arbitrary File Upload
- Wordpress plugin Simple Ads Manager - Multiple SQL Injection
- Security Audit Notes - OpenSSL v1.0.2a (latest) Issues - Advanced Information Security Corporation
- [ MDVSA-2015:188 ] flac
- Wordpress plugin Simple Ads Manager - SQL Injection
- [ MDVSA-2015:187 ] graphviz
- SECUREDROP >= 0.3 - Possible Backdoor & Privileges Escalation by Unauth User
- From: ~~~ Elliptic TAO Team ~~~
- [security bulletin] HPSBST03298 rev.2 - HP XP Service Processor Software for Windows, Multiple Vulnerabilities
- [security bulletin] HPSBGN03307 rev.1 - HP Intelligent Provisioning, Disclosure of Information
- [security bulletin] HPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and Windows, Remote Disclosure of Information
- [SECURITY] [DSA 3211-1] iceweasel security update
- From: Salvatore Bonaccorso
- Cisco Security Advisory: Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection
- From: Cisco Systems Product Security Incident Response Team
- ESA-2015-056: EMC PowerPath Virtual Appliance Undocumented User Accounts Vulnerability
- [SECURITY ANNOUNCEMENT] CVE-2015-0225
- [SECURITY] [DSA 3210-1] wireshark security update
- [ MDVSA-2015:186 ] phpmyadmin
- [ MDVSA-2015:185 ] dokuwiki
- [security bulletin] HPSBHF03271 rev.1 - HP PCs and Workstations Running Windows 7 with NVidia Graphics Driver, Elevation of Privileges
- [SECURITY] [DSA 3209-1] openldap security update
- [security bulletin] HPSBGN03270 rev.1 - HP Operations Analytics, Remote Execution of Code
- [ MDVSA-2015:182 ] tcpdump
- [ MDVSA-2015:184 ] setup
- [ MDVSA-2015:183 ] wireshark
- [CORE-2015-0007] - Schneider Vampset Stack and Heap Buffer Overflow
- From: CORE Advisories Team
- [ MDVSA-2015:145-1 ] libxfont
- [ MDVSA-2015:147-1 ] libtiff
- [ MDVSA-2015:181 ] drupal
- [ MDVSA-2015:178 ] ctags
- [ MDVSA-2015:179 ] coreutils
- [ MDVSA-2015:180 ] apache-mod_wsgi
- [ MDVSA-2015:029-1 ] binutils
- [ MDVSA-2015:177 ] ctdb
- [ MDVSA-2015:176 ] dbus
- [ MDVSA-2015:175 ] ejabberd
- [ MDVSA-2015:174 ] erlang
- [ MDVSA-2015:173 ] ffmpeg
- [ MDVSA-2015:172 ] firebird
- [ MDVSA-2015:171 ] freerdp
- [ MDVSA-2015:168 ] glibc
- [ MDVSA-2015:170 ] gcc
- [ MDVSA-2015:169 ] git
- [ MDVSA-2015:167 ] glpi
- [ MDVSA-2015:166 ] clamav
- [ MDVSA-2015:165 ] bind
- [ MDVSA-2015:161 ] icu
- [ MDVSA-2015:163 ] grub2
- [ MDVSA-2015:162 ] gtk+3.0
- [ MDVSA-2015:160 ] ipython
- [ MDVSA-2015:159 ] jasper
- [SECURITY] [DSA 3208-1] freexl security update
- [ MDVSA-2015:148 ] libssh2
- [ MDVSA-2015:158 ] jython
- [ MDVSA-2015:157 ] libarchive
- CVE-2015-2223: Palo Alto Traps Server Stored XSS
- From: michael . hendrickx
- [ MDVSA-2015:156 ] libcap-ng
- [ MDVSA-2015:017-1 ] libevent
- [ MDVSA-2015:155 ] gnupg
- [ MDVSA-2015:146 ] libvncserver
- [ MDVSA-2015:148-1 ] libssh2
- [ MDVSA-2015:153 ] libgd
- [ MDVSA-2015:154 ] gnupg
- [ MDVSA-2015:152 ] libjpeg
- [ MDVSA-2015:147 ] libtiff
- [ MDVSA-2015:149 ] libsndfile
- [ MDVSA-2015:151 ] libksba
- [ MDVSA-2015:150 ] liblzo
- [ MDVSA-2015:145 ] libxfont
- [ MDVSA-2015:144 ] lua
- [ MDVSA-2015:143 ] mpfr
- [ MDVSA-2015:142 ] nodejs
- [ MDVSA-2015:141 ] not-yet-commons-ssl
- [ MDVSA-2015:138 ] patch
- [ MDVSA-2015:140 ] ntp
- [ MDVSA-2015:139 ] openvpn
- [ MDVSA-2015:137 ] pcre
- [ MDVSA-2015:136 ] perl
- [ MDVSA-2015:135 ] ppp
- [ MDVSA-2015:134 ] pulseaudio
- [ MDVSA-2015:133 ] python-requests
- [ MDVSA-2015:131 ] rsync
- [ MDVSA-2015:132 ] readline
- [ MDVSA-2015:130 ] rsyslog
- [ MDVSA-2015:129 ] ruby
- [ MDVSA-2015:128 ] sendmail
- [ MDVSA-2015:127 ] serf
- [ MDVSA-2015:126 ] sudo
- [ MDVSA-2015:125 ] tcpdump
- [ MDVSA-2015:124 ] torque
- [ MDVSA-2015:122 ] util-linux
- [ MDVSA-2015:120 ] wpa_supplicant
- [ MDVSA-2015:123 ] unzip
- [ MDVSA-2015:121 ] wget
- [ MDVSA-2015:118 ] xlockmore
- [ MDVSA-2015:105 ] imagemagick
- [ MDVSA-2015:119 ] x11-server
- [ MDVSA-2015:117 ] emacs
- [ MDVSA-2015:116 ] libtasn1
- [ MDVSA-2015:115 ] libvirt
- [ MDVSA-2015:114 ] cifs-utils
- [ MDVSA-2015:112 ] python-lxml
- [ MDVSA-2015:113 ] dovecot
- [ MDVSA-2015:110 ] postgresql
- [ MDVSA-2015:111 ] libxml2
