bugtraq  

Messages by Date

• 2021/01/16 Re: [SECURITY] [DSA 4628-1] php7.0 security update Timesportsall
• 2021/01/16 Re: BugTraq Shutdown tommypickle
• 2021/01/16 On Second Thought... alias
• 2021/01/15 BugTraq Shutdown alias
• 2020/02/25 Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components Stefan Kanthak
• 2020/02/25 Local information disclosure in OpenSMTPD (CVE-2020-8793) Qualys Security Advisory
• 2020/02/25 LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) Qualys Security Advisory
• 2020/02/25 [SECURITY] [DSA 4633-1] curl security update Alessandro Ghedini
• 2020/02/25 Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888) Jamie R
• 2020/02/24 [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass Thierry Zoller
• 2020/02/24 [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP) Thierry Zoller
• 2020/02/20 [slackware-security] proftpd (SSA:2020-051-01) Slackware Security Team
• 2020/02/19 [SECURITY] [DSA 4628-1] php7.0 security update Moritz Muehlenhoff
• 2020/02/19 [SECURITY] [DSA 4629-1] python-django security update Sebastien Delafond
• 2020/02/18 [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP) Thierry Zoller
• 2020/02/18 [TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN) Thierry Zoller
• 2020/02/18 [SECURITY] [DSA 4626-1] php7.3 security update Moritz Muehlenhoff
• 2020/02/17 [SECURITY] [DSA 4627-1] webkit2gtk security update Moritz Muehlenhoff
• 2020/02/16 [SECURITY] [DSA 4620-1] firefox-esr security update Moritz Muehlenhoff
• 2020/02/16 Web Application Firewall bypass via Bluecoat device RedTimmy Security
• 2020/02/16 [SECURITY] [DSA 4621-1] openjdk-8 security update Moritz Muehlenhoff
• 2020/02/16 [slackware-security] libarchive (SSA:2020-043-01) Slackware Security Team
• 2020/02/16 [TZO-15-2020] - F-SECURE Generic Malformed Container bypass (RAR) Thierry Zoller
• 2020/02/16 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0002 Carlos Alberto Lopez Perez
• 2020/02/16 CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability Imre Rad
• 2020/02/16 [SECURITY] [DSA 4624-1] evince security update Salvatore Bonaccorso
• 2020/02/16 [SECURITY] [DSA 4625-1] thunderbird security update Moritz Muehlenhoff
• 2020/02/14 [TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG) Thierry Zoller
• 2020/02/14 [TZO-11-2020] - ESET Generic Malformed Archive Bypass (BZ2 Checksum) Thierry Zoller
• 2020/02/14 [SECURITY] [DSA 4623-1] postgresql-11 security update Moritz Muehlenhoff
• 2020/02/14 [EnumJavaLibs]_ Remote Java classpath enumerator RedTimmy Security
• 2020/02/14 [slackware-security] mozilla-firefox (SSA:2020-042-01) Slackware Security Team
• 2020/02/14 [SECURITY] [DSA 4622-1] postgresql-9.6 security update Moritz Muehlenhoff
• 2020/02/14 [slackware-security] mozilla-thunderbird (SSA:2020-042-02) Slackware Security Team
• 2020/02/10 [SECURITY] [DSA 4618-1] libexif security update Salvatore Bonaccorso
• 2020/02/10 [SECURITY] [DSA 4619-1] libxmlrpc3-java security update Salvatore Bonaccorso
• 2020/02/10 xglance-bin exploit (CVE-2014-2630) redazione
• 2020/02/04 [SECURITY] [DSA 4617-1] qtbase-opensource-src security update Moritz Muehlenhoff
• 2020/02/03 [SECURITY] [DSA 4612-1] prosody-modules security update Moritz Muehlenhoff
• 2020/02/03 [slackware-security] sudo (SSA:2020-031-01) Slackware Security Team
• 2020/02/03 [SECURITY] [DSA 4613-1] libidn2 security update Salvatore Bonaccorso
• 2020/02/03 [SECURITY] [DSA 4614-1] sudo security update Salvatore Bonaccorso
• 2020/02/03 [SECURITY] [DSA 4615-1] spamassassin security update Salvatore Bonaccorso
