Databáze Hot News 2014- 2020  2019  2018  2017  2016  2015  2014  2013 

Hot News  Alert  APT  Attacks  Bugtraq  CERT  Crime  Cryptocurrency  Exploit  Hacking  ICS  IDS/IPS  Incident  Malware  Operation  Phishing  Ransom  SANS  Vulnerebility


2014 January February March April May June July August September October November December 


31.12.2014

Bugtraq

ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)

ESA-2014-158: RSA BSAFEŽ Micro Edition Suite and SSL-J Triple Handshake Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3116-1] polarssl security update 2014-12-30
Moritz Muehlenhoff (jmm debian org)

Remote Code Execution via Unauthorised File upload in Cforms 14.7 2014-12-29
z fedotkin infosec ru

[SECURITY] [DSA 3115-1] pyyaml security update 2014-12-29
Moritz Muehlenhoff (jmm debian org)

nullcon HackIM Challenge 9-11 Jan 2015 2014-12-29
nullcon (nullcon nullcon net)

[SECURITY] [DSA 3113-1] unzip security update 2014-12-28
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3114-1] mime-support security update 2014-12-29
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Spybot.bfr!3579B79FF705

Generic.bfr!0E361092DC71

RDN/Generic.dx!583FE8361C55

RDN/Generic PUP.x!3EA905D70130

RDN/Generic Dropper!vu!79C9E2DC17E9

RDN/Generic PUP.x!crc!2F6CF576D9D5

RDN/Generic PWS.y!bcf!945C7CEE1F68

RDN/Generic.dx!dhw!FB81F27EB7F8

RDN/Generic.bfr!986D34A2097B

RDN/DNSChanger.bfr!B47DC9E79E92

RDN/DNSChanger.bfr!DC4B059C45F1

Generic.dx!68BDFE238DF1

RDN/Generic.bfr!ia!E134EF50DB53

RDN/Generic.bfr!3B2CA5837595

RDN/Generic PUP.x!crc!7B9FECD3720B

RDN/Generic PUP.x!E373DD3B4B06

RDN/Generic BackDoor!bb3!AC56CD5EE486

Generic PUP.x!6F930603D4B4

RDN/Generic Dropper!vu!49A8BFA00F9D

Generic PUP.x!518478624A2E

Generic.bfr!4322AC83C313

RDN/Generic BackDoor!A4C8C8FCA02B

Generic PUP.x!0DE35E3F69AB

RDN/Generic Downloader.x!mf!C7E30DF91996

RDN/Generic PWS.y!bcf!B0543ED1E059

RDN/Generic BackDoor!1E82F9D68402

RDN/Generic PUP.z!68072D0618A6

RDN/Generic.tfr!eg!6DDE50B9BB29

Ransom!87E362E7540F

Generic PUP.x!DC2FA138F478

Phishing

 

Vulnerebility

JasPer 'jpc_dec.c' Multiple Remote Heap Buffer Overflow Vulnerabilities
2014-12-30
http://www.securityfocus.com/bid/71476

JasPer CVE-2014-8137 Double Free Remote Code Execution Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71742

PolarSSL Unspecified Memory Corruption Vulnerability
2014-12-30
http://www.securityfocus.com/bid/70905

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71349

NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2014-12-30
http://www.securityfocus.com/bid/71757

Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71758

Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-12-30
http://www.securityfocus.com/bid/71761

torque 'job name' Argument Remote Buffer Overflow Vulnerability
2014-12-30
http://www.securityfocus.com/bid/48374

Torque Server Security Bypass Vulnerability
2014-12-30
http://www.securityfocus.com/bid/49119

Torque Munge Authentication Bypass Vulnerability
2014-12-30
http://www.securityfocus.com/bid/51224

Little CMS Multiple Remote Buffer Overflow Vulnerabilities
2014-12-30
http://www.securityfocus.com/bid/61607

Torque CVE-2013-4319 Remote Arbitrary Code Execution Vulnerability
2014-12-30
http://www.securityfocus.com/bid/62273

Torque 'send_the_mail()' Function Remote Command Injection Vulnerability
2014-12-30
http://www.securityfocus.com/bid/63722

TORQUE CVE-2014-0749 Stack Buffer Overflow Vulnerability
2014-12-30
http://www.securityfocus.com/bid/67420

Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability
2014-12-30
http://www.securityfocus.com/bid/68035

Microsoft Windows Graphics Component CVE-2014-6355 Information Disclosure Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71502

Microsoft VBScript CVE-2014-6363 Remote Code Execution Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71504

Multiple F5 Products CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71549

file CVE-2014-8117 Denial of Service Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71692

Linux Kernel 'fs/isofs/rock.c' Infinite Loop Denial of Service Vulnerability
2014-12-30
http://www.securityfocus.com/bid/71717

NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2014-12-30
http://www.securityfocus.com/bid/71762

Fish-shell CVE-2014-2914 Remote Code Execution Vulnerability
2014-12-30
http://www.securityfocus.com/bid/67095

Fish-shell '/tmp/fishd.socket.user' Local Privilege Escalation Vulnerability
2014-12-30
http://www.securityfocus.com/bid/67097

Fish-shell 'psub' Function Insecure Temporary File Creation Vulnerability
2014-12-30
http://www.securityfocus.com/bid/67098

Fish-shell Insecure Temporary File Creation Vulnerabiliy
2014-12-30
http://www.securityfocus.com/bid/67115

Wireshark Sniffer File CVE-2014-6431 Remote Denial of Service Vulnerability
2014-12-30
http://www.securityfocus.com/bid/69858

Wireshark Netflow Dissector CVE-2014-6424 Denial of Service Vulnerability
2014-12-30
http://www.securityfocus.com/bid/69862

Getmail CVE-2014-7273 SSL Certificate Security Bypass Vulnerability
2014-12-30
http://www.securityfocus.com/bid/70280

Getmail CVE-2014-7274 SSL Certificate Security Bypass Vulnerability
2014-12-30
http://www.securityfocus.com/bid/70281

Getmail CVE-2014-7275 SSL Certificate Security Bypass Vulnerability
2014-12-30
http://www.securityfocus.com/bid/70282

Exploit

Liferay Portal 7.0.x <= 7.0.2 - Pre-Auth RCE

30.12.2014

Bugtraq

Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Wickr Desktop v2.2.1 Windows - Denial of Service Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

PHPLIST v3.0.6 & v3.0.10 - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Facebook Bug Bounty #17 - Migrate Privacy Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

DRAM unreliable under specific access patern 2014-12-24
Pavel Machek (pavel ucw cz)

Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 2014-12-24
steffen roesemann1986 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products 2014-12-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3110-1] mediawiki security update 2014-12-23
Sebastien Delafond (seb debian org)

FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3112-1] sox security update 2014-12-23
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.dx!dhv!1531860F1651

RDN/Generic.bfr!A4BB0D416E6E

RDN/Generic PUP.x!039DF24978E1

DNSChanger.bfr!8D679ACB9AF3

Downloader.gen.a!F907F3E12622

RDN/Generic Dropper!vu!E4011D6D0E33

Generic PUP.x!E38F99BC96C7

RDN/Generic PWS.y!bcf!2E25E96AA1EB

Generic PUP.x!B67D358929F5

Generic PUP.x!C7FC61FF2CEB

RDN/Downloader.gen.a!557407112CC1

Generic PUP.x!B5CC31261201

RDN/Generic Dropper!vu!B4FCB2CBCB3E

Generic PUP.x!520B07D599A1

RDN/Spybot.bfr!2065F9E63A43

DNSChanger.bfr!D160ED66D84A

Generic PUP.x!5925BDC40D67

Generic PUP.x!213B73DCDD90

Generic PUP.x!1A5CCA9830C8

RDN/Downloader.a!ud!219094AFC7BF

RDN/Generic PWS.y!bcf!B34D917EBD4C

RDN/Generic PUP.x!5BA186B231B4

RDN/Generic.bfr!ia!504DE29B7598

RDN/Generic PUP.x!cr3!742804B395D6

RDN/Downloader.a!ud!C50F3CD54AB0

RDN/Generic PUP.x!0DB1C7F87B25

RDN/Generic PUP.x!cr3!C1B4D476BDB6

RDN/Generic.bfr!0DEBECEAFD71

Generic PUP.x!DABD8FC77626

RDN/Generic.bfr!2CBC5A74DF65

Phishing

 

Vulnerebility

Wireshark HIP Dissector CVE-2014-6426 Remote Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/69863

Wireshark RTSP Dissector CVE-2014-6427 Remote Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/69861

Wireshark Sniffer File CVE-2014-6430 Remote Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/69857

NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2014-12-29
http://www.securityfocus.com/bid/71757

Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-12-29
http://www.securityfocus.com/bid/71761

Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71758

Info-ZIP UnZip CVE-2014-8139 Remote Heap Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71790

Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/62044

MuPDF 'xps_parse_color()' Function Stack Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/65036

policycoreutils seunshare CVE-2014-3215 Local Privilege Escalation Vulnerability
2014-12-29
http://www.securityfocus.com/bid/67341

Xen 'HVMOP_track_dirty_vram()' Local Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70055

Xen 'x86_emulate.c' Local Privilege Escalation Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70057

Xen Supervisor Mode Permission Checks Local Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70062

Xen CVE-2014-7188 Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70198

Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71081

Linux Kernel 'ttusbdecfe.c' Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71097

OpenVPN CVE-2014-8104 Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71402

NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2014-12-29
http://www.securityfocus.com/bid/71762

Cisco Adaptive Security Appliance (ASA) Software CVE-2014-3410 Information Disclosure Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71765

Info-ZIP UnZip CVE-2014-8140 Out of Bounds Write Heap Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71792

Info-ZIP UnZip CVE-2014-8141 Out of Bounds Read Heap Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71793

Linux Kernel KVM 'virt/kvm/iommu.c' Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/69489

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/69763

Linux Kernel CVE-2014-3185 'whiteheat.c' Buffer Overflow Vulnerability
2014-12-29
http://www.securityfocus.com/bid/69781

Linux Kernel KVM 'asm/kvm_host.h' Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70742

Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70883

Linux Kernel 'net/mac80211/tx.c' Information Disclosure Vulnerability
2014-12-29
http://www.securityfocus.com/bid/70965

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-12-29
http://www.securityfocus.com/bid/70971

Linux Kernel 'kernel/tls.c' Local Information Disclosure Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71684

Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2014-12-29
http://www.securityfocus.com/bid/71685

Exploit

 

29.12.2014

Bugtraq

Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Wickr Desktop v2.2.1 Windows - Denial of Service Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

PHPLIST v3.0.6 & v3.0.10 - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Facebook Bug Bounty #17 - Migrate Privacy Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

DRAM unreliable under specific access patern 2014-12-24
Pavel Machek (pavel ucw cz)

Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 2014-12-24
steffen roesemann1986 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products 2014-12-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3110-1] mediawiki security update 2014-12-23
Sebastien Delafond (seb debian org)

FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3112-1] sox security update 2014-12-23
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.bfr!hz!861E69442CF5

RDN/Generic.bfr!8C83874A4C72

Generic PUP.x!A672475E0B7C

Generic PUP.x!945B4CF3D358

RDN/Generic.bfr!hz!8D1D7CA67258

Generic PUP.x!94802FD14984

RDN/Generic.bfr!hz!8FAD9011F4D3

RDN/Generic.bfr!hz!8975281D641A

RDN/Generic.dx!B7EA46C58E75

Generic PUP.x!A41F20088C1C

RDN/Generic.dx!dhs!27B01AF456B4

Generic PUP.x!1E4FEB1E9E1B

RDN/Generic PUP.x!A30E1A05028D

RDN/Generic.bfr!hz!8B8FF2790013

RDN/Generic PUP.x!D0B803786532

Generic PUP.x!0E9449E8464C

Generic PUP.x!A4CE34B1A9C9

RDN/Generic.bfr!hz!8A2C7317F1D1

Generic Dropper!C7E0D0E61A3C

Generic Dropper!9C8B9F0E283F

RDN/Generic.bfr!hz!8967F65ED6A2

Generic PUP.x!104D4374B1C2

Downloader.gen.a!DDF5D22B7E91

RDN/Generic.bfr!hz!88615C474B4B

RDN/Generic BackDoor!bbc!93A137415768

RDN/Generic.bfr!hz!7C4E8047F318

Generic PWS.y!D2A21A446577

Generic PUP.x!74E21FE9E7D6

RDN/Generic.bfr!81CDDA0756CE

Generic PUP.x!7FE494EF5B8F

Phishing

 

Vulnerebility

Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71685

Linux Kernel 'kernel/tls.c' Local Information Disclosure Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71684

Linux Kernel 'espfix64' Local Denial of Service Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71250

Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71758

Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-12-25
http://www.securityfocus.com/bid/71761

OpenVPN CVE-2014-8104 Denial of Service Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71402

RPM CVE-2014-8118 CPIO Header Handling Integer Overflow Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71588

RPM CVE-2013-6435 Remote Code Execution Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71558

Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71675

NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2014-12-25
http://www.securityfocus.com/bid/71762

NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2014-12-25
http://www.securityfocus.com/bid/71757

QEMU CVE-2014-3689 Multiple Local Security Bypass Vulnerabilities
2014-12-25
http://www.securityfocus.com/bid/70997

QEMU 'arch_init.c' Local Memory Corruption Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71658

QEMU 'cirrus_vga.c' Security Bypass Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71477

RSyslog Function Imfile Module Buffer Overflow Vulnerability
2014-12-25
http://www.securityfocus.com/bid/51171

RSyslog and sysklogd CVE-2014-3634 Denial of Service Vulnerability
2014-12-25
http://www.securityfocus.com/bid/70187

RSyslog and sysklogd CVE-2014-3683 Incomplete Fix Denial of Service Vulnerability
2014-12-25
http://www.securityfocus.com/bid/70243

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-12-25
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-12-25
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-25
http://www.securityfocus.com/bid/70574

Allegro RomPager HTTP Cookie Handling CVE-2014-9222 Security Bypass Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71744

Allegro RomPager CVE-2014-9223 Buffer Overflow Vulnerability
2014-12-25
http://www.securityfocus.com/bid/71756

FreeType 'src/cff/cf2hints.c' Remote Stack Buffer Overflow Vulnerability
2014-12-25
http://www.securityfocus.com/bid/66074

Cisco Prime Infrastructure CVE-2014-8007 Password Disclosure Vulnerability
2014-12-24
http://www.securityfocus.com/bid/71763

Cisco Enterprise Content Delivery System (ECDS) CVE-2014-8019 Arbitrary File Access Vulnerability
2014-12-24
http://www.securityfocus.com/bid/71764

Firebird 'protocol.cpp' NULL Pointer Dereference Denial of Service Vulnerability
2014-12-24
http://www.securityfocus.com/bid/71622

Sendmail File Descriptor Security Vulnerability
2014-12-24
http://www.securityfocus.com/bid/67791

PowerDNS Recursive Server CVE-2012-1193 Multiple Security Bypass Vulnerabilities
2014-12-24
http://www.securityfocus.com/bid/59348

PowerDNS Recursor Remote Cache Poisoning Vulnerability
2014-12-24
http://www.securityfocus.com/bid/37653

PowerDNS Recurser Buffer Overflow Vulnerability
2014-12-24
http://www.securityfocus.com/bid/37650

Exploit

  WhatsApp <= 2.11.476 - Remote Reboot/Crash App Android

  Pimcore 3.0 & 2.3.0 CMS - SQL Injection Vulnerability

  PHPLIST 3.0.6 & 3.0.10 - SQL Injection Vulnerability

  PMB <= 4.1.3 - Post-Auth SQL Injection Vulnerability

  Wickr Desktop 2.2.1 Windows - Denial of Service Vulnerability

25.12.2014

Bugtraq

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367 2014-12-19
Onur Yilmaz (onur netsparker com)

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325 2014-12-19
Onur Yilmaz (onur netsparker com)

Facebook BB #18 - IDOR Issue & Privacy Vulnerability 2014-12-19
Vulnerability Lab (research vulnerability-lab com)

Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability 2014-12-19
Vulnerability Lab (research vulnerability-lab com)

iBackup v10.0.0.45 - Privilege Escalation Vulnerability 2014-12-19
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor 2014-12-19
SEC Consult Vulnerability Lab (research sec-consult com)

APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3 2014-12-18
Apple Product Security (product-security-noreply lists apple com)

[oCERT-2014-012] JasPer input sanitization errors 2014-12-18
Andrea Barisani (lcars ocert org)

SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted 2014-12-18
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager 2014-12-18
SEC Consult Vulnerability Lab (research sec-consult com)

iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

E-Journal CMS (ID) - Multiple Web Vulnerabilities 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

Facebook Bug Bounty #16 (Studio) - Persistent Vulnerability 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

Apple iOS v8.x - Message Context & Privacy Vulnerability 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.bfr!hz!3547F58037A5

DNSChanger.bfr!9AF8E550B515

RDN/Generic Dropper!1A05A342CAA7

Generic PUP.x!74ECA1F17961

RDN/Generic Downloader.x!mb!5DF1A6A37ECC

Generic PUP.x!23E85F8436A8

RDN/Generic PUP.x!cqt!2626F871ABB6

RDN/Generic.dx!dh3!269C9DC798E8

RDN/Generic PUP.x!cqt!2639738FFF7F

RDN/Generic PUP.x!9EFD7AB61465

RDN/Generic PUP.x!cqt!5A91F3388BBB

RDN/Spybot.bfr!747B6FD44CC1

RDN/Generic Downloader.x!8D7DF055C7CE

RDN/Spybot.bfr!0C7C3EA238A4

RDN/Spybot.bfr!0C8EF176E70C

RDN/Generic Downloader.x!mb!1A5B25DABA50

BrowseFox-FTQ!9C37005668CE

Generic PUP.x!2FB2AAD45CDE

RDN/Generic PUP.x!DD0F60FA4E0C

Generic PUP.x!2618569C3329

RDN/Generic.dx!2648B65474D1

RDN/Generic PUP.x!cqt!2614F3F2C7A2

RDN/Generic PUP.x!2653C83103F8

RDN/Generic PUP.x!26A5A06170A5

RDN/Downloader.a!ub!1B3FA6F7AFB2

Generic Downloader.x!1A3D1FA9761A

RDN/Generic StartPage!cc!B0C96F5BDDFF

RDN/Generic PUP.x!cqt!A235EB690301

RDN/Generic PUP.x!cqt!724B84E684AA

Generic PUP.x!04F683600409

Phishing

 

Vulnerebility

OProfile Multiple Security Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/48241

LFTP 'Content-Disposition' HTTP Header Arbitrary File Overwrite Vulnerability
2014-12-19
http://www.securityfocus.com/bid/43728

uzbl 'uzbl-core' '@SELECTED_URI' Mouse Button Bindings Command Injection Vulnerability
2014-12-19
http://www.securityfocus.com/bid/42297

libpng Memory Corruption and Memory Leak Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/41174

iputils 'ping.c' Remote Denial Of Service Vulnerability
2014-12-19
http://www.securityfocus.com/bid/41911

pmount Insecure Temporary File Creation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/40939

mlmmj (Mailing List Managing Made Joyful) Directory Traversal Vulnerability
2014-12-19
http://www.securityfocus.com/bid/41841

KDE KDM Insecure File Permission Local Privilege Escalation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/39467

Beanstalk Job Data Remote Command Execution Vulnerability
2014-12-19
http://www.securityfocus.com/bid/40516

Ghostscript Insecure Temporary File Creation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/40426

GNU Gzip Dynamic Huffman Decompression Remote Code Execution Vulnerability
2014-12-19
http://www.securityfocus.com/bid/37888

dvipng '.dvi' File Parsing Remote Code Execution Vulnerability
2014-12-19
http://www.securityfocus.com/bid/39969

gnome-screensaver Unlock Dialog Race Condition Lock Bypass Vulnerability
2014-12-19
http://www.securityfocus.com/bid/38211

KDE KGet Security Bypass and Directory Traversal Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/40141

GNU gzip LZW Compression Remote Integer Overflow Vulnerability
2014-12-19
http://www.securityfocus.com/bid/37886

XFS ACL 'setfacl' and 'getfacl' Symbolic Link Handling Security Bypass Vulnerability
2014-12-19
http://www.securityfocus.com/bid/37455

Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
2014-12-19
http://www.securityfocus.com/bid/35233

FreeType Multiple Integer Overflow Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/34550

Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/33827

GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/37128

pam-krb5 Local Privilege Escalation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/33740

pam-krb5 'KRB5CCNAME' Environment Variable Local Privilege Escalation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/33741

BitDefender Antivirus For Linux Multiple File Processing Remote Denial Of Service Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/32751

Libpng Library 'png_handle_tEXt()' Memory Leak Denial of Service Vulnerability
2014-12-19
http://www.securityfocus.com/bid/31920

Little CMS ICC Profile Stack Buffer Overflow Vulnerability
2014-12-19
http://www.securityfocus.com/bid/24001

Tcl/Tk Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability
2014-12-19
http://www.securityfocus.com/bid/27655

JasPer 'jpc_dec.c' Multiple Remote Heap Buffer Overflow Vulnerabilities
2014-12-19
http://www.securityfocus.com/bid/71476

Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2014-12-19
http://www.securityfocus.com/bid/71685

GNU glibc CVE-2014-7817 Arbitrary Command Execution Vulnerability
2014-12-19
http://www.securityfocus.com/bid/71216

GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
2014-12-19
http://www.securityfocus.com/bid/68983

Exploit

  Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit

  Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities

  miniBB 3.1 - Blind SQL Injection

  Varnish Cache CLI Interface Remote Code Execution

19.12.2014

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploit

 

17.12.2014

Bugtraq

[security bulletin] HPSBMU03217 rev.1 - HP Vertica Analytics Platform running Bash Shell, Remote Code Execution 2014-12-16
security-alert hp com

[security bulletin] HPSBOV03226 rev.1 - HP TCP/IP Services for OpenVMS, BIND 9 Resolver, Multiple Remote Vulnerabilities 2014-12-16
security-alert hp com

[security bulletin] HPSBOV03225 rev.1 - HP OpenVMS running POP, Remote Denial of Service (DoS) 2014-12-16
security-alert hp com

[security bulletin] HPSBMU03221 rev.1 - HP Connect-IT running SSLv3, Remote Disclosure of Information 2014-12-16
security-alert hp com

RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

Konakart v7.3.0.1 CMS - CS Cross Site Web Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

Elefant CMS v1.3.9 - Persistent Name Update Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

iWifi for Chat v1.1 iOS - Denial of Service Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3105-1] heirloom-mailx security update 2014-12-16
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 3104-1] bsd-mailx security update 2014-12-16
Florian Weimer (fw deneb enyo de)

W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface 2014-12-16
Mazin Ahmed (mazen150 hotmail com)

[Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA 2014-12-16
Onapsis Research Labs (research onapsis com)

"Ettercap 8.0 - 8.1" multiple vulnerabilities 2014-12-16
Nick Sampanis (n sampanis obrela com)

[SE-2014-02] Google App Engine Java security sandbox bypasses (status update) 2014-12-16
Security Explorations (contact security-explorations com)

Malware

RDN/Generic BackDoor!b2z!F542CA8889DF

W32/Expiro!E961D87DE3CE

Generic PWS.y!5ECF5F3F2731

RDN/Generic PUP.x!cqs!9AEB54781C52

RDN/Generic PUP.x!cqs!8398D4381A50

RDN/Generic PUP.x!07E3F54A4E44

RDN/Generic PWS.y!1C057DF9E4F6

Generic PUP.x!7951D50D9234

RDN/Generic PUP.x!cqs!0A5A2E682AD4

RDN/Generic PUP.x!cqs!56DA359E0AEB

RDN/Generic PUP.x!cqs!FA9C54D17D07

RDN/Generic.bfr!hr!1DD9DCA0D329

W32/Expiro!9F02E561D1F6

RDN/Generic PUP.x!cqs!E78537AE86AE

RDN/Generic PUP.x!cqs!CEE54E072D7C

RDN/Generic.tfr!ef!84B048B61C92

RDN/Generic PUP.x!cqs!00D64659159C

RDN/Generic PUP.x!cqs!D5D7D6E2590C

W32/Sality.gen!64E1558CC743

RDN/Generic BackDoor!b2z!0A1617359122

RDN/Generic.tfr!ef!856697A0B189

Generic PUP.x!120737EDD33D

RDN/BackDoor-FBSA!a!679E62CF3081

RDN/Generic PUP.x!cqs!CB88F0D39132

RDN/Generic Downloader.x!021CAAB2453A

RDN/Generic.bfr!hr!65265631A229

RDN/Generic PUP.x!EC2E573F2FC9

RDN/Spybot.bfr!087C41FA5614

Generic PUP.x!53F4CE07ABCD

RDN/Generic BackDoor!D6EB7C7A9404

Phishing

 

Vulnerebility

Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71685

ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/55522

ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/50690

ISC BIND 9 Remote Cache Poisoning Vulnerability
2014-12-17
http://www.securityfocus.com/bid/25037

Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability
2014-12-17
http://www.securityfocus.com/bid/33151

ISC BIND Multiple Remote Denial of Service Vulnerabilities
2014-12-17
http://www.securityfocus.com/bid/19859

Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
2014-12-17
http://www.securityfocus.com/bid/30131

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/69428

BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71701

BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71704

Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/70883

Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/70766

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/69799

Linux Kernel 'tcp_set_keepalive()' Function Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/69803

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-12-17
http://www.securityfocus.com/bid/69396

HawtJNI CVE-2013-2035 Local Privilege Escalation Vulnerability
2014-12-17
http://www.securityfocus.com/bid/59876

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-12-17
http://www.securityfocus.com/bid/66397

JBoss Enterprise Application Platform Plain Text Password Local Information Disclosure Vulnerability
2014-12-17
http://www.securityfocus.com/bid/65762

OpenSAML-Java ParserPool and Decrypter XML External Entity Injection Vulnerability
2014-12-17
http://www.securityfocus.com/bid/64345

JBoss Enterprise Application Platform Java Security Manager Policy Security Bypass Vulnerability
2014-12-17
http://www.securityfocus.com/bid/66596

Multiple Red Hat JBoss Products Local Security Bypass Vulnerability
2014-12-17
http://www.securityfocus.com/bid/65591

Linux Kernel 'espfix64' Local Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71250

OpenVPN CVE-2014-8104 Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71402

JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71106

WordPress Download Manager Plugin Remote Code Execution and Remote File Include Vulnerabilities
2014-12-17
http://www.securityfocus.com/bid/71490

phpMyAdmin Long Password Handling Denial of Service Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71434

phpMyAdmin CVE-2014-9219 Cross Site Scripting Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71435

Antiword 'wordole.c' Buffer Overflow Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71386

Xen MMU CVE-2014-8594 Local Security Bypass Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71149

Xen CVE-2014-8595 Local Privilege Escalation Vulnerability
2014-12-17
http://www.securityfocus.com/bid/71151

Exploit

  ActualAnalyzer 'ant' Cookie Command Execution

  CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution

  CMS Papoo 6.0.0 Rev. 4701 - Stored XSS

16.12.2014

Bugtraq

CA20141215-01: Security Notice for CA LISA Release Automation 2014-12-15
Williams, Ken (Ken Williams ca com)

[ MDVSA-2014:252 ] nss 2014-12-15
security mandriva com

[ MDVSA-2014:253 ] apache-mod_wsgi 2014-12-15
security mandriva com

Malware

RDN/Spybot.bfr!o!573E6228C366

RDN/Generic.dx!B8BFCD6C2B8D

RDN/Generic.dx!B973C946394F

Generic Dropper!F67F5ACFDB7A

RDN/Generic.dx!B7E1BB056964

RDN/Generic.bfr!hy!5A83F889F1D5

Generic PUP.x!670FE5B3D191

Generic PUP.x!CA6D9DA1F479

RDN/Generic.dx!ADB24F1C4561

Generic PUP.x!97F875B92C6D

RDN/Generic Dropper!vs!111F2B3E1D26

RDN/Generic PUP.x!cqq!CB4E9CD380CB

RDN/Generic.dx!dhm!EA6816D2B24D

Generic PUP.x!21DB0BFA7902

RDN/Generic PUP.x!cqq!D90E0D49B21C

RDN/Generic.dx!dhm!A7373A3B327A

RDN/Generic PUP.x!B1AE742BAD81

Generic PUP.x!F26D1450CAA5

RDN/Generic BackDoor!b2z!7A2CBD82783C

RDN/Generic.dx!dhm!2B3BD772196E

Generic PUP.x!C4D6B4BF51D0

RDN/Generic.bfr!CBD9DF96C27D

Generic PUP.x!1153EFC27530

Generic PUP.x!C18590F1E5A9

RDN/Generic.bfr!hy!366BEB355C90

RDN/Generic.bfr!hy!3AA3BA0BB730

RDN/Generic.bfr!hy!85848A153B93

W32/Virut.gen!5A00083F332A

RDN/PWS-Banker.dldr!i!8041326FFE81

RDN/Generic PUP.x!cqq!8F7ECB797D42

Phishing

 

Vulnerebility

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/66690

Libxml2 Entities Expansion CVE-2013-0339 Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/59000

Libxml2 Entities Expansion CVE-2013-0338 Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/58180

Multiple OpenStack Products CVE-2013-1664 Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/58892

libxml2 Multiple Use After Free Memory Corruption Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/59265

libpng Memory Corruption and Memory Leak Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/41174

Google Chrome CVE-2014-7910 Multiple Security Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71161

Google Chrome CVE-2014-7906 Use After Free Remote Code Execution Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71159

X.Org X Server Protocol Handling Multiple Out-of-Bounds Memory Corruption Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71606

X.Org X Server CVE-2014-8097 Out of Bounds Multiple Integer Overflow Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71604

X.Org X Server CVE-2014-8101 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71605

X.Org X Server CVE-2014-8100 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71602

X.Org X Server Protocol Handling Out-of-Bounds Multiple Denial of Service Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71603

X.Org X Server CVE-2014-8102 Out of Bounds Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71608

X.Org X Server CVE-2014-8094 Out of Bounds Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71601

X.Org X Server CVE-2014-8099 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71600

X.Org X Server CVE-2014-8091 Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71597

X.Org X Server Protocol Handling Multiple Integer Overflow Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71595

X.Org X Server Protocol Handling Multiple Out-of-Bounds Memory Access Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71599

X.Org X Server CVE-2014-8093 Multiple Integer Overflow Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/71596

X.Org X Server CVE-2014-8096 Out of Bounds Read Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71598

Firebird 'protocol.cpp' NULL Pointer Dereference Denial of Service Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71622

Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
2014-12-16
http://www.securityfocus.com/bid/68111

Google Chrome CVE-2014-7907 Use After Free Remote Code Execution Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71170

Google Chrome CVE-2014-7899 Unspecified Address Bar Spoofing Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71160

Google Chrome CVE-2014-7904 Buffer Overflow Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71166

Google Chrome CVE-2014-7900 Use After Free Remote Code Execution Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71163

Google Chrome CVE-2014-7902 Use After Free Remote Code Execution Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71165

Google Chrome Prior to 38.0.2125.101 Multiple Security Vulnerabilities
2014-12-16
http://www.securityfocus.com/bid/70273

Google Chrome CVE-2014-7908 Integer Overflow Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71168

Exploit

  Tuleap PHP Unserialize Code Execution

  Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.m3u)

  Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.lst)

  jaangle 0.98i.977 - Denial of Service Vulnerability

  HTCSyncManager 3.1.33.0 - Service Trusted Path Privilege Escalation

  Avira 14.0.7.342 - (avguard.exe) Service Trusted Path Privilege Escalation

  CodeMeter 4.50.906.503 - Service Trusted Path Privilege Escalation

  GLPI 0.85 - Blind SQL Injection

  Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Exploit

  Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability

  ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling

  Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit

15.12.2014

Bugtraq

[ MDVSA-2014:242 ] yaml 2014-12-14
security mandriva com

[SECURITY] [DSA 3103-1] libyaml-libyaml-perl security update 2014-12-13
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3102-1] libyaml security update 2014-12-13
Salvatore Bonaccorso (carnil debian org)

Defense in depth -- the Microsoft way (part 23): two quotes or not to quote... 2014-12-13
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:238 ] bind 2014-12-13
security mandriva com

[SECURITY] [DSA 3101-1] c-icap security update 2014-12-13
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2014:243 ] phpmyadmin 2014-12-14
security mandriva com

[ MDVSA-2014:244 ] openafs 2014-12-14
security mandriva com

[ MDVSA-2014:245 ] mutt 2014-12-14
security mandriva com

CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional" 2014-12-14
Christian Schneider (mail Christian-Schneider net)

CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional" 2014-12-14
Christian Schneider (mail Christian-Schneider net)

[SECURITY] [DSA 3100-1] mediawiki security update 2014-12-13
Sebastien Delafond (seb debian org)

[ MDVSA-2014:251 ] rpm 2014-12-14
security mandriva com

[ MDVSA-2014:239 ] flac 2014-12-14
security mandriva com

[ MDVSA-2014:250 ] cpio 2014-12-14
security mandriva com

[ MDVSA-2014:249 ] qemu 2014-12-14
security mandriva com

[ MDVSA-2014:248 ] graphviz 2014-12-14
security mandriva com

[ MDVSA-2014:247 ] jasper 2014-12-14
security mandriva com

[ MDVSA-2014:246 ] openvpn 2014-12-14
security mandriva com

Malware

Generic PUP.x!2162F7A0B0B1

RDN/Generic Dropper!EE586D102E0A

Generic PUP.x!457A1B32F266

Generic PUP.x!9D17AE644668

Generic PUP.x!55177817FFE5

Generic PUP.x!30CF353C836C

RDN/Generic PUP.x!cqp!9D8EAB90C30A

Generic PUP.x!7E189B586D4A

RDN/Generic PUP.x!0ED6209D0694

Generic PUP.x!40063A03E7EF

Generic PUP.x!246117D07613

Ransom!18919C306EA4

RDN/Generic.dx!DB0192556405

RDN/Generic.dx!dhm!A123EF553902

RDN/Generic PUP.x!cqp!A07C5716E874

RDN/Generic PUP.x!3808ED714971

RDN/Generic PUP.x!cqp!93CD1F8CF804

RDN/Generic PUP.x!165BD5981245

RDN/Generic PUP.x!34243A89DA6A

RDN/Generic PUP.x!cqp!937E15D5BB76

RDN/Generic PUP.x!cqp!91C0596595C0

RDN/Generic PUP.x!cqp!345A0020F5A8

Generic PUP.x!47C37AD484AD

Generic PUP.x!6433F15A9257

RDN/Generic PUP.x!cqp!9B05F89C97C2

RDN/Generic PUP.x!cqp!9AC2F7132046

Generic PUP.x!72396B1B5D8C

Generic PUP.x!C68FF433737C

Generic PUP.x!0B0A8B55C001

Generic PUP.x!9B36A075327F

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-12-15
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-12-15
http://www.securityfocus.com/bid/65773

