Home page logo
/

147 messages starting Nov 06 13 and ending Nov 01 13
Date index | Thread index | Author index

advisories

[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting advisories (Nov 06)
Vulnerability in Pydio/AjaXplorer < = 5.0.3 advisories (Nov 11)
Vulnerability in Pydio/AjaXplorer <= 5.0.3 advisories (Nov 11)
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities advisories (Nov 19)

andrew

CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater andrew (Nov 22)

Apple Product Security

APPLE-SA-2013-11-14-1 iOS 7.0.4 Apple Product Security (Nov 15)

bhavyasethi . atcs

vulnerability issue for DB2 express bhavyasethi . atcs (Nov 12)

bruk0ut . sec

Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) bruk0ut . sec (Nov 19)

Carlos A. Lozano

CFP BugCON 2014 - Mexico City Carlos A. Lozano (Nov 07)

Chris John Riley

LastPass Android container PIN and auto-wipe security feature bypass (CVE-2013-5113/5114) Chris John Riley (Nov 13)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)
Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)

CORE Advisories Team

CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass CORE Advisories Team (Nov 06)

Dennis Kelly

SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution Dennis Kelly (Nov 19)

Dirk-Willem van Gulik

CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) Dirk-Willem van Gulik (Nov 07)

Florian Weimer

[SECURITY] [DSA 2791-1] tryton-client security update Florian Weimer (Nov 04)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh FreeBSD Security Advisories (Nov 19)
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] FreeBSD Security Advisories (Nov 29)

g . delvecchio

Cisco Mars Cross-Site Scripting Vulnerability - CVE-2013-5563 g . delvecchio (Nov 05)

geinblues

XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability geinblues (Nov 04)
XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow geinblues (Nov 11)
XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug geinblues (Nov 18)
XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs geinblues (Nov 18)
XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow geinblues (Nov 19)
XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption geinblues (Nov 19)
XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow geinblues (Nov 19)

Gleb O. Raiko

Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Gleb O. Raiko (Nov 15)

Gregory Panakkal

16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) Gregory Panakkal (Nov 19)

Hafez Kamal

[HITB-Announce] #HITB2014AMS Call for Papers Now Open Hafez Kamal (Nov 28)

High-Tech Bridge Security Research

SQL Injection in appRain High-Tech Bridge Security Research (Nov 06)
Cross-Site Scripting (XSS) in Zikula Application Framework High-Tech Bridge Security Research (Nov 13)
Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin High-Tech Bridge Security Research (Nov 18)
Multiple Cross-Site Scripting (XSS) in Claroline High-Tech Bridge Security Research (Nov 27)
SQL Injection in Dokeos High-Tech Bridge Security Research (Nov 27)
SQL Injection in Chamilo LMS High-Tech Bridge Security Research (Nov 27)

iedb . team

wordpress jigoshop Plugin path disclosure vulnerabilities iedb . team (Nov 06)
Mybb Ajaxfs Plugin Sql Injection vulnerability iedb . team (Nov 20)

info

XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3 info (Nov 12)

ISecAuditors Security Advisories

[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system ISecAuditors Security Advisories (Nov 06)
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" ISecAuditors Security Advisories (Nov 06)
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability ISecAuditors Security Advisories (Nov 06)

Jake Reynolds

Dahua DVR Authentication Bypass - CVE-2013-6117 Jake Reynolds (Nov 14)

Jeimy Cano

Information Security Forecast 2014 Jeimy Cano (Nov 18)

Johannes . Ernst

Belkin WiFi NetCam video stream backdoor with unchangeable admin/admin credentials Johannes . Ernst (Nov 11)

John Stamatakis

WebSurgery v1.1 released (Web application security testing suite) John Stamatakis (Nov 12)
WebSurgery v1.1 released (Web application security testing suite) John Stamatakis (Nov 12)

Jonathan Yu

Fwd: vulnerability issue for DB2 express Jonathan Yu (Nov 13)

jsibley1

Word 2003 SP2 .doc fork bomb on WinXP SP3 jsibley1 (Nov 08)
Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 jsibley1 (Nov 11)