• 2020/02/03 [SECURITY] [DSA 4616-1] qemu security update Moritz Muehlenhoff
• 2020/01/31 Executable installers are vulnerable^WEVIL (case 58): Intel® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege Stefan Kanthak
• 2020/01/30 [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED Stefan Kanthak
• 2020/01/29 [SECURITY] [DSA 4610-1] webkit2gtk security update Moritz Muehlenhoff
• 2020/01/29 APPLE-SA-2020-1-29-1 iCloud for Windows 7.17 Apple Product Security
• 2020/01/29 APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2 Apple Product Security
• 2020/01/29 [SECURITY] [DSA 4611-1] opensmtpd security update Moritz Muehlenhoff
• 2020/01/29 FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec FreeBSD Security Advisories
• 2020/01/29 FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch FreeBSD Security Advisories
• 2020/01/29 APPLE-SA-2020-1-28-3 watchOS 6.1.2 Apple Product Security
• 2020/01/29 APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1 Apple Product Security
• 2020/01/29 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra Apple Product Security
• 2020/01/29 FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc FreeBSD Security Advisories
• 2020/01/29 APPLE-SA-2020-1-28-5 Safari 13.0.5 Apple Product Security
• 2020/01/29 APPLE-SA-2020-1-28-4 tvOS 13.3.1 Apple Product Security
• 2020/01/29 APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4 Apple Product Security
• 2020/01/29 Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong) Stefan Kanthak
• 2020/01/29 LPE and RCE in OpenSMTPD (CVE-2020-7247) Qualys Security Advisory
• 2020/01/27 CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template Gianluca Baldi
• 2020/01/27 [slackware-security] mozilla-thunderbird (SSA:2020-024-01) Slackware Security Team
• 2020/01/23 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0001 Carlos Alberto Lopez Perez
• 2020/01/23 [SECURITY] [DSA 4609-1] python-apt security update Moritz Muehlenhoff
• 2020/01/23 SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS SEC Consult Vulnerability Lab
• 2020/01/22 SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus SEC Consult Vulnerability Lab
• 2020/01/21 [REVIVE-SA-2020-001] Revive Adserver Vulnerability Matteo Beccati
• 2020/01/21 [SECURITY] [DSA 4608-1] tiff security update Moritz Muehlenhoff
• 2020/01/20 [SECURITY] [DSA 4607-1] openconnect security update Salvatore Bonaccorso
• 2020/01/20 Neowise CarbonFTP v1.4 Insecure Proprietary Password Encryption CVE-2020-6857 apparitionsec
• 2020/01/20 Trend Micro Security 2019 (Consumer) Multiple Products Security Bypass Protected Service Tampering CVE-2019-19697 apparitionsec
• 2020/01/20 Trend Micro Security (Consumer) Multiple Products Persistent Arbitrary Code Execution CVE-2019-20357 apparitionsec
• 2020/01/20 [SECURITY] [DSA 4606-1] chromium security update Michael Gilbert
• 2020/01/20 [SECURITY] [DSA 4603-1] thunderbird security update Moritz Muehlenhoff
• 2020/01/20 [SECURITY] [DSA 4604-1] cacti security update Moritz Muehlenhoff
• 2020/01/20 [SECURITY] [DSA 4605-1] openjdk-11 security update Moritz Muehlenhoff
• 2020/01/17 CVE-2020-2656 - Low impact information disclosure via Solaris xlock Marco Ivaldi
• 2020/01/17 CVE-2020-2696 - Local privilege escalation via CDE dtsession Marco Ivaldi
• 2020/01/14 [SECURITY] [DSA 4602-1] xen security update Moritz Muehlenhoff
• 2020/01/14 [TZO-09-2020] - Bitdefender Malformed Archive bypass (RAR Uncompressed Size) Thierry Zoller
• 2020/01/14 [TZO-10-2020] - Bitdefender Malformed Archive bypass (RAR Compression Information) Thierry Zoller