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-12-15
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
2014-12-15
http://www.securityfocus.com/bid/59799

Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
2014-12-15
http://www.securityfocus.com/bid/59798

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
2014-12-15
http://www.securityfocus.com/bid/56814

Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
2014-12-15
http://www.securityfocus.com/bid/56812

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/65400

Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
2014-12-15
http://www.securityfocus.com/bid/56403

Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/56813

Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/56402

OpenAFS CVE-2013-1794 Buffer Overflow Vulnerability
2014-12-15
http://www.securityfocus.com/bid/58299

OpenAFS CVE-2013-4134 Information Disclosure Vulnerability
2014-12-15
http://www.securityfocus.com/bid/61439

OpenAFS CVE-2013-1795 Remote Integer Overflow Vulnerability
2014-12-15
http://www.securityfocus.com/bid/58300

OpenAFS CVE-2013-4135 Information Disclosure Vulnerability
2014-12-15
http://www.securityfocus.com/bid/61438

OpenAFS GetStatistics64 RPC Remote Denial Of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/66776

phpMyAdmin CVE-2014-9219 Cross Site Scripting Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71435

phpMyAdmin Long Password Handling Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71434

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71349

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-15
http://www.securityfocus.com/bid/70574

tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71150

tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71153

tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71468

MantisBT 'soap/mc_account_api.php' Security Bypass Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71553

Linux Kernel CVE-2014-8559 Local Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/70854

libFLAC 'src/libFLAC/stream_decoder.c' Stack Buffer Overflow Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71280

libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71282

ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2014-12-15
http://www.securityfocus.com/bid/71590

Exploit

 

12.12.2014

Bugtraq

[security bulletin] HPSBUX03162 SSRT101767 rev.3 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack 2014-12-11
security-alert hp com

Docker 1.3.3 - Security Advisory [11 Dec 2014] 2014-12-12
Eric Windisch (eric windisch docker com)

[SECURITY] [DSA 3099-1] dbus security update 2014-12-11
Florian Weimer (fw deneb enyo de)

ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities 2014-12-11
petri iivonen tmbc gov uk

APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 2014-12-11
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3098-1] graphviz security update 2014-12-11
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3097-1] unbound security update 2014-12-10
Yves-Alexis Perez (corsac debian org)

[slackware-security] openssh (SSA:2014-344-03) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] wpa_supplicant (SSA:2014-344-07) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2014-344-02) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] pidgin (SSA:2014-344-05) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] bind (SSA:2014-344-01) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] seamonkey (SSA:2014-344-06) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] openvpn (SSA:2014-344-04) 2014-12-11
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3096-1] pdns-recursor security update 2014-12-11
Sebastien Delafond (seb debian org)

Malware

RDN/Generic PUP.x!800B12C999F0

RDN/Generic PUP.x!cqm!3E67D8A6B6E5

Generic PUP.x!182AD4EE434A

Generic PUP.x!D1390FE10703

RDN/Generic.bfr!hy!DC009B4CBECA

RDN/Generic Downloader.x!lx!EF1F320E4BC4

RDN/Generic PUP.x!cqm!32A855917E2C

Generic PUP.x!B722121B2F85

RDN/Generic.dx!dhk!CAF89054CA41

Generic PUP.x!8DCB06E5261C

RDN/Generic.bfr!hy!F69301B6A9C2

RDN/Generic Downloader.x!FEFDA7B4CD45

Generic PUP.x!3402B2256F3B

RDN/Spybot.bfr!o!091A5A811931

RDN/Ransom!680C3147CA83

Generic PUP.x!B55E0A4DCFAB

RDN/Generic PUP.x!cqm!31DFD3C67A31

RDN/Generic PUP.x!cqm!602BDCFDCDCB

RDN/Ransom!CC176FDF8DE8

RDN/Generic PUP.x!cqm!10F663474EB7

RDN/Generic BackDoor!b2w!EFB8156D0102

RDN/Generic Downloader.x!lx!7C054A348B82

RDN/Generic PUP.x!cqm!67BD3FC62352

Generic PUP.x!B714CADEACCD

RDN/DNSChanger.bfr!f!91DCEE49A884

RDN/DNSChanger.bfr!f!D6368D693751

RDN/Generic PUP.x!cqm!4BCCEB0D396A

RDN/Generic BackDoor!b2w!E738581CCC00

RDN/Generic PWS.y!bc3!DF87FED7B766

Generic.bfr!B88590217930

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

X.Org X Server CVE-2014-8099 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71600

X.Org X Server CVE-2014-8091 Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71597

X.Org X Server CVE-2014-8096 Out of Bounds Read Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71598

X.Org X Server Protocol Handling Multiple Out-of-Bounds Memory Access Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71599

X.Org X Server CVE-2014-8097 Out of Bounds Multiple Integer Overflow Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71604

Mutt 'mutt_substrdup()' Function Heap Based Buffer Overflow Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71334

ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71590

X.Org X Server Protocol Handling Multiple Integer Overflow Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71595

X.Org X Server CVE-2014-8093 Multiple Integer Overflow Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71596

X.Org X Server CVE-2014-8100 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71602

X.Org X Server CVE-2014-8101 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71605

X.Org X Server Protocol Handling Multiple Out-of-Bounds Memory Corruption Vulnerabilities
2014-12-12
http://www.securityfocus.com/bid/71606

X.Org X Server CVE-2014-8102 Out of Bounds Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71608

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-12-12
http://www.securityfocus.com/bid/66363

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-12-12
http://www.securityfocus.com/bid/66801

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-12-12
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-12-12
http://www.securityfocus.com/bid/68636

Shim CVE-2014-3675 Remote Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/70407

Shim CVE-2014-3676 Heap Based Buffer Overflow Vulnerability
2014-12-12
http://www.securityfocus.com/bid/70409

Shim CVE-2014-3677 Memory Corruption Vulnerability
2014-12-12
http://www.securityfocus.com/bid/70410

D-Bus CVE-2014-7824 Incomplete Fix Denial of Service Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71012

Graphviz 'agerr()' Function Remote Format String Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71283

Microsoft Internet Explorer CVE-2014-6329 Remote Memory Corruption Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71447

Microsoft Internet Explorer CVE-2014-6373 Remote Memory Corruption Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71453

Microsoft Internet Explorer CVE-2014-8966 Remote Memory Corruption Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71457

Microsoft Internet Explorer XSS Filter CVE-2014-6328 Security Bypass Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71460

Adobe Flash Player CVE-2014-9162 Information Disclosure Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71581

Adobe Flash Player CVE-2014-9163 Stack Based Buffer Overflow Vulnerability
2014-12-12
http://www.securityfocus.com/bid/71582

Exploit

 

10.12.2014

Bugtraq

Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities 2014-12-09
simo morxploit com

[security bulletin] HPSBMU03043 rev.1 - HP Smart Update Manager for Windows and Linux, Local Disclosure of Information 2014-12-09
security-alert hp com

[security bulletin] HPSBST03106 rev.2 - HP P2000 G3 MSA Array System, HP MSA 2040/1040 Storage running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-12-09
security-alert hp com

NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability 2014-12-09
VMware Security Response Center (security vmware com)

[CVE-2014-8340] phpTrafficA SQL injection 2014-12-09
DaniÃŤl Geerts (dgeerts nikhef nl)

[security bulletin] HPSBGN03208 rev.1 - HP Cloud Service Automation running SSLv3, Remote Disclosure of Information 2014-12-09
security-alert hp com

[security bulletin] HPSBGN03222 rev.1 - HP Enterprise Maps running SSLv3, Remote Disclosure of Information 2014-12-09
security-alert hp com

Subrion CMS Security Advisory - XSS Vulnerability - CVE-2014-9120 2014-12-09
Onur Yilmaz (onur netsparker com)

Malware

RDN/Generic PUP.x!9229DE0F4550

Generic PUP.x!59BB1588B0D7

RDN/Generic Dropper!CB071AB48A43

W32/Autorun.worm.aaeh!5331BAED2229

RDN/Generic.dx!dhh!E908A7B34261

Generic PUP.x!CFEDE9614756

RDN/Generic PUP.x!cql!EFD29FEEFCD0

RDN/Generic.tfr!ef!131338C5DDFB

RDN/Generic PUP.x!cql!113BECD44DE2

RDN/Generic PUP.x!cql!2456B4D3C3C8

RDN/Generic BackDoor!b2v!9E03E7076352

Generic PUP.x!64B7C901809E

DNSChanger.bfr!212E6E26D255

Generic Dropper!EF81368C766B

Generic PUP.x!A2802E5DB212

RDN/Generic PUP.x!cql!AB72EF5A28D4

Downloader.gen.a!EC4498931F4B

RDN/Generic Downloader.x!lw!2568B9FC647C

RDN/Generic StartPage!4BAFA4A023E2

Generic PUP.x!F1FA25DE8E7F

RDN/Generic Downloader.x!lw!7F38656A8BC7

RDN/Generic BackDoor!b2v!CB7F315D1A36

Generic PUP.x!2F9CCA2FAA4F

Generic PUP.x!0055B1F813D7

RDN/Generic Downloader.x!lw!EB770CA7FBDE

RDN/Generic Downloader.x!lw!0AE10A8E3D35

RDN/Generic BackDoor!b2v!BACFA358FA87

RDN/Generic BackDoor!b2v!F55EDE4A7973

RDN/Generic PUP.x!19938D4EB609

RDN/Downloader.a!tz!74788F35DCFA

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

Mozilla Firefox/Thunderbird CVE-2014-1592 Use After Free Memory Corruption Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71398

Mozilla Firefox/Thunderbird CVE-2014-1587 Multiple Memory Corruption Vulnerabilities
2014-12-10
http://www.securityfocus.com/bid/71391

Mozilla Firefox/Thunderbird CVE-2014-1593 Buffer Overflow Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71395

Mozilla Firefox/Thunderbird CVE-2014-1594 Security Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71396

Mozilla Firefox/Thunderbird CVE-2014-1590 Denial of Service Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71397

Linux Kernel '/drivers/media/media-device.c' Local Information Disclosure Vulnerability
2014-12-10
http://www.securityfocus.com/bid/68048

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-12-10
http://www.securityfocus.com/bid/68162

Linux Kernel CVE-2014-5045 Local Privilege Escalation Vulnerability
2014-12-10
http://www.securityfocus.com/bid/68862

Linux Kernel CVE-2014-3182 'hid-logitech-dj.c' Buffer Overflow Vulnerability
2014-12-10
http://www.securityfocus.com/bid/69770

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70574

OpenVPN CVE-2014-8104 Denial of Service Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71402

PowerDNS Recursor CVE-2014-8601 Remote Denial of Service Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71545

RPM CVE-2013-6435 Remote Code Execution Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71558

Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2014-12-10
http://www.securityfocus.com/bid/64111

Linux Kernel 'rd_build_device_space()' Function Information Disclosure Vulnerability
2014-12-10
http://www.securityfocus.com/bid/68159

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-12-10
http://www.securityfocus.com/bid/69763

Linux Kernel CVE-2014-3184 Multiple Local Denial Of Service Vulnerabilities
2014-12-10
http://www.securityfocus.com/bid/69768

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-12-10
http://www.securityfocus.com/bid/69779

Linux Kernel CVE-2014-3185 'whiteheat.c' Buffer Overflow Vulnerability
2014-12-10
http://www.securityfocus.com/bid/69781

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-12-10
http://www.securityfocus.com/bid/69799

Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70544

Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70565

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70584

GNU Wget CVE-2014-4877 Symlink Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70751

Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70766

Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2014-12-10
http://www.securityfocus.com/bid/70883

Moodle LTI Module CVE-2014-7832 Access Bypass Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71121

Moodle CVE-2014-7845 Insecure Password Generation Weakness
2014-12-10
http://www.securityfocus.com/bid/71128

Graphviz 'agerr()' Function Remote Format String Vulnerability
2014-12-10
http://www.securityfocus.com/bid/71283

Exploit

 

9.12.2014

Bugtraq

[CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds 2014-12-08
jlk apache org

[ANN] Apache Struts 2.3.20 GA release available with security fix 2014-12-08
Lukasz Lenart (lukaszlenart apache org)

CFP: InfoSec SouthWest 2015 (ISSW) 2014-12-08
Tod Beardsley (todb packetfu com)

Malware

Generic PUP.x!391008A6951A

RDN/Generic Downloader.x!lw!1B904B66BC2E

RDN/Generic PUP.x!6EF6FE98A3AB

Generic PUP.x!62EA1B9E4DB0

RDN/Generic.dx!0D16269BA604

Generic PUP.x!65AF418038BC

RDN/Spybot.bfr!o!74AC6FFD7A2F

Generic PUP.x!63048FB8C704

RDN/Generic.tfr!ef!062DFB0D87F6

RDN/Generic Downloader.x!lw!6314FE26A3B6

Generic PUP.x!295E252B1F82

RDN/Generic.dx!dhh!765CED612BAB

RDN/Generic.dx!66A176B3A70B

RDN/Generic.dx!190865AA137D

RDN/Generic PUP.x!626C7D510D9A

Generic PUP.x!64126E2A24F6

RDN/Generic.hra!cd!570313706885

Generic PUP.x!5A001CCDE177

Generic PUP.x!6249CC174D79

RDN/Generic PUP.x!cqk!3D06DE7CDC43

Generic PUP.x!5C9F42D85E29

Generic PUP.x!5AB2A956AE7D

Generic PUP.x!682A171D0C74

Generic PUP.x!C78B66E1679A

Generic PUP.x!6B01B593D558

RDN/Generic.dx!69B5792532E1

RDN/Spybot.bfr!448E404BA180

Generic PUP.x!61BCF0767085

Generic PUP.x!64DC1768D819

Generic PUP.x!60B0A0B51CFB

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

libvirt CVE-2014-7823 Information Disclosure Vulnerability
2014-12-09
http://www.securityfocus.com/bid/71095

libvirt CVE-2013-4399 Remote Denial Of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/62972

libvirt Event Registration API Remote Security Bypass Vulnerability
2014-12-09
http://www.securityfocus.com/bid/65004

libvirt Unsafe Paths Usage Symlink Multiple Security Vulnerabilities
2014-12-09
http://www.securityfocus.com/bid/65743

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-12-09
http://www.securityfocus.com/bid/67289

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-12-09
http://www.securityfocus.com/bid/70186

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-09
http://www.securityfocus.com/bid/70574

Linux Kernel KVM CVE-2014-8369 Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/70749

Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/71081

Linux Kernel 'ttusbdecfe.c' Buffer Overflow Vulnerability
2014-12-09
http://www.securityfocus.com/bid/71097

Linux Kernel 'espfix64' Local Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/71250

Graphviz 'agerr()' Function Remote Format String Vulnerability
2014-12-09
http://www.securityfocus.com/bid/71283

JasPer 'jpc_dec.c' Multiple Remote Heap Buffer Overflow Vulnerabilities
2014-12-09
http://www.securityfocus.com/bid/71476

nfs-utils 'rpc.gssd' DNS Spoofing Vulnerability
2014-12-09
http://www.securityfocus.com/bid/58854

libvirt 'virBitmapParse()' Function Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/62070

libvirt 'remoteDispatchDomainMemoryStats()' Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/62510

libvirt 'virFileNBDDeviceAssociate()' Remote Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/62576

libvirt CVE-2013-4292 Multiple Remote Denial of Service Vulnerabilities
2014-12-09
http://www.securityfocus.com/bid/62791

libvirt 'virt-login-shell' Local Privilege Escalation Vulnerability
2014-12-09
http://www.securityfocus.com/bid/63324

libvirt 'virConnectDomainXMLToNative()' API Remote Security Bypass Vulnerability
2014-12-09
http://www.securityfocus.com/bid/63325

libvirt 'virDomainBlockStats()' Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/64723

Dovecot Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/67306

QEMU CVE-2014-3471 Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/68145

libvirt XML External Entity CVE-2014-5177 Multiple Information Disclosure Vulnerabilities
2014-12-09
http://www.securityfocus.com/bid/69033

QEMU 'vmstate_xhci_event' Field Memory Corruption Vulnerability
2014-12-09
http://www.securityfocus.com/bid/69247

QEMU 'pcihp.c' Out of Bounds Memory Corruption Vulnerability
2014-12-09
http://www.securityfocus.com/bid/69356

QEMU 'vga.c' Information Disclosure Vulnerability
2014-12-09
http://www.securityfocus.com/bid/69654

QEMU CVE-2014-3640 Local Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/70237

QEMU CVE-2014-7815 Local Denial of Service Vulnerability
2014-12-09
http://www.securityfocus.com/bid/70998

Exploit

 

8.12.2014

Bugtraq

[SECURITY] [DSA 3091-1] getmail4 security update 2014-12-07
Giuseppe Iuculano (iuculano debian org)

[SECURITY] [DSA 3092-1] icedove security update 2014-12-07
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic.bfr!00DD55F14869

RDN/Generic.dx!D3A39A90401B

RDN/Generic.bfr!98020D83A9B4

RDN/Generic.bfr!CD1042080EA2

RDN/Generic.dx!D33627C8D4BB

RDN/Generic.bfr!5EB658A32E03

RDN/Generic.bfr!CCA81CD51AF1

RDN/Generic.bfr!18D758F08C92

RDN/Generic PWS.y!bb3!B68427EFCE31

RDN/Generic.dx!dhg!464DE1957DD6

RDN/Generic.dx!E728075A30B4

RDN/Generic.bfr!75D1F68DD7B1

RDN/Generic.dx!D36EF214F161

RDN/Generic.bfr!2AE7CC0FDF68

RDN/Generic.bfr!B7ED4D8E22A4

RDN/Generic.bfr!016D00B60E76

RDN/Sdbot.worm!62230CFE8AEF

RDN/Generic PUP.x!A64858F103B8

RDN/Generic.dx!D2D3C1BFADDE

RDN/Generic Dropper!7AE2189384D6

RDN/Generic.bfr!017B524C6E57

RDN/PWS-Banker!dp!BEFBBCD9839E

RDN/Generic PUP.x!1615087403C8

Generic PWS.y!CAC109385C51

Generic PWS.y!15BC0DFBBC3D

Generic PWS.y!ACD9608887D4

RDN/Generic.bfr!45492755ACCA

RDN/Generic.bfr!348E1DA52D6C

RDN/Generic.bfr!17D4E25658B3

RDN/Generic.bfr!8F3768A6C7DF

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

ClamAV 'libclamav/pe.c' Heap Based Buffer Overflow Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71242

ClamAV CVE-2013-6497 Local Denial of Service Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71178

Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2014-12-08
http://www.securityfocus.com/bid/70522

MantisBT 'copy_field.php' Cross Site Scripting Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71371

Getmail CVE-2014-7273 SSL Certificate Security Bypass Vulnerability
2014-12-08
http://www.securityfocus.com/bid/70280

Getmail CVE-2014-7275 SSL Certificate Security Bypass Vulnerability
2014-12-08
http://www.securityfocus.com/bid/70282

Getmail CVE-2014-7274 SSL Certificate Security Bypass Vulnerability
2014-12-08
http://www.securityfocus.com/bid/70281

Mozilla Firefox/Thunderbird CVE-2014-1592 Use After Free Memory Corruption Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71398

Mozilla Firefox/Thunderbird CVE-2014-1590 Denial of Service Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71397

Mozilla Firefox/Thunderbird CVE-2014-1594 Security Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71396

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-12-08
http://www.securityfocus.com/bid/70584

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-12-08
http://www.securityfocus.com/bid/69748

WordPress SP Project & Document Manager Plugin 'ajax.php' Multiple SQL Injection Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/71267

Multiple KDE Products CVE-2014-8600 Multiple Security Bypass Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/71190

Teeworlds Memory Corruption and Denial of Service Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/71301

Docker CVE-2014-6407 Local Privilege Escalation Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71315

blkid 'blkid.c' Local Command Injection Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71327

Mozilla Firefox/Thunderbird CVE-2014-1595 Multiple Local Information Disclosure Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/71394

Mozilla Firefox/Thunderbird CVE-2014-1593 Buffer Overflow Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71395

Mozilla Firefox/Thunderbird CVE-2014-1588 Multiple Memory Corruption Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/71392

Mozilla Firefox/Thunderbird CVE-2014-1587 Multiple Memory Corruption Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/71391

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-12-08
http://www.securityfocus.com/bid/68164

Mozilla Firefox CVE-2014-1591 Information Disclosure Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71399

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-12-08
http://www.securityfocus.com/bid/68678

ClickDesk Multiple HTML Injection Vulnerabilities
2014-12-08
http://www.securityfocus.com/bid/65971

tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71153

tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71150

Linux Kernel CVE-2014-0181 Local Security Vulnerability
2014-12-08
http://www.securityfocus.com/bid/67034

MantisBT 'admin/upgrade_unattended.php' Security Bypass Vulnerability
2014-12-08
http://www.securityfocus.com/bid/71359

Exploit

 

6.12.2014

Bugtraq

NASA Orion Mars Program - Bypass, Persistent Issue & Embed Code Execution Vulnerability (Boarding Pass) 2014-12-05
Vulnerability Lab (research vulnerability-lab com)

NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05
VMware Security Response Center (security vmware com)

Offset2lib: bypassing full ASLR on 64bit Linux 2014-12-04
Hector Marco (hecmargi upv es)

[security bulletin] HPSBGN03205 rev.1 - HP Insight Remote Support Clients running SSLv3, Remote Disclosure of Information 2014-12-05
security-alert hp com

Malware

RDN/Generic PUP.x!cq3!87B6EA190355

RDN/Generic PUP.x!3217DC0D978E

Generic PUP.x!2C2F22733F56

Generic PUP.x!0106BC5B4A78

Generic PUP.x!B2D43C998B84

Generic PUP.x!1C41135C3730

Generic PUP.x!1D2696F0BE06

RDN/Generic PUP.x!9FEEB7FA4EDB

RDN/Generic PUP.x!cq3!F9F93597F11C

RDN/Generic PUP.x!019AE0E9D6D0

RDN/Generic PUP.x!D13E402D8D92

RDN/Generic PUP.x!58A3420FB44F

Generic PUP.x!20951CF0817D

RDN/Generic PUP.x!99920706BF86

RDN/Generic.dx!6DD1446DA6B7

Generic PUP.x!9DEDFCE1277B

Generic Downloader.x!E8605FC052A8

RDN/Generic BackDoor!b2t!BE45946FCB4D

RDN/Generic PUP.x!7CD5B3183FC1

RDN/Generic PUP.x!9682A88AB2BD

RDN/Generic PUP.x!06C0D336DC76

RDN/Generic PUP.x!DA69897C63FD

RDN/Generic PUP.x!9A83CFC86968

RDN/Generic PUP.x!8DBBFDA12D03

Downloader.gen.a!2F28800649B2

RDN/Generic.dx!dhf!FCE52F14C722

RDN/Downloader.a!ty!09CB8DBB3812

Generic PUP.x!D893776612A0

RDN/Downloader.a!ty!5FBF7819D65B

Downloader.gen.a!38BF8B2D2F81

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-12-06
http://www.securityfocus.com/bid/69748

WordPress SP Project & Document Manager Plugin 'ajax.php' Multiple SQL Injection Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/71267

Multiple KDE Products CVE-2014-8600 Multiple Security Bypass Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/71190

Teeworlds Memory Corruption and Denial of Service Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/71301

Docker CVE-2014-6407 Local Privilege Escalation Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71315

blkid 'blkid.c' Local Command Injection Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71327

Mozilla Firefox/Thunderbird CVE-2014-1595 Multiple Local Information Disclosure Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/71394

Mozilla Firefox/Thunderbird CVE-2014-1593 Buffer Overflow Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71395

Mozilla Firefox/Thunderbird CVE-2014-1588 Multiple Memory Corruption Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/71392

Mozilla Firefox/Thunderbird CVE-2014-1587 Multiple Memory Corruption Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/71391

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-12-06
http://www.securityfocus.com/bid/68164

Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2014-12-06
http://www.securityfocus.com/bid/70522

Mozilla Firefox CVE-2014-1591 Information Disclosure Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71399

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-12-06
http://www.securityfocus.com/bid/68678

Mozilla Firefox/Thunderbird CVE-2014-1590 Denial of Service Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71397

ClickDesk Multiple HTML Injection Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/65971

tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71153

tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71150

Linux Kernel CVE-2014-0181 Local Security Vulnerability
2014-12-06
http://www.securityfocus.com/bid/67034

MantisBT 'admin/upgrade_unattended.php' Security Bypass Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71359

MantisBT 'core/current_user_api.php' PHP Object Injection Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71361

ZTE 831CII Multiple Security Vulnerabilities
2014-12-06
http://www.securityfocus.com/bid/70984

Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
2014-12-06
http://www.securityfocus.com/bid/71420

IP.Board 'ipsconnect.php' SQL Injection Vulnerability
2014-12-06
http://www.securityfocus.com/bid/70994

Spring Framework Unspecified Directory Traversal Vulnerability
2014-12-06
http://www.securityfocus.com/bid/68042

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-12-06
http://www.securityfocus.com/bid/70538

Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2014-12-06
http://www.securityfocus.com/bid/70544

Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2014-12-06
http://www.securityfocus.com/bid/70572

Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2014-12-06
http://www.securityfocus.com/bid/70560

Exploit

  Windows Kerberos - Elevation of Privilege (MS14-068)

  Offset2lib: Bypassing Full ASLR On 64bit Linux

  PBBoard CMS 3.0.1 - SQL Injection

5.12.2014

Bugtraq

NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05
VMware Security Response Center (security vmware com)

Offset2lib: bypassing full ASLR on 64bit Linux 2014-12-04
Hector Marco (hecmargi upv es)

[security bulletin] HPSBGN03205 rev.1 - HP Insight Remote Support Clients running SSLv3, Remote Disclosure of Information 2014-12-05
security-alert hp com

[security bulletin] HPSBUX03218 SSRT101770 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-12-05
security-alert hp com

[SECURITY] [DSA 3090-1] iceweasel security update 2014-12-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3089-1] jasper security update 2014-12-04
Salvatore Bonaccorso (carnil debian org)

[oCERT-2014-009] JasPer input sanitization errors 2014-12-04
Andrea Barisani (lcars ocert org)

[SECURITY] [DSA 3088-1] qemu-kvm security update 2014-12-04
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3087-1] qemu security update 2014-12-04
Salvatore Bonaccorso (carnil debian org)

Re: Slider Revolution/Showbiz Pro shell upload exploit 2014-12-04
assistenz crm-br com

CVE-2014-9215 - SQL Injection in PBBoard CMS 2014-12-04
tien d tran itas vn

Malware

RDN/Generic.dx!343CF189A818

Generic PUP.x!4AE63E42B433

RDN/Generic Dropper!vq!35F55097DB42

RDN/Generic BackDoor!b2t!36388B28CFAB

FakeAV-M.bfr!976F9202EEFA

Generic PUP.x!FC10088FEBCA

RDN/Generic PUP.x!cq3!C572EE23AF44

Generic PUP.x!253860E5413C

RDN/Generic Downloader.x!lv!CE5E6E9D2C1C

RDN/Generic PWS.y!520BAAE837CF

Generic PUP.x!67199DE2EE80

Generic Downloader.x!5B8CA093491A

RDN/Generic PUP.x!cq3!964C1D7756C6

Generic.dx!CC8DD1E9A5B8

RDN/Generic PUP.x!cq3!CD66DF1EDFF6

RDN/Generic PUP.x!cq3!6B600649B029

RDN/Generic PUP.x!cq3!1F4366455542

RDN/Generic Downloader.x!lv!CDD4ECE0A925

Generic PUP.x!60123132637F

RDN/Generic Dropper!vq!FA0DA4B0EFB5

RDN/Generic PUP.x!6B2807497B47

Generic.bfr!A60CFBABDE0E

RDN/Generic BackDoor!b2t!7E254702A871

Downloader.gen.a!5F926E2C92CC

RDN/Generic PUP.x!79A3AE4F634B

RemAdm-Gneric!A41FFEDFF6CE

RDN/Generic.bfr!hy!1E2EEAA82CE0

RDN/Generic PUP.x!cq3!6E3033CEB9B7

FakeAV-M.bfr!D0250AA731D6

RDN/Generic.dx!6BFA39C53802

Phishing

 

Vulnerebility

D-Link DCS-2103 CVE-2014-9238 Directory Traversal Vulnerability
2014-12-16
http://www.securityfocus.com/bid/71484

OpenStack Neutron 'dns_nameservers' Parameter Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/71278

Ruby CVE-2014-8080 XML External Entity Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70935

Ruby 'pack.c' Buffer Overflow Vulnerability
2014-12-05
http://www.securityfocus.com/bid/68474

Ruby CVE-2014-8090 Incomplete Fix XML External Entity Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/71230

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70142

Linux Kernel 'xfs_da_btree.c' Local Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70261

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-12-05
http://www.securityfocus.com/bid/70971

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-12-05
http://www.securityfocus.com/bid/70972

GnuTLS CVE-2014-8564 Multiple Heap Corruption Denial of Service Vulnerabilities
2014-12-05
http://www.securityfocus.com/bid/71003

QEMU 'vga.c' Information Disclosure Vulnerability
2014-12-05
http://www.securityfocus.com/bid/69654

libvirt CVE-2014-7823 Information Disclosure Vulnerability
2014-12-05
http://www.securityfocus.com/bid/71095

libvirt 'domain_conf.c' Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70210

OpenStack Cinder/Nova/Trove CVE-2014-7230 Local Password Disclosure Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70185

OpenStack Cinder/Nova/Trove CVE-2014-7231 Local Password Disclosure Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70184

wpa_supplicant and hostapd CVE-2014-3686 Remote Command Execution Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70396

GNU Wget CVE-2014-4877 Symlink Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70751

Linux Kernel KVM CVE-2014-3645 Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70746

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-12-05
http://www.securityfocus.com/bid/68162

Linux Kernel CVE-2014-3184 Multiple Local Denial Of Service Vulnerabilities
2014-12-05
http://www.securityfocus.com/bid/69768

Linux Kernel 'shmem.c' CVE-2014-4171 Local Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/68157

Linux Kernel KVM 'virt/kvm/iommu.c' Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/69489

Linux Kernel 'netdevice.h' NULL Pointer Dereference Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/69721

Linux Kernel CVE-2014-4014 Local Privilege Escalation Vulnerability
2014-12-05
http://www.securityfocus.com/bid/67988

Linux Kernel '/drivers/media/media-device.c' Local Information Disclosure Vulnerability
2014-12-05
http://www.securityfocus.com/bid/68048

Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70766

Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70883

Linux Kernel KVM CVE-2014-3646 Local Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70745

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-12-05
http://www.securityfocus.com/bid/69779

Linux Kernel KVM CVE-2014-3611 Denial of Service Vulnerability
2014-12-05
http://www.securityfocus.com/bid/70743

Exploit

  Offset2lib: Bypassing Full ASLR On 64bit Linux

  PBBoard CMS 3.0.1 - SQL Injection

  Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities

  Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities

4.12.2014

Bugtraq

CVE-2014-9215 - SQL Injection in PBBoard CMS 2014-12-04
tien d tran itas vn

APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 2014-12-03
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3086-1] tcpdump security update 2014-12-03
Salvatore Bonaccorso (carnil debian org)

Wireless N ADSL 2/2+ Modem Router - DT5130 - Xss / URL Redirect / Command Injection 2014-12-03
Ewerson Guimarães (Crash) - Dclabs (crash dclabs com br)

[slackware-security] mozilla-thunderbird (SSA:2014-337-01) 2014-12-03
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3085-1] wordpress security update 2014-12-03
Yves-Alexis Perez (corsac debian org)

Malware

RDN/Generic PUP.x!cqh!D465E754F1BE

Generic PUP.x!899B175F4B8A

RDN/Generic PUP.x!0A2570CF8123

Generic-FAVO!42B5B68762AC

RDN/Generic Dropper!vp!A45BB31A2176

RDN/Generic StartPage!cb!438D4B2CDF5F

RDN/Generic StartPage!cb!D87134986F56

Generic-FAVO!465FCD4E9E58

RDN/Generic BackDoor!b2s!FB58875E93B1

RDN/Generic BackDoor!b2s!A170B88E68EA

W32/Virut.gen!0F43F01EB8A2

Generic PUP.x!E2EC744CB09A

DNSChanger.bfr!8875804EFA93

Generic PUP.x!DDD969DC77DD

Generic-FAVO!6FED865F5E56

Generic PUP.x!1B1FBD382555

Generic.dx!DAB4BC8BEC6D

Generic PUP.x!1E84C66BBA9C

RDN/Qhost-Gen!be!FA6E631924E4

RDN/Generic.bfr!EE999CA4B4BB

RDN/Generic.bfr!hy!2A69217C18B7

RDN/Generic PUP.x!cqh!D3B8BC6A0E40

Generic.dx!1F6051137BAB

RDN/Generic PUP.x!5092B8A6AA7C

RDN/Generic PUP.x!CD58EC23AF66

FakeAV-M.bfr!0F6E5C509E33

Generic PWS.y!C911B724EC01

RDN/Generic.grp!hr!9FA101CE841F

RDN/Generic.dx!dh3!0D585906CE24

RDN/Generic PUP.x!C961774BF2F1

Phishing

 

Vulnerebility

WebKit CVE-2014-4452 Unspecified Memory Corruption Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71137

WebKit CVE-2014-4459 Unspecified Memory Corruption Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71144