Julien Ahrens

[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability Julien Ahrens (Nov 18)

Kevin Cernekee

Android Superuser shell character escape vulnerability Kevin Cernekee (Nov 14)
Superuser "su --daemon" vulnerability on Android >= 4.3 Kevin Cernekee (Nov 14)
Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee (Nov 14)
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee (Nov 15)

Luc Dore

Unauthorized console access on Satechi travel router v1.5 Luc Dore (Nov 22)

Luciano Bello

[SECURITY] [DSA 2805-1] sup-mail security update Luciano Bello (Nov 28)

Maria Lemos

WorldCIST'14 - World Conference on IST; Submission deadline: November 29 Maria Lemos (Nov 11)

Martin Braun

Open-Xchange Security Advisory 2013-11-06 Martin Braun (Nov 06)
Open-Xchange Security Advisory 2013-11-25 Martin Braun (Nov 26)

m . benetrix

XSS and CSRF Horde Groupware Web mail Edition m . benetrix (Nov 04)
CSRF Horde Groupware Web mail Edition m . benetrix (Nov 04)

Michael Gilbert

[SECURITY] [DSA 2795-1] lighttpd security update Michael Gilbert (Nov 13)
[SECURITY] [DSA 2795-2] lighttpd regression update Michael Gilbert (Nov 18)
[SECURITY] [DSA 2797-1] chromium-browser security update Michael Gilbert (Nov 18)
[SECURITY] [DSA 2798-1] curl security update Michael Gilbert (Nov 18)

Moritz Muehlenhoff

[SECURITY] [DSA 2793-1] libav security update Moritz Muehlenhoff (Nov 11)
[SECURITY] [DSA 2797-1] icedove security update Moritz Muehlenhoff (Nov 14)
[SECURITY] [DSA 2803-1] quagga security update Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 2804-1] drupal7 security update Moritz Muehlenhoff (Nov 27)

pfohl

Instagram Photo Upload and Flattr Money Redirection Vulnerability pfohl (Nov 21)

qsrc Quotium

Facebook Vulnerability Discloses Friends Lists Defined as Private qsrc Quotium (Nov 21)

Rodzbry27

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Rodzbry27 (Nov 14)
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Rodzbry27 (Nov 14)
Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities Rodzbry27 (Nov 14)

rubengarrote

pineapp mailsecure remote no authenticated privilege escalation & remote execution code rubengarrote (Nov 19)

Ruckus Product Security Team

RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface Ruckus Product Security Team (Nov 12)
Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers Ruckus Product Security Team (Nov 13)
RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface Ruckus Product Security Team (Nov 28)

Salvatore Bonaccorso

[SECURITY] [DSA 2790-1] nss security update Salvatore Bonaccorso (Nov 04)
[SECURITY] [DSA 2792-1] wireshark security update Salvatore Bonaccorso (Nov 05)
[SECURITY] [DSA 2794-1] spip security update Salvatore Bonaccorso (Nov 11)
[SECURITY] [DSA 2796-1] torque security update Salvatore Bonaccorso (Nov 14)
[SECURITY] [DSA 2798-2] curl security update Salvatore Bonaccorso (Nov 21)
[SECURITY] [DSA 2801-1] libhttp-body-perl security update Salvatore Bonaccorso (Nov 22)
[SECURITY] [DSA 2800-1] nss security update Salvatore Bonaccorso (Nov 26)