• 2020/01/12 [slackware-security] mozilla-thunderbird (SSA:2020-010-01) Slackware Security Team
• 2020/01/12 [TZO-08-2020] Bitdefender Generic Malformed Archive Bypass (ZIP GPFLAG) Thierry Zoller
• 2020/01/12 [TZO-06-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN) Thierry Zoller
• 2020/01/10 [TZO-05-2020] Kaspersky Generic Malformed Archive Bypass (ZIP Compressed Size) Thierry Zoller
• 2020/01/10 [TZO-07-2020] Bitdefender Generic Malformed Archive Bypass (RAR HOST_OS) Thierry Zoller
• 2020/01/10 [SECURITY] [DSA 4601-1] ldm security update Moritz Muehlenhoff
• 2020/01/09 [SECURITY] [DSA 4600-1] firefox-esr security update Moritz Muehlenhoff
• 2020/01/09 [slackware-security] mozilla-firefox (SSA:2020-009-01) Slackware Security Team
• 2020/01/09 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01) Slackware Security Team
• 2020/01/08 [SECURITY] [DSA 4598-1] python-django security update Salvatore Bonaccorso
• 2020/01/08 [SECURITY] [DSA 4599-1] wordpress security update Sebastien Delafond
• 2020/01/06 [slackware-security] mozilla-firefox (SSA:2020-006-01) Slackware Security Team
• 2020/01/05 [SECURITY] [DSA 4597-1] netty security update Salvatore Bonaccorso
• 2020/01/05 [TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2) Thierry Zoller
• 2020/01/02 [RT-SA-2019-015] IceWarp: Cross-Site Scripting in Notes for Contacts RedTeam Pentesting GmbH
• 2020/01/02 [TZO-01-2020] AVIRA Generic Malformed Container bypass (ISO) Thierry Zoller
• 2020/01/02 [TZO-02-2020] Kaspersyk Generic Malformed Archive Bypass (ZIP GFlag) Thierry Zoller
• 2020/01/02 [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information) Thierry Zoller
• 2020/01/02 [RT-SA-2019-016] IceWarp: Cross-Site Scripting in Notes RedTeam Pentesting GmbH
• 2019/12/31 Microsoft Windows .Group File / URL Field Code Execution apparitionsec
• 2019/12/29 Microsoft Exchange Server, External Service Interaction (DNS) Alphan YAVAS
• 2019/12/29 [SECURITY] [DSA 4592-1] mediawiki security update Moritz Muehlenhoff
• 2019/12/29 [SECURITY] [DSA 4593-1] freeimage security update Moritz Muehlenhoff
• 2019/12/29 [SECURITY] [DSA 4594-1] openssl1.0 security update Moritz Muehlenhoff
• 2019/12/29 [SECURITY] [DSA 4595-1] debian-lan-config security update Moritz Muehlenhoff
• 2019/12/29 [SECURITY] [DSA 4596-1] tomcat8 security update Moritz Muehlenhoff
• 2019/12/25 [SECURITY] [DSA 4591-1] cyrus-sasl2 security update Salvatore Bonaccorso
• 2019/12/25 CA20191218-01: Security Notice for CA Client Automation Agent for Windows Kevin Kotas
• 2019/12/25 [slackware-security] tigervnc (SSA:2019-354-02) Slackware Security Team
• 2019/12/25 [slackware-security] openssl (SSA:2019-354-01) Slackware Security Team
• 2019/12/19 [SECURITY] [DSA 4590-1] cyrus-imapd security update Moritz Muehlenhoff
• 2019/12/19 [slackware-security] wavpack (SSA:2019-353-01) Slackware Security Team
• 2019/12/19 Confluence Server and Data Center Security Advisory - 2019-12-18 - CVE-2019-15006 Alexander Minozhenko
• 2019/12/19 Deutsche Bahn Ticket Vending Machine Windows XP - Local Kiosk Privilege Escalation Vulnerability Vulnerability Lab
• 2019/12/18 [SECURITY] [DSA 4589-1] debian-edu-config security update Moritz Muehlenhoff
• 2019/12/18 [SECURITY] [DSA 4588-1] python-ecdsa security update Sebastien Delafond
• 2019/12/17 [SECURITY] [DSA 4586-1] ruby2.5 security update Salvatore Bonaccorso
• 2019/12/17 [SECURITY] [DSA 4587-1] ruby2.3 security update Salvatore Bonaccorso
• 2019/12/16 [SECURITY] [DSA 4582-1] davical security update Moritz Muehlenhoff
