Bugtraq: by thread

• RSS Feed
• About List
• All Lists

Previous period

Next period

159 messages starting May 02 14 and ending May 30 14
Date index | Thread index | Author index

• [security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU03028 rev.1 - HP Matrix Operating Environment and CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU03033 rev.1 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer Software running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU03009 rev.2 - HP CloudSystem Foundation and Enterprise Software v8.0 running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU02998 rev.3 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert (May 02)
• [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact Rene Gielen (May 02)
  • Re: [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact Eric Reed (May 02)
• [security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBGN03034 rev.1 - HP OneView, Remote Elevation of Privileges security-alert (May 02)
• [security bulletin] HPSBST03027 rev.1 - HP StoreVirtual 4000 Storage and HP P4000 G2 Storage using HP System Management Homepage (SMH) running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU03018 rev.2 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information security-alert (May 02)
• [security bulletin] HPSBMU02987 rev.2 - HP Universal Configuration Management Database Integration Service, Remote Code Execution security-alert (May 02)
• [security bulletin] HPSBMU03024 rev.2 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information security-alert (May 05)
• [security bulletin] HPSBMU03033 rev.2 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information security-alert (May 05)
• [SECURITY] [DSA 2919-1] mysql-5.5 security update Salvatore Bonaccorso (May 05)
• [SECURITY] [DSA 2920-1] chromium-browser security update Michael Gilbert (May 05)
• [SECURITY] [DSA 2921-1] xbuffy security update Yves-Alexis Perez (May 05)
• Ruxcon 2014 Call For Papers cfp (May 05)
• ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities Security Alert (May 05)
• [ANN] Struts 2.3.16.3 GA release available - security fix Lukasz Lenart (May 05)
• [SECURITY] [DSA 2923-1] openjdk-7 security update Moritz Muehlenhoff (May 05)
• [SECURITY] [DSA 2922-1] strongswan security update Yves-Alexis Perez (May 05)
• [SECURITY] [DSA 2924-1] icedove security update Moritz Muehlenhoff (May 05)
• [security bulletin] HPSBGN03010 rev.4 - HP Software Server Automation running OpenSSL, Remote Disclosure of Information security-alert (May 05)
• CVE-2014-2845 - Cyberduck (Windows): Failure validating some certificates (using FTP-SSL) with untrusted root certificate authority Micha Borrmann (May 06)
• [security bulletin] HPSBMU03037 rev.1 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information security-alert (May 06)
• CVE-2014-2881 - Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler Portcullis Advisories (May 06)
• CVE-2014-2882 - Lack of SSL Certificate Validation in Citrix Netscaler Portcullis Advisories (May 06)
• CVE-2014-0930 - Kernel Memory Leak And Denial Of Service Condition in IBM AIX Portcullis Advisories (May 06)
• [security bulletin] HPSBMU02994 rev.4 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information security-alert (May 07)
• Breakpoint 2014 Call For Presentations cfp (May 07)
• Cross-Site Scripting (XSS) in Offiria High-Tech Bridge Security Research (May 07)
• [security bulletin] HPSBMU03018 rev.3 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information security-alert (May 07)
• Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players Cisco Systems Product Security Incident Response Team (May 07)
• SEC Consult SA-20140508-0 :: Multiple critical vulnerabilities in AVG Remote Administration SEC Consult Vulnerability Lab (May 08)
• [RT-SA-2014-003] Metadata Information Disclosure in OrbiTeam BSCW RedTeam Pentesting GmbH (May 08)
• [security bulletin] HPSBMU02935 rev.3 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information security-alert (May 08)
• [ MDVSA-2014:081 ] apache-mod_security security (May 08)
• [ MDVSA-2014:080 ] openssl security (May 08)
• [ MDVSA-2014:082 ] python-imaging security (May 08)
• [ MDVSA-2014:083 ] mediawiki security (May 08)
• Directory Traversal Vulnerability in VMTurbo Operations Manager 4.5 or earlier jpecou (May 08)
• [SECURITY] [DSA 2925-1] rxvt-unicode security update Moritz Muehlenhoff (May 08)
• [security bulletin] HPSBGN03008 rev.2 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information security-alert (May 09)
• [security bulletin] HPSBMU03035 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross-Site Scripting (XSS) security-alert (May 09)
• SSH key cloning problem in OnApp templates James Renken (May 09)
• [security bulletin] HPSBST03038 rev.1 - HP H-series Fibre Channel Switches, Remote Disclosure of Information security-alert (May 09)