- [ MDVSA-2015:109 ] python-django
- [ MDVSA-2015:108 ] cups
- [ MDVSA-2015:107 ] lcms2
- [ MDVSA-2015:106 ] apache-mod_security
- [ MDVSA-2015:103 ] squid
- [ MDVSA-2015:104 ] elfutils
- [ MDVSA-2015:097 ] php-ZendFramework
- [ MDVSA-2015:102 ] json-c
- [ MDVSA-2015:101 ] jbigkit
- [ MDVSA-2015:100 ] cups-filters
- [SECURITY] [DSA 3198-2] php5 regression update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3207-1] shibboleth-sp2 security update
- [SECURITY] [DSA 3206-1] dulwich security update
- From: Salvatore Bonaccorso
- [ MDVSA-2015:098 ] curl
- [ MDVSA-2015:096 ] stunnel
- [ MDVSA-2015:095 ] openssh
- [ MDVSA-2015:099 ] python-pillow
- [ MDVSA-2015:090 ] libpng
- [ MDVSA-2015:094 ] nginx
- [ MDVSA-2015:093 ] apache
- [ MDVSA-2015:092 ] net-snmp
- [ MDVSA-2015:089 ] freetype2
- [ MDVSA-2015:087 ] egroupware
- [ MDVSA-2015:085 ] subversion
- [ MDVSA-2015:088 ] udisks2
- [ MDVSA-2015:086 ] libssh
- [ MDVSA-2015:084 ] tomcat
- [ MDVSA-2015:082 ] samba
- [ MDVSA-2015:083 ] samba4
- [ MDVSA-2015:081 ] samba
- [ MDVSA-2015:080 ] php
- [ MDVSA-2015:079 ] php
- [ MDVSA-2015:078 ] mutt
- Advisory: CVE-2014-9708: Appweb Web Server
- Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1
- CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS
- [ MDVSA-2015:077 ] python-numpy
- [ MDVSA-2015:076 ] python3
- [ MDVSA-2015:075 ] python
- [ MDVSA-2015:074 ] openldap
- [ MDVSA-2015:073 ] openldap
- [ MDVSA-2015:072 ] gnutls
- [ MDVSA-2015:071 ] libpng12
- [ MDVSA-2015:070 ] libvirt
- [ MDVSA-2015:068 ] e2fsprogs
- [ MDVSA-2015:067 ] e2fsprogs
- [ MDVSA-2015:066 ] cpio
- [ MDVSA-2015:065 ] cpio
- [ MDVSA-2015:064 ] cabextract
- [ MDVSA-2015:063 ] openssl
- [ MDVSA-2015:062 ] openssl
- [SECURITY] [DSA 3205-1] batik security update
- Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset
- [security bulletin] HPSBMU03294 rev.1 - HP Process Automation running OpenSSL, Remote Disclosure of Information
- Insecure file upload in Berta CMS
- ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- WSO2 Identity Server multiple vulnerabilities
- From: Bartlomiej Balcerek
- Arbitrary file deletion and multiple XSS vulnerabilities in pfSense
- From: High-Tech Bridge Security Research
- [SECURITY] [DSA 3197-2] openssl regression update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBGN03288 rev.1 - HP Server Automation, Remote Arbitrary Code Execution
- [security bulletin] HPSBGN03282 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vulnerabilities
- [security bulletin] HPSBGN03285 rev.1 - HP Business Service Manager Virtual Appliance, Multiple Vulnerabilities
- [security bulletin] HPSBMU03263 rev.1 - HP Insight Control running OpenSSL, Remote Disclosure of Information
- [security bulletin] HPSBMU03291 rev.1 - HP Operations Orchestration running Powershell Operations, Remote Disclosure of Information
- [security bulletin] HPSBMU03292 rev.1 - HP Operations Orchestration Authentication Bypass
- [security bulletin] HPSBMU03262 rev.2 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
- [security bulletin] HPSBHF03276 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4), Remote Unauthorized Access, Denial of Service (Dos)
- [security bulletin] HPSBHF03275 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4), Remote Disclosure of Information
- [security bulletin] HPSBMU03301 rev.1 - HP BladeSystem c-Class Onboard Administrator running OpenSSL, Remote Disclosure of Information
- [security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege
- [security bulletin] HPSBGN03249 rev.2 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities
- [security bulletin] HPSBMU03220 rev.1 - HP Shunra Network Appliance / HP Shunra Wildcat Appliance, Remote Execution of Code
- [security bulletin] HPSBHF03289 rev.1- HP ThinClient PCs running ThinPro Linux, Remote Code Execution, Denial of Service, Disclosure of information
- [security bulletin] HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code
- [security bulletin] HPSBGN03299 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information, Unauthorized Access