Google Chrome 35.0.1916.114 Multiple Security Vulnerabilities
2014-12-04
http://www.securityfocus.com/bid/67517

wpa_supplicant and hostapd CVE-2014-3686 Remote Command Execution Vulnerability
2014-12-04
http://www.securityfocus.com/bid/70396

tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71150

tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71153

Multiple KDE Products CVE-2014-8600 Multiple Security Bypass Vulnerabilities
2014-12-04
http://www.securityfocus.com/bid/71190

GNU glibc CVE-2014-7817 Arbitrary Command Execution Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71216

GNU glibc 'iconv()' Denial of Service Vulnerability
2014-12-04
http://www.securityfocus.com/bid/69472

GNU glibc 'iconv()' Function Denial of Service Vulnerability
2014-12-04
http://www.securityfocus.com/bid/69470

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-04
http://www.securityfocus.com/bid/70574

Xen CVE-2014-8866 Denial of Service Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71332

Xen CVE-2014-8595 Local Privilege Escalation Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71151

Xen 'PHYSDEVOP_{prepare,release}_msix' Operations Local Privilege Escalation Vulnerability
2014-12-04
http://www.securityfocus.com/bid/65125

Xen CVE-2014-8867 Denial of Service Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71331

WordPress WooCommerce 'range' Parameter Cross Site Scripting Vulnerability
2014-12-04
http://www.securityfocus.com/bid/69868

Multiple ManageEngine Products Multiple Arbitrary File Download Vulnerabilities
2014-12-04
http://www.securityfocus.com/bid/71404

tinc CVE-2013-1428 Stack Buffer Overflow Vulnerability
2014-12-04
http://www.securityfocus.com/bid/59369

WordPress SupportEzzy Ticket System Plugin 'URL' Parameter HTML Injection Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71088

WordPress Google Analytics by Yoast Plugin CVE-2014-9174 Cross Site Scripting Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71330

WordPress wpDataTables Plugin 'wp-admin/admin-ajax.php' SQL Injection Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71271

WordPress Google Doc Embedder Plugin 'google-document-embedder\view.php' SQL Injection Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71304

Mozilla Firefox/Thunderbird CVE-2014-1593 Buffer Overflow Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71395

Mozilla Firefox/Thunderbird CVE-2014-1594 Security Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71396

Mozilla Firefox/Thunderbird CVE-2014-1592 Use After Free Memory Corruption Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71398

Plex Media Server Directory Traversal and Authentication-Bypass Vulnerabilities
2014-12-04
http://www.securityfocus.com/bid/65881

Anchor CMS 'comment.php' Mail Header Injection Vulnerability
2014-12-04
http://www.securityfocus.com/bid/71020

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-12-04
http://www.securityfocus.com/bid/68814

Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
2014-12-04
http://www.securityfocus.com/bid/68111

Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2014-12-04
http://www.securityfocus.com/bid/70567

Exploit

  Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities

  Advertise With Pleasure! (AWP) 6.6 - SQL Injection Vulnerability

3.12.2014

Bugtraq

[SECURITY] [DSA 3085-1] wordpress security update 2014-12-03
Yves-Alexis Perez (corsac debian org)

F5 BIGIP - (OLD!) Persistent XSS in ASM Module 2014-12-02
jplopezy gmail com

ESA-2014-160: RSAŽ Adaptive Authentication (On-Premise) Authentication Bypass Vulnerability 2014-12-02
Security Alert (Security_Alert emc com)

ESA-2014-156: EMC Documentum Content Server Insecure Direct Object Reference Vulnerability 2014-12-02
Security Alert (Security_Alert emc com)

CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress 2014-12-02
Henri Salo (henri nerv fi)

[RT-SA-2014-012] Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components 2014-12-02
RedTeam Pentesting GmbH (release redteam-pentesting de)

[SECURITY] [DSA 3084-1] openvpn security update 2014-12-01
Florian Weimer (fw deneb enyo de)

[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
Stephan Rickauer swisscom com

Malware

RDN/Generic BackDoor!b2s!07BB07F1111E

RDN/Generic FakeAlert!FC924071FACD

RDN/Downloader.gen.a!69B98C806EE1

RDN/Generic BackDoor!b2s!BFAE6E15F91F

RDN/Generic PUP.x!F6EC39B4D3A7

DNSChanger.bfr!16AF421598CA

RDN/Generic.dx!A942E36830AA

RDN/Generic PUP.x!5B622DD95C38

RDN/Generic PUP.x!064DF4B4176A

RDN/Generic PWS.y!bbw!D6B4B6C8FE1C

RDN/Generic.dx!4C0D5348022D

RDN/Generic Downloader.x!lv!2250B2B7FA61

RDN/Generic Dropper!vp!AED0EF2C4AB0

Generic.dx!1CB526B022E6

Generic PUP.x!7087B861AF99

RDN/Generic PUP.x!48CA2E09A302

RDN/Generic PUP.x!3DAD8B2E3517

Generic StartPage!CA03719731FA

RDN/Generic PUP.x!207E6BDDE7A6

RDN/Generic.bfr!5FA8C8966926

RDN/Generic.dx!dh3!96165A5D2B81

RDN/Generic PUP.x!05E1F69EB946

RDN/Generic PUP.x!cqg!5245A8191005

Generic PUP.x!7E020E35EE9B

RDN/Generic PUP.x!4D7BF7EBB13C

RDN/Generic.bfr!630F3AC6DC67

RDN/Generic PUP.x!58F9F09EE4BA

RDN/Downloader.gen.a!A4E8F0AF9D1B

Downloader.gen.a!C948D623B541

RDN/Generic BackDoor!b2s!7AE2EFA5F3A8

Phishing

 

Vulnerebility

Multiple Yokogawa Products CVE-2014-5208 Remote Security Weakness
2014-12-03
http://www.securityfocus.com/bid/69886

Mozilla Firefox/Thunderbird CVE-2014-1593 Buffer Overflow Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71395

Mozilla Firefox/Thunderbird CVE-2014-1594 Security Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71396

Mozilla Firefox/Thunderbird CVE-2014-1592 Use After Free Memory Corruption Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71398

Mozilla Firefox/Thunderbird CVE-2014-1590 Denial of Service Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71397

Mozilla Firefox/Thunderbird CVE-2014-1587 Multiple Memory Corruption Vulnerabilities
2014-12-03
http://www.securityfocus.com/bid/71391

Mozilla Firefox/Thunderbird CVE-2014-1588 Multiple Memory Corruption Vulnerabilities
2014-12-03
http://www.securityfocus.com/bid/71392

Mozilla Firefox CVE-2014-1589 XBL Bindings Security Bypass Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71393

Apple Mac OS X CVE-2014-1314 Remote Arbitrary Code Execution Vulnerability
2014-12-03
http://www.securityfocus.com/bid/67026

Drupal Avatar Uploader Module Information Disclosure Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69577

Drupal Notify Module Multiple Access Bypass Vulnerabilities
2014-12-03
http://www.securityfocus.com/bid/69228

blkid 'blkid.c' Local Command Injection Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71327

Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69038

Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69041

Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69046

Antiword 'wordole.c' Buffer Overflow Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71386

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-03
http://www.securityfocus.com/bid/70574

OpenVPN CVE-2014-8104 Denial of Service Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71402

Kingsoft Office CVE-2014-2271 Remote Code Execution Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71381

Huawei P2 CVE-2014-2273 Local Privilege Escalation Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71374

Huawei Mobile Partner 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
2014-12-03
http://www.securityfocus.com/bid/70671

Huawei Mobile Partner Local Privilege Escalation Vulnerability
2014-12-03
http://www.securityfocus.com/bid/70672

check_diskio CVE-2014-8994 Symlink Vulnerability
2014-12-03
http://www.securityfocus.com/bid/71208

Huawei Honor Cube WS860S Arbitrary File Upload Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69806

eyeD3 Insecure Temporary File Creation Vulnerability
2014-12-03
http://www.securityfocus.com/bid/65480

Django CVE-2014-0482 Authentication Bypass Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69430

Django 'contrib.admin' Information Disclosure Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69429

Django CVE-2014-0481 Denial of Service Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69423

Django 'return()' Function URI Redirection Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69425

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-12-03
http://www.securityfocus.com/bid/69748

Exploit

Cart66 Lite WordPress Ecommerce 1.5.1.17 - Blind SQL Injection

Google Document Embedder 2.5.16 - mysql_real_escpae_string bypass SQL Injection 

 Tincd Post-Authentication Remote TCP Stack Buffer Overflow

  Mac OS X IOKit Keyboard Driver Root Privilege Escalation

  Prolink PRN2001 - Multiple Vulnerabilities

  IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow

  IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow

  IPUX CS7522/CS2330/CS2030 IP Camera - (UltraHVCamX.ocx) ActiveX Stack Buffer Overflow

  Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability

  EntryPass N5200 - Credentials Exposure

  TYPO3 ke DomPDF Extension - Remote Code Execution

2.12.2014

Bugtraq

[SECURITY] [DSA 3084-1] openvpn security update 2014-12-01
Florian Weimer (fw deneb enyo de)

[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
Stephan Rickauer swisscom com

[SECURITY] [DSA 3081-1] libvncserver security update 2014-11-29
Luciano Bello (luciano debian org)

[The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360 2014-11-30
Pedro Ribeiro (pedrib gmail com)

Malware

Generic PUP.x!E41709B9B1FC

RDN/Generic PUP.x!590485900AED

Generic.dx!DF72EA725B65

RDN/Generic.dx!DEA5F9A60B57

Generic PUP.x!9218911A9FDF

RDN/Generic.dx!DDD7E8D6F019

RDN/Generic.dx!DDCE64D63FC5

Generic PUP.x!0A5BA1B1685F

Generic PUP.x!67DBCC7ABD59

RDN/Generic PUP.x!BBDCD75B4BAA

RDN/Generic.bfr!DF20845E1F40

Generic.bfr!9CED1AE8A6A9

RDN/Generic.bfr!hy!E906BDF5528B

RDN/Generic.dx!DDB099D74746

RDN/Generic PUP.x!87B7E9C36BA3

RDN/Generic PUP.x!AE5D9EFA46F1

RDN/Generic PUP.x!cqf!DEFDADBC1573

RDN/Spybot.bfr!o!93453FBA8DE4

RDN/Generic.dx!DE3E3E7C6D11

RDN/Generic.dx!DD7322E81D8B

RDN/Generic Downloader.x!lv!EF777F531ED6

RDN/Generic PUP.x!DE920A989D74

RDN/Generic.dx!DDABB1A8EC49

RDN/Generic BackDoor!830DA0D2003E

RDN/Generic.dx!DD420F1472DD

RDN/Generic PUP.x!cqf!DE746FD836B4

RDN/Generic BackDoor!A843119C8DAC

RDN/Generic PWS.y!bbw!DE6DC637BF01

RDN/Generic PUP.x!A17B579837C7

RDN/Generic.dx!DD09A81B4BF1

Phishing

Yahoo.com

29th November 2014

Atn Dear Customer,

Vulnerebility

Apple TV and iOS CVE-2014-4404 Heap Based Buffer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/69947

TYPO3 Questionnaire Extension CVE-2014-8874 Information Disclosure Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71390

Graphviz 'agerr()' Function Remote Format String Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71283

PPP 'options.c' CVE-2014-3158 Remote Integer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/69399

Ruby CVE-2014-8090 Incomplete Fix XML External Entity Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71230

Ruby CVE-2014-8080 XML External Entity Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70935

Ruby 'pack.c' Buffer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/68474

Oracle Java SE CVE-2014-6519 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70570

Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70572

Huawei P7-L10 'PackageInstaller' Module Remote Security Bypass Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71196

WordPress Password Check Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71233

Slider Revolution Responsive/Showbiz Pro Responsive Teaser Multiple Security Bypass Vulnerabilities
2014-12-02
http://www.securityfocus.com/bid/71306

libFLAC 'src/libFLAC/stream_decoder.c' Stack Buffer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71280

Mutt 'mutt_substrdup()' Function Heap Based Buffer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71334

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71349

Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70544

libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/71282

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70094

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-12-02
http://www.securityfocus.com/bid/70096

Oracle Java SE CVE-2014-6517 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70552

Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70567

Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70548

Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70556

Oracle Java SE CVE-2014-6504 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70564

Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70533

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-12-02
http://www.securityfocus.com/bid/70538

CBN CH6640E and CG6640E Wireless Gateway Series Multiple Security Vulnerabilities
2014-12-02
http://www.securityfocus.com/bid/70762

Exploit

 

1.12.2014

Bugtraq

[SECURITY] [DSA 3080-1] openjdk-7 security update 2014-11-29
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3079-1] ppp security update 2014-11-29
Sebastien Delafond (seb debian org)

WordPress <=4.0 Denial of Service Exploit (CVE-2014-9034) 2014-11-29
john secureli com

[ MDVSA-2014:237 ] perl-Mojolicious 2014-11-28
security mandriva com

Malware

RDN/Generic BackDoor!b2s!74490E7396D0

RDN/Generic Dropper!vp!88FFF8924E55

RDN/Generic BackDoor!b2s!0B072A4189E0

RDN/Generic BackDoor!b2s!79046CEB2E5B

Generic PUP.x!5D5F99B10DF6

RDN/Generic.dx!dhc!9BFD27B1EE51

Generic.dx!9423FB506267

RDN/Downloader.gen.a!0055BAA9A6F5

RDN/Downloader.gen.a!01D601993AEA

RDN/Generic PUP.x!2F12D9B8B66D

Generic Downloader.x!A7F5027B7E98

RDN/Generic PUP.x!cqf!F2DF1E7F9B7A

RDN/Generic StartPage!cb!CF5C52A7E908

RDN/Generic PWS.y!bbw!51FB66AA10EF

RDN/Generic.bfr!hy!F5DBF6D8F1D4

RDN/Generic StartPage!cb!6043E7958526

Generic PUP.x!B7DBE0761D56

Generic PUP.x!AC21AA7493F9

RDN/Downloader.a!tv!4B1AA1978701

RDN/Generic.hra!cc!E74A68564D03

RDN/Generic.dx!dhc!9F6B8004B1C9

RDN/Spybot.bfr!CDAA35954DCD

Trojan-FFHL

RDN/Generic BackDoor!b2s!87399E1F75BB

RDN/Generic.bfr!BB09E0EFEC43

Generic PUP.x!59543FE1C821

RDN/Generic PUP.x!03FF0C9B8705

RDN/Generic PUP.x!cqf!F6BDA8C6F920

RDN/Generic.dx!66BD1EFED291

RDN/Generic StartPage!cb!F0A732C70AB9

Phishing

Yahoo.com

29th November 2014

Atn Dear Customer,

Support Paypal

28th November 2014

[NOTICE] YOU HAVE TO UPDATE
YOUR INFORMATION FOR SECURITY
REASON WITHIN 24 HOURS

Vulnerebility

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70094

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-12-01
http://www.securityfocus.com/bid/70096

Oracle Java SE CVE-2014-6517 Remote Security Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70552

Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70567

Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70548

Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70556

Oracle Java SE CVE-2014-6504 Remote Security Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70564

Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70533

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70538

PPP 'options.c' CVE-2014-3158 Remote Integer Overflow Vulnerability
2014-12-01
http://www.securityfocus.com/bid/69399

CBN CH6640E and CG6640E Wireless Gateway Series Multiple Security Vulnerabilities
2014-12-01
http://www.securityfocus.com/bid/70762

Mojolicious Command Line Parameter Injection Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70706

PHP 'donote()' Function Out-of-Bounds Read Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70807

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70574

WordPress Wordfence Firewall Plugin 'wp-admin/admin.php' Cross Site Scripting Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70915

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70116

Arris VAP2500 CVE-2014-8423 Remote Code Execution Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71299

Plack::App::File Information Disclosure Vulnerability
2014-12-01
http://www.securityfocus.com/bid/69185

Aircrack-ng 'network.c' Denial of Service Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71342

Libksba 'ksba_oid_to_str() Function Buffer Overflow Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71285

Polarssl Multiple Security Vulnerabilities
2014-12-01
http://www.securityfocus.com/bid/70902

PolarSSL Unspecified Memory Corruption Vulnerability
2014-12-01
http://www.securityfocus.com/bid/70905

libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71282

libFLAC 'src/libFLAC/stream_decoder.c' Stack Buffer Overflow Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71280

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-12-01
http://www.securityfocus.com/bid/67898

WordPress Cross Site Request Forgery Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71232

WordPress Password Reset Email Security Bypass Vulnerability
2014-12-01
http://www.securityfocus.com/bid/71231

Exploit

  WordPress <=4.0 Denial of Service Exploit

  Wordpress < 4.0.1 - Denial of Service

  Drupal < 7.34 - Denial of Service

29.11.2014

Bugtraq

[ MDVSA-2014:237 ] perl-Mojolicious 2014-11-28
security mandriva com

[ MDVSA-2014:236 ] file 2014-11-28
security mandriva com

[ MDVSA-2014:235 ] perl-Plack 2014-11-28
security mandriva com

[ MDVSA-2014:234 ] libksba 2014-11-28
security mandriva com

Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used) 2014-11-27
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information 2014-11-27
security-alert hp com

Malware

RDN/Generic PUP.x!cq3!15565B91F56E

RDN/Generic.bfr!hy!5BA0A2D6ED32

RDN/FakeAV-N.bfr!52E9CC5D2870

Generic PUP.x!7405E11AF1C0

RDN/Generic StartPage!cb!7989FBB3BEF4

Generic PUP.x!2BC1F99A47D0

RDN/Generic PUP.x!cq3!011786CA9528

Generic PUP.x!4FCF6B06FD19

Generic PUP.x!647E9F6A5A01

Generic PUP.x!1A23E3312B74

Generic Downloader.x!D74EBE96CDF5

Generic PUP.x!8D3B4842D02A

Generic PUP.x!BDB5CC596C5E

RDN/Generic PUP.x!cq3!398A17AD226E

RDN/Generic PUP.x!cq3!9FD20ABA6D9D

RDN/Generic PUP.x!cq3!861A5D57D022

Generic PUP.x!6FEE550800B4

Generic PUP.x!DEC0686B367C

RDN/Generic PUP.x!cq3!11D8B44C0520

RDN/Generic.grp!B95C18C7F7AC

RDN/Generic PUP.x!25E628597B6B

RDN/Generic PUP.x!cq3!8AD9D1E145A0

DNSChanger.bfr!32CD531C2A6F

Generic PUP.x!40C497980AB4

FakeAV-M.bfr!3250F44FE9CC

RDN/Generic PUP.x!8D2445F510F5

RDN/Generic PUP.x!6ACE1F717466

Generic PUP.x!266BB7286C3B

RDN/Generic PUP.x!B8DF00D860BD

Generic PUP.x!95E7E5F1D367

Phishing

Yahoo.com

29th November 2014

Atn Dear Customer,

Support Paypal

28th November 2014

[NOTICE] YOU HAVE TO UPDATE
YOUR INFORMATION FOR SECURITY
REASON WITHIN 24 HOURS

RBS

28th November 2014

RBS Bank Notification!

Vulnerebility

CBN CH6640E and CG6640E Wireless Gateway Series Multiple Security Vulnerabilities
2014-11-29
http://www.securityfocus.com/bid/70762

Mojolicious Command Line Parameter Injection Vulnerability
2014-11-29
http://www.securityfocus.com/bid/70706

PHP 'donote()' Function Out-of-Bounds Read Vulnerability
2014-11-29
http://www.securityfocus.com/bid/70807

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-29
http://www.securityfocus.com/bid/70574

WordPress Wordfence Firewall Plugin 'wp-admin/admin.php' Cross Site Scripting Vulnerability
2014-11-29
http://www.securityfocus.com/bid/70915

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-11-29
http://www.securityfocus.com/bid/70116

Arris VAP2500 CVE-2014-8423 Remote Code Execution Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71299

Plack::App::File Information Disclosure Vulnerability
2014-11-29
http://www.securityfocus.com/bid/69185

Aircrack-ng 'network.c' Denial of Service Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71342

Libksba 'ksba_oid_to_str() Function Buffer Overflow Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71285

Polarssl Multiple Security Vulnerabilities
2014-11-29
http://www.securityfocus.com/bid/70902

PolarSSL Unspecified Memory Corruption Vulnerability
2014-11-29
http://www.securityfocus.com/bid/70905

libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71282

libFLAC 'src/libFLAC/stream_decoder.c' Stack Buffer Overflow Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71280

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-11-29
http://www.securityfocus.com/bid/67898

WordPress Cross Site Request Forgery Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71232

WordPress Password Reset Email Security Bypass Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71231

WordPress Password Check Denial of Service Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71233

WordPress Multiple Unspecified Cross Site Scripting Vulnerabilities
2014-11-29
http://www.securityfocus.com/bid/71236

WordPress Server Side Request Forgery Security Bypass Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71234

WordPress Unspecified Security Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71238

WordPress 'comment' Field HTML Injection Vulnerability
2014-11-29
http://www.securityfocus.com/bid/71237

Raritan PowerIQ Multiple SQL Injection Vulnerabilities
2014-11-29
http://www.securityfocus.com/bid/68722

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-11-29
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-11-29
http://www.securityfocus.com/bid/66363

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-11-29
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-11-29
http://www.securityfocus.com/bid/66801

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-11-29
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-11-29
http://www.securityfocus.com/bid/67900

WordPress DZS-VideoGallery Plugin Cross Site Scripting and Command Injection Vulnerabilities
2014-11-29
http://www.securityfocus.com/bid/68525

Exploit

CCH Wolters Kluwer PFX Engagement <= 7.1 - Local Privilege Escalation

28.11.2014

Bugtraq

Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used) 2014-11-27
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information 2014-11-27
security-alert hp com

[ MDVSA-2014:233 ] wordpress 2014-11-27
security mandriva com

[SECURITY] [DSA 3078-1] libksba security update 2014-11-27
Salvatore Bonaccorso (carnil debian org)

[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability 2014-11-27
Egidio Romano (research karmainsecurity com)

[ MDVSA-2014:232 ] glibc 2014-11-27
security mandriva com

[ MDVSA-2014:231 ] icecast 2014-11-27
security mandriva com

[ MDVSA-2014:230 ] kernel 2014-11-27
security mandriva com

[security bulletin] HPSBGN03202 rev.1 - HP CMS: Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-11-26
security-alert hp com

Malware

RDN/Generic Dropper!vp!0966355D25F1

RDN/Generic BackDoor!b2q!89C07A29E26D

RDN/Generic BackDoor!b2q!87711DC84BCC

RDN/Generic Dropper!vp!68EF168DBFD2

RDN/Generic BackDoor!b2q!7E064C15EEB0

RDN/Spybot.bfr!o!EA4ACFFAC969

Generic PUP.x!58DD81061015

4shared!B626165E7922

4shared!FBD103925983

4shared!87320DF0D600

Downloader.gen.a!8CD9BE143174

RDN/Generic BackDoor!50246D16D37B

RDN/Generic BackDoor!b2q!7570CCA9DEE0

Generic PUP.x!142F43270344

RDN/Generic PUP.x!A1E22C549DC8

Generic.dx!0B6D00076F98

W32/Spybot.bfr!733E623D5A0D

RDN/Generic.bfr!hx!F359F599A536

Generic PWS.y!0972F56FA445

RDN/Generic Dropper!vp!6CC8387767BF

RDN/Generic.dx!dhc!FC60D85E027F

RDN/Generic.tfr!ef!4C03EBAD16C1

RDN/PWS-Banker!CAC3CF81E0D9

Generic PUP.x!F6B6763BC9E1

RDN/Generic.dx!dhc!19E2C74EFBAC

RDN/Downloader.a!tv!C315E45DEDC0

RDN/Downloader.a!tv!42BD8B8BCF22

Generic PUP.x!7BF189BFA748

Generic PUP.x!158822026500

4shared!16DC6B91A1F6

Phishing

Admin

27th November 2014

Automatic Email Update Needed.
howiem@bigfoot.com

BT

27th November 2014

Your account has been frozen
temporarily

Halifax

27th November 2014

SECURE YOUR ACCESS !

PayPal

26th November 2014

Now check the account

BT at home

26th November 2014

BT.com Important Account
Notice

Halifax UK

26th November 2014

Secure Online Banking

BT

26th November 2014

BT Internet unable to process
your recent payment of bill

Vulnerebility

Libksba 'ksba_oid_to_str() Function Buffer Overflow Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71285

Polarssl Multiple Security Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/70902

PolarSSL Unspecified Memory Corruption Vulnerability
2014-11-28
http://www.securityfocus.com/bid/70905

libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71282

libFLAC 'src/libFLAC/stream_decoder.c' Stack Buffer Overflow Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71280

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-11-28
http://www.securityfocus.com/bid/67898

WordPress Cross Site Request Forgery Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71232

WordPress Password Reset Email Security Bypass Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71231

WordPress Password Check Denial of Service Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71233

WordPress Multiple Unspecified Cross Site Scripting Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/71236

WordPress Server Side Request Forgery Security Bypass Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71234

WordPress Unspecified Security Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71238

WordPress 'comment' Field HTML Injection Vulnerability
2014-11-28
http://www.securityfocus.com/bid/71237

Raritan PowerIQ Multiple SQL Injection Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/68722

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-11-28
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-11-28
http://www.securityfocus.com/bid/66363

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-11-28
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-11-28
http://www.securityfocus.com/bid/66801

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-11-28
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-11-28
http://www.securityfocus.com/bid/67900

WordPress DZS-VideoGallery Plugin Cross Site Scripting and Command Injection Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/68525

OpenVPN Access Server Desktop Client Cross Site Request Forgery Vulnerability
2014-11-28
http://www.securityfocus.com/bid/68666

WordPress Video Gallery Plugin Multiple SQL Injection and Cross Site Scripting Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/68883

WordPress WhyDoWork AdSense Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/68954

SkaDate Lite Multiple Cross Site Request Forgery and HTML Injection Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/68971

Kunena Multiple SQL Injection and Cross Site Scripting Vulnerabilities
2014-11-28
http://www.securityfocus.com/bid/68956

Pligg CMS 'recover.php' SQL Injection Vulnerability
2014-11-28
http://www.securityfocus.com/bid/68893

Squid CVE-2014-0128 Remote Denial of Service Vulnerability
2014-11-28
http://www.securityfocus.com/bid/66112

Squid CVE-2014-7142 Unspecified Security Vulnerability
2014-11-28
http://www.securityfocus.com/bid/70022

Squid 'src/icmp/Icmp4.cc' Remote Denial of Service Vulnerability
2014-11-28
http://www.securityfocus.com/bid/69688

Exploit

 

27.11.2014

Bugtraq

[ MDVSA-2014:230 ] kernel 2014-11-27
security mandriva com

[security bulletin] HPSBGN03202 rev.1 - HP CMS: Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-11-26
security-alert hp com

[SECURITY] [DSA 3077-1] openjdk-6 security update 2014-11-26
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:229 ] libvncserver 2014-11-26
security mandriva com

CVE-2014-5439 - Root shell on Sniffit [with exploit] 2014-11-26
Hector Marco (hecmargi upv es)

Сross-Site Request Forgery (CSRF) in xEpan 2014-11-26
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!2E11E4319FEA

Generic PUP.x!F384F57FED1B

RDN/Generic PUP.x!4A30470DF689

RDN/Generic PUP.x!cq3!5AF9A75019E8

RDN/Generic.bfr!hx!642F3C3A8DC7

Generic PUP.x!8996416C09FB

Generic PUP.x!AAE1CC9C1A39

RDN/Spybot.bfr!A3CAAC93B376

RDN/Generic.bfr!hx!2300E314ADF7

RDN/Generic.bfr!hx!471EB2B8ECF3

Generic PUP.x!62486BA681F5

Generic PUP.x!DC465AFB6965

Generic PUP.x!4CADC97BE705

Generic BackDoor!DEED3C81A7EC

Generic PUP.x!76BCFA2F04FE

RDN/Generic PUP.x!1AE0648239CB

Generic PUP.x!7BB5E11BB2D6

Generic PUP.x!0F66AFC663B8

Generic PUP.x!C123480C3730

Generic PUP.x!9F777BCFC0D1

Generic PUP.x!259867925D9C

Generic PUP.x!556E43A8CF48

RDN/Generic PUP.x!cq3!732A3CA1EB61

Generic PUP.x!3E056F4AE1AF

Generic PUP.x!F78B628407B4

RDN/Generic PUP.x!cq3!D5C163F636F0

Generic PUP.x!5EBF3663762D

RDN/Generic PUP.x!cq3!653CD70FC69C

Generic PUP.x!E02FABEF6E62

Generic PUP.x!A4F693DD0F2A

Phishing

Halifax

27th November 2014

SECURE YOUR ACCESS !

PayPal

26th November 2014

Now check the account

BT at home

26th November 2014

BT.com Important Account
Notice

Halifax UK

26th November 2014

Secure Online Banking

BT

26th November 2014

BT Internet unable to process
your recent payment of bill

Tom Holder

25th November 2014

Important Document

Vulnerebility

FortiManager and FortiAnalyzer CVE-2014-2334 Multiple Cross Site Scripting Vulnerabilities
2014-11-27
http://www.securityfocus.com/bid/70887

tnftp CVE-2014-8517 Arbitrary Command Execution Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70792

Oracle Java SE CVE-2014-6504 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70564

Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70567

FreeBSD CVE-2014-8475 Remote Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70913

Adobe Flash Player CVE-2014-8439 Remote Code Execution Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71289

Ruby CVE-2014-8090 Incomplete Fix XML External Entity Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71230

Ruby CVE-2014-8080 XML External Entity Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70935

ClamAV 'libclamav/pe.c' Heap Based Buffer Overflow Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71242

ClamAV CVE-2013-6497 Local Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71178

Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71248

Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70544

Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70572

Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70556

Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70548

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70538

Oracle Java SE CVE-2014-6517 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70552

Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70533

Oracle Java SE CVE-2014-6519 Remote Security Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70570

Cisco Adaptive Security Appliance (ASA) Software CVE-2014-3407 Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71317

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70574

MantisBT 'view_all_set.php' Multiple SQL Injection Vulnerabilities
2014-11-27
http://www.securityfocus.com/bid/71298

Linux Kernel 'espfix64' Local Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71250

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-11-27
http://www.securityfocus.com/bid/70096

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-11-27
http://www.securityfocus.com/bid/70094

Moodle 'forum_get_discussions()' Function Security Bypass Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71126

Moodle 'lib/phpunit/bootstrap.php' Path Disclosure Vulnerability
2014-11-27
http://www.securityfocus.com/bid/71129

Exploit

  Pandora FMS SQLi Remote Code Execution

  Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) SEH Buffer Overflow

  WordPress HTML 5 MP3 Player with Playlist Plugin - Full Path Disclosure

  xEpan 1.0.1 - CSRF Vulnerability

  Device42 WAN Emulator 2.3 Traceroute Command Injection

  Device42 WAN Emulator 2.3 Ping Command Injection

  Slider Revolution/Showbiz Pro Shell Upload Exploit

  Elipse E3 HTTP Denial of Service

  Android WAPPushManager - SQL Injection

26.11.2014

 

Bugtraq

[SECURITY] [DSA 3076-1] wireshark security update 2014-11-25
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2014-11-25
security-alert hp com

[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information 2014-11-25
security-alert hp com

[security bulletin] HPSBGN03201 rev.1 - HP Asset Manager running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com

Slider Revolution/Showbiz Pro shell upload exploit 2014-11-25
simo morxploit com

[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution 2014-11-25
security-alert hp com

[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com

[ MDVSA-2014:227 ] ffmpeg 2014-11-25
security mandriva com

Malware

RDN/DNSChanger.bfr!e!3E9F61659DCB

RDN/Generic.bfr!hx!F4E8EC8F6309

RDN/Generic.hra!54EBADE7CF2B

RDN/Generic BackDoor!b2q!3E26C9130541

RDN/BackDoor-FBSA!a!3BCCD237AB2C

RDN/Generic BackDoor!b2q!3C68CACEE00E

RDN/Generic BackDoor!b2q!3E0A2AE85E72

RDN/DNSChanger.bfr!e!3D3C0EFC2DE7

RDN/Generic BackDoor!b2q!3BF93A3DAAD3

RDN/Generic PUP.x!0F459E5BD7C1

Generic PUP.x!3B1681C874D6

Generic PUP.x!12CCBF422212

RDN/Generic.bfr!hx!5616D309BA0F

Generic PUP.x!25B1AB701DF1

Downloader-FSH!45156A1B0E47

Generic PUP.x!1EDCABA72F1C

Generic PUP.x!15E78B32E575

Generic PUP.x!16EC4694985C

Generic PUP.x!2A3F75A57A32

Generic PUP.x!250DCD90C6CC

Generic PUP.x!20FF94C3E22D

Generic PUP.x!02FC3AAB13C3

Generic PUP.x!20B559EF0186

Generic PUP.x!0C9BFB83CF7B

Generic PUP.x!257BD3076C95

Generic PUP.x!0996CF63237C

Generic PUP.x!1842A04A903B

Generic PUP.x!13116166AE13

Generic PUP.x!084F3EDA5016

Generic PUP.x!1241B8A5C49A

Phishing

PayPal

26th November 2014

Now check the account

BT at home

26th November 2014

BT.com Important Account
Notice

Halifax UK

26th November 2014

Secure Online Banking

BT

26th November 2014

BT Internet unable to process
your recent payment of bill

Tom Holder

25th November 2014

Important Document

Citibank

25th November 2014

ACCOUNT VERIFICATION REQUIRED

PayPal

25th November 2014

Suspicious Activity on Your
Paypal Account

Apple INC

25th November 2014

YOUR APPLE ACCOUNT WILL BE
BLOCKED

Apple Inc

25th November 2014

YOUR ACCOUNT HAS BEEN LIMITED

PayPal Service

25th November 2014

[PAYPAL] : ATTENTION YOUR
ACCOUNT HAS BEEN LIMITED

Bank of America

25th November 2014

Bank of America Corporate
Office Headquarters

Vulnerebility

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70574

Linux Kernel CVE-2014-3153 Local Privilege Escalation Vulnerability
2014-11-26
http://www.securityfocus.com/bid/67906

Multiple KDE Products CVE-2014-8600 Multiple Security Bypass Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/71190

Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71069

Wireshark NCP Dissector CVE-2014-8712 Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71071

Wireshark NCP Dissector CVE-2014-8713 Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71073

Wireshark AMQP Dissector CVE-2014-8711 Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71070

