[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com

Cross-Site Scripting (XSS) in qTranslate WordPress Plugin 2015-07-29
High-Tech Bridge Security Research (advisory htbridge ch)

[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com

phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability 2015-07-29
apparitionsec gmail com

[slackware-security] bind (SSA:2015-209-01) 2015-07-28
Slackware Security Team (security slackware com)

FreeBSD Security Advisory FreeBSD-SA-15:17.bind 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-15:16.openssh 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-15:15.tcp 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3319-1] bind9 security update 2015-07-28
Salvatore Bonaccorso (carnil debian org)

SEC Consult SA-20150728-0 :: McAfee Application Control Multiple Vulnerabilities 2015-07-28
SEC Consult Vulnerability Lab (research sec-consult com)

Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28
Samuel Lavitt - CVE-2015-0942 (CVE-2015-0942 precipice fi)

Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability 2015-07-27
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3318-1] expat security update 2015-07-26
Laszlo Boszormenyi (gcs debian org)

[SECURITY] [DSA 3317-1] lxc security update 2015-07-25
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3316-1] openjdk-7 security update 2015-07-25
Moritz Muehlenhoff (jmm debian org)

Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24
apparitionsec gmail com

[SECURITY] [DSA 3315-1] chromium-browser security update 2015-07-24
Michael Gilbert (mgilbert debian org)

Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24
apparitionsec gmail com

[SECURITY] [DSA 3314-1] typo3-src end of life 2015-07-23
Moritz Muehlenhoff (jmm debian org)

Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)

Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)

ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability 2015-07-23
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3313-1] linux security update 2015-07-23
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)

Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)

Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)

Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)

Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in Count Per Day WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)

[SECURITY] [DSA 3312-1] cacti security update 2015-07-22
Alessandro Ghedini (ghedo debian org)

NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22
jychia sec gmail com

NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22
jychia sec gmail com

Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities 2015-07-22
apparitionsec gmail com

FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
FreeBSD Security Advisories (security-advisories freebsd org)

WorldCIST'2016 - Brazil: Call for Workshops Proposals - Best Papers published by ISI/SCI Journals 2015-07-21
Maria Lemos (marialemos72 gmail com)

CVE-2015-5379: Axigen XSS vulnerability for html attachments 2015-07-21
Ioan Indreias (ioan indreias axigen com)

[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2015-07-20
security-alert hp com

[security bulletin] HPSBMU03377 rev.1 - HP Release Control running RC4, Remote Disclosure of Information 2015-07-20
security-alert hp com

[security bulletin] HPSBUX03379 SSRT101976 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-07-20
security-alert hp com

[SECURITY] [DSA 3311-1] mariadb-10.0 security update 2015-07-20
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3310-1] freexl security update 2015-07-19
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3309-1] tidy security update 2015-07-18
Alessandro Ghedini (ghedo debian org)

[SECURITY] [DSA 3308-1] mysql-5.5 security update 2015-07-18
Salvatore Bonaccorso (carnil debian org)

AirDroid ID - Client Side JSONP Callback Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)

FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)

UDID+ v2.5 iOS - Mail Command Inject Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)

Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com

Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de

Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com

Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de

SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)

Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)

Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com

Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de

SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)

Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)

ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)

ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)

[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure 2015-07-16
Cédric Champeau (cedric champeau gmail com)

SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)

Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)

ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)

ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)

[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure 2015-07-16
Cédric Champeau (cedric champeau gmail com)

Backdoor credentials found in 4 TOTOLINK router models 2015-07-15
Pierre Kim (pierre kim sec gmail com)

4 TOTOLINK router models vulnerable to CSRF and XSS attacks 2015-07-15
Pierre Kim (pierre kim sec gmail com)

15 TOTOLINK router models vulnerable to multiple RCEs 2015-07-15
Pierre Kim (pierre kim sec gmail com)

Cisco Security Advisory: Cisco Videoscape Delivery System Denial of Service Vulnerability 2015-07-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 2015-07-15
Tim Coen (tc coen gmail com)

XSS vulnerability in OFBiz forms 2015-07-15
lilian_iatco yahoo com

iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-07-01
Stefan Kanthak (stefan kanthak nexgo de)

Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) 2015-07-01
Pierre Kim (pierre kim sec gmail com)

ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability 2015-07-01
Security Alert (Security_Alert emc com)

Path Traversal in BlackCat CMS 2015-07-01
High-Tech Bridge Security Research (advisory htbridge ch)

Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)

ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities 2015-07-01
Security Alert (Security_Alert emc com)

ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities 2015-07-01
Security Alert (Security_Alert emc com)

FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)

Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)

Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)

Extra information for CVE-2014-4626 - EMC Documentum Content Server: authenticated user is able to elevate privileges, hijack Content Server filesystem, execute arbitrary commands by creating malicious dm_job objects 2015-07-01

APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001 2015-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 2015-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 2015-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-06-30-1 iOS 8.4 2015-06-30
Apple Product Security (product-security-noreply lists apple com)

Google Chrome Address Spoofing (Request For Comment) 2015-06-30
David Leo (david leo deusen co uk)

CVE-2015-4674 - TimeDoctor autoupdate over plain-HTTP 2015-06-29
Fernando Muñoz (fernando null-life com)