- Hacky Easter 2015
- [security bulletin] HPSBST03196 rev.1- HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Code Execution
- ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability
- DokuWiki persistent Cross Site Scripting
- [SECURITY] [DSA 3203-1] tor security update
- [SECURITY] [DSA 3202-1] mono security update
- [SECURITY] [DSA 3201-1] iceweasel security update
- From: Salvatore Bonaccorso
- Stored XSS Vulnerability In Manage Engine Device Expert
- CSRF to add admin user Vulnerability In Manage Engine Device Expert
- Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration
- Reflected XSS Vulnerability in XSS In Manage Engine Device Expert
- CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin
- [SECURITY] [DSA 3200-1] drupal7 security update
- Viber for Android exposes insecure Javascript interface
- [SECURITY] [DSA 3199-1] xerces-c security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3198-1] php5 security update
- FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
- From: FreeBSD Security Advisories
- APPLE-SA-2015-03-19-1 Security Update 2015-003
- From: Apple Product Security
- Xerces-C Security Advisory [CVE-2015-0252]
- cve-assign delays
- FreeBSD Security Advisory FreeBSD-SA-15:06.openssl
- From: FreeBSD Security Advisories
- Google Analytics by Yoast stored XSS
- Command injection vulnerability in Citrix NITRO SDK xen_hotfix page
- Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting
- Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting
- Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users
- [SECURITY] [DSA 3197-1] openssl security update
- EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection
- Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser
- Command injection vulnerability in EMC Secure Remote Services Virtual Edition
- Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery
- Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console
- Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend
- Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites
- EMC M&R (Watch4net) data storage collector credentials are not properly protected
- Re: Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security
- [SECURITY] [DSA 3196-1] file security update
- [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow
- From: CORE Advisories Team
- Cross-Site Scripting vulnerability in Websense Explorer report scheduler
- Multiple Cross-Site Scripting vulnerabilities in Websense Reporting
- Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting
- Missing access control on Websense Explorer web folder
- Cross-Site Scripting vulnerability in Websense Data Security block page
- Source code disclosure of Websense Triton JSP files via double quote character
- Command injection vulnerability in network diagnostics tool of Websense Appliance Manager
- Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view
- Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting
- [SECURITY] [DSA 3195-1] php5 security update
- Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security
- APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
- From: Apple Product Security
- [SECURITY] [DSA 3194-1] libxfont security update
- [SECURITY] [DSA 3193-1] tcpdump security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash, Remote Denial of Service (DoS), Code Execution, Disclosure of Information
- [SECURITY] [DSA 3192-1] checkpw security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBST03298 rev.1 - HP XP Service Processor Software for Windows, Multiple Vulnerabilities
- [SECURITY] [DSA 3191-1] gnutls26 security update
- From: Salvatore Bonaccorso
- Defense in depth -- the Microsoft way (part 31): UAC is for binary planting
- [SECURITY] [DSA 3189-1] libav security update
- [SE-2014-02] Google App Engine Java security sandbox bypasses (details)
- From: Security Explorations
- [SECURITY] [DSA 3190-1] putty security update
- Defense in depth -- the Microsoft way (part 30): on exploitable Win32 functions