• 2019/12/16 [SECURITY] [DSA 4583-1] spip security update Moritz Muehlenhoff
• 2019/12/16 [SECURITY] [DSA 4565-2] intel-microcode security update Salvatore Bonaccorso
• 2019/12/16 [SECURITY] [DSA 4584-1] spamassassin security update Salvatore Bonaccorso
• 2019/12/16 [SECURITY] [DSA 4585-1] thunderbird security update Moritz Muehlenhoff
• 2019/12/12 Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726) Qualys Security Advisory
• 2019/12/12 SEC Consult SA-20191211-0 :: File Extension Spoofing in Windows Defender Antivirus SEC Consult Vulnerability Lab
• 2019/12/11 APPLE-SA-2019-12-10-2 iOS 12.4.4 Apple Product Security
• 2019/12/11 APPLE-SA-2019-12-10-4 watchOS 5.3.4 Apple Product Security
• 2019/12/11 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra Apple Product Security
• 2019/12/11 APPLE-SA-2019-12-10-5 tvOS 13.3 Apple Product Security
• 2019/12/11 APPLE-SA-2019-12-10-6 Safari 13.0.4 Apple Product Security
• 2019/12/11 APPLE-SA-2019-12-10-7 Xcode 11.3 Apple Product Security
• 2019/12/11 APPLE-SA-2019-12-10-8 watchOS 6.1.1 Apple Product Security
• 2019/12/10 CA20191209-01: Security Notice for CA Nolio (Release Automation) Kevin Kotas
• 2019/12/10 [SECURITY] [DSA 4581-1] git security update Salvatore Bonaccorso
• 2019/12/10 [SECURITY] [DSA 4579-1] nss security update Moritz Muehlenhoff
• 2019/12/10 [SYSS-2019-045] "Scoutnet Kalender" for WordPress - Cross-Site Scripting simon . moser
• 2019/12/10 [SECURITY] [DSA 4580-1] firefox-esr security update Moritz Muehlenhoff
• 2019/12/10 CVE-2019-17554 - Apache Olingo OData 4.0 - XML External Entity Resolution (XXE) Advisories
• 2019/12/06 External Service Interaction (DNS) on Skype for Business Alphan YAVAS
• 2019/12/06 External Service Interaction (DNS) on Skype for Business Alphan YAVAS
• 2019/12/05 Authentication vulnerabilities in OpenBSD Qualys Security Advisory
• 2019/12/05 BeeGFS Privilege Escalation (CVE-2019-15897) john
• 2019/12/04 [slackware-security] mozilla-firefox (SSA:2019-337-01) Slackware Security Team
• 2019/12/03 SEC Consult SA-20191203-0 :: Multiple vulnerabilites in Fronius Solar Inverter Series SEC Consult Vulnerability Lab
• 2019/12/03 Microsoft Windows Media Center XXE MotW Bypass (Anniversary Edition) apparitionsec
• 2019/12/02 SEC Consult SA-20191202-0 :: Multiple Critical Vulnerabilities in SALTO ProAccess SPACE SEC Consult Vulnerability Lab
• 2019/12/02 NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 Pre-Auth SQL Injection 0Day CVE-2019-19245 apparitionsec
• 2019/12/02 Max Secure Anti Virus Plus v19.0.4.020 Insecure Permissions CVE-2019-19382 apparitionsec
• 2019/12/02 Microsoft Excel 2016 v1901 Import Error XML External Entity Injection apparitionsec
• 2019/11/28 [SECURITY] [DSA 4577-1] haproxy security update Sebastien Delafond
• 2019/11/28 [Public Disclosure] Two Denial-of-Service vulnerabilities found in axTLS library (CVE-2019-9689 / CVE-2019-10013) CERT
• 2019/11/28 [SECURITY] [DSA 4578-1] libvpx security update Moritz Muehlenhoff
• 2019/11/26 Re: SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products SEC Consult Vulnerability Lab
• 2019/11/26 Anhui Huami Mi Fit Android Application - Unencrypted Update Check David Coomber
• 2019/11/26 pari/gp on debian stable allow arbitrary file write Georgi Guninski
• 2019/11/26 [SECURITY] [DSA 4576-1] php-imagick security update Salvatore Bonaccorso
• 2019/11/25 SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products SEC Consult Vulnerability Lab
• 2019/11/25 [SECURITY] [DSA 4571-2] enigmail update Moritz Muehlenhoff
• 2019/11/25 [SECURITY] [DSA 4575-1] chromium security update Michael Gilbert