security

[ MDVSA-2013:265 ] kernel security (Nov 11)
[ MDVSA-2013:266 ] java-1.6.0-openjdk security (Nov 19)
[ MDVSA-2013:267 ] java-1.7.0-openjdk security (Nov 19)
[ MDVSA-2013:268 ] torque security (Nov 20)
[ MDVSA-2013:269 ] firefox security (Nov 20)
[ MDVSA-2013:270 ] nss security (Nov 20)
[ MDVSA-2013:273 ] libjpeg security (Nov 21)
[ MDVSA-2013:271 ] pmake security (Nov 21)
[ MDVSA-2013:272 ] poppler security (Nov 21)
[ MDVSA-2013:275 ] krb5 security (Nov 21)
[ MDVSA-2013:277 ] lighttpd security (Nov 21)
[ MDVSA-2013:276 ] curl security (Nov 21)
[ MDVSA-2013:274 ] libjpeg security (Nov 21)
[ MDVSA-2013:278 ] samba security (Nov 21)
[ MDVSA-2013:279 ] wireshark security (Nov 25)
[ MDVSA-2013:280 ] memcached security (Nov 25)
[ MDVSA-2013:281 ] nginx security (Nov 25)
[ MDVSA-2013:282 ] perl-HTTP-Body security (Nov 26)
[ MDVSA-2013:283 ] glibc security (Nov 26)
[ MDVSA-2013:284 ] glibc security (Nov 26)
[ MDVSA-2013:285 ] bugzilla security (Nov 26)
[ MDVSA-2013:286 ] ruby security (Nov 26)
[ MDVSA-2013:287 ] drupal security (Nov 27)

Security Alert

ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. Security Alert (Nov 05)
ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. Security Alert (Nov 05)
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities Security Alert (Nov 19)
ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities Security Alert (Nov 22)

security-alert

[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution security-alert (Nov 01)
[security bulletin] HPSBMU02872 SSRT101185 rev.3 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert (Nov 01)
[security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code security-alert (Nov 01)
[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution security-alert (Nov 01)
[security bulletin] HPSBMU02874 SSRT101184 rev.2 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert (Nov 01)
[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution security-alert (Nov 01)
[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) security-alert (Nov 04)
[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information security-alert (Nov 13)
[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution security-alert (Nov 27)

shatter

Re: Fwd: vulnerability issue for DB2 express shatter (Nov 19)

Slackware Security Team

[slackware-security] mozilla-thunderbird (SSA:2013-307-01) Slackware Security Team (Nov 04)
[slackware-security] mozilla-firefox (SSA:2013-322-01) Slackware Security Team (Nov 19)
[slackware-security] openssh (SSA:2013-322-02) Slackware Security Team (Nov 19)
[slackware-security] samba (SSA:2013-322-03) Slackware Security Team (Nov 19)
[slackware-security] seamonkey (SSA:2013-322-04) Slackware Security Team (Nov 19)

Stefan Arentz

Re: Apple MacOSX 10.9 Hard Link Memory Corruption Stefan Arentz (Nov 12)

Stefan Kanthak

Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 Stefan Kanthak (Nov 11)
Defense in depth -- the Microsoft way (part 14): incomplete, misleading and dangerous documentation Stefan Kanthak (Nov 25)

submit

Apple MacOSX 10.9 Hard Link Memory Corruption submit (Nov 08)

support

Re: DS3 Authentication Server - Multiple Issues support (Nov 14)

Tamara Vera

RE: FP BugCON 2014 - Mexico City Tamara Vera (Nov 08)

Thijs Kinkhorst

[SECURITY] [DSA 2802-1] nginx security update Thijs Kinkhorst (Nov 22)
[SECURITY] [DSA 2806-1] nbd security update Thijs Kinkhorst (Nov 29)

Tim Brown

[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass Tim Brown (Nov 18)

Tony Naggs

DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 Tony Naggs (Nov 22)

\"VMware Security Response Center\"

NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability \"VMware Security Response Center\" (Nov 15)

Vulnerability Lab

pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Nov 04)
PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability Vulnerability Lab (Nov 19)
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability Vulnerability Lab (Nov 19)
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability Vulnerability Lab (Nov 19)
Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability Vulnerability Lab (Nov 20)
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Nov 20)
NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability Vulnerability Lab (Nov 29)

Yves-Alexis Perez

[SECURITY] [DSA 2789-1] strongswan security update Yves-Alexis Perez (Nov 01)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]