- [SECURITY] [DSA 3188-1] freetype security update
- Defense in depth -- the Mozilla way: return and exit codes are dispensable
- [SECURITY] [DSA 3187-1] icu security update
- [ MDVSA-2015:061 ] qemu
- [ MDVSA-2015:060 ] yaml
- [ MDVSA-2015:059 ] nss
- Serendipity CMS - XSS Vulnerability in Version 2.0
- [ MDVSA-2015:058 ] kernel
- Jolla Phone tel URI Spoofing
- [SECURITY] [DSA 3186-1] nss security update
- From: Salvatore Bonaccorso
- Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities
- [security bulletin] HPSBMU03267 rev.1 - HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL, Remote Disclosure of Information
- [security bulletin] HPSBMU03262 rev.1 - HP Version Control Agent running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
- [security bulletin] HPSBMU03283 rev.1 - HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows, Remote Disclosure of Information, Denial of Service (DoS)
- [security bulletin] HPSBMU03259 rev.1 - HP Version Control Repository Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information
- WPML WordPress plug-in SQL injection etc.
- MSA-2015-03: iPass Mobile Client Service Local Privilege Escalation
- [SECURITY] [DSA 3185-1] libgcrypt11 security update
- [SECURITY] [DSA 3184-1] gnupg security update
- [security bulletin] HPSBMU02895 SSRT101253 rev.5 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
- [security bulletin] HPSBGN03249 rev.1 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities
- [SECURITY] [DSA 3183-1] movabletype-opensource security update
- From: Salvatore Bonaccorso
- SQL Injection in Huge IT Slider WordPress Plugin
- From: High-Tech Bridge Security Research
- Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Microsoft Office Compatibility Pack tries to execute path without quotes
- Cisco Security Advisory: Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway and Cisco TelePresence Conductor
- From: Cisco Systems Product Security Incident Response Team
- OpenSSL v1.0.2 for Linux affected by CVE-2015-0235
- ESA-2015-014: RSA® Digital Certificate Solution Multiple Vulnerabilities
- Vulnerability in the Dropbox SDK for Android (CVE-2014-8889)
- [SECURITY] [DSA 3182-1] libssh2 security update
- From: Salvatore Bonaccorso
- Community Gallery - Srored Corss-Site Scripting vulnerability
- [SECURITY] [DSA 3177-1] mod-gnutls security update
- [SECURITY] [DSA 3181-1] xen security update
- [security bulletin] HPSBUX03281 SSRT101968 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities
- Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Product
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2015:057 ] kernel
- Reflected cross-site scripting(XSS) Vulnerability in Manage Engine AD Audit Manager Plus Admin Panel(Build 6270)
- ProjectSend r561 - SQL injection vulnerability
- Cisco Security Advisory: Row Hammer Privilege Escalation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Multiple Vulnerabilities with Kguard Digital Video Recorders
- From: Federick Joe P Fajardo
- tcpdump 4.7.2 remote crashes
- APPLE-SA-2015-03-09-4 Xcode 6.2
- From: Apple Product Security
- APPLE-SA-2015-03-09-3 Security Update 2015-002
- From: Apple Product Security
- APPLE-SA-2015-03-09-2 AppleTV 7.1
- From: Apple Product Security
- APPLE-SA-2015-03-09-1 iOS 8.2
- From: Apple Product Security
- [ MDVSA-2015:056 ] rpm
- [security bulletin] HPSBPI03107 rev.2 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access
- ocPortal 9.0.16 Multiply XSS Vulnerabilities
- [security bulletin] HPSBGN03277 rev.1 - HP Virtualization Performance Viewer, Remote Execution of Code, Denial of Service (DoS) and Other Vulnerabilities
- MongoDB BSON Handling Remote Denial of Service Vulnerability
- From: noreply-secresearch
- [security bulletin] HPSBUX03235 SSRT101750 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS)
- H2HC 12th Edition - Call for Papers
- From: Rodrigo Rubira Branco (BSDaemon)
- Betster (PHP Betoffice) Authentication Bypass and SQL Injection
- [security bulletin] HPSBHF03279 rev.1 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code