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71072

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70137

Mozilla Firefox/SeaMonkey 'OnChannelRedirect' Method Memory Corruption Vulnerability
2014-11-26
http://www.securityfocus.com/bid/47659

Squid CVE-2014-7142 Unspecified Security Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70022

Direct Web Remoting CVE-2014-5325 XML External Entity Injection Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71093

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70186

libvirt 'domain_conf.c' Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70210

libvirt CVE-2014-7823 Information Disclosure Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71095

Multiple Asterisk Products 'funcs/func_db.c' Remote Privilege Escalation Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71227

Multiple Asterisk Products Access Control List Security Bypass Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71218

Asterisk Open Source 'res_pjsip_acl' Module Security Bypass Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71221

Asterisk Open Source PJSIP Channel Driver Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71225

Squid 'src/icmp/Icmp4.cc' Remote Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/69688

Multiple Asterisk Products ConfBridge Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71222

Multiple Asterisk Products ConfBridge Dialplan Functions Remote Privilege Escalation Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71228

Asterisk 'res_pjsip_refer' Module Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71224

MantisBT 'core/file_api.php' Security Bypass Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71104

Moodle LTI Module CVE-2014-9060 Security Bypass Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/71134

FFmpeg and Libav Multiple Remote Security Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/63796

FFmpeg Prior to 2.1 Multiple Remote Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/63936

Exploit

 

25.11.2014

Bugtraq

Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
Eric Windisch (eric windisch docker com)

CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com

Malware

RDN/Generic PUP.x!68E6CB96092C

Generic PUP.x!4B8614FC56A2

RDN/Generic.dx!dhb!E4FDF7A92038

RDN/BackDoor-FCHE!74921DBFB53D

RDN/BackDoor-FCHE!a!74921DBFB53D

RDN/Generic PWS.y!bbw!B8B75CD22E5F

Generic PUP.x!160315555D9D

RDN/Spybot.bfr!o!747D1E4FF39B

Generic PUP.x!ED1C78A75799

Generic PUP.x!D09E31965F28

RDN/Generic PUP.x!6D3A2517A3CE

RDN/Generic PUP.x!cq3!CB2B1FAC503D

Generic PUP.x!91B7CAECDF13

Generic PUP.x!21696A4F70F5

RDN/Generic PWS.y!bbw!A62FE923B60A

RDN/Generic.bfr!hx!3E9B9EE55A1E

RDN/Generic PUP.x!cq3!679D7548E8E8

RDN/Generic BackDoor!b2q!3B270C750FBA

Generic PUP.x!1919958A59A5

RDN/Generic.bfr!hr!B24F790C4B44

Generic PUP.x!842D1BA62C84

RDN/Generic PUP.x!4AF7ABF320D3

Generic PUP.x!8D6CF81600D6

4shared!0A602BBB4668

RDN/Generic PWS.y!F0176D398E81

RDN/Generic PWS.y!bbw!F0176D398E81

RDN/Generic Downloader.x!19AF237871AC

RDN/Generic Dropper!vp!210783CD493C

RDN/Ransom!57A9939F36E8

Generic PUP.x!556DBE53EBFC

Phishing

Bank of America

25th November 2014

Bank of America Corporate
Office Headquarters

Paypal Service

24th November 2014

Your Paypal Account Has Been
Limited !

service

24th November 2014

[PAYPAL]: PLEASE LOG IN TO
CONFIRM YOUR DEBIT CARD ✔

Vulnerebility

Linux Kernel LZO Implementation 'lzo1x_decompress_safe.c' Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/68214

Linux Kernel KVM CVE-2014-3690 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70691

Linux Kernel KVM CVE-2014-3646 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70745

Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70766

Linux Kernel KVM CVE-2014-3611 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70743

Linux Kernel CVE-2014-7207 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70867

Linux Kernel KVM CVE-2014-3647 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70748

Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70883

Linux Kernel KVM CVE-2014-3645 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70746

Linux Kernel KVM 'asm/kvm_host.h' Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70742

Google Chrome CVE-2014-7899 Unspecified Address Bar Spoofing Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71160

Google Chrome CVE-2014-7906 Use After Free Remote Code Execution Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71159

Google Chrome CVE-2014-7909 Information Disclosure Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71167

Google Chrome CVE-2014-7907 Use After Free Remote Code Execution Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71170

Google Chrome CVE-2014-7910 Multiple Security Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/71161

Google Chrome CVE-2014-7908 Integer Overflow Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71168

Google Chrome CVE-2014-7904 Buffer Overflow Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71166

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/67382

Mozilla Firefox/Thunderbird CVE-2014-1581 Use After Free Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70426

Mozilla Firefox CVE-2014-1583 Same Origin Policy Security Bypass Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70424

Mozilla Firefox/Thunderbird CVE-2014-1578 Out of Bounds Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70428

Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70427

Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70440

Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70436

Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70430

Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70425

Mozilla Firefox/Thunderbird CVE-2014-1575 Multiple Memory Corruption Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70439

Incredible PBX 11 'reminders/index.php' Remote Command Execution Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70689

ZTE 831CII Multiple Security Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70984

ZTE ZXDSL 831 Multiple HTML Injection Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70985

Exploit

Hikvision DVR RTSP Request Remote Code Execution

TP-Link TL-WR740N - Denial Of Service

Advantech EKI-6340 Command Injection

PHP 5.5.12 Locale::parseLocale Memory Corruption

tcpdump 4.6.2 Geonet Decoder Denial of Service

24.11.2014

Bugtraq

CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com

Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
Larry W. Cashdollar (larry0 me com)

Malware

RDN/Generic PUP.x!cqd!C8D962B308E8

RDN/Generic BackDoor!b2q!13997EBF7AF8

RDN/Generic Downloader.x!lv!2B6EA49E4802

Generic PUP.x!33B33A1DA754

RDN/Generic PUP.x!cqd!72E78A73398F

Generic PUP.x!6BDC4A2981BE

RDN/DNSChanger.bfr!e!6A1705927EAD

GenericR-CKW!69774702E587

RDN/Generic.bfr!96C068552410

RDN/Generic Downloader.x!6FA662C964DB

W32/Induc!0C1714266C7A

RDN/Spybot.bfr!22CD07F148C8

RDN/Generic.tfr!ef!00825BF9C1A6

RDN/Generic.bfr!hx!CB58A6F1E3EE

Generic.bfr!5A607C45A622

RDN/Generic.bfr!hr!9DD4A253378C

RDN/Generic.dx!dhb!872814BF341F

RDN/Generic.bfr!9841DE5752DF

RDN/Generic.bfr!803AE36DDB2A

RDN/Generic Dropper!7707641D90D8

RDN/Generic-FAOD!a!48DBADBBC0C5

RDN/Generic.dx!dhb!6A84FDCB104A

Generic PUP.x!426A93A6CC1C

RDN/Generic BackDoor!8FE6305DE375

RDN/Generic PUP.x!cqd!1BFC976390CE

RDN/Spybot.bfr!11AB0D51D563

Generic PUP.x!409A5AF57850

Generic PUP.x!2AA0461C4B1C

RDN/Generic PWS.y!bbw!DE0063FBD398

RDN/Generic.bfr!097D46CCB3BB

Phishing

Paypal Service

24th November 2014

Your Paypal Account Has Been
Limited !

service

24th November 2014

[PAYPAL]: PLEASE LOG IN TO
CONFIRM YOUR DEBIT CARD ✔

Halifax

23rd November 2014

Your Internet Banking is
temporarily suspended

PAYPAL

23rd November 2014

UPDATE YOUR LEGAL AGREEMENTS
WITH PAYPAL IN 24 HOURS ! ✔

PAYPAL

22nd November 2014

UPDATE YOUR LEGAL AGREEMENTS
WITH PAYPAL IN 24 HOURS ! ✔

PayPal Team

22nd November 2014

[PAYPAL ] :YOUR ACCOUNT HAS
BEEN LIMITED PAYPAL ID
PP-658-119-347 ✔

Vulnerebility

QEMU 'vmstate_xhci_event' Field Memory Corruption Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69247

QEMU CVE-2014-3689 Multiple Local Security Bypass Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/70997

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67357

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67392

QEMU Image Size Validation Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67391

QEMU Multiple Memory Corruption Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/67483

QEMU 'vga.c' Information Disclosure Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69654

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67394

QEMU CVE-2014-3640 Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70237

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70089

OpenStack Neutron Security Bypass Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69807

CUPS Web Interface Cross Site Scripting Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66788

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70142

Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability
2014-11-24
http://www.securityfocus.com/bid/68035

Sendmail File Descriptor Security Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67791

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69168

Poppler and xpdf CVE-2012-2142 Security Vulnerability
2014-11-24
http://www.securityfocus.com/bid/62148

OpenStack Keystonemiddleware SSL Certificate Validation Security Bypass Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69864

QEMU CVE-2014-7815 Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70998

QEMU 'vhdx' Block Driver Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66480

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66486

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66472

QEMU CVE-2014-0147 Multiple Local Denial of Service Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66484

QEMU CVE-2014-0144 Multiple Buffer Overflow Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66483

Qemu 'virtio-net.c' Local Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66821

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66464

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66481

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66976

Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/71069

MIT Kerberos 5 'svr_principal.c' Information Disclosure Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70380

Exploit

TP-Link TL-WR740N - Denial Of Service

22.11.2014

Bugtraq

[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21
security-alert hp com

[ MDVSA-2014:224 ] krb5 2014-11-21
security mandriva com

[ MDVSA-2014:223 ] wireshark 2014-11-21
security mandriva com

[ MDVSA-2014:222 ] libvirt 2014-11-21
security mandriva com

[ MDVSA-2014:221 ] php-smarty 2014-11-21
security mandriva com

[ MDVSA-2014:220 ] qemu 2014-11-21
security mandriva com

[ MDVSA-2014:219 ] srtp 2014-11-21
security mandriva com

[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21
security-alert hp com

[ MDVSA-2014:218 ] asterisk 2014-11-21
security mandriva com

WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)

AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)

Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn

[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.bfr!hx!DE77DB689C43

RDN/Generic BackDoor!b2q!116F9AB018BB

RDN/Generic PUP.x!2EE636D7DE87

RDN/Ransom!el!3CD2F0C9379C

RDN/PWS-Zbot.hb!c!35FAC154FDDD

Generic.bfr!1E9EA8318DCC

RDN/Generic.bfr!hx!C6C2E2091D28

RDN/Generic PWS.y!bb3!8835A343D366

RDN/Generic.dx!dhb!A2B500DC573E

RDN/Generic BackDoor!b2q!2FDA5C7CF103

RDN/Generic PWS.y!E97826126A08

RDN/Generic BackDoor!b2q!6F6CE5127F89

RDN/Autorun.worm!dn!E81883C389B9

RDN/Downloader.a!tv!7937975B19A9

RDN/Generic.dx!dhb!32BDDB37D59F

RDN/Generic Dropper!AC950393D2F9

RDN/Generic PUP.x!D9385F078EA7

Generic.dx!2F360CCBD8A9

RDN/Generic PWS.y!bb3!B96A0757211E

RDN/Generic BackDoor!b2q!84DC4973574D

RDN/Generic.bfr!hx!1063CF236C5F

RDN/Generic BackDoor!b2q!DEECA3CA1A81

RDN/Generic.bfr!hr!7BE47BDC8A07

RDN/YahLover.worm!bd!19EB37A8572E

RDN/Generic PUP.x!42FE0F510450

RDN/Generic PUP.x!B22CD680399B

RDN/Generic PUP.x!2346B92DA18D

RDN/Generic PUP.x!E80738336190

RDN/Generic.dx!dhb!732985B672C3

RDN/Generic BackDoor!b2q!D889ED70D6E2

Phishing

Natwest

21st November 2014

Important Update Alert.

Scotia OnLine

21st November 2014

You Have 1 New Epost...

Joey

21st November 2014

DISCUSSANT SINGING COLIN

Vulnerebility

QEMU 'vmstate_xhci_event' Field Memory Corruption Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69247

QEMU CVE-2014-3689 Multiple Local Security Bypass Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/70997

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67357

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67392

QEMU Image Size Validation Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67391

QEMU Multiple Memory Corruption Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/67483

QEMU 'vga.c' Information Disclosure Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69654

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67394

QEMU CVE-2014-3640 Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70237

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70089

OpenStack Neutron Security Bypass Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69807

CUPS Web Interface Cross Site Scripting Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66788

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70142

Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability
2014-11-22
http://www.securityfocus.com/bid/68035

Sendmail File Descriptor Security Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67791

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69168

Poppler and xpdf CVE-2012-2142 Security Vulnerability
2014-11-22
http://www.securityfocus.com/bid/62148

OpenStack Keystonemiddleware SSL Certificate Validation Security Bypass Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69864

QEMU CVE-2014-7815 Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70998

QEMU 'vhdx' Block Driver Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66480

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66486

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66472

QEMU CVE-2014-0147 Multiple Local Denial of Service Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66484

QEMU CVE-2014-0144 Multiple Buffer Overflow Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66483

Qemu 'virtio-net.c' Local Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66821

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66464

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66481

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66976

Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/71069

MIT Kerberos 5 'svr_principal.c' Information Disclosure Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70380

Exploit

Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation

Supr Shopsystem 5.1.0 - Persistent UI Vulnerability

Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit

MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability

21.11.2014

Bugtraq

WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)

AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)

Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn

[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)

CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
phi n le itas vn

[ MDVSA-2014:217 ] clamav 2014-11-20
security mandriva com

[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com

Malware

RDN/Generic BackDoor!b2p!1D6ED7BEE3DB

RDN/Generic PWS.y!bb3!D5AA95CE380A

RDN/Generic PUP.x!70CE98FA89DC

Generic Downloader.x!8C6EC0F674E4

Generic.dx!9D484F261123

Generic.bfr!2667860FB3DD

RDN/Generic BackDoor!0A0BE53DD9C5

RDN/Generic BackDoor!A5D97019D2E4

Generic PUP.x!437DEAB95D62

Generic.dx!10C8A14931D8

Generic.dx!7F8F7DAC959D

Generic PUP.x!99F252EBB5C1

GenericR-CKP!7C4FDFDAE278

RDN/Generic PUP.x!cqd!2C22C901CA8D

Generic PUP.x!BEE5CAE8CBA8

RDN/Generic PUP.x!cqd!A9CB0EEBF9D5

RDN/Generic PWS.y!bb3!3C297D200E03

Generic PUP.x!BABE8DADF9A7

GenericR-CKP!9C57878AA16B

Generic Downloader.x!9A83F9899DA2

RDN/Generic.bfr!hr!5371303446AE

RDN/Generic.dx!59804F31512F

RDN/Generic.dx!dhb!808239345AE2

RDN/Generic Dropper!vo!7054F85973C1

RDN/Generic BackDoor!b2p!6ED00D41A654

RDN/Downloader.a!tv!19D3C953FC04

Generic PUP.x!CFCE5945D560

Generic PUP.x!6A8C414E3775

RDN/Generic PUP.x!621C771FC00D

RDN/Generic Dropper!5F8801C95507

Phishing

Halifax UK

20th November 2014

Get Halifax Alert now

AT&T

19th November 2014

Please DocuSign this document:
Contract_changes_11_19_2014.pd
f

Vulnerebility

Google Chrome CVE-2014-7909 Information Disclosure Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71167

Libxml2 Entities Expansion CVE-2014-3660 Denial of Service Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70644

GnuTLS CVE-2014-8564 Multiple Heap Corruption Denial of Service Vulnerabilities
2014-11-21
http://www.securityfocus.com/bid/71003

Google Chrome CVE-2014-7910 Multiple Security Vulnerabilities
2014-11-21
http://www.securityfocus.com/bid/71161

Google Chrome CVE-2014-7907 Use After Free Remote Code Execution Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71170

Google Chrome CVE-2014-7908 Integer Overflow Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71168

Google Chrome CVE-2014-7904 Buffer Overflow Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71166

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70165

Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66850

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66896

Oracle MySQL Server CVE-2014-2432 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66875

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66835

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66846

Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66890

Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70560

Oracle Java SE CVE-2014-6532 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70507

Oracle Java SE CVE-2014-6492 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70456

Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70522

Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70565

Oracle Java SE CVE-2014-6458 Local Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70460

Oracle Java SE CVE-2014-4288 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70470

Oracle Java SE CVE-2014-6503 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70518

Oracle Java SE CVE-2014-6493 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70468

Oracle Java SE CVE-2014-6476 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70531

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-11-21
http://www.securityfocus.com/bid/67382

Multiple Cisco RV Series Routers CVE-2014-2178 Cross Site Request Forgery Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70922

Cisco Small Business RV Series Routers CVE-2014-2179 Arbitrary File Upload Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70920

Exploit

Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)

20.11.2014

Bugtraq

[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com

[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)

[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)

[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19
CORE Advisories Team (advisories coresecurity com)

CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 3074-2] php5 regression update 2014-11-19
Yves-Alexis Perez (corsac debian org)

Malware

RDN/Generic Dropper!vo!1F69DB677B1B

Generic PUP.x!017F99BEB30E

RDN/Generic PUP.x!cqd!6448A5D577DB

RDN/Spybot.bfr!o!A77EC13EF601

RDN/Generic Downloader.x!lu!F6CFF1FACC4F

RDN/Generic PUP.x!C13415D7FAEF

RDN/Generic PUP.x!BBE3C05E1FBC

RDN/Generic PUP.x!728B2BBB499A

RDN/Generic BackDoor!b2p!E1DBFC8C732E

RDN/Generic PUP.x!0A327B130FCA

RDN/Spybot.bfr!o!3061729CF360

RDN/Generic PUP.x!8B7ECB1317B1

RDN/Generic PUP.x!7681E9022688

RDN/Generic PUP.x!E6107BBCB280

RDN/Generic PUP.x!cqd!24FE3E91A7B8

RDN/Generic.dx!dh3!FDEA9C47CAF8

RDN/Generic Dropper!565A3E8E6459

RDN/Generic PUP.x!cqd!9913DD4EBAFA

Generic PUP.x!A9EB68E8D0BB

Generic PUP.x!5DCAD3946C61

RDN/Generic PUP.x!6FB4C030F2D8

RDN/Generic PUP.x!E23BB0087414

RDN/Generic PWS.y!bb3!FBEBBA09EBE0

RDN/Generic Dropper!vo!EEA7B3E0F0EB

RDN/Generic Dropper!vo!376CBD9B0DB6

RDN/Generic PUP.x!cqd!C7CC58BCEDBD

RDN/Generic PUP.x!E28CE449C0AA

RDN/Downloader.a!tv!85874AAFE4AE

RDN/Generic PUP.z!eh!BB4B332BFDEB

RDN/Generic PUP.x!D171756F3DD9

Phishing

AT&T

19th November 2014

Please DocuSign this document:
Contract_changes_11_19_2014.pd
f

Vulnerebility

Geary CVE-2014-5444 Man in the Middle Security Bypass Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70318

Oracle Java SE CVE-2014-6532 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70507

Oracle Java SE CVE-2014-6503 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70518

Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70565

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70538

Microsoft Internet Explorer CVE-2014-6351 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70323

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-11-20
http://www.securityfocus.com/bid/68213

Microsoft Internet Explorer CVE-2014-6348 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70348

Microsoft Internet Explorer CVE-2014-6343 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70344

Microsoft Internet Explorer CVE-2014-6342 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70341

Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70522

Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70560

Oracle Java SE CVE-2014-6476 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70531

Microsoft Internet Explorer CVE-2014-6347 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70347

Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70533

Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70548

Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70567

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70574

Oracle Java SE CVE-2014-4288 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70470

Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70544

Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70556

Oracle Java SE CVE-2014-6458 Local Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70460

Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70572

IBM Java SDK CVE-2014-3065 Local Arbitrary Code Execution Vulnerability
2014-11-20
http://www.securityfocus.com/bid/71147

Oracle Java SE CVE-2014-6493 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70468

Oracle Java SE CVE-2014-6492 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70456

Rockwell Automation Connected Components Workbench Multiple Arbitrary Code Execution Vulnerabilities
2014-11-20
http://www.securityfocus.com/bid/71052

Oracle Java SE CVE-2014-6466 Local Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70484

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/68636

CKEditor Preview Plugin CVE-2014-5191 Unspecified Cross Site Scripting Vulnerability
2014-11-20
http://www.securityfocus.com/bid/69161

Exploit

  Snowfox CMS 1.0 - CSRF Add Admin Exploit

  Paid Memberships Pro 1.7.14.2 Path Traversal

  MINIX 3.3.0 Remote TCP/IP Stack DoS

19.11.2014

Bugtraq

[SECURITY] [DSA 3074-1] php5 security update 2014-11-18
Yves-Alexis Perez (corsac debian org)

[ MDVSA-2014:213 ] curl 2014-11-18
security mandriva com

[ MDVSA-2014:214 ] dbus 2014-11-18
security mandriva com

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

Malware

Generic PUP.x!00C13E6E3EB6

Generic PUP.x!00E98E712C2B

FakeAV-M.bfr!BBDC8C713DFB

FakeAV-M.bfr!B5282F5794C1

RDN/Generic.bfr!hx!8C5310EB2E21

RDN/Generic.bfr!hx!C5756F00BDEB

RDN/Generic.bfr!hx!B4FCFF992CF8

RDN/Generic PWS.y!bb3!1ADE20F7B5F4

RDN/Generic BackDoor!b2p!85361CC6DD21

Generic PUP.x!90A7DFCCE751

RDN/Generic BackDoor!b2p!56BF59B841E7

Generic PUP.x!00EDDDCA1644

RDN/Generic.dx!dh3!BC5E4A946D40

RDN/Generic.dx!dh3!E6B330038EA9

RDN/Generic.dx!dh3!47FA264B5895

RDN/Generic.dx!dh3!D32D20350F81

FakeAV-M.bfr!2E4D3FC856E0

Generic PUP.x!68E73B576E5E

Generic PUP.x!00C17DE6F67A

RDN/Generic PWS.y!3C1C7216FE9D

RDN/BackDoor-FBSA!a!4B5361C834F3

Obfuscated-FBU!hb!B4643A3414B5

RDN/Generic PWS.y!bb3!E20307B2950B

Generic PUP.x!56433CD98571

RDN/Generic PWS.y!bb3!451CA4734C60

DNSChanger.bfr!AC72E79583DC

Generic PUP.x!1752930D7B78

RDN/Generic.dx!dh3!3B674035143B

RDN/Generic Dropper!vo!AA27627CC4B9

RDN/Generic.dx!2AF9CF345324

Phishing

 

Vulnerebility

libdigidoc DDOC Routine Arbitrary File Overwrite Vulnerability
2014-11-19
http://www.securityfocus.com/bid/62040

Cisco IOS CVE-2014-7992 Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71145

Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70958

Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71081

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-11-19
http://www.securityfocus.com/bid/70971

Linux Kernel CVE-2014-7843 Local Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71082

Linux Kernel KVM CVE-2014-7842 Local Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71078

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-11-19
http://www.securityfocus.com/bid/70972

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70186

libvirt 'domain_conf.c' Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70210

PHP 'donote()' Function Out-of-Bounds Read Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70807

libvirt CVE-2014-7823 Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71095

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70574

Adobe Flash Player and AIR CVE-2014-0574 Double Free Remote Code Execution Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71041

D-Bus CVE-2014-3639 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69832

D-Bus CVE-2014-3638 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69833

D-Bus CVE-2014-3636 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69834

D-Bus CVE-2014-7824 Incomplete Fix Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71012

D-Bus CVE-2014-3635 Local Heap Buffer Overflow Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69831

D-Bus CVE-2014-3637 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69829

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70988

Multiple IBM DB2 Products CVE-2014-6159 Remote Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71006

OpenStack Keystone Trust Chained Delegation Privilage Escalation Vulnerability
2014-11-19
http://www.securityfocus.com/bid/68026

OpenStack Keystone Trust CVE-2014-3520 Privilage Escalation Vulnerability
2014-11-19
http://www.securityfocus.com/bid/68344

HP Storage Data Protector CVE-2014-2623 Unspecified Remote Code Execution Vulnerability
2014-11-19
http://www.securityfocus.com/bid/68672

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-11-19
http://www.securityfocus.com/bid/67382

Microsoft Internet Explorer CVE-2014-6340 Cross Domain Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70941

Microsoft Internet Explorer CVE-2014-6346 Cross Domain Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70946

Microsoft Internet Explorer CVE-2014-6342 Remote Memory Corruption Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70341

Microsoft Internet Explorer CVE-2014-6337 Remote Memory Corruption Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70337

Exploit

 

18.11.2014

Bugtraq

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

[security bulletin] HPSBMU03183 rev.2 - HP Server Automation and Server Automation Virtual Appliance, running SSL, Remote Disclosure of Information 2014-11-17
security-alert hp com

[security bulletin] HPSBMU03072 rev.3 - HP Data Protector, Remote Execution of Arbitrary Code 2014-11-17
security-alert hp com

APPLE-SA-2014-11-17-3 Apple TV 7.0.2 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-11-17-1 iOS 8.1.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

Malware

RDN/Generic PUP.x!0724FAB97D94

RDN/Generic.dx!99F84BDE0439

Generic PUP.x!0D44B7CC3FDA

RDN/Generic BackDoor!b2p!FB35705B76B7

RDN/Ransom!0F2AA697E6C7

RDN/Generic PUP.x!017E325AE31C

Generic PUP.x!A76715CB62E6

RDN/Generic.bfr!EBF9B5B0A914

RDN/Generic Dropper!vo!F42597D96562

RDN/Downloader.a!tv!1CD17EABF047

Generic Downloader.x!B56032E405E7

RDN/Generic.dx!39E5F9EA79E1

RDN/Generic.bfr!hx!083DBCADB6C9

Generic Downloader.x!55B31F5F7567

RDN/Ransom!el!136B380E0367

Generic PUP.x!2852EBD71AC8

RDN/Generic PUP.x!F1D8CCA4256F

RDN/Generic PUP.x!1F1B3D50E79A

RDN/Generic PUP.x!011528B058B0

RDN/Generic BackDoor!b2p!29AAF121B6A9

RDN/Generic BackDoor!b2p!1D1187A13387

Generic PUP.x!83C9CE7AA253

RDN/Downloader.gen.a!BBE4A3B1BF31

RDN/Downloader.a!tv!BBE4A3B1BF31

Generic Downloader.x!CF714E4D1863

Generic Downloader.x!EF9B764AB59F

Downloader.gen.a!19ED8B3721C2

Generic PUP.x!1ED584B8EA9D

RDN/Generic.bfr!hx!A39B0C7102C2

Generic Downloader.x!11CABFCE85F1

Phishing

Paypal Security™

18th November 2014

YOUR ACCOUNT WILL BE LIMITED ,
UPDATE YOUR INFORMATION PLEASE
✔

bt.comms@bt.com

17th November 2014

Your account will be close

Vulnerebility

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68624

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70584

OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70586

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-11-18
http://www.securityfocus.com/bid/66397

IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
2014-11-18
http://www.securityfocus.com/bid/69798

Cisco IOS and IOS XE Software CVE-2014-3409 Denial of Service Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70715

Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70690

Microsoft .NET Framework TypeFilterLevel CVE-2014-1806 Remote Privilege Escalation Vulnerability
2014-11-18
http://www.securityfocus.com/bid/67286

Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70532

Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70517

Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70530

Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70550

Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70487

Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70510

Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70516

Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70486

MySQL MyISAM Insecure Temporary File Creation Vulnerability
2014-11-18
http://www.securityfocus.com/bid/69732

Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70451

Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70462

Oracle MySQL Server CVE-2014-4243 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68611

Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70455

Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70446

Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68593

Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68573

Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68564

Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68579

Check Point Security Gateway Multiple Denial of Service Vulnerabilities
2014-11-18
http://www.securityfocus.com/bid/67993

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70574

OpenSSL 'no-ssl3' Build Option Security Bypass Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70585

Exploit

 Samsung Galaxy KNOX Android Browser RCE

MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)

 .NET Remoting Services Remote Command Execution

  Safari 8.0 / OS X 10.10 - Crash PoC

17.11.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-320-01) 2014-11-16
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3073-1] libgcrypt11 security update 2014-11-16
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information 2014-11-14

Malware

RDN/Generic PWS.y!bb3!0C767EFD8AD1

RDN/Generic.dx!dh3!784B4F0BC132

RDN/Generic.bfr!hx!5CADD3B00653

RDN/Generic.dx!dh3!31C058EB8CF6

RDN/Generic PUP.x!31199323BE81

RDN/Generic Dropper!3229D4A847A2

RDN/Generic BackDoor!314F6AD2D31F

RDN/Generic Dropper!3130D9D07ADD

4shared!30FD3C935734

RDN/Generic Dropper!7D98EBC1E088

RDN/Generic PWS.y!30A7F429ADA2

RDN/Generic PUP.x!cqb!25CE2EC1C9AC

RDN/Generic.bfr!hx!85E7BA4BC94D

RDN/Generic BackDoor!93DD14696152

RDN/Generic.hra!679EEB69B111

RDN/Generic.hra!cc!0C4BB97365B1

RDN/Generic Downloader.x!696FD446F1CA

RDN/Generic PWS.y!bb3!2AF80852D4DD

RDN/Downloader.gen.a!5EBC6CF2959F

Generic Downloader.x!2A22B66D0F63

RDN/Generic PWS.y!bb3!9338B94C3CE0

RDN/Generic.bfr!hx!313665A1810B

RDN/Generic.bfr!hx!7EF69D4C3CEF

RDN/Generic PUP.x!cqb!E0B91352F321

RDN/Generic.bfr!hx!D9F3F471FD03

RDN/Generic PUP.x!cqb!18559D61F448

Generic PUP.x!5064F4DC27CE

Generic PUP.x!2F7873AEA257

RDN/Generic PUP.x!30653FB57520

Generic PUP.x!2F8492DA5598

Phishing

bt.comms@bt.com

17th November 2014

Your account will be close

Paypa1 Online

16th November 2014

Customer Alert

PayPal

16th November 2014

✔ ALERT ! YOUR PAYPAL
ACCOUNT WILL BE LIMITED PP1366

PAYPAL

16th November 2014

UPDATE YOUR LEGAL AGREEMENTS
WITH PAYPAL IN 24 HOURS ! ✔

Vulnerebility

Moodle CVE-2014-7833 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/71120

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-11-17
http://www.securityfocus.com/bid/70538

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/70584

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68007

cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
2014-11-17
http://www.securityfocus.com/bid/60737

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/65270

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/63776

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66458

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/67601

Microsoft Secure Channel CVE-2014-6321 Remote Code Execution Vulnerability
2014-11-17
http://www.securityfocus.com/bid/70954

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/61310

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/57778

php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66233

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/61776

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68624

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66355

cURL/libcURL CVE-2014-2522 SSL Certificate Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66296

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/67233

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69168

OpenSSH Certificate Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66459

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-11-17
http://www.securityfocus.com/bid/64225

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68636

MIT Kerberos 5 CVE-2014-4343 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69159

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68909

MIT Kerberos 5 CVE-2014-4344 NULL Pointer Dereference Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69160

MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68908

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69078

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69084

Exploit

  Internet Explorer < 11 - OLE Automation Array Remote Code Execution

  Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)

  MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python

  MS14-064 Microsoft Windows OLE Package Manager Code Execution

13.11.2014

Bugtraq

[security bulletin] HPSBMU03182 rev.1 - HP Server Automation running Bash Shell, Remote Code Execution 2014-11-12
security-alert hp com

[SECURITY] [DSA 3050-3] iceweasel security update 2014-11-12
Salvatore Bonaccorso (carnil debian org)

Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] 2014-11-12
Programa STIC (stic fundacionsadosky org ar)

CVE-2014-8732 2014-11-12
cert it nrw de

CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-12
cert it nrw de

[SECURITY] [DSA 3072-1] file security update 2014-11-12
Thijs Kinkhorst (thijs debian org)

Malware

RDN/Generic.dx!dg3!6E42BE034646

RDN/Generic BackDoor!b2o!A4BA201D27B5

RDN/Generic BackDoor!b2o!B4658D758474

RDN/Generic BackDoor!b2o!D2B0B9F0AE02

RDN/Generic.grp!hq!F4B9ACE7817D

Generic.dx!EB4C797737EF

Generic.dx!FFDBE01BB517

Generic.bfr!427D2EADE182

RDN/Generic BackDoor!b2o!CE91FF247A01

RDN/DNSChanger.bfr!e!8700C0248915

RDN/Generic BackDoor!b2o!5F2C1341E91D

RDN/Generic BackDoor!b2o!8A63EA13713B

RDN/Generic.tfr!ee!7D2C265886AD

RDN/Generic BackDoor!b2o!8C8D2210B359

Generic.dx!DA02991D936A

RDN/Generic.tfr!ee!854420D74AED

RDN/Generic.tfr!ee!6F16E05E3F85

Generic.dx!F23366DAEA88

RDN/DNSChanger.bfr!e!8754E0E82C98

RDN/Generic BackDoor!B1AFF2085375

Generic BackDoor!8F04A34A41B1

Generic.dx!EDD3AF94B508

RDN/Generic PUP.x!331E6FEC610C

Generic PUP.x!001F1D55F1AC

Generic.dx!DF7FF20FAF37

Generic.dx!ACBE550995B0

RDN/Generic Dropper!vo!B6805B88BA9D

Generic.dx!9E45067133F4

Generic BackDoor!3BFA4ADAB672

RDN/Generic.grp!hq!DE8D4CF6F2DD

Phishing

Customer service

13th November 2014

IMPORTANT : WE NOTICED AN
UNUSUAL ACTIVITY IN YOUR
PAYPAL ACCOUNT

PayPal

13th November 2014

UPDATE YOUR ACCOUNT WHEN YOU
ARE READY !