• 2019/11/22 AST-2019-007: AMI user could execute system commands. Asterisk Security Team
• 2019/11/22 AST-2019-008: Re-invite with T.38 and malformed SDP causes crash. Asterisk Security Team
• 2019/11/22 AST-2019-006: SIP request can change address of a SIP peer. Asterisk Security Team
• 2019/11/21 [slackware-security] bind (SSA:2019-324-01) Slackware Security Team
• 2019/11/19 [SECURITY] [DSA 4574-1] redmine security update Moritz Muehlenhoff
• 2019/11/19 [SECURITY] [DSA 4572-1] slurm-llnl security update Moritz Muehlenhoff
• 2019/11/19 [SECURITY] [DSA 4573-1] symfony security update Moritz Muehlenhoff
• 2019/11/18 [SECURITY] [DSA 4568-1] postgresql-common security update Moritz Muehlenhoff
• 2019/11/18 [SECURITY] [DSA 4569-1] ghostscript security update Salvatore Bonaccorso
• 2019/11/18 [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01) Slackware Security Team
• 2019/11/18 [SECURITY] [DSA 4570-1] mosquitto security update Salvatore Bonaccorso
• 2019/11/18 [SECURITY] [DSA 4571-1] thunderbird security update Moritz Muehlenhoff
• 2019/11/14 Vulnerability Disclosure and CVE assign Alphan YAVAS
• 2019/11/13 Vulnerability Disclosure Alphan YAVAS
• 2019/11/13 [SECURITY] [DSA 4563-1] webkit2gtk security update Moritz Muehlenhoff
• 2019/11/13 [SECURITY] [DSA 4567-1] dpdk security update Moritz Muehlenhoff
• 2019/11/13 [SECURITY] [DSA 4566-1] qemu security update Salvatore Bonaccorso
• 2019/11/13 [SECURITY] [DSA 4565-1] intel-microcode security update Salvatore Bonaccorso
• 2019/11/12 FreeBSD Security Advisory FreeBSD-SA-19:25.mcepsc FreeBSD Security Advisories
• 2019/11/12 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu FreeBSD Security Advisories
• 2019/11/12 [SECURITY] [DSA 4564-1] linux security update Salvatore Bonaccorso
• 2019/11/11 [SECURITY] [DSA 4562-1] chromium security update Moritz Muehlenhoff
• 2019/11/11 Minor security issue in punbb with SQLite Georgi Guninski
• 2019/11/08 WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006 Carlos Alberto Lopez Perez
• 2019/11/08 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01) Slackware Security Team
• 2019/11/08 [SECURITY] [DSA 4561-1] fribidi security update Salvatore Bonaccorso
• 2019/11/08 Jira Service Desk Server and Jira Service Desk Data Center Security Advisory - 2019-11-06 - CVE-2019-15003, CVE-2019-15004 Alexander Minozhenko
• 2019/11/06 [SECURITY] [DSA 4560-1] simplesamlphp security update Thijs Kinkhorst
• 2019/11/06 [SECURITY] [DSA 4559-1] proftpd-dfsg security update Moritz Muehlenhoff
• 2019/11/04 [SECURITY] [DSA 4558-1] webkit2gtk security update Moritz Muehlenhoff
• 2019/11/04 [slackware-security] libtiff (SSA:2019-308-01) Slackware Security Team
• 2019/11/03 [SECURITY] [DSA 4556-1] qtbase-opensource-src security update Moritz Muehlenhoff
• 2019/11/03 [SECURITY] [DSA 4557-1] libarchive security update Moritz Muehlenhoff
• 2019/11/03 APPLE-SA-2019-11-01-1 Xcode 11.2 Apple Product Security
• 2019/10/25 Security Advisory for Jira Plug-in: In-App & Desktop Notification erik . steltzner
• 2019/10/25 [SECURITY] [DSA 4549-1] firefox-esr security update Moritz Muehlenhoff
• 2019/10/23 [SYSS-2019-009]: Fujitsu Wireless Keyboard Set LX390 - Missing Protection against Replay Attacks (CVE-2019-18199) matthias . deeg
• 2019/10/23 [SYSS-2019-010]: Fujitsu Wireless Keyboard Set LX390 - Missing Encryption of Sensitive Data (CWE-311) (CVE-2019-18201) matthias . deeg
• 2019/10/23 [SYSS-2019-011]: Fujitsu Wireless Keyboard Set LX390 - Keystroke Injection Vulnerability (CVE-2019-18200) matthias . deeg

• Earlier messages