- [slackware-security] samba (SSA:2015-064-01)
- From: Slackware Security Team
- [SECURITY] [DSA 3180-1] libarchive security update
- Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin
- Last Call - Workhsops of CISTI'2015: 10th Iberian Conference on Information Systems and Technologies
- Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability
- [ MDVSA-2015:054 ] bind
- [ MDVSA-2015:055 ] freetype2
- WeBid 1.1.1 Unrestricted File Upload Exploit
- [CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection
- [SECURITY] [DSA 3179-1] icedove security update
- [security bulletin] HPSBST03265 rev.1 - HP VMA SAN Gateway running Bash Shell and OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information
- [ MDVSA-2015:052 ] tomcat
- [ MDVSA-2015:053 ] tomcat6
- [ MDVSA-2015:051 ] sympa
- [SECURITY] [DSA 3178-1] unace security update
- From: Salvatore Bonaccorso
- [ MDVSA-2015:050 ] patch
- [security bulletin] HPSBST03274 rev.1 - HP XP P9000 Command View Advanced Edition Software Online Help for Windows and Linux, Remote Cross-site Scripting (XSS)
- [ MDVSA-2015:049 ] cups
- [CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2
- BEdita CMS - XSS & CSRF Vulnerability in Version 3.5.0
- SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home
- From: SEC Consult Vulnerability Lab
- Cross-Site-Scripting (XSS) in tcllib's html::textarea
- Wordpress Media Cleaner Plugin - XSS Vulnerability
- [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags
- HelpDezk 1.0.1 Multiple Vulnerabilities
- [SECURITY] [DSA 3176-1] request-tracker4 security update
- From: Salvatore Bonaccorso
- Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities
- Data Source: Scopus CMS - SQL Injection Web Vulnerability
- DSS TFTP 1.0 Server - Path Traversal Vulnerability
- D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities
- [slackware-security] mozilla-firefox (SSA:2015-056-01)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2015-056-02)
- From: Slackware Security Team
- [security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites
- [SECURITY] [DSA 3175-1] kfreebsd-9 security update
- [security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites
- [SECURITY] [DSA 3174-1] iceweasel security update
- [SECURITY] [DSA 3173-1] libgtk2-perl security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3172-1] cups security update
- GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server
- EnanoCMS 1.1.8pl1 XSS Vulnerability
- TangoBB 1.5.0-A3 XSS Vulnerability
- [security bulletin] HPSBMU03260 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Disclosure of Information
- [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench
- From: Onapsis Research Labs
- FreeBSD Security Advisory FreeBSD-SA-15:05.bind
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-15:04.igmp
- From: FreeBSD Security Advisories
- N.E.T. E-Commerce Group Cross Site Scripting Vulnerability
- [SECURITY] [DSA 3170-1] linux security update
- [SECURITY] [DSA 3171-1] samba security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3169-1] eglibc security update
- Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation
- [SECURITY] [DSA 3168-1] ruby-redcloth security update
- CVE-2014-8487: Kony EMM insecurity Direct Object Reference
- From: michael . hendrickx
- [SECURITY] [DSA 3167-1] sudo security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3166-1] e2fsprogs security update
- [SECURITY] [DSA 3165-1] xdg-utils security update
- [SECURITY] [DSA 3164-1] typo3-src security update
- Stored XSS Vulnerability in ADPlugg Wordpress Plugin
- [security bulletin] HPSBUX03240 SSRT101872 rev.1 - HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilties
- Cisco Security Advisory: Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBPV03266 rev.1 - Certain HP Networking and H3C Switches and Routers running NTP, Remote Execution of Code, Disclosure of Information, and Denial of Service (DoS)
- iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...
- Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames)
- [SECURITY] [DSA 3163-1] libreoffice security update
- [SECURITY] [DSA 3162-1] bind9 security update
- PHP Code Execution in jui_filter_rules Parsing Library
- [CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3
- [RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite
- From: RedTeam Pentesting GmbH
- Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilities
- NetGear WNDR Authentication Bypass / Information Disclosure
- Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability
- CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher
- [slackware-security] sudo (SSA:2015-047-03)
- From: Slackware Security Team
- [slackware-security] patch (SSA:2015-047-01)
- From: Slackware Security Team
- [slackware-security] seamonkey (SSA:2015-047-02)
- From: Slackware Security Team
- Re: Reflected File Download in AOL Search Website
- Reflected File Download in AOL Search Website
- From: Ricardo Iramar dos Santos
- Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher
- Cosmoshop - XSS on Admin-Login Mask
- [CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5
- CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four
- CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak
- UNIT4 Prosoft HRMS XSS Vulnerability
- [security bulletin] HPSBGN03258 rev.1 - HP Insight Control server deployment Windows Pre-boot Execution Environment, Microsoft Schannel (Winshock) Remote Code Execution
- CVE-2015-1574 - Google Email App 4.2.2 remote denial of service
- Re: Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii)
- [ MDVSA-2015:047 ] elfutils
- [ MDVSA-2015:048 ] postgresql
- [ MDVSA-2015:046 ] ntp
- [ MDVSA-2015:045 ] e2fsprogs
- [ MDVSA-2015:044 ] perl-Gtk2
- [SECURITY] [DSA 3161-1] dbus security update
- From: Salvatore Bonaccorso
- Open-Xchange Security Advisory 2015-02-12
- Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software
- From: Cisco Systems Product Security Incident Response Team
- Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability
- [SECURITY] [DSA 3160-1] xorg-server security update
- Elasticsearch vulnerability CVE-2015-1427
- Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft)
- T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll)
- Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability
- BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability
- Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability
- Multiple Vulnerabilities in my little forum
- From: High-Tech Bridge Security Research
- Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin
- From: High-Tech Bridge Security Research
- [SECURITY] [DSA 3159-1] ruby1.8 security update
- [ MDVSA-2015:043 ] otrs
- [ MDVSA-2015:042 ] clamav
- [ MDVSA-2015:041 ] cabextract
- [ MDVSA-2015:040 ] zarafa
- Re: Suspicious URL:Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [security bulletin] HPSBMU03246 rev.1 - HP Insight Control for Linux Central Management Server Pre-boot Execution Environment running Bash Shell, Multiple Vulnerabilities
- [security bulletin] HPSBMU03245 rev.1 - HP Insight Control server deployment Linux Preboot Execution Environment running Bash Shell, Multiple Vulnerabilities
- [security bulletin] HPSBGN03255 rev.1 - HP OpenCall Media Platform (OCMP) running SSLv3, Remote Denial of Service (DoS),Disclosure of Information
- [RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page
- From: RedTeam Pentesting GmbH
- [ MDVSA-2015:039 ] glibc
- Re: Suspicious URL:Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC
- [SECURITY] [DSA 3158-1] unrtf security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information
- [security bulletin] HPSBGN03252 rev.1 - HP AppPulse Active running SSLv3, Remote Disclosure of Information