PayPal

12th November 2014

*** CACTUS *** Your account
access is limited

Vulnerebility

Adobe Flash Player and AIR CVE-2014-0582 Unspecified Heap Based Buffer Overflow Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71039

Adobe Flash Player and AIR CVE-2014-8441 Unspecified Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71050

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71047

Adobe Flash Player and AIR CVE-2014-8438 Use After Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71049

Adobe Flash Player and AIR CVE-2014-0590 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71046

Adobe Flash Player and AIR CVE-2014-0581 Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71042

Adobe Flash Player and AIR CVE-2014-0588 Use After Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71048

Adobe Flash Player and AIR CVE-2014-0574 Double Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71041

Adobe Flash Player and AIR CVE-2014-0586 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71045

Adobe Flash Player and AIR CVE-2014-0577 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71038

Adobe Flash Player and AIR CVE-2014-0584 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71043

Adobe Flash Player and AIR CVE-2014-0573 Use After Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71033

Adobe Flash Player and AIR CVE-2014-0585 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71044

Adobe Flash Player and AIR CVE-2014-0589 Unspecified Heap Based Buffer Overflow Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71051

Adobe Flash Player and AIR CVE-2014-8437 Information Disclosure Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71036

Adobe Flash Player and AIR CVE-2014-0576 Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71037

Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70427

Mozilla Firefox/Thunderbird CVE-2014-1578 Out of Bounds Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70428

Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70440

Mozilla Firefox CVE-2014-1583 Same Origin Policy Security Bypass Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70424

Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
2014-11-13
http://www.securityfocus.com/bid/70436

Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70425

Mozilla Firefox/Thunderbird CVE-2014-1581 Use After Free Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70426

Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70430

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70166

Cacti Multiple Cross Site Scripting Vulnerabilities
2014-11-12
http://www.securityfocus.com/bid/68759

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70165

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68816

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70103

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70574

Exploit

  MS Office 2007 and 2010 - OLE Arbitrary Command Execution

  WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS Vulnerability

  CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

12.11.2014

Bugtraq

[security bulletin] HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL, Remote Disclosure of Information 2014-11-11
security-alert hp com

[security bulletin] HPSBST03154 rev.1 - HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBST03181 rev.1 - HP StoreEver ESL G3 Tape Library running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBHF03124 rev.2 - HP Thin Clients running Bash Shell, Remote Execution of Code 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03165 rev.1 - HP Propel running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03184 rev.1 - HP SiteScope running SSL, Remote Disclosure of Information 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03190 rev.1 - HP Helion Cloud Development Platform Community and Commercial Editions, Remote Unauthenticated Access 2014-11-11
security-alert hp com

[security bulletin] HPSBUX03188 SSRT101487 rev.1 - HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities 2014-11-11
security-alert hp com

[SECURITY] [DSA 3071-1] nss security update 2014-11-11
Sebastien Delafond (seb debian org)

Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] 2014-11-11
Programa STIC (stic fundacionsadosky org ar)

[security bulletin] HPSBGN03191 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running lighttpd, Remote Disclosure of Information and other Vulnerabilities 2014-11-11
security-alert hp com

[security bulletin] HPSBGN03117 rev.2 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBST03155 rev.1 - HP StoreFabric H-series switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

Malware

Downloader.gen.a!9A9A0A560D95

Generic PUP.x!FDD86F1C0E6B

Generic PUP.x!607E046CE594

RDN/Generic Downloader.x!lt!2C8EF96F4FC3

W32/Sdbot.worm!65EAE3A21DE9

W32/Sdbot.worm!4B529E07B886

W32/Sdbot.worm!2A3D30F65D53

Generic Downloader.x!0BD80CC44851

RDN/Generic PUP.x!cp3!75B65B579167

RDN/Generic.bfr!C6720E1E9494

Generic PUP.x!0D2D3AF4334E

Generic Dropper!A36B970EDA1C

Generic PUP.x!ED60892ABA47

Generic PUP.x!224A09A3D3E8

RDN/Generic PUP.x!819BF6C432A3

MultiPlug-FSK!A282AAECDC28

RDN/BackDoor-AWQ!bw!8987988169A0

Generic PUP.x!184C1107422D

Generic PUP.x!ABBC83F26ED7

RDN/Generic Dropper!01EFED3EF44C

RDN/Generic.dx!32C4BCE630B0

Generic PUP.x!0065227B53E7

Generic PUP.x!0C936568EE1B

Generic PUP.x!870B8C5A9F35

Generic PUP.x!EAF0C7B79361

Generic PUP.x!CE2C0055D146

Generic PUP.x!5F268E75C653

Generic PUP.x!48E4BC25D438

Generic PUP.x!3865BCCEE8C6

Generic PUP.x!B3EEB86211E1

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68816

Creative Contact Form 'wp-content/plugins/sexy-contact-form' Arbitrary File Upload Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70723

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-11-12
http://www.securityfocus.com/bid/70096

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70094

Linux Kernel CVE-2014-3185 'whiteheat.c' Buffer Overflow Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69781

Linux Kernel KVM CVE-2014-3611 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70743

Linux Kernel KVM CVE-2014-3646 Local Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70745

Linux Kernel KVM CVE-2014-3645 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70746

Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70690

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68632

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69078

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69079

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68603

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68620

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68599

Exploit

 

11.11.2014

Bugtraq

 

Malware

RDN/Generic PUP.x!cpx!B98A2BB33AEE

RDN/DNSChanger.bfr!e!4F562A3D6907

Generic PUP.x!3B56DBFF8AEE

W32/Sality.gen!30CDECF71F7B

Generic PUP.x!702B32F54DC3

RDN/Generic PUP.x!9A55406ED224

Generic PUP.x!8D216C9D2AAC

RDN/Generic PUP.x!1BD910E77E40

RDN/Generic PUP.x!cpx!C66429526D3E

RDN/Generic.dx!5F04B665934C

RDN/Generic.tfr!ee!AF1DFAADEA0A

RDN/Generic PUP.x!cpx!2745C32D1106

RDN/Generic BackDoor!b2n!C3499199DBE7

Downloader.gen.a!28AB8AB1F217

RDN/Generic.grp!17949BFB7F23

Generic Downloader.x!45EB4AB85539

Generic PUP.x!3B09DAF519E0

RDN/Generic PUP.x!6C786F48F361

RDN/Generic PUP.x!cpx!267B86155BC2

RDN/Generic PUP.x!cpx!D6D91456AF29

RDN/Downloader.a!tu!D7CCD914E707

Generic PUP.x!6E61548B53BD

Generic Downloader.x!1FD0548CAF4A

RDN/Generic PUP.z!eh!7DEDDE778EEC

RDN/Generic PUP.x!FF76273A129F

FakeAV-Y.bfr!13B886DCFEDF

RDN/Generic BackDoor!b2n!982F0752F66A

RDN/Generic.bfr!hr!73254EE8B930

RDN/Generic Downloader.x!lt!F51CC82B81C8

Generic PUP.x!37E1B4ACAFB4

Phishing

 

Vulnerebility

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70574

PHP 'date_from_ISO8601()' Function Buffer Overflow Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70928

Mozilla Firefox/Thunderbird CVE-2014-1575 Multiple Memory Corruption Vulnerabilities
2014-11-11
http://www.securityfocus.com/bid/70439

Mozilla Firefox/Thunderbird CVE-2014-1578 Out of Bounds Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70428

Mozilla Firefox CVE-2014-1583 Same Origin Policy Security Bypass Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70424

Mozilla Firefox/Thunderbird CVE-2014-1581 Use After Free Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70426

Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70425

Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
2014-11-11
http://www.securityfocus.com/bid/70436

Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70430

Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70427

Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70440

Nuevoplayer CVE-2014-8339 SQL Injection Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70833

OpenOffice CVE-2014-3575 Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/69354

Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
2014-11-11
http://www.securityfocus.com/bid/64437

WordPress Compfight Plugin 'compfight-search.php' Cross Site Scripting Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68518

RESTEasy JaxB XML Entity References Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/51766

RESTEasy XML Entity References Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/51748

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68571

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-11-11
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68603

OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70586

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70584

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70165

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68642

Exploit

  Visual Mining NetCharts Server Remote Code Execution

  Internet Explorer 8 MS14-035 Use-After-Free Exploit

  ManageEngine OpManager, Social IT Plus and IT360 - Multiple Vulnerabilities

  XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities

  Password Manager Pro / Pro MSP - Blind SQL Injection

  ZTE ZXDSL 831CII - Insecure Direct Object Reference

  Another Wordpress Classifieds Plugin - SQL Injection

  PHP-Fusion 7.02.07 - SQL Injection

  Progress OpenEdge 11.2 - Directory Traversal

  Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes)

10.11.2014

Bugtraq

[The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360 2014-11-09
Pedro Ribeiro (pedrib gmail com)

[The ManageOwnage Series, part VII]: Super admin privesc + password DB dump in Password Manager Pro 2014-11-08
Pedro Ribeiro (pedrib gmail com)

[SECURITY] [DSA 3070-1] kfreebsd-9 security update 2014-11-07
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!390A7B209C4C

Generic PUP.x!3976D1F0551C

RDN/Generic PUP.x!cpw!CDC4C41E879A

RDN/Generic PUP.x!7681D3CB0430

RDN/Generic BackDoor!b2n!0E21CAB444D9

RDN/Generic BackDoor!b2n!B4FF01CA197E

RDN/Generic.dx!dgw!BD0E64FF6788

RDN/Generic BackDoor!b2n!3EDE0B30BD80

Generic PUP.x!8F62DAEF371E

RDN/Generic BackDoor!b2n!6F65362784B7

RDN/PWS-Banker!53E970CD53D9

RDN/Generic.bfr!hw!F8028E0F82A3

Generic PUP.x!C2C74207F67C

RDN/Generic PUP.x!cpw!EAD09547746C

Generic PUP.x!367196387990

Generic PUP.x!3449CD8E9D43

RDN/Generic PUP.x!5A14A83BA6E3

Generic PUP.x!A648051FCC48

Generic PUP.x!624A08BCE653

Generic PUP.x!6401C93461F8

Generic PUP.x!8C32DE63995E

Generic PUP.x!51BEEDDB0BE9

Generic PUP.x!40BFD8A54A80

Generic PUP.x!53FEF6C835DC

Generic PUP.x!69C6B1BBBF02

Generic PUP.x!5223BAD0C954

Generic PUP.x!5C5A2E52A181

Generic PUP.x!3CA49AE44383

Generic PUP.x!6271A41FBB30

Generic PUP.x!3D37F5D3E78B

Phishing

PayPal

10th November 2014

YOUR PAYPAL ACCOUNT WAS
LIMITED

Vulnerebility

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66914

MiniUPnP CVE-2013-0230 Stack-Based Buffer Overflow Vulnerabilities
2014-11-10
http://www.securityfocus.com/bid/57608

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66904

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-0454 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66905

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66891

IBM Notes Traveler For Android CVE-2014-6130 Man in the Middle Information Disclosure Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70871

Linux Kernel 'net/mac80211/tx.c' Information Disclosure Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70965

PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70665

PHP CVE-2014-3669 Denial of Service Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70611

PHP 'libxmlrpc/xmlrpc.c' Buffer Overflow Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70666

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66458

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66457

FreeBSD namei CVE-2014-3711 Remote Denial of Service Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70692

FreeBSD CVE-2014-3952 Local Information Disclosure Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68466

FreeBSD CVE-2014-3953 Multiple Local Information Disclosure Vulnerabilities
2014-11-10
http://www.securityfocus.com/bid/68467

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-11-10
http://www.securityfocus.com/bid/69079

Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
2014-11-10
http://www.securityfocus.com/bid/69728

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68636

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-11-10
http://www.securityfocus.com/bid/69077

Quassel 'cipher.cpp' Out-of-Bounds Read Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70740

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66881

Exploit

 

9.11.2014

Bugtraq

Open-Xchange Security Advisory 2014-11-07 2014-11-07
Martin Heiland (martin heiland open-xchange com)

[SECURITY] [DSA 3068-1] konversation security update 2014-11-07
Moritz Muehlenhoff (jmm debian org)

FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] 2014-11-06
FreeBSD Security Advisories (security-advisories freebsd org)

Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06
Programa STIC (stic fundacionsadosky org ar)

XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities 2014-11-06
Larry W. Cashdollar (larry0 me com)

ZTE ZXDSL 831 Multiple Cross Site Scripting 2014-11-06
habte yibelo gmail com

ZTE 831CII Multiple Vulnerablities 2014-11-06
habte yibelo gmail com

ZTE ZXDSL 831CII Direct Object Reference 2014-11-06
habte yibelo gmail com

CA20141103-01: Security Notice for CA Cloud Service Management 2014-11-06
Kotas, Kevin J (Kevin Kotas ca com)

[SECURITY] [DSA 3067-1] qemu-kvm security update 2014-11-06
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3066-1] qemu security update 2014-11-06
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3065-1] libxml-security-java security update 2014-11-06
Sebastien Delafond (seb debian org)

[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper 2014-11-06
mdgh9 yahoo com

i-FTP Buffer Overflow SEH 2014-11-05
metacom27 gmail com

i.Mage Local Crash Poc 2014-11-05
metacom27 gmail com

SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection 2014-11-06
SEC Consult Vulnerability Lab (research sec-consult com)

Cisco RV Series multiple vulnerabilities 2014-11-06
Securify B.V. (lists securify nl)

[The ManageOwnage Series, part VI]: 0day database info and superuser credential disclosure in EventLog Analyser 2014-11-05
Pedro Ribeiro (pedrib gmail com)

i.Hex Local Crash Poc 2014-11-05
metacom27 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers 2014-11-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2014-135: RSAŽ Web Threat Detection SQL Injection Vulnerability 2014-11-05
Security Alert (Security_Alert emc com)

WordPress Wordfence Firewall 5.1.2 Cross Site Scripting 2014-11-05
bhati contact gmail com

Arbitrary File Upload in HelpDEZk 2014-11-05
High-Tech Bridge Security Research (advisory htbridge com)

Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms 2014-11-05
High-Tech Bridge Security Research (advisory htbridge com)

Wordpress bulletproof-security <=.51 multiple vulnerabilities 2014-11-05
Pietro Oliva (pietroliva gmail com)

CVE-2014-6616 Softing FG-100 Webui XSS 2014-11-05
Ingmar Rosenhagen (ingmar rosenhagen csnc de)

CVE-2014-6617 Softing FG-100 Backdoor Account 2014-11-05
Ingmar Rosenhagen (ingmar rosenhagen csnc de)

KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read 2014-11-05
KoreLogic Disclosures (disclosures korelogic com)

FreeBSD Security Advisory FreeBSD-SA-14:26.ftp 2014-11-05
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin 2014-11-05
FreeBSD Security Advisories (security-advisories freebsd org)

Malware

RDN/Generic BackDoor!53BA2EED2CFD

RDN/Generic BackDoor!rk!D4A43FE2F61F

RDN/Generic.bfr!4E7A9B5491F1

RDN/Generic PUP.x!7034064E0C8C

Generic PUP.x!00DBCBE8558E

RDN/Generic.bfr!hw!B4CEB6CD7A85

Generic PUP.x!EF4651C00D5A

Generic PUP.x!F4E5063CCCD6

MultiPlug-FSH!FC1C00D40D21

RDN/YahLover.bfr!c!C1BCBB16CFEC

RDN/Generic PUP.x!2091A0627947

RDN/Generic PUP.x!F9AE42387356

RDN/Generic PUP.x!cpv!6A6832509096

RDN/Generic PUP.x!A1247904002D

RDN/Generic PUP.x!C710130A57FB

RDN/Generic PUP.x!6F5B12EAEA6B

MultiPlug-FSH!F7AEA47FEA3B

RDN/Generic BackDoor!b2n!13C84B531D90

MultiPlug-FSH!ED30767898A1

RDN/Generic PUP.x!9837156B41BE

RDN/Generic PUP.x!5F96171DEABD

RDN/Generic PUP.x!EF65A9DD8A58

RDN/Generic PUP.x!F9ED62A264D1

Generic PUP.x!C69EE71F1FA6

RDN/Generic PUP.x!cpv!7B830701B70A

RDN/Generic PUP.x!3B503988D563

RDN/Generic PUP.x!67E843E1C725

RDN/Generic PUP.x!9B34B1079CDF

RDN/Generic PUP.x!4B0F0C6BB720

RDN/Generic PUP.x!4F3C4C8D026D

Phishing

AMAZON.COM.AU

8th November 2014

Revision to Your Amazon.com.au
Account

Vulnerebility

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66458

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66457

FreeBSD namei CVE-2014-3711 Remote Denial of Service Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70692

FreeBSD CVE-2014-3952 Local Information Disclosure Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68466

FreeBSD CVE-2014-3953 Multiple Local Information Disclosure Vulnerabilities
2014-11-09
http://www.securityfocus.com/bid/68467

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/69079

Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
2014-11-09
http://www.securityfocus.com/bid/69728

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68636

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-11-09
http://www.securityfocus.com/bid/69077

Quassel 'cipher.cpp' Out-of-Bounds Read Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70740

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66881

Polarssl Multiple Security Vulnerabilities
2014-11-09
http://www.securityfocus.com/bid/70902

PolarSSL Unspecified Memory Corruption Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70905

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66903

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/67601

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66873

KDE Workspace Arbitrary Command Execution Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70904

requests-kerberos 'requests_kerberos/kerberos_.py' Remote Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70909

PHP CVE-2014-3669 Denial of Service Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70611

PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70665

PHP 'date_from_ISO8601()' Function Buffer Overflow Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70928

Exploit

  Citrix NetScaler SOAP Handler Remote Code Execution

  Belkin n750 jump login Parameter Buffer Overflow

  Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2

  IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation

  Windows TrackPopupMenu Win32k NULL Pointer Dereference

  Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

  ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS Vulnerability

  Drupal < 7.32 Pre Auth SQL Injection

  MINIX 3.3.0 Local Denial of Service PoC

9.10.2014

Bugtraq

[security bulletin] HPSBMU03110 rev.1 - HP Sprinter, Remote Execution of Code 2014-10-08
security-alert hp com

[security bulletin] HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution 2014-10-08
security-alert hp com

[SECURITY] [DSA 3048-1] apt security update 2014-10-08
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-10-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection 2014-10-08
Onapsis Research Labs (research onapsis com)

Two XSS in Contact Form DB WordPress plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

[SECURITY] [DSA 3047-1] rsyslog security update 2014-10-08
Luciano Bello (luciano debian org)

Malware

Generic.tfr!1715C76BF414

RDN/Generic PUP.x!c2p!AA0FE7943C19

RDN/Generic PUP.x!c2p!89574B6ABF73

MultiPlug-FQW!147D7CF9FA31

RDN/Generic Dropper!vj!A2D133395EF0

Generic PUP.x!18461F0BD58F

RDN/Generic BackDoor!b2e!E34CE66EBDC8

Generic PUP.x!15A35161B1E0

RDN/Generic Downloader.x!BC02E3C81391

MultiPlug-FQW!78DB74984278

RDN/Generic PUP.x!92D947F01284

RDN/Generic PUP.x!2EE9751C294D

RDN/Generic.dx!dgc!970F0D7CED5D

MultiPlug-FQW!34EDE0F9E391

Generic PUP.x!0189948082D0

RDN/Generic PUP.x!c2p!D1AF7E5BF016

Generic Dropper!051E39446DB3

RDN/Generic Downloader.x!6CAD536B5306

RDN/Generic BackDoor!b2e!E427901B9DD7

RDN/YahLover.worm!bd!15786BA4420F

RDN/Generic PUP.x!CED1CCA74072

RDN/Generic Dropper!vj!4F680869ED18

MultiPlug-FQW!766349EC78F6

RDN/Generic PUP.x!8B5D6304D4A9

RDN/Generic PUP.x!c2p!A4390EDE5858

Generic PWS.y!E75350CEC4D3

RDN/Generic PUP.x!c2p!EAC71C0E0861

RDN/Generic PUP.x!c2p!A8E925DF477D

Generic Downloader.x!79B7CA61C02F

RDN/Generic PWS.y!bbj!4824E2738799

Phishing

Natwest

9th October 2014

NatWest Secure Activation
Confirmation

Chase Online

9th October 2014

Verify Your Account

Vulnerebility

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-10-09
http://www.securityfocus.com/bid/66355

OpenSSH Certificate Validation Security Bypass Vulnerability
2014-10-09
http://www.securityfocus.com/bid/66459

IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
2014-10-09
http://www.securityfocus.com/bid/69798

Exuberant Ctags 'jscript.c' Remote Denial of Service Vulnerability
2014-10-09
http://www.securityfocus.com/bid/70168

Debian 'apt' Package CVE-2014-7206 Insecure Temporary File Creation Vulnerability
2014-10-09
http://www.securityfocus.com/bid/70310

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68636

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68624

IBM WebSphere Application Server CVE-2014-4816 Cross Site Request Forgery Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69980

IBM WebSphere Application Server CVE-2014-4770 Cross Site Scripting Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69981

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70165

Track-It! CVE-2014-4872 Unauthorized Access Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70264

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-10-08
http://www.securityfocus.com/bid/65223

Exploit

     Wordpress InfusionSoft Plugin Upload Vulnerability

    Rejetto HttpFileServer Remote Command Execution

  F5 iControl Remote Root Command Execution

  Linux Kernel remount FUSE Exploit

  BMC Track-It! - Multiple Vulnerabilities

  DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities

  Nessus Web UI 2.3.3 - Stored XSS 

8.10.2014

Bugtraq

OWTF 1.0 "Lionheart" released! 2014-10-06
Abraham Aranguren (abraham aranguren owasp org)

Security advisory for Bugzilla 4.5.6, 4.4.6, 4.2.11, and 4.0.15 2014-10-06
dkl mozilla com

CA20141001-01: Security Notice for Bash Shellshock Vulnerability 2014-10-06
Williams, James K (Ken Williams ca com)

Multiple Vulnerabilities in Draytek Vigor 2130 2014-10-06
Erik-Paul Dittmer (epdittmer digitalmisfits com)

PayPal Inc Bug Bounty #53 - Multiple Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic BackDoor!b2d!A6E5EE456D96

Generic BackDoor!BBD17B5C81EA

RDN/Generic PUP.x!c2m!9C08A79B5445

RDN/Generic PUP.x!c2m!045D129AAC8A

Generic PUP.x!FA05ED28873A

Generic PUP.x!9D85176AEC0B

Generic PUP.x!C1A0A23B36EA

RDN/Generic.bfr!29E90097C981

RDN/Generic PUP.x!DA4A4F1D70E4

RDN/Generic PUP.x!c2m!AD76E2853B18

RDN/Generic.bfr!hs!BB89DA673353

RDN/Generic PUP.x!97D22CCB9485

RDN/Generic Dropper!vi!98C1595083B5

RDN/Generic.bfr!hs!AFB8BB49B823

RDN/Generic BackDoor!2AC7ACB21151

RDN/Generic PUP.x!c2m!202125C7C7A8

RDN/Generic.bfr!hs!FE5713E831AF

Generic.dx!1584676FD155

RDN/Generic Dropper!vi!64B92F10158C

Generic Dropper!98EA33E2CDFD

RDN/Generic Dropper!AB0B0F62FA57

RDN/Generic.bfr!617EF7B58A2C

Generic.tfr!48B80FF03562

RDN/Generic PUP.x!c2m!379DBBF74E5C

RDN/Generic BackDoor!b2d!2E4A64BA2D10

RDN/Generic PUP.x!c2m!15F95766298C

RDN/Generic PUP.x!c2m!703F1BAA8C6B

RDN/Generic.tfr!ed!736FF5FB294D

RDN/Generic PUP.x!2617B4FCE46F

Generic.bfr!21CFBDCE784A

Phishing

no-reply@bt.com

7th October 2014

Account Verification

NatWest

7th October 2014

NatWest YourPoints Online

E-ZPass Customer Service Cente

7th October 2014

Indebtedness for driving on
toll road

Account

6th October 2014

NOTICE:UPDATE YOUR INFORMATION

Dun & BradStreet

6th October 2014

FW: Case - 6393394696

Vulnerebility

Schneider Electric ClearSCADA CVE-2014-5413 Weak Hashing Algorithm Remote Security Weakness
2014-10-08
http://www.securityfocus.com/bid/69842

Schneider Electric ClearSCADA CVE-2014-5412 Remote Security Bypass Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69840

Siemens SIMATIC WinCC and PCS7 CVE-2014-4686 Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68875

Siemens SIMATIC WinCC and PCS 7 CVE-2014-4685 Local Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68872

Siemens SIMATIC WinCC and PCS7 Database Server Remote Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68880

Siemens SIMATIC WinCC And PCS7 CVE-2014-4683 Remote Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68879

Siemens SIMATIC WinCC And PCS7 WebNavigator Server Information Disclosure Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68876

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70137

IBM Embedded WebSphere Application Server CVE-2014-3020 Local Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69034

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68636

IBM Security Access Manager CVE-2014-6079 Unspecified Cross Site Scripting Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70197

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68632

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68603

Oracle Database Server CVE-2014-4245 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68617

Oracle Database Server CVE-2014-4236 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68633

Exploit

Asx to Mp3 2.7.5 - Stack Overflow

7.10.2014

Bugtraq

[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)

Malware

PUP-FMK!2F218975826E

PUP-FMK!029CCAB6569C

Generic Downloader.x!F77D362082C1

RDN/Generic PUP.x!0011BF22D66C

MultiPlug-FQW!E7351D4BC208

PUP-FMK!BCA3D65CB17C

PUP-FMK!67076CEA7629

PUP-FMK!58969671BF50

RDN/Generic.bfr!hs!5554CA6BA99C

RDN/Generic.bfr!B6A04A798D5B

RDN/Generic.dx!dgb!6B774BEA33D2

RDN/Generic.tfr!ed!6906F155B8EC

PUP-FMK!0E6263B69EDA

PUP-FMK!6E93CE76F4A2

RDN/Generic.bfr!hs!B6A04A798D5B

PUP-FMS!EAFB42D5B89A

Generic PUP.x!00CE66ED87ED

RDN/Generic.bfr!hs!80FDB733C5F2

MultiPlug-FQW!D24B5AE91B2A

MultiPlug-FQW!42A538D69465

RDN/Generic BackDoor!8B57F53EF2F1

RDN/Generic.bfr!hs!E68D82ABD118

RDN/Generic PUP.x!0DE9A77000C3

Generic PUP.x!4D60D8DC2380

RDN/Generic PUP.x!003B95B2F6C6

MultiPlug-FQW!7DABDC9149AA

MultiPlug-FQW!0DB61BA6D2D3

RDN/Generic PUP.x!583D85840F93

RDN/Generic PUP.x!c2k!C2E8E5AE5809

RDN/Generic.dx!dgb!6EF3CDDDE2D0

Phishing

Account

6th October 2014

NOTICE:UPDATE YOUR INFORMATION

Dun & BradStreet

6th October 2014

FW: Case - 6393394696

PayPal

6th October 2014

Your Account is Limited !

Halifax UK

6th October 2014

Halifax Online Banking
SecureForm.

PayPal

6th October 2014

Security Measure

Vulnerebility

Cisco Adaptive Security Appliance (ASA) Software Arbitrary File Overwrite Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70251

PolicyKit Local Privilege Escalation Vulnerability
2014-10-07
http://www.securityfocus.com/bid/68771

HTTP File Server 'ParserLib.pas' Remote Command Execution Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69782

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69075

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70094

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-10-07
http://www.securityfocus.com/bid/67899

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70091

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-10-07
http://www.securityfocus.com/bid/70096

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/67898

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-10-07
http://www.securityfocus.com/bid/66363

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69573

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-10-07
http://www.securityfocus.com/bid/66397

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69084

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69079

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69077

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70166

Cisco ASA Software CVE-2014-3398 Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70230

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70103

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69082

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70165

Cisco IOS XR Software CVE-2014-3396 Access List Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70236

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70154

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70153

Node.js qs Module Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70113

Exploit

 

6.10.2014

Bugtraq

[SECURITY] [DSA 3045-1] qemu security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3044-1] qemu-kvm security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3042-1] exuberant-ctags security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic PUP.x!DD9B5DAA1F08

RDN/Downloader.a!tl!2E12C5EFE738

RDN/Generic.tfr!ed!D2143D5457E7

RDN/Generic.dx!dg3!0AFC5FADAFDF

RDN/Generic.bfr!hs!84A57FBE4098

RDN/Generic PUP.x!c2i!5C76A69B7978

RDN/DNSChanger.bfr!d!5C0381600E5D

RDN/Generic.dx!dg3!BB3EB3D7F24B

Generic PUP.x!51634A2B0BCD

RDN/DNSChanger.bfr!d!2949C8721183

RDN/DNSChanger.bfr!d!E8D4382B2A34

RDN/PWS-Mmorpg.gen!37168FCED0BF

RDN/Generic PWS.y!bb3!FD3072619AF6

Generic PUP.x!ED3ABE79CDA9

Generic PUP.x!20F65FFE3324

RDN/Generic PUP.x!CFB02A2F2A49

RDN/Generic.dx!dg3!5A32D3C65223

RDN/Downloader.a!tl!1E08A8034DB7

Generic Downloader.x!CAC0C16AC2F0

RDN/Generic PUP.x!c2i!B4800B6D913F

RDN/Generic.bfr!BE8656A8046E

RDN/Generic.bfr!hs!AB8A3DB2596A

RDN/Generic.dx!dg3!D6A4D106DDD2

RDN/Generic.dx!dg3!11563BD7E0B0

RDN/Generic.bfr!A65091F3961A

RDN/Generic Downloader.x!lc!EF75FE4F30EF

RDN/Generic PUP.x!c2i!D40B3A89D19E

RDN/Generic PWS.y!bb3!AE7421D7D1E6

RDN/Sdbot.worm!cb!40F81B74B6B5

RDN/Generic PUP.x!c2i!8ABDA107250E

Phishing

PayPal

6th October 2014

Security Measure

Vulnerebility

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70137

Linux Kernel 'net_get_random_once' Local Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70209

FreePBX 'index.php' Remote Command Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70188

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69325

OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/59672

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/68983

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70186

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/61310

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/68446

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70089

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69647

Exploit

  Postfix SMTP - Shellshock Exploit

  Apache mod_cgi - Remote Exploit (Shellshock)

  Bash - CGI RCE (MSF) Shellshock Exploit

  AutoWeb 3.0 - (noticias.php id_cat) SQL Injection Exploit

4.10.2014

Bugtraq

[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code 2014-10-03
security-alert hp com

PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)

HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PUP.x!c2h!9964B78F2FE2

Generic PUP.x!2CC475DA3312

RDN/Generic.dx!dfz!BFFFBBB9A3F6

RDN/Autorun.worm!dm!A8FFF76CDF07

RDN/Generic Downloader.x!lc!A8F76130BF79

RDN/Generic.dx!dfz!A8BB0DFC284B

Generic Downloader.x!C30454F3132A

RDN/Generic PUP.x!188701D0F4F9

RDN/Generic PWS.y!0B31DB8353AA

RDN/Generic PUP.x!c2h!C2E1E344313F

RDN/Downloader.a!tl!C2D3F33E43C6

RDN/Downloader.a!tl!C2D26C26446A

RDN/Downloader.a!tl!C2C1B1C96667

RDN/Generic PUP.x!c2h!E03E04DAB267

RDN/Generic.bfr!hs!D6DEF94FF064

RDN/Generic PUP.x!C80C016BF30B

W32/Virus.gen!7F1A038D1464

W32/Sality.gen!0323E943A80B

Generic PUP.x!691B663C872D

Generic PUP.x!5A41C6A2C66C

Generic.bfr!B7E1B3CEA37B

RDN/Generic PUP.x!43A30C12480B

RDN/Generic PUP.x!2A74E54A6BDD

Generic PUP.x!45A0D344D5F9

Generic PUP.x!C88167B3BA2A

Generic PUP.x!B1E07A40B5E7

RDN/Generic PUP.x!c2h!BF123E880141

Generic.bfr!7A91B76599CB

W32/Sality.gen!74A57025FAD5

RDN/Generic BackDoor!b2b!F516EB22C48A

Phishing

Paypal Inc

4th October 2014

YOUR ACCOUNT WILL BE LIMITED !

Paypal Help

4th October 2014

PAYPAL : UPDATE YOUR PAYPAL
ACCOUNT ! ✔

PayPal

4th October 2014

[PAYPAL] : UPDATE YOUR PAYPAL
ACCOUNT ! ✔

Paypal.Inc

4th October 2014

YOUR ACCOUNT HAS LIMITATION!
YOU CAN RESOLVE THIS NOW.?

PayPal

4th October 2014

Account Suspended

Vulnerebility

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70137

Linux Kernel 'net_get_random_once' Local Information Disclosure Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70209

FreePBX 'index.php' Remote Command Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70188

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69325

OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability
2014-10-04
http://www.securityfocus.com/bid/59672

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/68983

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70186

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/61310

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/68446

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70089

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69647

Exploit

 

3.10.2014

Bugtraq

[ MDVSA-2014:195 ] libvirt 2014-10-03
security mandriva com

[security bulletin] HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2014-10-02
security-alert hp com

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2014-10-02
security-alert hp com

Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities 2014-10-02
Patrick Webster (patrick osisecurity com au)

[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com

[ MDVSA-2014:194 ] phpmyadmin 2014-10-03
security mandriva com

Elasticsearch vulnerability CVE-2014-6439 2014-10-02
Jordan Sissel (jordan sissel elasticsearch com)

Malware

Generic PUP.x!52C1A906E781

Generic PUP.x!51BE26245F83

Generic PUP.x!53CBB4CB70BC

Generic PUP.x!54DA64B562F5

RDN/Generic PUP.x!c2f!54E05A203165

Generic PUP.z!52EC75639A69

RDN/Generic Downloader.x!lc!57E21B5B733B

Generic PUP.x!5185C59E1736

RDN/Generic Downloader.x!lc!54FD5B4358E9

RDN/Generic.bfr!55FB6858CAD5

RDN/Generic Downloader.x!lc!55B00BFF1C7A

RDN/Generic.dx!dfz!566E7D17FE51

Generic PUP.x!5274D807B402

Generic PUP.x!55825DF93872

RDN/Generic.bfr!hs!50F5C164E1A2

Generic PUP.x!56CC85EF7591

RDN/Generic.dx!dfz!53B406EEDF8E

RDN/Generic.dx!dfz!53844C48AEB2

RDN/Generic.bfr!54530D6295C5

Generic PUP.x!51B929AC8DCE

RDN/Generic BackDoor!b2b!5421ECA29BA8

Generic PUP.x!4F9A14ED4674

RDN/Generic.dx!52A511B7E971

Generic.bfr!5336AC7C99BC

RDN/Generic PWS.y!bbg!5160010240B2

RDN/Generic Downloader.x!lc!507F125364B7

Generic PUP.x!49FEFD6E0BDE

RDN/Generic.bfr!hs!50A61E31E20C

Generic PUP.x!521C513CAA2E

RDN/Generic.dx!dfz!4F2414829594

Phishing

Paypal Inc

2nd October 2014

YOUR ACCOUNT WILL BE LIMITED !