• [security bulletin] HPSBHF02946 rev.1 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege security-alert (May 09)
• [security bulletin] HPSBST03015 rev.3 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information security-alert (May 12)
• ESA-2014-027: RSA® NetWitness and RSA® Security Analytics Authentication Bypass Vulnerability Security Alert (May 12)
• [slackware-security] seamonkey (SSA:2014-131-01) Slackware Security Team (May 12)
• [ MDVSA-2014:084 ] libpng security (May 12)
• [ MDVSA-2014:085 ] ldns security (May 12)
• [ MDVSA-2014:086 ] libxml2 security (May 12)
• [security bulletin] HPSBMU02931 rev.6 - HP Service Manager and ServiceCenter, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) security-alert (May 12)
• [SECURITY] [DSA 2926-1] linux security update Moritz Muehlenhoff (May 12)
• ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability Security Alert (May 13)
• [security bulletin] HPSBPI03031 rev.2 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information security-alert (May 13)
• CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 Portcullis Advisories (May 13)
• Multiple Stored XSS in FOG Image deployment system - FD Dolev Farhi (May 13)
• [security bulletin] HPSBMU02964 rev.2 - HP Service Manager, Cross-Site Scripting (XSS), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access, Disclosure of Information and Authentication Issues security-alert (May 13)
• FD - Cobbler Arbitrary File Read CVE-2014-3225 Dolev Farhi (May 13)
• [security bulletin] HPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) security-alert (May 13)
• [security bulletin] HPSBMU03022 rev.2 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert (May 13)
• [SECURITY] [DSA 2927-1] libxfont security update Salvatore Bonaccorso (May 15)
• FreeBSD Security Advisory FreeBSD-SA-14:10.openssl FreeBSD Security Advisories (May 15)
• CSRF and Remote Code Execution in EGroupware High-Tech Bridge Security Research (May 15)
• [security bulletin] HPSBMU03040 rev.1 - HP LoadRunner & HP Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (May 15)
• Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability Vulnerability Lab (May 15)
• [SECURITY] [DSA 2928-1] linux-2.6 security update dann frazier (May 15)
• Bilyoner mobile apps prone to various SSL/TLS attacks harun . esur (May 15)
• [REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability Matteo Beccati (May 15)
• [ MDVSA-2014:087 ] php security (May 15)
• [CVE-2014-0749] TORQUE Buffer Overflow john . fitzpatrick (May 15)
• [ MDVSA-2014:088 ] python-lxml security (May 15)
• [security bulletin] HPSBMU02995 rev.7 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (May 15)
• APPLE-SA-2014-05-15-1 OS X Mavericks v10.9.3 Apple Product Security (May 15)
• APPLE-SA-2014-05-15-2 iTunes 11.2 Apple Product Security (May 16)
• [SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update Florian Weimer (May 16)
• [ MDVSA-2014:089 ] nagios security (May 16)
• Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel High-Tech Bridge Security Research (May 16)
• [ MDVSA-2014:092 ] cups security (May 16)
• [ MDVSA-2014:095 ] struts security (May 16)
• [ MDVSA-2014:098 ] rawtherapee security (May 16)
• [ MDVSA-2014:094 ] rxvt-unicode security (May 16)
• [ MDVSA-2014:096 ] python-jinja2 security (May 16)
• CA20140413-01: Security Notice for OpenSSL Heartbleed Vulnerability Williams, James K (May 16)
• [ MDVSA-2014:102 ] mariadb security (May 16)
• [ MDVSA-2014:100 ] java-1.7.0-openjdk security (May 16)
• [ MDVSA-2014:103 ] wordpress security (May 16)
• [ MDVSA-2014:091 ] cups security (May 16)
• [ MDVSA-2014:097 ] libvirt security (May 16)
• [ MDVSA-2014:099 ] dovecot security (May 16)
• [ MDVSA-2014:093 ] couchdb security (May 16)
• [ MDVSA-2014:101 ] owncloud security (May 16)
• [ MDVSA-2014:104 ] egroupware security (May 16)
• [security bulletin] HPSBHF02946 rev.2 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege security-alert (May 19)
• APPLE-SA-2014-05-16-1 iTunes 11.2.1 Apple Product Security (May 19)
• [SECURITY] [DSA 2930-1] chromium-browser security update Michael Gilbert (May 19)
• [SECURITY] [DSA 2931-1] openssl security update Moritz Muehlenhoff (May 19)
• [SECURITY] [DSA 2932-1] qemu security update Giuseppe Iuculano (May 19)
• [SECURITY] [DSA 2933-1] qemu-kvm security update Giuseppe Iuculano (May 20)
• FTP Rush: missing X.509 validation (FTP with TLS) Micha Borrmann (May 20)
• JavaMail SMTP Header Injection via method setSubject [CSNC-2014-001] Alexandre Herzog (May 20)
• [security bulletin] HPSBMU03022 rev.3 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information security-alert (May 20)
• [SECURITY] [DSA 2934-1] python-django security update Salvatore Bonaccorso (May 20)
• t2'14: Call for Papers 2014 (Helsinki / Finland) Tomi Tuominen (May 20)
• Construtiva CIS Manager CMS POST SQLi edge (May 20)
• [security bulletin] HPSBGN03007 rev.1 - HP IceWall MCRP and HP IceWall SSO, Remote Denial of Service (DoS) security-alert (May 20)
• CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS Portcullis Advisories (May 21)
• CVE-2014-3450 - Privilege Escalation in Panda Security Portcullis Advisories (May 21)
• CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS Portcullis Advisories (May 21)
• CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS Portcullis Advisories (May 21)
• APPLE-SA-2014-15-20-1 OS X Server 3.1.2 Apple Product Security (May 21)
• Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Stefan Kanthak (May 21)
• Wordpress Booking System (Booking Calendar) plugin SQL Injection info sec (May 21)
• SEC Consult SA-20140521-0 :: Multiple critical vulnerabilities in CoSoSys Endpoint Protector 4 SEC Consult Vulnerability Lab (May 22)
• [security bulletin] HPSBMU03042 rev.1 - HP Operations Manager i, Execution of Arbitrary Code security-alert (May 22)
• [security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclosure of Information security-alert (May 22)
• Cisco Security Advisory: Cisco Wide Area Application Services Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (May 22)
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Products Cisco Systems Product Security Incident Response Team (May 22)
• [SECURITY] [DSA 2935-1] libgadu security update Moritz Muehlenhoff (May 22)
• [KIS-2014-05] Dotclear <= 2.6.2 (XML-RPC Interface) Authentication Bypass Vulnerability Egidio Romano (May 22)
• [KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability Egidio Romano (May 22)
  • [KIS-2014-07] Dotclear <= 2.6.2 (categories.php) SQL Injection Vulnerability Egidio Romano (May 22)
• APPLE-SA-2014-05-21-1 Safari 6.1.4 and Safari 7.0.4 Apple Product Security (May 22)
• Full Disclosure - DIR-652/DIR-835/DIR-855L/DGL-5500/DHP-1565 - Clear Text Password/XSS/Information Disclosure kyle Lovett (May 22)
• ESA-2014-045: EMC Documentum D2 Arbitrary DQL Query Execution Vulnerability Security Alert (May 23)
• [security bulletin] HPSBMU02995 rev.8 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information security-alert (May 23)
• [security bulletin] HPSBMU03025 rev.2 - HP Diagnostics running OpenSSL, Remote Disclosure of Information security-alert (May 23)
• [SECURITY] [DSA 2936-1] torque security update Salvatore Bonaccorso (May 23)
• ESA-2014-021: RSA Archer® GRC Multiple Cross-Site Scripting Vulnerabilities Security Alert (May 23)
• [security bulletin] HPSBMU03009 rev.3 - HP CloudSystem Foundation and HP CloudSystem Enterprise Software running OpenSSL, Remote Disclosure of Information security-alert (May 26)
• [security bulletin] HPSBUX02960 SSRT101419 rev.3 - HP-UX Running NTP, Remote Denial of Service (DoS) security-alert (May 26)
• VUPEN Security Research - Adobe Acrobat & Reader XI-X Barcode Heap Overflow (Pwn2Own) VUPEN Security Research (May 26)
• [security bulletin] HPSBGN03041 rev.1 - HP IceWall Configuration Manager running Apache Struts, Remote Execution of Arbitrary Code security-alert (May 27)
• call for papers- ＣＳＳＥ２０１４ cfp-conf2014.org (May 27)
• [SECURITY] CVE-2014-0075 Apache Tomcat denial of service Mark Thomas (May 28)
• [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure Mark Thomas (May 28)
• [SECURITY] CVE-2014-0095 Apache Tomcat denial of service Mark Thomas (May 28)
• [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure Mark Thomas (May 28)
  • Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure Mark Thomas (May 28)
• CVE-2014-3445 - Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages Portcullis Advisories (May 28)
• [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure Mark Thomas (May 28)
• [SECURITY] [DSA 2937-1] mod-wsgi security update Moritz Muehlenhoff (May 28)
• [SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze Moritz Muehlenhoff (May 28)
• LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability LSE Leading Security Experts GmbH (Security Advisories) (May 28)
• SEC Consult SA-20140528-0 :: Root Backdoor & Unauthenticated access to voice recordings in NICE Recording eXpress SEC Consult Vulnerability Lab (May 28)
• Multiple vulnerabilities in Sharetronix High-Tech Bridge Security Research (May 28)
• [RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script RedTeam Pentesting GmbH (May 29)
• [RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script RedTeam Pentesting GmbH (May 29)
• Defense in depth -- the Microsoft way (part 15): unquoted arguments in 120 (of 462) command lines Stefan Kanthak (May 29)
• OpenCart 1.5.6.4 Directory Traversal Vulnerability iedb . team (May 29)
• Mybb Sendthread Page Denial of Service Vulnerability iedb . team (May 29)
• NEW VMSA-2014-0005 - VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation "VMware Security Response Center" (May 30)
• Google Compute Engine - Lateral Compromise Scott T. Cameron (May 30)
• Google Compute Engine Multiple DOS Vulnerabilities Scott T. Cameron (May 30)

Previous period

Next period