- [SECURITY] [DSA 3157-1] ruby1.9.1 security update
- Suspicious URL:Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling
- Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072)
- Radexscript CMS 2.2.0 - SQL Injection vulnerability
- [SECURITY] [DSA 3156-1] liblivemedia security update
- [SECURITY] [DSA 3154-2] ntp security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBMU03216 rev.2 - HP Service Manager running SSLv3, Multiple Remote Vulnerabilities
- [security bulletin] HPSBGN03254 rev.1 - HP Service Health Analyzer running SSLv3, Remote Disclosure of Information
- [security bulletin] HPSBMU03224 rev.1 - HP LoadRunner and Performance Center, Load Generator Virtual Machine Images, running Windows, Remote Elevation of Privilege
- [security bulletin] HPSBGN03253 rev.1 - HP Business Process Insight (BPI) running SSLv3, Remote Disclosure of Information
- [security bulletin] HPSBUX03235 SSRT101750 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
- [security bulletin] HPSBUX03166 SSRT101489 rev.2 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass
- [SECURITY] [DSA 2978-2] libxml2 security update
- [SECURITY] [DSA 3155-1] postgresql-9.1 security update
- [ MDVSA-2015:037 ] vorbis-tools
- BMC Footprints Service Core 11.5 - Multiple Cross Site Scripting Vulnerabilities (XSS)
- [ MDVSA-2015:035 ] libvirt
- [ MDVSA-2015:036 ] python-django
- [ MDVSA-2015:034 ] jasper
- [ MDVSA-2015:033 ] java-1.7.0-openjdk
- LG On Screen Phone authentication bypass (CVE-2014-8757)
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [SECURITY] [DSA 3154-1] ntp security update
- From: Salvatore Bonaccorso
- [ MDVSA-2015:031 ] busybox
- [ MDVSA-2015:032 ] php
- ESA-2015-012: EMC Captiva Capture Sensitive Information Disclosure Vulnerability
- [oCERT-2015-002] e2fsprogs input sanitization errors
- [ MDVSA-2015:029 ] binutils
- [ MDVSA-2015:030 ] bugzilla
- CVE-2015-1172 Wordpress-theme remote arbitrary code
- RE: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Very Important Info About "Major Internet Explorer Vulnerability - NOT Patched"
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: Re: CVE-2015-1437 XSS In ASUS Router.
- Cisco Security Advisory: Cisco Security Advisory Cisco WebEx Meetings Server Command Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Re: CVE-2015-1437 XSS In ASUS Router.
- ESA-2014-158: RSA BSAFE® Micro Edition Suite, SSL-J and SSL-C Triple Handshake Vulnerability
- Bitdefender Internet Security -
- ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities
- Re: CVE-2015-1437 XSS In ASUS Router.
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: CVE-2015-1437 XSS In ASUS Router.
- [CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5
- [SECURITY] [DSA 3153-1] krb5 security update
- MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token
- CVE-2015-1437 XSS In ASUS Router.
- [SECURITY] [DSA 3152-1] unzip security update
- From: Salvatore Bonaccorso
- [security bulletin] HPSBGN03247 rev.1 - HP IceWall SSO Dfw using glibc, Remote Execution of Abitrary Code
- CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability
- [SECURITY] [DSA 3151-1] python-django security update
- From: Salvatore Bonaccorso
- articleFR CMS 3.0.5 - Arbitrary File Upload
- articleFR CMS 3.0.5 - SQL injection vulnerability
- articleFR CMS 3.0.5 - XSS vulnerability
- Re: [SECURITY] [DSA 3149-1] condor security update
- [CVE-2014-9331] ManageEngine Desktop Central CSRF vulnerability to add an Admin user advisory
- [security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege
- [security bulletin] HPSBGN03237 rev.1 - HP Insight Remote Support v7 Clients running SSLv3, Remote Disclosure of Information
- [SECURITY] [DSA 3149-1] condor security update
- [security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