Vulnerebility

Linux Kernel 'net_get_random_once' Local Information Disclosure Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70209

FreePBX 'index.php' Remote Command Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70188

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69325

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70137

OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability
2014-10-03
http://www.securityfocus.com/bid/59672

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70152

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/68983

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70186

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/61310

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/68446

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70089

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69647

Exploit

 

2.10.2014

Bugtraq

[SECURITY] [DSA 3041-1] xen security update 2014-10-01
Moritz Muehlenhoff (jmm debian org)

Reflected Cross-Site Scripting (XSS) in Textpattern 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)

Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)

FreePBX (All Versions) RCE 2014-10-01
rob thomas schmoozecom com

NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
VMware Security Response Center (security vmware com)

[security bulletin] HPSBHF03119 rev.1 - HP DreamColor Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com

[SECURITY] [DSA 3040-1] rsyslog security update 2014-09-30
Luciano Bello (luciano debian org)

Malware

Generic Downloader.x!91B14B967DD3

Generic PUP.x!15C5A3EF3DE3

Generic.bfr!432180388155

Generic.dx!27620747E668

RDN/Spybot.bfr!n!5E23DA9E75F0

Generic Downloader.x!76431649CAFA

RDN/Generic PWS.y!bbf!5596879AC298

RDN/Generic.bfr!hs!AADAF7941CE9

Generic PUP.x!9AE3200A5329

RDN/PWS-Mmorpg!mh!41D2C78A1EE5

RDN/Spybot.bfr!n!6B1D2F768778

RDN/Generic Dropper!vh!DFB5BA034E9E

RDN/Spybot.bfr!1D5448452A7A

RDN/Spybot.bfr!62D008711AE1

RDN/Spybot.bfr!AB9C87511C9F

RDN/Generic BackDoor!b2b!9095AA6D11A4

RDN/Generic.dx!df3!902F5E576DE6

RDN/Generic Downloader.x!la!884100F78D31

RDN/Ransom!ek!501F42A5DEED

BackDoor-FAJ!15BACEFCD98A

Generic PUP.x!47B7895C349B

RDN/Generic.bfr!8D32EA888C5C

RDN/Generic Dropper!vh!095BF0E5BC7D

Generic PUP.x!91C2866C46E1

Generic.dx!911B87AD568A

RDN/Ransom!ek!BB8FD766348F

RDN/Autorun.worm!dm!8FCB9DB26327

RDN/Autorun.worm!dm!8ED6B07BCD88

RDN/Generic.dx!df3!DA26C1B6428E

RDN/Generic PWS.y!bbf!5F46F598CC97

Phishing

 

Vulnerebility

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70137

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/61310

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70103

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/68446

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70165

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70089

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70166

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-02
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69647

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70154

python-oauth2 CVE-2013-4347 Multiple Predictable Random Number Generator Weaknesses
2014-10-02
http://www.securityfocus.com/bid/62388

python-oauth2 Signed URL Nonce Verification Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/62386

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-10-02
http://www.securityfocus.com/bid/65930

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/64431

WordPress Colormix Theme Multiple Security Vulnerablities
2014-10-02
http://www.securityfocus.com/bid/59371

Adobe Flash Player and AIR CVE-2014-0556 Unspecified Heap Based Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69696

Exploit

  Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass

   GNU bash 4.3.11 Environment Variable dhclient Exploit

  Pure-FTPd External Authentication Bash Environment Variable Code Injection

  HP Network Node Manager I PMD Buffer Overflow

  ManageEngine OpManager / Social IT Arbitrary File Upload

  HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution

  All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability

  RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability

  PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution

  TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities

  Epicor Enterprise 7.4 - Multiple Vulnerabilities

  Moab < 7.2.9 - Authorization Bypass

  TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability

1.10.2014

Bugtraq

London DEFCON - September 30th 2014 2014-09-30
Major Malfunction (majormal pirate-radio org)

[slackware-security] bash (SSA:2014-272-01) 2014-09-29
Slackware Security Team (security slackware com)

Malware

RDN/Generic FakeAlert!fe!91ACCED88EC4

Generic PUP.x!165FCB5E97B0

RDN/Downloader.a!tl!47D0AD41F5AB

Generic PUP.x!8DE422768627

RDN/Ransom!ek!FCE8A87FF1BB

RDN/Generic PUP.x!A27E4A674CB8

RDN/Generic.dx!df3!A0ADFEF1DEE6

RDN/Generic PUP.x!c2b!A0610BD60EB9

RDN/Generic PUP.x!c2b!281488DEB6EE

RDN/Generic.tfr!ed!BAAB1F3F8329

Generic PUP.x!D8DFB01D2F04

RDN/Generic.dx!df3!A03839463A9B

RDN/Generic.grp!55D74D8FF0ED

RDN/Generic.dx!df3!242831B991BB

RDN/Generic PWS.y!bbf!DE2DA82F410B

Generic Downloader.x!D2173B0911B4

RDN/Generic.dx!df3!07DF1E790A95

RDN/YahLover.worm!u!DFD93FE1D70C

RDN/Generic.dx!D77DE4696FAF

RDN/Generic.bfr!hs!D2D6D550BC16

RDN/Generic.bfr!hs!F5344F4CC8F8

RDN/Generic BackDoor!b2b!D70D03F2E9D6

RDN/Autorun.bfr!d!BB6AC2AD74F2

RDN/Generic Dropper!vh!7B9DEB304D66

Trojan-FAUE!E49A113A2800

RDN/Generic.bfr!hs!4F358BB80348

RDN/Generic.dx!df3!02BFB2EE9ED9

RDN/Generic BackDoor!b2b!C9A2D2BC7116

Generic PWS.y!006B817BA13F

RDN/Generic BackDoor!b2b!E3CF23CAED95

Phishing

 

Vulnerebility

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/69325

PHP DNS TXT Record Handling CVE-2014-3597 Heap Buffer Overflow Vulnerability
2014-10-01
http://www.securityfocus.com/bid/69322

PHP 'ext/spl/spl_dllist.c' Local Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68513

php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/66233

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68007

PHP 'ext/spl/spl_array.c' Use After Free Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68511

file Composite Document File Format Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/52225

RSyslog and sysklogd CVE-2014-3634 Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70187

PHP CVE-2014-5120 Multiple Arbitrary File Overwrite Vulnerabilities
2014-10-01
http://www.securityfocus.com/bid/69375

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68348

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/66406

Cisco WebEx Meetings Server CVE-2014-3395 Arbitrary File Download Vulnerabilitiy
2014-10-01
http://www.securityfocus.com/bid/70181

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-6278 Incomplete Fix Unspecified Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70137

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67668

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68624

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67975

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/65335

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-10-01
http://www.securityfocus.com/bid/66356

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/64944

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68816

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-10-01
http://www.securityfocus.com/bid/65332

Exploit

 

30.9.2014

Bugtraq

Moab Authentication Bypass (insecure message signing) [CVE-2014-5376] 2014-09-29
john fitzpatrick mwrinfosecurity com

Moab User Impersonation [CVE-2014-5375] 2014-09-29
john fitzpatrick mwrinfosecurity com

Moab Authentication Bypass [CVE-2014-5300] 2014-09-29
john fitzpatrick mwrinfosecurity com

[slackware-security] mozilla-firefox (SSA:2014-271-01) 2014-09-29
Slackware Security Team (security slackware com)

[The ManageOwnage Series, part V]: RCE / file upload / arbitrary file deletion in OpManager, Social IT and IT360 2014-09-27
Pedro Ribeiro (pedrib gmail com)

Malware

Generic PUP.x!4259AC93E310

RDN/Generic BackDoor!b2a!423A0C05F700

Generic PUP.x!41861CA2DD3E

Generic PUP.x!41320CDCDD9D

RDN/Generic BackDoor!b2a!401C87402E41

Generic PUP.x!404A2480FC05

RDN/Spybot.bfr!n!C1064CE985A9

RDN/Generic PUP.x!cnz!96C8B548547C

RDN/DNSChanger.bfr!d!96BE64AB6B48

Generic PUP.x!9684124BFA52

RDN/YahLover.worm!FFCD4B330607

RDN/Generic.dx!df3!A0A88A90DE40

RDN/Spybot.bfr!6F2F76BF6B5E

Generic PUP.x!331DE5886CFB

RDN/Generic Dropper!vh!2B87A45B9E4A

RDN/Generic BackDoor!b2a!36A21B2A9BC4

RDN/Spybot.bfr!C3130A742BE9

RDN/Generic PUP.x!cnz!9CAE837AA884

Generic PUP.x!2E8A270EDC33

Generic PUP.x!4A425B5DF504

Generic PUP.x!24DF01A1C821

Generic PUP.x!682AB5CD1A56

Generic PUP.x!09ACAE7FAD31

RDN/Generic PUP.x!cnz!12DA5505939C

Generic PUP.x!09D64E8FC6AD

Generic PUP.x!4785A4A37F5D

Generic PUP.x!DB981CE6541C

Generic PUP.x!3DABBAD83C41

Generic PUP.x!373EC41B9233

Generic PUP.x!37438A3D16D6

Phishing

Paypal.inc

29th September 2014

NOTICE OF POLICY UPDATES

Tesco Credit Card

28th September 2014

Win A Free Tesco Voucher

Vulnerebility

Exuberant Ctags 'jscript.c' Remote Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70168

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-30
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-09-30
http://www.securityfocus.com/bid/66914

Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
2014-09-30
http://www.securityfocus.com/bid/57777

GnuTLS Certificate Validation Security Bypass Weakness
2014-09-30
http://www.securityfocus.com/bid/65792

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70092

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-09-30
http://www.securityfocus.com/bid/67289

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70096

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70094

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70152

ZeroMQ Multiple Security Bypass Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70157

TYPO3 JobControl SQL Injection and Cross Site Scripting Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70155

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70153

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70116

Go TLS Server Implementation Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70156

python-oauth2 CVE-2013-4347 Multiple Predictable Random Number Generator Weaknesses
2014-09-30
http://www.securityfocus.com/bid/62388

python-oauth2 Signed URL Nonce Verification Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/62386

Cisco IOS and IOS XE Software CVE-2014-3354 Multiple Denial of Service Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70131

Drupal XML-RPC Endpoint Multiple Denial of Service Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/69146

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/68084

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-09-30
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/65767

RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/64758

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/59797

Ruby on Rails 'create_with()' Function Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/69265

Exploit

 

29.9.2014

Bugtraq

[SECURITY] [DSA 3039-1] chromium-browser security update 2014-09-28
Michael Gilbert (mgilbert debian org)

Hands-on Mobile (Android & iOS) + ARM Exploitation Training at Toorcon 2014-09-27
Aditya Gupta (adi0x90 gmail com)

WorldCIST 2015 - 3rd World Conference on Information Systems and Technologies 2014-09-27
ML (marialemos72 gmail com)

Malware

RDN/Generic.dx!df3!37CEC03CD0E8

PUP-FMH!9A3B2295E20B

RDN/Generic Dropper!8EA8A248DC69

RDN/Generic PUP.x!cnz!9639ADD3933B

PUP-FMK!9A3D74C33071

iBryte!9A3D23BDCEA4

PUP-FLT!9A3D6D057CA2

PUP-FIC!9A3C51024E74

Generic PWS.y!E0B0D8817DF7

Generic PUP.x!7D26A223361A

PUP-FMU!9A3A4A29FFFF

PUP-FLT!9A39EBEF850A

RDN/Spybot.bfr!n!AFC9017456C5

PUP-FMK!9A39AFF43FBB

Generic Downloader.x!0B65EFF2AB60

Generic Downloader.x!4DF20D6B82D0

PUP-FHQ!9A3818B0DA20

RDN/Generic PUP.x!cnz!139E23B72501

PUP-FHQ!9A391E622383

PUP-FLN!9A3704954742

iBryte!9A33D83E17E1

CryptDomaIQ!9A303BDCFB7C

MultiPlug!9A2DDC4A929F

PUP-FLN!9A295E4BB4A1

PUP-FHQ!9A2EAB1D4EF0

MultiPlug!9A23B8F86C64

Midia!9A2B6E8C2C20

PUP-FLN!9A2282ACC367

SoftDropper!9A21F16FC93B

iBryte!9A1F5C649587

Phishing

Paypal.inc

29th September 2014

NOTICE OF POLICY UPDATES

Tesco Credit Card

28th September 2014

Win A Free Tesco Voucher

PayPal

27th September 2014

[PAYPAL] : UPDATE YOUR PAYPAL
ACCOUNT !! ✔

Natwest

27th September 2014

Last notice regarding your
account.

E-ZPass Service Center

27th September 2014

INDEBTEDNESS FOR DRIVING ON
TOLL ROAD

Vulnerebility

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70103

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70116

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70137

Go TLS Server Implementation Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70156

python-oauth2 CVE-2013-4347 Multiple Predictable Random Number Generator Weaknesses
2014-09-29
http://www.securityfocus.com/bid/62388

python-oauth2 Signed URL Nonce Verification Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/62386

Cisco IOS and IOS XE Software CVE-2014-3354 Multiple Denial of Service Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/70131

Drupal XML-RPC Endpoint Multiple Denial of Service Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/69146

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/68084

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-09-29
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/65767

RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/64758

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/59797

Ruby on Rails 'create_with()' Function Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69265

Embarcadero ER/Studio Data Architect ActiveX Remote Code Execution Vulnerability
2014-09-29
http://www.securityfocus.com/bid/68489

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69081

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69075

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69076

EMC AlphaStor Format String and Command Injection Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/57472

Cart Engine Multiple Security Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/69841

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/69690

Microsoft Internet Explorer CVE-2014-4067 Remote Memory Corruption Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69134

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69748

Wireshark SES Dissector CVE-2014-6428 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69865

Openfiler CVE-2014-7190 Denial of Service Vulnerability
2014-09-27
http://www.securityfocus.com/bid/70163

ZeroMQ Multiple Security Bypass Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/70157

Wireshark MEGACO Dissector CVE-2014-6423 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69860

Wireshark Sniffer File CVE-2014-6431 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69858

Exploit

  Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037)

  Microsoft Exchange IIS HTTP Internal IP Address Disclosure

  OpenFiler 2.99.1 - CSRF Vulnerability

  GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability

26.9.2014

Bugtraq

SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #16 - Persistent Mail Encoding Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:190 ] bash 2014-09-26
security mandriva com

[slackware-security] bash (SSA:2014-268-01) 2014-09-25
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3036-1] mediawiki security update 2014-09-26
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 3035-1] bash security update 2014-09-25
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: GNU Bash Environmental Variable Command Injection Vulnerability 2014-09-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] bash (rebuild for Slackware 13.0 only) (SSA:2014-268-02) 2014-09-25
Slackware Security Team (security slackware com)

[slackware-security] bash (SSA:2014-267-01) 2014-09-24
Slackware Security Team (security slackware com)

[oCERT-2014-007] libvncserver multiple issues 2014-09-25
Andrea Barisani (lcars ocert org)

Malware

PUP-FMU!9073DA400D01

Generic PUP.x!0B0EC1675C6A

Generic PUP.x!2F40DB35B9BA

PUP-FMU!9073D956919E

MultiPlug!90717E75E8DE

PUP-FLN!9071D20DC8D5

Generic PUP.x!308A6FCACC4A

Generic PUP.x!3954FC148F61

iBryte!907AA4F594F5

Downloader.gen.a!33CBD18917DF

PUP-FLN!90746C879E96

PUP-FLN!906C07C07175

RDN/Generic Downloader.x!la!121ECBD3DE9F

RDN/Generic PUP.x!cnt!28F4A167AD8A

Generic PUP.x!30C0F778F48D

RDN/Generic BackDoor!zz!3884ED3E06E0

RDN/Generic.bfr!hs!23BDAE8EB2CD

iBryte!906F27C124BD

RDN/Generic BackDoor!zz!D9106D08BC03

BackDoor-FAUP!B1321B21E39D

PUP-FMK!907B46ADFBA0

RDN/Generic BackDoor!zz!DE8EFCC8DBFD

RDN/Generic.dx!dfv!6C6D287996D0

RDN/Generic BackDoor!zz!C850FD8E8008

RDN/Generic.dx!dfv!24C1CA47B4BC

PUP-FHQ!906C4600EF41

Generic PUP.x!3910D13767F7

RDN/Generic BackDoor!zz!7C00386DDA8C

Generic PUP.x!A411D1377230

Generic PUP.x!15FBF03A282A

Phishing

USAA

26th September 2014

USAA ACCESS

NATWEST

25th September 2014

Activate Your Natwest Account

Paypal Service

25th September 2014

YOUR ACCOUNT WILL BE LIMITED ,
UNTIL WE HERE FROM YOU .TO
UPDATE YOUR INFO

Vulnerebility

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-26
http://www.securityfocus.com/bid/70116

EMC AlphaStor Format String and Command Injection Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/57472

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-09-26
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-26
http://www.securityfocus.com/bid/70103

Cart Engine Multiple Security Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/69841

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/69690

Microsoft Internet Explorer CVE-2014-4067 Remote Memory Corruption Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69134

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69748

Wireshark SES Dissector CVE-2014-6428 Remote Denial of Service Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69865

Wireshark MEGACO Dissector CVE-2014-6423 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69860

Wireshark Sniffer File CVE-2014-6431 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69858

Wireshark Netflow Dissector CVE-2014-6424 Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69862

Wireshark RTSP Dissector CVE-2014-6427 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69861

Wireshark Sniffer File CVE-2014-6432 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69859

Wireshark Sniffer File Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69853

Wireshark RTP Dissector CVE-2014-6422 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69856

Wireshark RTP Dissector CVE-2014-6421 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69855

Wireshark Sniffer File CVE-2014-6430 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69857

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-09-25
http://www.securityfocus.com/bid/70089

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69573

Moodle Quiz CVE-2014-3545 Remote Code Execution Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68774

Moodle Shibboleth Plugin CVE-2014-3552 Authentication Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68780

Moodle Repositories CVE-2014-3541 PHP Code Injection Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68778

Moodle CVE-2014-3543 XML External Entity Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68755

Moodle CVE-2014-3546 Multiple Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68773

Moodle CVE-2014-3547 Cross Site Scripting Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68758

Moodle CVE-2014-3548 Multiple Cross Site Scripting Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68766

Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68772

Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68756

Exploit

 

25.9.2014

Bugtraq

 

Malware

Generic PUP.x!3468D6469DD2

Generic PUP.x!33C02FB82FB5

Generic PUP.x!32BDB8F8FF95

Generic PUP.x!7E7975B5AA06

Generic PUP.x!3278E7102DF9

RDN/Generic PUP.x!6EB51997FFF9

RDN/Generic PUP.x!cnq!D024EF258852

RDN/Downloader.a!ti!AA876C064952

RDN/Generic PUP.x!cnq!2EF7525B77AC

RDN/Generic PUP.x!cnq!0AFBDF6DB9BD

RDN/Generic Downloader.x!la!348C8E09F697

RDN/Downloader.a!ti!AFD76B7814B1

Downloader.gen.a!368782188826

Generic PUP.x!B7489C30E26D

Generic PUP.x!2F7DA9AB1BFD

Generic PUP.x!24989C3CC516

RDN/Generic PUP.x!cnq!D3626ECF7C78

RDN/Generic PUP.x!cnq!2C8F941AC167

Generic PUP.x!35571782C2AF

RDN/Generic PUP.x!cnq!BB215EA77B06

Generic PUP.x!30F6B93F22F1

RDN/Generic.bfr!28CB746C4BD5

Generic PUP.x!2F6DBB3760B2

Generic PUP.x!83B179F1BF7C

Generic PUP.x!39AC53C34C49

RDN/Generic.bfr!hs!28CB746C4BD5

RDN/Generic PUP.x!8AF35DD42ABF

Downloader.gen.a!D31AAF367077

Generic PUP.x!78F39A86F59A

RDN/Generic.bfr!hs!D0280E33A251

Phishing

Service Paypal

24th September 2014

YOUR ACCOUNT HAS BEEN LIMITED
!

Natwest Bank Plc

24th September 2014

Natwest: Review Your Message

Natwest

24th September 2014

Activate Your Natwest Account

Vulnerebility

GNU Bash Remote Stack Based Buffer Overflow Vulnerability
2014-09-25
http://www.securityfocus.com/bid/54937

GNU glibc Locale Environment Handling Directory Traversal Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68505

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/70116

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-25
http://www.securityfocus.com/bid/70103

Advantech WebAccess CVE-2014-2364 Multiple Remote Stack Based Buffer Overflow Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68714

libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/63473

Net-SNMP snmptrapd CVE-2014-3565 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69477

phpMyAdmin Micro History Feature Cross Site Scripting Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69790

Zarafa WebAccess and WebApp Local Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68247

Zarafa '/var/log/zarafa/' Directory Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69365

Zarafa '/etc/zarafa/license/' Directory Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69370

Zarafa WebAccess and WebApp Incomplete Fix Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69362

Zarafa WebAccess and WebApp '/tmp' Directory Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69369

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68213

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69690

Moodle '/mod/forum/view.php' Remote Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69789

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69496

Multiple Red Hat JBoss Products Local Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/65591

OpenSAML-Java ParserPool and Decrypter XML External Entity Injection Vulnerability
2014-09-25
http://www.securityfocus.com/bid/64345

HawtJNI CVE-2013-2035 Local Privilege Escalation Vulnerability
2014-09-25
http://www.securityfocus.com/bid/59876

JBoss Enterprise Application Platform Plain Text Password Local Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/65762

JBoss Enterprise Application Platform Java Security Manager Policy Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/66596

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/66397

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/67899

Mozilla Firefox and Thunderbird CVE-2011-2365 Memory Corruption Vulnerability
2014-09-25
http://www.securityfocus.com/bid/48368

Mozilla Firefox and Thunderbird CVE-2011-2364 Memory Corruption Vulnerability
2014-09-25
http://www.securityfocus.com/bid/48367

Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Weakness
2014-09-25
http://www.securityfocus.com/bid/49811

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68636

TP-LINK WDR4300 HTML Injection and Denial of Service Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/70037

Exploit

  GNU bash Environment Variable Command Injection

  Bash Environment Variables Code Injection Exploit

  EMC AlphaStor Device Manager Opcode 0x75 Command Injection

  Advantech WebAccess dvs.ocx GetColor Buffer Overflow

  Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities

  OsClass 3.4.1 (index.php, file param) - Local File Inclusion

  Cart Engine 3.0 - Multiple Vulnerabilities

24.9.2014

Bugtraq

Glype proxy local address filter bypass 2014-09-22
Securify B.V. (lists securify nl)

[security bulletin] HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access 2014-09-22
security-alert hp com

Glype proxy privacy settings can be disabled via CSRF 2014-09-22
Securify B.V. (lists securify nl)

Glype proxy cookie jar path traversal allows code execution 2014-09-22
Securify B.V. (lists securify nl)

[ MDVSA-2014:180 ] gnupg 2014-09-22
security mandriva com

Malware

PUP-FNL!552FE7216F70

RDN/Generic.bfr!8A512B7C74BA

RDN/Generic PUP.x!cnp!B2968A96A192

RDN/Generic PUP.x!cnp!1F4AA336D919

RDN/Generic PUP.x!cnp!05373CD3FEEE

RDN/Generic PUP.x!cnp!078A1CED3BBB

Generic PUP.x!91844DAAA314

Generic PUP.x!C51139D5C2BC

RDN/Generic PUP.x!cnp!1F692AEFA280

Generic PUP.x!2ACDF24AFD73

Generic PUP.x!14EBD47D7BC3

Generic PUP.x!DBB6B487A63A

RDN/Generic PUP.x!cnp!A3221796A439

PUP-FNL!6B49A13255BD

Generic PUP.x!2318C07CF44A

Generic.bfr!D98D7A8D0EBD

RDN/Generic PUP.x!cnp!12906963C9D3

Generic PUP.x!1FD1AAC7B928

PUP-FNL!DC039EBDF8DA

RDN/Generic BackDoor!zy!B62ED9989323

PUP-FNL!C454FB97340A

PUP-FNL!AF3C031AB9D2

RDN/Generic PUP.x!cnp!2E76503C2D31

Generic PUP.x!E4C3A651968A

Generic PUP.x!8C3B6DFC4142

Generic PUP.x!75017FE64C95

Generic PUP.x!51DC408CBA6B

Generic PUP.x!5ABF1DDF15C3

RDN/Generic PUP.x!cnp!94F1341D575D

RDN/Generic PUP.x!cnp!34B51CFE1CDE

Phishing

iTunes

23rd September 2014

ITUNES ACCOUNT WAS BEEN FROZEN

Pay.Pal Inc

23rd September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

Vulnerebility

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-09-24
http://www.securityfocus.com/bid/69428

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-09-24
http://www.securityfocus.com/bid/69396

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-09-24
http://www.securityfocus.com/bid/68881

Linux Kernel KVM 'virt/kvm/iommu.c' Denial of Service Vulnerability
2014-09-24
http://www.securityfocus.com/bid/69489

IBM Embedded WebSphere Application Server CVE-2014-3020 Local Privilege Escalation Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69034

Multiple Huawei Products 'eSap' Platform Remote Heap Buffer Overflow Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/68130

Google Chrome CVE-2014-3172 Unspecified Security Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69401

Mozilla Firefox/Thunderbird/SeaMonkey XUL Tree Item Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/39123

Google Chrome Multiple Unspecified Remote Code Execution Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/69404

Mozilla Firefox CVE-2010-0174 Multiple Remote Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/39122

Google Chrome CVE-2014-3168 Use After Free Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69398

Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/32281

Mozilla Firefox/Thunderbird/SeaMonkey 'optgroup' XUL Tree Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/39128

Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/41872

Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/39479

Mozilla Firefox Cross Document DOM Node Movement Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/38952

Google Chrome CVE-2014-3173 Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69403

Google Chrome CVE-2014-3174 Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69407

Google Chrome CVE-2014-3170 Extension Permission Dialog Spoofing Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69400

Mozilla Firefox CVE-2010-0173 Multiple Remote Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/39125

Google Chrome CVE-2014-3171 Use After Free Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69406

Mozilla Firefox CVE-2010-0159 Multiple Remote Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/38286

Google Chrome CVE-2014-3169 Use After Free Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69405

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2014-09-23
http://www.securityfocus.com/bid/36935

Mozilla Firefox/Thunderbird/SeaMonkey HTML Parser Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/38287

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/33990

Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/33827

Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/32882

Mozilla SeaMonkey/Thunderbird Newsgroup Cancel Message Handling Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/31411

Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/31346

Exploit

  ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure

  Onlineon E-Ticaret Database Disclosure Exploit

  Joomla Face Gallery 1.0 - Multiple vulnerabilities

  Joomla Mac Gallery 1.5 - Arbitrary File Download

  LittleSite 0.1 'file' Parameter Local File Include Vulnerability

  WS10 Data Server SCADA Exploit Overflow PoC

23.9.2014

Bugtraq

 

Malware

PUP-FHQ!82BFF84ECB4C

Generic PUP.x!F4A939528BAB

Generic PUP.x!FB1D2B5DD44E

Generic PUP.x!DF78B204FB36

Generic PUP.x!A1C6D3E7287C

Generic PUP.x!F8E16FF43E7E

Generic PUP.x!12C32FCC2CD5

Generic PUP.x!485B7F1245AE

Generic PUP.x!BC41DB953C0B

Generic.bfr!D5A6C41B68CE

Generic PUP.x!0D2EB688E0A9

Generic PUP.x!E958BABC09C3

Generic PUP.x!EADA679A8295

Generic PUP.x!24AFFD286FDB

Generic PUP.x!BD125AF56CFA

Generic PUP.x!0296C3D5442B

Generic PUP.x!D38C567B76F6

Generic PUP.x!51099C6B531A

Generic PUP.x!E5CDEBA015E8

RDN/Generic BackDoor!zx!E46AC2E58EE7

Midia!82BFC5AE6B91

Generic PUP.x!F2735C2ED6E8

Generic PUP.x!D2DECF423B5D

Generic PUP.x!E4BAF2D51993

Generic PUP.x!E19CAB882805

Generic PUP.x!DF064BFFEBE6

Generic.dx!59A8E0740021

Generic PUP.x!DECBA8C6F115

Generic PUP.x!DE0D023DB797

Generic PUP.x!ED5B8B65DA66

Phishing

Pay.Pal Inc

23rd September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

Apple Support

22nd September 2014

WARNING ACCOUNT DISABLED

Vulnerebility

srvx Multiple Denial of Service Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/69454

D-Bus CVE-2014-3638 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69833

D-Bus CVE-2014-3636 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69834

D-Bus CVE-2014-3639 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69832

D-Bus CVE-2014-3635 Local Heap Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69831

D-Bus CVE-2014-3637 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69829

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-09-23
http://www.securityfocus.com/bid/70025

RETIRED: Apple iOS Prior to iOS 8 and TV Prior to TV 7 Multiple Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/69882

Apple Mac OS X CVE-2014-4350 Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69908

Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/60166

Adobe Acrobat and Reader CVE-2013-2730 Remote Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/59923

Kolibri CVE-2014-4158 Stack Based Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/68195

libgcrypt Elgamal Encryption Subkeys Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69164

Openfiler 'Hostname' Field Arbitrary Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67383

Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69907

Lua 'ldo.c' Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69342

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69453

Multiple Aztech Modem Routers Session Hijacking Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69811

Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69809

Aztech Modem Routers Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69808

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67900

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-09-23
http://www.securityfocus.com/bid/66363

Squid 'src/icmp/Icmp4.cc' Remote Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69688

Google Android Browser CVE-2014-6041 Same Origin Policy Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69548

Apple Mac OS X and iOS CVE-2014-4374 XML External Entity Information Disclosure Vulnerability
2014-09-22
http://www.securityfocus.com/bid/69905

Linux Kernel 'SMB2_tcon' NULL Pointer Dereference Denial of Service Vulnerability
2014-09-22
http://www.securityfocus.com/bid/69867

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-09-22
http://www.securityfocus.com/bid/69183

Exploit

LittleSite 0.1 'file' Parameter Local File Include Vulnerability

22.9.2014

Bugtraq

TP-LINK WDR4300 - Stored XSS & DoS 2014-09-21
ozelisyan gmail com

Strength and Weakness of Methods to Confirm SSH Host Key 2014-09-22
John Leo (johnleo checkssh com)

[SECURITY] [DSA 3030-1] mantis security update 2014-09-20
Moritz Muehlenhoff (jmm debian org)

CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product 2014-09-20
Christian Schneider (mail Christian-Schneider net)

[SECURITY] [DSA 3029-1] nginx security update 2014-09-20
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!D439688CE220

Generic PUP.x!925229B36035

Generic PUP.x!48834C474B72

Generic PUP.x!6F018DA23DEA

Generic PUP.x!E9EE75D24D52

RDN/Generic PUP.x!cnn!B39BB440970E

RDN/Generic PUP.x!25E66595D9E1

Generic PUP.x!59FB3C30596B

RDN/Generic PUP.x!88CAC4302C68

Generic PUP.x!57A374F328BF

Generic PUP.x!590C4AB489CB

Generic PUP.x!0CCA3A6CC33A

Generic PUP.x!42EF3656EC27

RDN/Generic PUP.x!CAAF2948A411

RDN/Generic PUP.x!F61631C712F4

RDN/Generic PUP.x!D170B2F5A2D3

RDN/Generic PUP.x!4179CB2002A0

Downloader.gen.a!4AE9451E802C

Generic PUP.x!A44822C0E471

RDN/Generic PUP.x!49F2A6088C1D

RDN/Generic PUP.x!6784B4CB9855

RDN/Generic PUP.x!F6E74DB6C0A6

RDN/Generic PUP.x!BDAAB6F0049C

Generic PUP.x!D95B00D5F264

Generic PUP.x!96265C3AC125

Generic PUP.x!571DB3DF3159

iBryte!81D46AA9E72C

RDN/Generic.bfr!hs!1AF343800DAF

RDN/Generic PUP.x!21D4307440AF

RDN/Generic.dx!dfq!9F8138C7A436

Phishing

Pay.Pal Inc

22nd September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

USAA

21st September 2014

Important Message from USAA
Online Security

PayPal

20th September 2014

Your Account is Limited

Vulnerebility

Multiple IBM DB2 Products CVE-2012-4826 Remote Stack Buffer Overflow Vulnerability
2014-09-21
http://www.securityfocus.com/bid/56133

IBM DB2 and DB2 Connect CVE-2013-4033 Multiple Unauthorized Access Vulnerabilities
2014-09-21
http://www.securityfocus.com/bid/62018

IBM DB2 and DB2 Connect CVE-2013-5466 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/64334

IBM DB2 Multiple File Disclosure Security Bypass and Stack Buffer Overflow Vulnerabilities
2014-09-21
http://www.securityfocus.com/bid/54487

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68624

Fortinet FortiOS CVE-2014-2216 Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69338

Fortinet FortiOS CVE-2014-0351 Man in the Middle Information Disclosure Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69754

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68636

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69081

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69076

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68632

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68599

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69799

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-21
http://www.securityfocus.com/bid/65930

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69084

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69647

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69648

Exploit

 

20.9.2014

Bugtraq

 

Malware

RDN/Generic Downloader.x!kz!051398B2779B

RDN/Generic PUP.x!cnk!CC7F9174424A

RDN/Generic PWS.y!bbd!8EF2750F6F44

Generic PUP.x!9F63F8ECBC6A

RDN/Generic.bfr!2D3F3CE26704

RDN/Generic PUP.x!cnk!292ADFCDAA72

Generic PUP.x!F1F61C7761A1

Generic PUP.x!9269FC12E583

Generic PUP.x!8E2B99EDF1AC

Generic PUP.x!8EB05008256E

Generic PUP.x!7B0F2EAB0471

RDN/Generic PUP.x!cnk!1B798BF0B147

RDN/Generic PUP.x!509FDA5C4E8E

Generic FakeAlert!8F6616BAFCD3

RDN/Generic PUP.x!cnk!AF573CDAF35F

RDN/Generic PUP.x!cnk!5C576AA08513

RDN/Generic PUP.x!cnk!76B470619E75

RDN/Generic PUP.x!cnk!AC159211F2F4

RDN/Generic PUP.x!cnk!3D4453209870

RDN/Generic PUP.x!cnk!A2AF95FBF814

RDN/Generic PUP.x!cnk!B9DBB78E13A7

RDN/Downloader.a!tf!BE675036180E

Generic PUP.x!8A9D1BDBD202

RDN/Spybot.bfr!75B706655E26

Generic.dx!7C4817BBDFAC

RDN/Generic PUP.x!cnk!1EFF4C17A151

RDN/Generic PUP.x!cnk!9B748984F16E

RDN/Generic.bfr!hs!C5B3A9C7CE43

RDN/Generic PUP.x!cnk!215D2E0FCE7E

RDN/Generic PUP.x!cnk!F6E85D095C47

Phishing

Lloyds Bank Lloyds+Tb6eUqG@smt

19th September 2014

ALERT - ONLINE BANKING
SUSPENDED

Pay.Pal Inc

19th September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

Vulnerebility

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68632

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68599

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69799

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-20
http://www.securityfocus.com/bid/65930

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69084

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69647

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69648

PolicyKit Local Privilege Escalation Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68771

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2014-09-20
http://www.securityfocus.com/bid/66478

Review Board CVE-2013-4519 Multiple HTML Injection Vulnerabilities
2014-09-20
http://www.securityfocus.com/bid/63601

Review Board CVE-2013-4410 Access Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/63022

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69763

Review Board CVE-2013-4411 Remote Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/63023

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69079

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-20
http://www.securityfocus.com/bid/69690

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69075

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69078

PowerDNS Recursor CVE-2014-3614 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69778

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/67233

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69453

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/59877

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69748

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69742

Exploit

  Livefyre LiveComments Plugin - Stored XSS

  ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities

  Seafile-server <= 3.1.5 - Remote DoS

19.9.2014

Bugtraq

[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)

AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations 2014-09-18
Asterisk Security Team (security asterisk org)

AST-2014-009: Remote crash based on malformed SIP subscription requests 2014-09-18
Asterisk Security Team (security asterisk org)

CVE ID Syntax Change - Deadline Approaching 2014-09-18
Christey, Steven M. (coley mitre org)

Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-18
Vulnerability Lab (research vulnerability-lab com)

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)

APPLE-SA-2014-09-17-6 OS X Server 2.2.3 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-5 OS X Server 3.2.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

CVE ID Syntax Change - Deadline Approaching 2014-09-17
Christey, Steven M. (coley mitre org)

APPLE-SA-2014-09-17-7 Xcode 6.0.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)

[SECURITY] [DSA 3028-1] icedove security update 2014-09-17
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!AED7DFEE2A8B

PUP-FHQ!7A32C39C9A9F

PUP-FLN!7A32BCD1CD27

Generic PUP.x!B085222EE39E

RDN/Generic.bfr!hs!E6A20314BA60

Generic PUP.x!B2C2EAA83DB4

PUP-FLN!7A337591D7F0

PUP-FMK!7A35C40359E2

Generic PUP.x!DB21D969ED37

Generic PUP.x!CEA79BCA12DD

PUP-FHQ!7A3765171F03

RDN/Generic PUP.x!cnj!7A2C812979A5

Generic PUP.x!A748C4C95DC6

RDN/Generic PUP.x!cnj!A66C66E0EF9C

PUP-FLT!7A2A2210D2BB

Adware-FMV!7A2DC38FC4A7

PUP-FMU!7A2FA7E92D5C

PUP-FLN!7A2A183605D3

CryptInno!7A2E492920C6

Generic PUP.x!AE0D0D4CC7EE

PUP-FHQ!7A2A225CF57B

CryptInno!7A31316FBFDA

PUP-FLN!7A2CEEA63FE1

RDN/Generic.dx!df3!A6758AF75CE9

Downloader.gen.a!7A3005896DB2

PUP-FHQ!7A2C8649F77A

Generic PWS.y!E8C264C6A0A3

Generic PUP.x!A7C7E87AEFA2

Generic PUP.x!A0215F17B19B

Generic PUP.x!AE0945C07F3A

Phishing

PayPal

18th September 2014

*** CACTUS *** You have added
keithsandland@hotmail.com as a
new email address for your
PayPal account.

PayPal

18th September 2014

Notice Of Paypal.

RBC

18th September 2014

RBC Royal Bank Online Banking
Important Service Message

iTunes

18th September 2014

ITUNES ACCOUNT WAS BEEN FROZEN

Lloyds Bank

17th September 2014

Online Banking and Access
services!

CHARLES FEENEY

17th September 2014

Cancelled: Your Donation From
Mr Charles Feeney

Vulnerebility

apt CVE-2014-0489 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69835

apt CVE-2014-0490 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69837

apt CVE-2014-0488 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69838

apt CVE-2014-0487 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69836

Multiple Apple Products CVE-2014-4377 PDF Handling Integer Overflow Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69903

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/65434

Apple QuickTime 'mvhd' Atom Heap Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68852

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69520

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68007

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68239

PHP '/tmp/phpglibccheck' Symlink Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67837

PHP unserialize() Function Type Confusion Security Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68237

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-19
http://www.securityfocus.com/bid/69519

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68120

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68238

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component Out of Bounds Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/66002

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/66406

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67759

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67765

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-09-19
http://www.securityfocus.com/bid/65596

PHP FPM 'php-fpm.conf.in' Local Privilege Escalation Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67118

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68243

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68909

MIT Kerberos 5 CVE-2013-6800 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/63770

MIT Kerberos 5 CVE-2014-4344 NULL Pointer Dereference Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69160

MIT Kerberos 5 'setup_server_realm()' Function CVE-2013-1418 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/63555

Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69907

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67975

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69168

Exploit

 

18.9.2014

Bugtraq

APPLE-SA-2014-09-17-2 Apple TV 7 2014-09-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-1 iOS 8 2014-09-17
Apple Product Security (product-security-noreply lists apple com)

Reflected Cross-Site Scripting (XSS) in MODX Revolution 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)

Path Traversal in webEdition 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)

MIUI Torch Open Vulnerability 2014-09-17
vuln nipc org cn

MIUI Wifi Connection Message Vulnerability 2014-09-17
vuln nipc org cn

Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC) 2014-09-17
vuln nipc org cn

[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16
CORE Advisories Team (advisories coresecurity com)

[SECURITY] [DSA 3026-1] dbus security update 2014-09-16
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic PUP.x!cn3!58C96A11A5CB

Generic PUP.x!665D2AAE1E68

Generic.dx!E47728BC565E

Generic PUP.x!6F6CBB84AB91

Generic PUP.x!8BF4F84BAD1E

RDN/Generic PUP.x!cn3!ADD69D263EBE

RDN/Generic.grp!ho!391552FB8DE3

RDN/Generic.dx!dfn!6DECE7153719

RDN/Generic PUP.x!F48A9E2E29DC

RDN/Generic PWS.y!bbc!BD14D6DDE5EC

Generic PUP.x!AFA5DDA9B121

Generic PUP.x!CAA0F461CBEE

Generic PUP.x!411EF0A9B3C8

Generic.dx!195AC2F45DAC

RDN/Generic.dx!dfn!C4092AAB953A

RDN/Generic Dropper!vf!DDF7D1D8DDC8

Generic PUP.x!19279EACA7BF

Generic.dx!EC72881CD5F5

Generic PUP.x!82F819FD9E80

Generic PUP.x!D215562F1BDE

RDN/Downloader.a!te!1F624863074C

Generic.dx!263462C1F047

Generic PUP.x!C9CDE4EDA526

Generic PUP.x!5EA7475A199B

Generic PUP.x!FD88CFE7FA9D

Generic PUP.x!ADFFB9660FB4

Generic PUP.x!AC985F2FF9E5

Generic PUP.x!45DC19395B0C

RDN/Downloader.a!te!A95B471641AC

RDN/Generic.dx!dfn!A08089BB48B9

Phishing

Lloyds Bank

17th September 2014

Online Banking and Access
services!

CHARLES FEENEY

17th September 2014

Cancelled: Your Donation From
Mr Charles Feeney

PayPal

17th September 2014

Your Account is Limited

Vulnerebility

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2014-09-18
http://www.securityfocus.com/bid/61479

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-09-18
http://www.securityfocus.com/bid/64801

ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
2014-09-18
http://www.securityfocus.com/bid/58736

GNU Automake Local Arbitrary Code Execution Vulnerability
2014-09-18
http://www.securityfocus.com/bid/54418

Mozilla Firefox CVE-2011-0062 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/46647

Mozilla Firefox 3.5/3.6 Remote Heap Buffer Overflow Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44425

Mozilla Firefox SeaMonkey Thunderbird Modal Calls Cross Domain Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44252

Mozilla Firefox SeaMonkey and Thunderbird 'document.write' Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44247

Mozilla Firefox SeaMonkey and Thunderbird 'nsBarProp' Use-After-Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44248

Mozilla Firefox and Thunderbird CVE-2010-3175 Multiple Memory-Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/44245

Mozilla Firefox SeaMonkey and Thunderbird 'LookupGetterOrSetter' Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44249

WebKit APPLE-SA-2014-08-13-1 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/69223

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/65930

Apple iOS Prior to 7.1.2 Multiple Security Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/68276

Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2011-2391 Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/62531

Apple Safari CVE-2013-5227 Multiple Cross Origin Information Disclosure Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/64355

Apple iOS 'facetime-audio://' Security Bypass Vulnerability
2014-09-17
http://www.securityfocus.com/bid/66108

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68624

Mozilla Firefox/Thunderbird/SeaMonkey Use-After-Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47655

Mozilla Firefox/Thunderbird/SeaMonkey Cross-Domain JavaScript Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47656

Mozilla Firefox/Thunderbird/SeaMonkey Double Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47654

Mozilla Firefox/Thunderbird/SeaMonkey Out-Of-Memory Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47651

Mozilla Firefox/Thunderbird/SeaMonkey HTML Content (CVE-2011-0081) Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47653

Mozilla Firefox/Thunderbird/SeaMonkey HTML Frameset Tag Interger Overflow Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47648

Mozilla Firefox/Thunderbird/SeaMonkey HTML Iframe Tag Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47647

Mozilla Firefox/Thunderbird/SeaMonkey HTML Content Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47641

Mozilla Firefox/Thunderbird/SeaMonkey Marquee Elements Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47646

Mozilla Firefox and Thunderbird JPEG Image Decoding Buffer Overflow Vulnerability
2014-09-17
http://www.securityfocus.com/bid/46651

Mozilla Firefox/Thunderbird/SeaMonkey OS Font Code Multiple Unspecified Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/45352

Mozilla Firefox SeaMonkey and Thunderbird CVE-2011-0053 Multiple Memory Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/46645

Exploit

 

17.9.2014

Bugtraq

ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
Security Alert (Security_Alert emc com)

Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 2014-09-15
Vulnerability Lab (research vulnerability-lab com)

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

Malware

RDN/Generic BackDoor!zv!8272BC2F7AF3

Generic PUP.x!A4704DDDE8AE

RDN/Generic.dx!dfm!821A74834EF9

RDN/Generic PUP.x!cnh!96E7D4ABBADD

Generic PUP.x!3897DF2D2C7F

Generic PUP.x!DC6BEBB5F116

Generic PUP.x!E5ACAEE4C1E1

Generic PUP.x!3CD4BD278374

RDN/Generic PUP.x!cnh!BE70C05C0CE7

Generic PUP.x!CD11D3B276B0

Generic PUP.x!A2883DF89E60

Downloader.gen.a!814CE9BACA4F

Generic PUP.x!802D74E70A9F

Generic PUP.x!531AF24AA92D

RDN/Generic PUP.z!ef!7F2806FAC96E

RDN/Generic PUP.x!cnh!9943E3E6D98C

RDN/Generic.dx!dfm!BBD25A3C7642

Generic PUP.x!0E44F1290C41

Generic PUP.x!BB689D659B01

Generic PUP.x!16CE94CEEB77

Generic PUP.z!ACAA32B9999C

RDN/Downloader.a!te!C7C15C6B0DA3

Generic PUP.x!A2CC9ED7B918

Generic PUP.x!92C9B258E27D

Generic Downloader.x!0697E8A6F7B0

Generic PUP.x!2204DF30BA87

Generic PUP.x!2325974A9FC0

RDN/Generic.tfr!ed!B5D2ADD73496

Generic PUP.x!878FFA6889CC

Generic PUP.x!1ED0CC752A82

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4212 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/56630

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3963 Use-After-Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/55340

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4195 Cross Site Scripting Vulnerability
2014-09-17
http://www.securityfocus.com/bid/56302

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68881

Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68224

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68164

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/68162

Linux Kernel 'net/x25/af_x25.c' Local Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/64746

Linux Kernel 'net/packet/af_packet.c' Local Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/64744

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/67309

Linux Kernel 'net/netrom/af_netrom.c' Local Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/64742

Linux Kernel 'skbuff.c' Local Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/61411

Mozilla Firefox/Thunderbird/SeaMonkey 'cairo-dwrite' CVE-2012-0472 Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/53218

Mozilla Firefox and Thunderbird CVE-2013-1678 Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59864

Mozilla Firefox and Thunderbird CVE-2013-1677 Out of Bounds Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59868

Mozilla Firefox and Thunderbird CVE-2013-1670 Cross Site Scripting Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59865

Mozilla Firefox and Thunderbird CVE-2013-1669 Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59870

Mozilla Firefox and Thunderbird CVE-2013-1676 Out of Bounds Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59863

Mozilla Firefox and Thunderbird CVE-2013-1679 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59860

Mozilla Firefox/Thunderbird CVE-2013-1674 Remote Code Execution Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59859

Mozilla Firefox and Thunderbird CVE-2013-1680 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59861

Mozilla Firefox and Thunderbird CVE-2013-1681 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59862

Mozilla Firefox and Thunderbird CVE-2013-1675 Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59858

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0787 Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/58391

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0743 Security Bypass Vulnerability
2014-09-16
http://www.securityfocus.com/bid/57258

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2013-0793 Cross Site Scripting Vulnerability
2014-09-16
http://www.securityfocus.com/bid/58837

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5838 Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/56644

Mozilla Firefox CVE-2012-5837 Developer Toolbar Cross Site Scripting Vulnerability
2014-09-16
http://www.securityfocus.com/bid/56645

Mozilla Firefox and Thunderbird CVE-2013-0801 Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/59855

Exploit

 

16.9.2014

Bugtraq

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com

Malware

RDN/Generic.dx!dfl!C69B8E544EFE

RDN/Generic.dx!dfl!5D3DB0AA7A2E

RDN/Generic.dx!2C236C4B74C6

RDN/Generic.bfr!1A310E3E244F

Generic.dx!8832F4174341

Generic.dx!462DC2BD7689

Generic PUP.x!64675FD51FEE

Generic.dx!4EC01698A065

Generic PUP.x!1216AD9C1078

RDN/Generic StartPage!ca!51F50B63C13E

RDN/Downloader.gen.a!CCFF60F97184

Generic.tfr!AD0A8D81BAC8

RDN/Generic.gl!c!3654BE75A01F

RDN/Generic.hra!51ABB9AE4459

RDN/Generic.bfr!hq!CFEE47AA1A9F

RDN/Downloader.a!td!E61A3AE3C085

RDN/Generic.bfr!hr!CF0548D403BA

RDN/Generic PUP.x!cn3!82FA9D7519E7

Generic PUP.x!C077FB333F0E

RDN/Generic PUP.x!FD20628E5E6D

Generic.dx!DF7B8354F9A7

RDN/Generic PWS.y!bbb!C13641644F2A

RDN/Generic.dx!dfl!C4AD71141FA4

Generic PUP.z!5D3C6616C285

RDN/Generic Qhost!l!D3116C744237

Generic PUP.x!EF65EBF4F679

RDN/Generic StartPage!ca!5CD92665174E

RDN/Generic.bfr!hq!AEF0DAD8DC39

RDN/Generic.dx!dfl!C602737100D8

RDN/Generic StartPage!ca!575D72BAD814

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1967 Privilege Escalation Vulnerability
2014-09-16
http://www.securityfocus.com/bid/54573

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1958 Use-After-Free Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/54574

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1960 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/54572

Mozilla Firefox/Thunderbird/SeaMonkey '.lnk' Files Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53799

Mozilla Firefox/Thunderbird/SeaMonkey Use-After-Free Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53792

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1941 Heap Buffer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53793

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53791

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1937 Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53800

Mozilla Firefox/Thunderbird/SeaMonkey CSP's Inline-Script Blocking Feature Security Bypass Weakness
2014-09-16
http://www.securityfocus.com/bid/53801

Plone and Zope Multiple Remote Security Vulnerabilities
2014-09-16
http://www.securityfocus.com/bid/56341

Mozilla Firefox SeaMonkey and Thunderbird MFSA 2010-49 Multiple Memory-Corruption Vulnerabilities
2014-09-16
http://www.securityfocus.com/bid/43118

Multiple Mozilla Products 'XMLHttpRequest' Cross Domain Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43104

Mozilla Firefox, Thunderbird, and SeaMonkey HTML Frameset Element Integer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43095

Mozilla Firefox, Thunderbird, and SeaMonkey 'normalizeDocument' Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43100

Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41853

Multiple Browser Wild Card Certificate Spoofing Vulnerability
2014-09-16
http://www.securityfocus.com/bid/42817

Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeContentView' Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43097

Mozilla Firefox, Thunderbird, and SeaMonkey UTF-7 Charset Cross Site Scripting Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43101

Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41871

Mozilla Firefox and Thunderbird 'XPCSafeJSObjectWrapper' Chrome Privilege Escalation Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43092

Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1212 Remote Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41865

Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1211 Remote Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41859

Mozilla Firefox and SeaMonkey CVE-2013-6672 Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/64210

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-09-16
http://www.securityfocus.com/bid/66356

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-6671 Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/64212

Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41852

libpng Memory Corruption and Memory Leak Vulnerabilities
2014-09-16
http://www.securityfocus.com/bid/41174

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1514 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/66240

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1497 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/66423

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/67975

MantisBT Null Byte Poisoning LDAP Authentication Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69780

SolarWinds Storage Manager 'AuthenticationFilter' Class Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69438

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/65683

OpenOffice CVE-2014-3575 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69354

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69748

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69496

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69573

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69643

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69081

IBM V7000 Unified CVE-2014-4811 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69771

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61900

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2014-09-15
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62475

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69075

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/65930

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69078

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69079

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69084

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69076

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69520

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/69519

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68822

OpenOffice CVE-2013-4156 Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61468

Exploit

USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability  

Http File Server 2.3.x - Remote Command Execution

  Railo Remote File Include

  ManageEngine Eventlog Analyzer Arbitrary File Upload

  SolarWinds Storage Manager Authentication Bypass

  ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

  CacheGuard-OS 5.7.7 - CSRF Vulnerability

15.9.2014

Bugtraq

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com

Malware

RDN/Generic.dx!dfl!C69B8E544EFE

RDN/Generic.dx!dfl!5D3DB0AA7A2E

RDN/Generic.dx!2C236C4B74C6

RDN/Generic.bfr!1A310E3E244F

Generic.dx!8832F4174341

Generic.dx!462DC2BD7689

Generic PUP.x!64675FD51FEE

Generic.dx!4EC01698A065

Generic PUP.x!1216AD9C1078

RDN/Generic StartPage!ca!51F50B63C13E

RDN/Downloader.gen.a!CCFF60F97184

Generic.tfr!AD0A8D81BAC8

RDN/Generic.gl!c!3654BE75A01F

RDN/Generic.hra!51ABB9AE4459

RDN/Generic.bfr!hq!CFEE47AA1A9F

RDN/Downloader.a!td!E61A3AE3C085

RDN/Generic.bfr!hr!CF0548D403BA

RDN/Generic PUP.x!cn3!82FA9D7519E7

Generic PUP.x!C077FB333F0E

RDN/Generic PUP.x!FD20628E5E6D

Generic.dx!DF7B8354F9A7

RDN/Generic PWS.y!bbb!C13641644F2A

RDN/Generic.dx!dfl!C4AD71141FA4

Generic PUP.z!5D3C6616C285

RDN/Generic Qhost!l!D3116C744237

Generic PUP.x!EF65EBF4F679

RDN/Generic StartPage!ca!5CD92665174E

RDN/Generic.bfr!hq!AEF0DAD8DC39

RDN/Generic.dx!dfl!C602737100D8

RDN/Generic StartPage!ca!575D72BAD814

Phishing

 

Vulnerebility

MantisBT Null Byte Poisoning LDAP Authentication Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69780

SolarWinds Storage Manager 'AuthenticationFilter' Class Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69438

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/65683

OpenOffice CVE-2014-3575 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69354

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69748

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69496

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69573

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69643

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69081

IBM V7000 Unified CVE-2014-4811 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69771

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61900

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2014-09-15
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62475

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69075

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/65930

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69078

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69079

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69084

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69076

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69520

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/69519

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68822

OpenOffice CVE-2013-4156 Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61468

Exploit

  Http File Server 2.3.x - Remote Command Execution

  Railo Remote File Include

  ManageEngine Eventlog Analyzer Arbitrary File Upload

  SolarWinds Storage Manager Authentication Bypass

  ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

  CacheGuard-OS 5.7.7 - CSRF Vulnerability

12.9.2014

Bugtraq

Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland 2014-09-11
jackie sdiwc info

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

Photorange v1.0 iOS - File Include Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3021-2] file regression update 2014-09-10
Luciano Bello (luciano debian org)

[SECURITY] [DSA 3022-1] curl security update 2014-09-10
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)

Malware

RDN/Generic.dx!dfj!8CDECA7E38AC

RDN/Generic.dx!dfj!0BB92BEF3AD1

RDN/Generic.dx!dfj!0859FD6DFAB3

RDN/Generic PUP.x!cnb!C29FD7EA07E0

Generic.dx!9404A6065F6B

Generic PUP.x!CD12DAF786D1

Generic Downloader.x!8B56CA22AB3C

W32/Virus.gen!25ECDB78AC4D

Generic PUP.x!E3B3D44B40BC

Generic PUP.x!F0785AEDA326

Generic PUP.x!2D205A5B90CF

Generic PUP.x!60C4FD06E26D

Generic PUP.x!B95AF1CA366A

Generic PUP.x!764593985633

FakeAV-M.bfr!97014BCBEE47

RDN/Generic.dx!dfj!1EA8720A7613

Generic Downloader.x!6FBAFA22376C

Generic FakeAlert!23C2AD45666C

RDN/Generic Dropper!ve!A9C197068A73

RDN/Generic.dx!dfj!7BB6924AE4EC

RDN/Generic BackDoor!zt!88FBCC105918

FakeAV-M.bfr!B71BB097C5BB

RDN/Generic PUP.x!cnb!6FC1A32A95D6

Downloader.gen.a!C87318BABDB5

RDN/Generic PUP.x!cnb!2948DB7AA650

Generic.dx!00B90C14C811

Generic FakeAlert!2453E7290559

RDN/Generic PUP.x!cnb!51DEE98B1F87

RDN/Generic PUP.x!cnb!60037AD4F829

RDN/Generic PUP.x!cnb!5E344057EC4E

Phishing

Tesco Credit Card

12th September 2014

Win A Free Tesco Voucher

RBC Express

10th September 2014

User Roles Waiting For
Approval

Vulnerebility

Adobe Flash Player and AIR CVE-2014-0551 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69702

Adobe Flash Player and AIR CVE-2014-0553 Use After Free Remote Code Execution Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69707

Adobe Flash Player and AIR CVE-2014-0556 Unspecified Heap Based Buffer Overflow Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69696

Adobe Flash Player and AIR CVE-2014-0557 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-12
http://www.securityfocus.com/bid/69701

Adobe Flash Player and AIR CVE-2014-0550 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69700

Adobe Flash Player and AIR CVE-2014-0549 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69699

Adobe Flash Player and AIR CVE-2014-0552 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69703

Adobe Flash Player and AIR CVE-2014-0554 Unspecified Security Bypass Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69697

Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69705

Adobe Flash Player and AIR CVE-2014-0547 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69695

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68822

Mozilla Firefox CVE-2014-1561 Event Spoofing Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68826

Mozilla Firefox/Thunderbird CVE-2014-1559 Security Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68815

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1558 Security Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68812

Mozilla Firefox/Thunderbird CVE-2014-1547 Multiple Memory Corruption Vulnerabilities
2014-09-12
http://www.securityfocus.com/bid/68811

Mozilla Firefox/Thunderbird CVE-2014-1552 Same Origin Policy Security Bypass Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68821

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68816

Mozilla Firefox/Thunderbird CVE-2014-1549 Heap Buffer Overflow Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68820

Mozilla Firefox/Thunderbird CVE-2014-1548 Multiple Memory Corruption Vulnerabilities
2014-09-12
http://www.securityfocus.com/bid/68818

Mozilla Firefox/Thunderbird CVE-2014-1550 Use After Free Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68810

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68348

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5593 Address Bar URI Spoofing Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63429

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63427

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68243

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63424

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63423

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68238

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69325

Exploit

  OroCRM - Stored XSS Vulnerability

  Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection

  Photorange 1.0 iOS - File Inclusion Vulnerability

  ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability

11.9.2014

Bugtraq

[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)

[slackware-security] seamonkey (SSA:2014-252-01) 2014-09-09
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code 2014-09-09
security-alert hp com

NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09
VMware Security Response Center (security vmware com)

Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-09-09
sales prochatrooms com

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

Malware

Generic PUP.x!0C6745A27CC3

Generic PUP.x!0F019216AA9B

RDN/Generic PUP.x!cn3!50D6DB8D39FB

Generic PUP.x!CCEC238202E2

Generic.bfr!8B140379E0EA

Generic PUP.x!DADBCD3C0F53

RDN/Generic.dx!dfh!F2E45BAB5E28

Generic PUP.x!E81B8055827C

RDN/Generic PUP.x!AE417D382B73

Generic PUP.x!074BC2472DDE

RDN/Downloader.gen.a!FE6B84A9D0F9

RDN/Generic.bfr!hq!CF8E86542807

Generic PUP.x!10CB0929203D

iBryte!54AA3342AC94

GenericR-CAO!0619055DD67B

Generic PUP.x!654CF63E97AF

RDN/PWS-Banker!dk!2813572919D5

Generic PUP.x!4B33A593A3C0

RDN/Generic.bfr!0DB3A7BC548C

Generic BackDoor!53281A425D44

RDN/Generic PUP.x!474083FCD01D

RDN/Ransom!ek!7BFBE32E73C8

RDN/Generic.dx!dfh!DA8122BE2C69

RDN/Generic PUP.x!cn3!2746E07E861D

RDN/Generic.bfr!hq!AA1BB243E202

Generic PUP.x!84181677726C

Generic PUP.x!A5520BEC7921

Generic PUP.x!ECCC6461ABDB

RDN/Generic PUP.x!cn3!6106B6BA6492

Generic PUP.x!240914DC6025

Phishing

RBC Express

10th September 2014

User Roles Waiting For
Approval

Vulnerebility

Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69705

Adobe Flash Player and AIR CVE-2014-0553 Use After Free Remote Code Execution Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69707

Adobe Flash Player and AIR CVE-2014-0555 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69706

Adobe Flash Player and AIR CVE-2014-0559 Unspecified Heap Based Buffer Overflow Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69704

Adobe Flash Player and AIR CVE-2014-0551 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69702

Adobe Flash Player and AIR CVE-2014-0552 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69703

Adobe Flash Player and AIR CVE-2014-0554 Unspecified Security Bypass Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69697

Adobe Flash Player and AIR CVE-2014-0550 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69700

Adobe Flash Player and AIR CVE-2014-0547 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69695

Adobe Flash Player and AIR CVE-2014-0549 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69699

Adobe Flash Player and AIR CVE-2014-0556 Unspecified Heap Based Buffer Overflow Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69696

Adobe Flash Player and AIR CVE-2014-0557 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69701

Mozilla Firefox/Thunderbird CVE-2014-1563 Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69523

Mozilla Firefox/Thunderbird CVE-2014-1553 Multiple Memory Corruption Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69524

Mozilla Firefox/Thunderbird CVE-2014-1565 Out of Bounds Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69521

Mozilla Firefox and Thunderbird CVE-2014-1564 Information Disclosure Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69525

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69519

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69520

RETIRED: Microsoft September 2014 Advance Notification Multiple Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69636

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66903

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-09-11
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-2410 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66886

Oracle Java SE CVE-2014-0432 Remote Code Execution Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66897

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66893

IBM Initiate Master Data Service CVE-2014-4786 Unspecified Frame Injection Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69720

Linux Kernel 'netdevice.h' NULL Pointer Dereference Denial of Service Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69721

Linux Kernel CVE-2014-0205 Local Privilege Escalation Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69725

Exploit

 

10.9.2014

Bugtraq

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)

Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PWS.bfr!e!D52EBA8C38F9

RDN/Generic PWS.bfr!e!593A55D19F8A

Generic PUP.x!9F2D2B65341F

Generic PUP.x!68FC775C0C58

RDN/BackDoor-FBSA!a!6F4A5D6950E3

Generic PUP.x!9C8F485EF7A5

Generic PUP.x!9D3D0EBCF49B

Generic PUP.x!9B06B380FD72

Dropper-FLV!F1AEFC1A6DE4

Generic PUP.x!924150BB06D8

Generic PUP.x!9268DE306E1E

RDN/Generic PUP.x!49EBC7D22F40

RDN/Generic BackDoor!zt!59FD76A1BAF2

RDN/Generic PWS.y!bb3!6D6138EB28EB

RDN/Generic PWS.y!bb3!4A3E98397F45

Generic PUP.x!93B480CF3027

RDN/Generic.dx!dfg!DB67E30BA659

Generic PUP.x!9B86D1558050

RDN/Generic PWS.y!bb3!D53B14B79C34

Downloader.gen.a!3D00B1307A98

RDN/Generic.dx!095C7462CC57

Generic PUP.x!92F290DA65EC

Generic PUP.x!94C9399FD167

Generic PUP.x!950215A411B5

RDN/Generic Downloader.x!ku!F99ECE93DC9C

Generic PUP.x!9A76597E9EE0

RDN/Generic PWS.bfr!e!52C7A86AF2B2

Generic PUP.x!9B759309CBE6

Generic PUP.x!960A593FE7ED

Generic PUP.x!9B47FCB6DEAB

Phishing

 

Vulnerebility

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67121

Microsoft Internet Explorer CVE-2013-7331 Information Disclosure Vulnerability
2014-09-10
http://www.securityfocus.com/bid/65601

PHPIDS ReDoS Filters Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/51277

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69325

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68816

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68243

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68120

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67759

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68348

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67765

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68238

Adobe Reader and Acrobat APSB14-20 Prenotification Multiple Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/69646

Multiple ManageEngine Products CVE-2014-5005 Arbitrary File Upload Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69494

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69081

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69078

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69076

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/66486

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69258

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-09-10
http://www.securityfocus.com/bid/66976

QEMU CVE-2014-0144 Multiple Buffer Overflow Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/66483

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67394

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67357

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67392

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/66464

QEMU Multiple Memory Corruption Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/67483

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/66472

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/66481

Exploit

 

9.9.2014

Bugtraq

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)

Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
main gsmcnamara com

[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-08
security-alert hp com

CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)

Malware

RDN/Generic PUP.x!cmx!0DA098437BAA

CryptDomaIQ!46F5A8FF5DF9

CryptDomaIQ!46F6556E15E7

RDN/Generic.dx!dfg!0142D1CA3D22

RDN/Generic.hra!ca!03E1141B265D

Generic PUP.x!00B39D8F5F89

Generic PUP.x!06DD6A6BD43E

Generic PUP.x!04F27AB1EA18

RDN/Generic PUP.x!cmx!0431AF45F4E2

CryptDomaIQ!46F4C13F4B77

W32/Virus.gen!057ACD44646B

RDN/Generic PUP.x!cmx!0D240AECFAB9

RDN/Generic.dx!dfg!0564C7AFB61C

RDN/Generic PUP.x!08D3AA6C55E1

Generic PUP.x!0C748F6AEF18

RDN/Generic PUP.x!0B6F5889EA2B

Generic.bfr!0410A7DDA9B9

RDN/Generic PUP.x!cmx!0C194144F1B3

CryptDomaIQ!46EF183005EE

RDN/Generic PUP.x!cmx!022871AE441C

CryptDomaIQ!46DDDC1EEE69

CryptDomaIQ!46E4569FF286

Generic PUP.x!0435E06A5641

Generic PUP.x!0C1EAA2C86FC

RDN/Generic PUP.x!cmx!0AE8123DF11A

RDN/Generic.dx!dfg!0A1EA71AF237

RDN/Generic PUP.x!cmx!073753DF7E09

RDN/Generic PUP.x!cmx!0808DC98AF30

RDN/Generic PUP.x!cmx!04DAA3ADF107

RDN/Generic.dx!dfg!09D8E727D98A

Phishing

PayPal

9th September 2014

[IMPORTANT] Update your paypal
account information

PayPal

8th September 2014

Account Review

bt.athome@bt.com

8th September 2014

Your BT security is still not
active !!!

Vulnerebility

PHP unserialize() Function Type Confusion Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68237

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-09-09
http://www.securityfocus.com/bid/66303

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68238

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67668

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68120

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68007

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66846

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66896

Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66890

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66872

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66835

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68624

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69453

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67898

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67193

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68909

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67901

MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68908

Rsync Use Chroot Insecure File Creation Vulnerability
2014-09-09
http://www.securityfocus.com/bid/26638

Django 'return()' Function URI Redirection Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69425

Django 'contrib.admin' Information Disclosure Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69429

Django CVE-2014-0481 Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69423

Exploit

  ManageEngine Desktop Central StatusUpdate Arbitrary File Upload

  ALCASAR 2.8 Remote Root Code Execution Vulnerability

  TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities

  TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities

  Atmail Webmail 7.2 - Multiple Vulnerabilities

  PHP Stock Management System 1.02 - Multiple Vulnerabilty

  Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash

8.9.2014

Bugtraq

 

Malware

RDN/Generic.bfr!hr!C194B0FAF154

DNSChanger.bfr!CDD2B6BFD4BE

RDN/Generic FakeAlert!fd!9D2FE51733D5

CryptDomaIQ!39E10D027527

Generic.bfr!39E0359C8E95

CryptDomaIQ!39E101177F50

DNSChanger.bfr!3E702F195EB5

RDN/Generic PUP.x!cm3!04F9EC6576DA

CryptDomaIQ!39D858C4C774

CryptDomaIQ!39D7A7BE946E

CryptDomaIQ!39E2EF0386EC

iBryte!39DBFE7883B4

CryptDomaIQ!39D79FA68B26

iBryte!63242FA7AA22

RDN/Generic BackDoor!zs!593B70359824

PUP-FMK!39DB827A19FA

iBryte!39CC12CC28EE

RDN/Generic.dx!df3!CE299FF74DC8

Generic PUP.x!28F5CDD290BA

RDN/Generic PUP.x!cm3!BB05D1A3878E

RDN/Generic Downloader.x!kx!B153C79909B0

CryptDomaIQ!39E223C329DF

W32/Worm-AAEH.g!CD240A380171

Generic.dx!866B0A34A837

RDN/Generic.dx!ECB517F25AF9

Generic PUP.x!2A683B1550E7

Generic PUP.x!C221BD481E4B

Generic PUP.x!1EE2CF2E52E2

Generic BackDoor!335D88F56E24

RDN/Generic PUP.x!cm3!BD3B74F20F79

Phishing

LogMeIn.com Auto-Mailer

7th September 2014

Verify your LogMeIn account

Paypal support

7th September 2014

PLEASE VALIDATE YOUR ACCOUNT
INFORMATION

Pay-Pal...

7th September 2014

TEMPORARELY BLOCKED ACCOUNT

PayPal Service

7th September 2014

UPDATE YOUR PAYPAL INFORMATION
!

PayPal

7th September 2014

PAYPAL ACCOUNT SERVICE

PayPal

6th September 2014

PAYPAL ACCOUNT SERVICE

PayPal Service

6th September 2014

UPDATE YOUR PAYPAL INFORMATION
!

no_reply@bt.com

6th September 2014

Your BT security is still not
active.

PayPal

6th September 2014

IMPORTANT - New Security
Upgrade

Vulnerebility

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69453

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67898

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-09-08
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67193

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68909

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67901

MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68908

Rsync Use Chroot Insecure File Creation Vulnerability
2014-09-08
http://www.securityfocus.com/bid/26638

Django 'return()' Function URI Redirection Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69425

Django 'contrib.admin' Information Disclosure Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69429

Django CVE-2014-0481 Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69423

MIT Kerberos 5 CVE-2014-4344 NULL Pointer Dereference Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69160

Django CVE-2014-0482 Authentication Bypass Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69430

Rsync F_Name Off-By-One Buffer Overflow Vulnerability
2014-09-08
http://www.securityfocus.com/bid/25336

MIT Kerberos 5 CVE-2014-4343 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69159

PPP 'options.c' CVE-2014-3158 Remote Integer Overflow Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69399

GNU glibc 'iconv()' Function Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69470

GNU glibc 'iconv()' Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69472

libgcrypt Elgamal Encryption Subkeys Information Disclosure Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69164

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68983

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68636

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67765

PHP '/ext/standard/info.c' Type Confusion Information Disclosure Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68423

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67759

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68007

PHP '/tmp/phpglibccheck' Symlink Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67837

PHP unserialize() Function Type Confusion Security Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68237

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69083

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67668

Exploit

  IP Board 3.x - CSRF Token hjiacking

  LoadedCommerce7 - Systemic Query Factory Vulnerability

  Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability

  PhpOnlineChat 3.0 - XSS

  WordPress Acento Theme (view-pdf.php, file param) - Arbitrary File Download

5.9.2014

Bugtraq

[ MDVSA-2014:174 ] apache 2014-09-04
security mandriva com

Avolve Software ProjectDox Multiple Vulnerability Disclosure 2014-09-03
Romano, Christian (cromano caanes com)

[security bulletin] HPSBMU03083 rev.2 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-03
security-alert hp com

Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Malware

iBryte!1E2C3BEA1BF6

CryptDomaIQ!1E1222F0990C

Generic PUP.x!5CC07BAECF11

CryptDomaIQ!1E1C17FB4725

Generic PUP.x!2C1AC8A15E71

CryptDomaIQ!1E21145F551F

Generic PUP.x!EDC402DE907C

RDN/Generic PWS.y!0B2D4691DC4F

CryptDomaIQ!1E237709B855

CryptDomaIQ!1E27ABBC8C6A

Generic PUP.x!13F950C86215

Generic PUP.x!EFB503898C3D

Generic PUP.x!3050BCE94929

CryptDomaIQ!1E2740EAD3C2

Generic PUP.x!18DFFE3E7C4A

CryptDomaIQ!1E2A519D2BE6

CryptDomaIQ!1E23D4C809DE

CryptDomaIQ!1E2FE37768B4

PowerPack!1E2C4780D899

Generic PUP.x!EFCA5D01C7DD

Generic PUP.x!E79A39BE50CC

Generic PUP.x!18AF68478FFB

Generic PUP.x!F1633D7291C6

Generic PUP.x!EC8E7E172242

Generic PUP.x!EE3554461175

Generic PUP.x!2D1C0DB4F34E

RDN/Downloader.a!sx!090262D83C13

CryptDomaIQ!1E18F80FD05D

CryptDomaIQ!1E1643A0C292

CryptDomaIQ!1E0741DA982F

Phishing

Apple

5th September 2014

Unauthorised Login Attempt

Paypal Team

4th September 2014

Card Declined - Upload Your
Acc

Paypal support

3rd September 2014

PLEASE VALIDATE YOUR ACCOUNT
INFORMATION

Vulnerebility

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69083

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67673

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67671

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68624

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69573

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4247 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68626

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68583

RETIRED: IBM SDK for Node.js CVE-2014-5256 Remote Denial of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69462

V8 JavaScript Engine Denial of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69157

Exploit

 

4.9.2014

Bugtraq

Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

[SECURITY] [DSA 3018-1] iceweasel security update 2014-09-03
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:172 ] php 2014-09-03
security mandriva com

[ MDVSA-2014:173 ] busybox 2014-09-03
security mandriva com

Re: ntopng 1.2.0 XSS injection using monitored network traffic 2014-09-03
Steffen Bauch (mail steffenbauch de)

[CORE-2014-0005] - Advantech WebAccess Vulnerabilities 2014-09-02
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBGN03099 rev.1 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL, Remote Disclosure of Information 2014-09-02
security-alert hp com

Malware

Generic PUP.x!8D6D3577E029

Generic Dropper!150C800758EB

RDN/Generic PUP.x!cmk!4DF5EFA5CF44

Generic PUP.x!8CA71830B547

Generic PUP.x!4E0DFD9E8528

CryptDomaIQ!0DB08989B3B7

RDN/Generic.dx!3B235027EA50

CryptDomaIQ!0DA85A07ABE6

MultiPlug!0DB0A899A230

CryptDomaIQ!0DB40F91648F

MultiPlug!0DB3B2A77EEA

MultiPlug!0DB35740B528

MultiPlug!0DA760CF9C6B

Generic PUP.x!3EE39603C136

CryptDomaIQ!0DA40740A351

PUP-FMK!0DA1CAE3AFE9

iBryte!0DA4A54F886B

PUP-FMK!0DA248DAC0CA

Downloader.gen.a!8B6095504C48

RDN/Downloader.a!sx!1FC06DEC85E7

Downloader.gen.a!8351101A2DC1

Generic PUP.x!E60A2EE92097

RDN/Downloader.a!sx!8C127169A97A

Generic PUP.x!839CB4FCF0E3

Generic PUP.x!4879AEC457A2

Generic PUP.x!110F61C06182

Generic Downloader.x!2387E22BFE7C

Generic PUP.x!A42E07AA8DDE

PUP-FMK!2F746034108F

Generic PUP.x!5668B1E53C0A

Phishing

Paypal Team

4th September 2014

Card Declined - Upload Your
Acc

Paypal support

3rd September 2014

PLEASE VALIDATE YOUR ACCOUNT
INFORMATION

Tesco Bank

3rd September 2014

NEW NOTIFICATION FROM TESCO
BANK

Wells Fargo OnlineÐ’ÂŽwells._f

3rd September 2014

IMPORTANT MESSAGE FROM WELLS
FARGO ONLINE

Vulnerebility

Mozilla Firefox and Thunderbird CVE-2014-1564 Information Disclosure Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69525

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69520

Squid 'idnsALookup()' Function Remote Buffer Overflow Vulnerability
2014-09-04
http://www.securityfocus.com/bid/61111

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69453

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-04
http://www.securityfocus.com/bid/69519

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69258

Google Chrome CVE-2014-3172 Unspecified Security Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69401

Google Chrome Multiple Unspecified Remote Code Execution Vulnerabilities
2014-09-04
http://www.securityfocus.com/bid/69404

libgcrypt Elgamal Encryption Subkeys Information Disclosure Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69164

dhcpcd 'dhcp.c' Denial of Service Vulnerability
2014-09-04
http://www.securityfocus.com/bid/68970

Lua 'ldo.c' Remote Code Execution Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69342

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66914

ManageEngine EventLog Analyzer Multiple Security Vulnerabilities
2014-09-03
http://www.securityfocus.com/bid/69482

JSON-C Weak Hash Function CVE-2013-6371 Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66715

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/65400

Advantech WebAccess CVE-2014-0768 Stack-Based Buffer Overflow Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66732

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-09-03
http://www.securityfocus.com/bid/65999

IBM Tivoli Monitoring Agent CVE-2013-5467 Unspecified Local Privilege Escalation Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69436

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66881

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-09-03
http://www.securityfocus.com/bid/65568

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-09-03
http://www.securityfocus.com/bid/63676

Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
2014-09-03
http://www.securityfocus.com/bid/67064

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/67671

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/64918

TorrentFlux 'profile.php' Remote Information Disclosure Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69483

TorrentFlux 'details.php' Cross Site Scripting Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69481

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69075

Exploit

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

3.9.2014

Bugtraq

[SECURITY] [DSA 3017-1] php-cas security update 2014-09-02
Thijs Kinkhorst (thijs debian org)

Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability 2014-09-02
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:171 ] dhcpcd 2014-09-02
security mandriva com

[ MDVSA-2014:170 ] jakarta-commons-httpclient 2014-09-02
security mandriva com

Defense in depth -- the Microsoft way (part 18): Microsoft Office 2010 registers command lines with unquoted pathnames 2014-09-02
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:169 ] bugzilla 2014-09-02
security mandriva com

[ MDVSA-2014:168 ] libvncserver 2014-09-02
security mandriva com

[ MDVSA-2014:167 ] file 2014-09-02
security mandriva com

[ MDVSA-2014:166 ] serf 2014-09-02
security mandriva com

[ MDVSA-2014:165 ] krb5 2014-09-02
security mandriva com

[ MDVSA-2014:163 ] python-imaging 2014-09-02
security mandriva com

[ MDVSA-2014:164 ] phpmyadmin 2014-09-02
security mandriva com

[ MDVSA-2014:162 ] catfish 2014-09-02
security mandriva com

[ MDVSA-2014:161 ] subversion 2014-09-02
security mandriva com

[ MDVSA-2014:160 ] gpgme 2014-09-02
security mandriva com

Re: [FD] SSH host key fingerprint - through HTTPS 2014-09-02
John Leo (johnleo checkssh com)

Malware

Generic PUP.x!B6DB6DF7B0A2

RDN/Generic PUP.x!56851A88981C

RDN/Generic PUP.x!54D504B2C13F

RDN/Generic BackDoor!zi!55C7AA587ABB

RDN/Generic PUP.x!562E9FD93DAA

RDN/Generic PUP.x!55EE7264E9CC

Generic PUP.x!5F74B6787360

PUP-FMK!028F18FED502

RDN/Generic PUP.x!55D74DCCE734

PowerPack!0347F6AC42AE

RDN/Generic.bfr!96F93F172A61

RDN/Generic PUP.x!56271A8C70FF

Generic.tfr!D98D0013BF46

RDN/Generic PUP.x!cmj!C5F6449CB9F6

RDN/Generic.dx!dfb!5A90AB38A944

RDN/Generic PUP.x!B68E1597AA31

RDN/Generic PUP.x!551FE0FF5F7A

RDN/Generic PUP.x!54C809CE0A4A

RDN/Generic PUP.x!54B5367BF72B

RDN/Generic PUP.z!82D7D11F64B3

RDN/Generic PUP.x!cmj!C3F5A7280DD3

PowerPack!01982EDDDDD7

Generic PUP.x!011716E39BCC

RDN/Generic PUP.x!DD3122A8C2E2

RDN/Generic PUP.x!549588C99D8B

Generic PUP.x!CC3B21A0AF89

RDN/Generic.tfr!ed!55321D945486

RDN/Generic PUP.x!cmj!52FF393E8968

RDN/Generic PUP.x!cmj!C44A52856CA0

Generic PUP.x!71627BD9C797

Phishing

PayPal

3rd September 2014

your account paypal is limited

TheMailTeam

2nd September 2014

MAILACCOUNTMGMT UPDATE NOW

PayPal

2nd September 2014

NOTICE : YOUR ACCOUNT HAS BEEN
LIMITED PLEASE UPDATE NOW.

Vulnerebility

Linux Kernel Unspecified Local Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68126

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-09-03
http://www.securityfocus.com/bid/68162

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68164

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68881

Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68224

Linux Kernel 'mm/slab.c' Local Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68125

Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69351

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69496

Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68742

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68678

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-09-03
http://www.securityfocus.com/bid/66303

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66893

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66873

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68624

Serf CVE-2014-3504 SSL Certificate Validation Information Disclosure Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69238

Oracle Java SE CVE-2014-2403 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66918

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66916

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-09-02
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/66883

Exploit

Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection

2.9.2014

Bugtraq

WWW File Share Pro v7.0 - Denial of Service Vulnerability 2014-09-01
Vulnerability Lab (research vulnerability-lab com)

Avira License Application - Cross Site Request Forgery Vulnerability 2014-09-01
Vulnerability Lab (research vulnerability-lab com)

SSH host key fingerprint - through HTTPS 2014-09-01
John Leo (johnleo checkssh com) (2 replies)

Re: SSH host key fingerprint - through HTTPS 2014-09-01
Chris Nehren cnehren+bugtraq (at) pobox (dot) com [email concealed] (cnehren+bugtraq pobox com)

Re: SSH host key fingerprint - through HTTPS 2014-09-01
Micha Borrmann (micha borrmann syss de)

[SECURITY] [DSA 2987-2] openjdk-7 regression update 2014-08-31
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic Downloader.x!kw!4DE6C6D4D137

RDN/Generic Downloader.x!kw!265B16E2EB94

RDN/Generic PUP.x!cmj!18FC067B5493

RDN/Generic.tfr!ed!9AF0DE8E8ABA

Generic PUP.x!776DF3A1BB5C

Generic PUP.x!7FB1FCB5FDE3

Generic PUP.x!EE647D4A46F9

RDN/Generic PUP.x!cmj!2469809DFF7C

Generic PUP.x!6BC576917EC0

RDN/Spybot.bfr!n!ED6F6CB346FE

Generic PUP.x!BA28D13EB801

Generic PUP.x!5E576A63D928

RDN/BackDoor-CMQ!f!01AFDFCBCCCE

RDN/Generic.bfr!hq!57063AAEE477

RDN/Generic PUP.x!cmj!1F969678AA37

Generic PUP.x!BDAA71CC4AFB

RDN/Generic PWS.y!541093E9D9C2

RDN/Generic PUP.x!cmj!50F83B024BE6

RDN/Generic PUP.x!cmj!2538973BA2BA

Generic PUP.x!02ECBD335358

Generic PUP.x!D4F6CBF8770B

Generic PUP.x!4D589DA26299

Generic PUP.x!021F70FF1F64

RDN/Spybot.worm.gen!76E874DCEC0C

Generic PUP.x!973091C75716

RDN/Generic.tfr!ed!27E9FF6D71B7

Generic PUP.x!5A83BC51B4D6

Generic PUP.x!B92492B13CBF

Generic PUP.x!92C1FDF0FF93

Generic PUP.x!7A31D8143503

Phishing

PayPal

2nd September 2014

NOTICE : YOUR ACCOUNT HAS BEEN
LIMITED PLEASE UPDATE NOW.

BT

1st September 2014

Your BT Account Validation

Apple

1st September 2014

Account Suspended

Vulnerebility

PHP CVE-2014-5120 Multiple Arbitrary File Overwrite Vulnerabilities
2014-09-02
http://www.securityfocus.com/bid/69375

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/69325

file Composite Document File Format Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/52225

dhcpcd 'dhcp.c' Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68970

Net-SNMP snmptrapd Remote Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/65968

Net-SNMP Agent MIB Subtree Remote Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/53258

Net-SNMP SNMPD AgentX Subagent Timeout Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/64048

Net-SNMP SNMP GET Request Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/53255

Net-SNMP ICMP-MIB Remote Denial of Service Vulnerability
2014-09-02
http://www.securityfocus.com/bid/65867

Oracle Java SE CVE-2014-4247 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68626

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68590

Lua 'ldo.c' Remote Code Execution Vulnerability
2014-09-02
http://www.securityfocus.com/bid/69342

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-09-02
http://www.securityfocus.com/bid/68612

Exploit

 

1.9.2014

Bugtraq

SSH host key fingerprint - through HTTPS 2014-09-01
John Leo (johnleo checkssh com)

[SECURITY] [DSA 2987-2] openjdk-7 regression update 2014-08-31
Florian Weimer (fw deneb enyo de)

CFP Deadline Approaching - Third International Conference on Informatics & Applications | Malaysia 2014-09-01
liezelle sdiwc info

WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460) 2014-08-30
jesus ramirez pichardo gmail com

WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460) 2014-08-30
jesus ramirez pichardo gmail com

Malware

Generic.dx!F234744E5898

RDN/Spybot.bfr!9C5ABE3A3CEC

Generic PUP.x!F14E54C987BA

Downloader.gen.a!D6CD63A56713

Generic PUP.x!25C28F82CAFF

Generic BackDoor!FDE2C8167345

RDN/Generic.bfr!A237F18848CB

Generic PUP.x!33AC19768FDF

RDN/Generic PUP.x!cm3!F183510D61FC

RDN/Generic PUP.x!cm3!177F042B5CF8

RDN/Generic PUP.x!cm3!6218F23B436C

Generic PUP.x!65CE7BD22667

RDN/Generic Dropper!vc!8221E929AFB5

Generic PUP.x!8C7AB4C6D3C3

Generic PUP.x!4A163DD6E687

Generic PUP.x!C355D030F9FC

Generic PUP.x!513893B31FC1

Generic PUP.x!3572C82D1671

Generic PUP.x!09F84FB114D5

RDN/Generic Downloader.x!EE417ED73EEF

RDN/Generic PUP.x!cm3!20EE2A2B3D32

RDN/Generic Downloader.x!ku!E6A269CA1524

RDN/Generic PUP.z!D073EC0DF4D8

RDN/Generic.bfr!657281A8F68D

Generic PUP.x!6161D17566FE

RDN/Generic.bfr!A7F6F4B82D39

Generic PUP.x!F2A1A1117056

Generic PUP.x!93D6397C0525

Generic PUP.x!33167E7BAA4F

RDN/Generic PUP.x!3A6F708DF39D

Phishing

Apple

30th August 2014

EXPIRATION OF YOUR APPLE
ACCOUNT.

NETFLIX

30th August 2014

Your Netflix Account Requires
Validation [NFV-837]

іTunes Stоre

29th August 2014

SECURITY : ΡLÐľASÐľ
CоMPLÐľTÐľ THÐľÑ•Ðľ ѕTÐľPѕ
Tо RÐľÑ•TоRÐľ YоUR
AссоUNT

Vulnerebility

GNU glibc Locale Environment Handling Directory Traversal Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68505

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68983

PostgreSQL CVE-2014-0061 Security Bypass Vulnerability
2014-09-01
http://www.securityfocus.com/bid/65724

PostgreSQL CVE-2014-0066 Remote Denial Of Service Vulnerability
2014-09-01
http://www.securityfocus.com/bid/65728

PostgreSQL 'enum_recv()' Function Denial of Service Vulnerability
2014-09-01
http://www.securityfocus.com/bid/57844

PostgreSQL CVE-2014-0065 Remote Stack Buffer Overflow Vulnerability
2014-09-01
http://www.securityfocus.com/bid/65731

PostgreSQL CVE-2014-0060 Security Bypass Vulnerability
2014-09-01
http://www.securityfocus.com/bid/65723

PostgreSQL CVE-2013-1901 Security Bypass Vulnerability
2014-09-01
http://www.securityfocus.com/bid/58878

PostgreSQL 'contrib/pgcrypto' Functions Information Disclosure Weakness
2014-09-01
http://www.securityfocus.com/bid/58879

PostgreSQL CVE-2014-0064 Multiple Remote Buffer Overflow Vulnerabilities
2014-09-01
http://www.securityfocus.com/bid/65725

PostgreSQL CVE-2014-0063 Remote Stack Buffer Overflow Vulnerability
2014-09-01
http://www.securityfocus.com/bid/65719

PostgreSQL CVE-2014-2669 Multiple Integer Overflow Vulnerabilities
2014-09-01
http://www.securityfocus.com/bid/66557

PostgreSQL CVE-2013-1899 Denial of Service Vulnerability
2014-09-01
http://www.securityfocus.com/bid/58876

Stunnel CVE-2014-0016 PRNG Initialization Weakness
2014-09-01
http://www.securityfocus.com/bid/65964

Jinja2 Incomplete Fix Insecure File Permissions Vulnerability
2014-09-01
http://www.securityfocus.com/bid/64787

Jinja2 'jinja2.bccache.FileSystemBytecodeCache' Insecure File Permissions Vulnerability
2014-09-01
http://www.securityfocus.com/bid/64759

Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68602

Oracle MySQL Server CVE-2014-4243 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68611

Oracle MySQL Server CVE-2014-2484 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68560

Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68598

Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68587

Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68564

Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68593

Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68607

Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68579

PHP 'ext/soap/php_xml.c' Multiple Arbitrary File Disclosure Vulnerabilities
2014-09-01
http://www.securityfocus.com/bid/58766

Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
2014-09-01
http://www.securityfocus.com/bid/68573

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2014-09-01
http://www.securityfocus.com/bid/61776

Cisco Intelligent Automation for Cloud CVE-2014-3351 Remote Information Disclosure Vulnerability
2014-09-01
http://www.securityfocus.com/bid/69456

PHP CVE-2014-5120 Multiple Arbitrary File Overwrite Vulnerabilities
2014-09-01
http://www.securityfocus.com/bid/69375

Exploit

  Wing FTP Server Authenticated Command Execution

  Mulitple WordPress Themes (admin-ajax.php, img param) - Arbitrary File Download

  Arachni Web Application Scanner Web UI - Stored XSS Vulnerability

  WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability

  ManageEngine Desktop Central - Arbitrary File Upload / RCE

  ManageEngine EventLog Analyzer Multiple Vulnerabilities

29.8.2014

Bugtraq

Re: SaaS Marketing platform Hubspot export vulnerability 2014-08-28
security hubspot com

[SECURITY] [DSA 3014-1] squid3 security update 2014-08-28
Salvatore Bonaccorso (carnil debian org)

SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting 2014-08-28
SEC Consult Vulnerability Lab (research sec-consult com)

Aerohive Hive Manager and Hive OS Multiple Vulnerabilities 2014-08-28
Disclosure (Disclosure security-assessment com)

[The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert 2014-08-27
Pedro Ribeiro (pedrib gmail com)

[SECURITY] [DSA 3013-1] s3ql security update 2014-08-27
Florian Weimer (fw deneb enyo de)

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info

[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic PUP.x!148DF3F2BC33

RDN/Generic PUP.x!05C6943090DC

RDN/Generic PUP.x!cmb!117932EAEA0B

RDN/PWS-Mmorpg!mb!5D53BE4FCC4F

RDN/PWS-Mmorpg!mb!5D59DAF8A72C

RDN/PWS-Mmorpg!mb!5D5E9F7B8F05

RDN/Generic BackDoor!zp!534A8DB4D9C1

RDN/PWS-Mmorpg!mb!5D5B155A404A

RDN/Generic PUP.x!cmb!068AA0D3D29E

RDN/Generic PUP.x!cmb!1BB8F0FB7EC9

RDN/PWS-Mmorpg!mb!5D2E7B78BBC3

RDN/PWS-Mmorpg!lp!5D67DA081574

Generic PUP.x!061A90EA5F76

RDN/Generic PUP.x!cmb!029EBAC414D3

RDN/Generic PUP.x!cmb!055C86BD2D55

RDN/PWS-Mmorpg!mb!5D2747EC935C

RDN/Generic PUP.x!cmb!172515A4AEFB

RDN/Generic PUP.x!cmb!117671717FCF

RDN/PWS-Mmorpg!mb!5D1D5522B81E

RDN/PWS-Mmorpg!mb!5D2006745E0B

RDN/PWS-Mmorpg!mb!5D2013414DA9

RDN/PWS-Mmorpg!mb!5D1EB5A70995

RDN/PWS-Mmorpg!mb!5D122C8FA307

RDN/PWS-Mmorpg!mb!5D1AD8031236

RDN/PWS-Mmorpg!mb!5D08BD382414

RDN/PWS-Mmorpg!mb!5D152DEBB9B0

CryptDomaIQ!6FBDE69E1C92

PUP-FLN!6FBB93EC196F

CryptInno!6FBBA52F69E5

PUP-FHQ!6FB7F8253C5C

Phishing

BT

28th August 2014

You have 1 new message

PayPal

28th August 2014

update account

PayPal Service✔

27th August 2014

Your Account Will Be Limited
Until We Here From You Please
Enable Protection Against
Fraudulent Use Of Credit

Vulnerebility

IBM PowerVC 'api-paste.ini' Multiple Insecure File Permissions Vulnerabilities
2014-08-29
http://www.securityfocus.com/bid/69437

Cisco 1800 Series CVE-2014-3347 Denial of Service Vulnerability
2014-08-29
http://www.securityfocus.com/bid/69439

Linux Kernel 'mac80211/sta_info.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66591

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66492

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66779

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66543

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66351

Ruby on Rails 'create_with()' Function Security Bypass Vulnerability
2014-08-29
http://www.securityfocus.com/bid/69265

SolarWinds Server and Application Monitor 'PEstrarg1' ActiveX Heap Buffer Overflow Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67048

XWork 'ParameterInterceptor' Class OGNL (CVE-2010-1870) Security Bypass Vulnerability
2014-08-29
http://www.securityfocus.com/bid/41592

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-1819 Local Privilege Escalation Vulnerability
2014-08-29
http://www.securityfocus.com/bid/69143

Microsoft Windows Kernel Pool Allocation CVE-2014-4064 Local Information Disclosure Vulnerability
2014-08-29
http://www.securityfocus.com/bid/69144

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0318 Local Privilege Escalation Vulnerability
2014-08-29
http://www.securityfocus.com/bid/69142

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1511 Security Bypass Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66207

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1510 Privilege Escalation Vulnerability
2014-08-29
http://www.securityfocus.com/bid/66206

IBM Eclipse Help System CVE-2014-0917 Cross Site Scripting Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67339

IBM Eclipse Help System CVE-2014-0918 Directory Traversal Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67340

IBM Eclipse Help System Multiple Security Vulnerabilities
2014-08-29
http://www.securityfocus.com/bid/53884

IBM Eclipse Help System CVE-2013-0467 Information Disclosure Vulnerability
2014-08-29
http://www.securityfocus.com/bid/58000

IBM Eclipse Help System CVE-2013-0464 Cross Site Scripting Vulnerability
2014-08-29
http://www.securityfocus.com/bid/60246

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2014-08-29
http://www.securityfocus.com/bid/60107

IBM Eclipse Help System CVE-2013-5449 Cross Site Scripting Vulnerability
2014-08-29
http://www.securityfocus.com/bid/64058

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-29
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-08-29
http://www.securityfocus.com/bid/64918

Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67617

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67741

Juniper Network and Security Manager CVE-2014-3411 Remote Code Execution Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67445

Transport Gateway for Smart Call Home CVE-2014-3344 Multiple Cross Site Scripting Vulnerabilities
2014-08-29
http://www.securityfocus.com/bid/69412

CSWorks LiveData Service CVE-2014-2351 SQL Injection Vulnerability
2014-08-29
http://www.securityfocus.com/bid/67427

Huawei Campus Series Switches User Enumeration Weakness
2014-08-29
http://www.securityfocus.com/bid/69302

Exploit

  Internet Explorer MS14-029 Memory Corruption PoC

28.8.2014

Bugtraq

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info

[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)

SaaS Marketing platform Hubspot export vulnerability 2014-08-27
ehoward novacoast com

Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks 2014-08-27
Fernando Gont (fgont si6networks com)

Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27
paul szabo sydney edu au

Encore Discovery Solution Multiple Vulnerability Disclosure 2014-08-27
Romano, Christian (cromano caanes com)

Malware

RDN/PWS-Mmorpg!lw!EA3E1AE9E276

CryptDomaIQ!6C4C60262A3C

RDN/PWS-Mmorpg!lw!EA1DEEA83380

RDN/PWS-Mmorpg!lw!EA95646BA683

RDN/PWS-Mmorpg!lw!EA56234958EB

RDN/PWS-Mmorpg!lw!EA034C45DBD0

Generic PUP.x!039261261CD5

RDN/PWS-Mmorpg!lw!EA0DAFB5FB08

RDN/PWS-Mmorpg!lw!EA10A2E7CE84

RDN/PWS-Mmorpg!lw!EA061E450D76

RDN/PWS-Mmorpg!lw!E9E688EA2172

RDN/PWS-Mmorpg!lw!E9FC38AEDB33

Generic PUP.x!6C4AC5BC6AB7

Generic PUP.x!AF645A521638

RDN/PWS-Mmorpg!lw!E9E31C6AD86D

Generic PUP.x!CE7D8068F6B8

Generic PUP.x!CE5A18FF18FB

RDN/Generic PUP.x!4DF58DF1E187

Generic PUP.x!676A616F61E6

Generic PUP.x!42690469D1FC

RDN/PWS-Mmorpg!lw!EA07EC7EAAF0

Generic PUP.x!84A8AE00A9B9

RDN/DNSChanger.bfr!d!EA700A4F0150

RDN/PWS-Mmorpg!lw!E9DBAC88A099

RDN/PWS-Mmorpg!lw!E9D085D79291

RDN/PWS-Mmorpg!lw!E9C6CD287053

RDN/PWS-Mmorpg!lw!E9B2C8A986E3

RDN/PWS-Mmorpg!lw!E9CB01FC9AC7

RDN/PWS-Mmorpg!lw!E9B441FE2FBF

Generic Downloader.x!11DA4C039643

Phishing

PayPal

28th August 2014

update account

PayPal Service✔

27th August 2014

Your Account Will Be Limited
Until We Here From You Please
Enable Protection Against
Fraudulent Use Of Credit

Apple

27th August 2014

Confirm your informations for
our new system !

Vulnerebility

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-28
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-08-28
http://www.securityfocus.com/bid/64918

Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67617

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67741

Juniper Network and Security Manager CVE-2014-3411 Remote Code Execution Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67445

Transport Gateway for Smart Call Home CVE-2014-3344 Multiple Cross Site Scripting Vulnerabilities
2014-08-28
http://www.securityfocus.com/bid/69412

CSWorks LiveData Service CVE-2014-2351 SQL Injection Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67427

Huawei Campus Series Switches User Enumeration Weakness
2014-08-28
http://www.securityfocus.com/bid/69302

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69396

Django CVE-2014-0481 Denial of Service Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69423

Synchronizing Key Server CVE-2014-3207 Unspecified Cross Site Scripting Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67198

Lua 'ldo.c' Remote Code Execution Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69342

Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69257

PHP Pear '/tmp/' Directory Insecure Temporary File Creation Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69388

MediaWiki 'mediawiki.page.image.pagination.js' Cross Site Scripting Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69135

MediaWiki 'jsonp callbacks' Unspecified Security Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69136

MediaWiki Unspecified Clickjacking Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69137

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69258

Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
2014-08-28
http://www.securityfocus.com/bid/58073

Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
2014-08-28
http://www.securityfocus.com/bid/40169

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-08-28
http://www.securityfocus.com/bid/69168

IBM Eclipse Help System CVE-2014-0917 Cross Site Scripting Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67339

IBM Eclipse Help System CVE-2014-0918 Directory Traversal Vulnerability
2014-08-28
http://www.securityfocus.com/bid/67340

IBM Eclipse Help System Multiple Security Vulnerabilities
2014-08-28
http://www.securityfocus.com/bid/53884

IBM Eclipse Help System CVE-2013-0467 Information Disclosure Vulnerability
2014-08-28
http://www.securityfocus.com/bid/58000

IBM Eclipse Help System CVE-2013-0464 Cross Site Scripting Vulnerability
2014-08-28
http://www.securityfocus.com/bid/60246

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2014-08-28
http://www.securityfocus.com/bid/60107

IBM Eclipse Help System CVE-2013-5449 Cross Site Scripting Vulnerability
2014-08-28
http://www.securityfocus.com/bid/64058

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68983

Wonderware Information Server CVE-2014-2381 Weak Encryption Security Weakness
2014-08-27
http://www.securityfocus.com/bid/69415

Exploit

  glibc Off-by-One NUL Byte gconv_translit_find Exploit

  WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

  Firefox WebIDL Privileged Javascript Injection

  WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability

  Plogger 1.0-RC1 - Authenticated Arbitrary File Upload

  ManageEngine DeviceExpert 5.9 - User Credential Disclosure

  ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution

  PhpWiki - Remote Command Execution

  XRMS - Blind SQL Injection and Command Execution

  WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

27.8.2014

Bugtraq

ESA-2014-081 RSAŽ Identity Management and Governance Authentication Bypass Vulnerability 2014-08-26
Security Alert (Security_Alert emc com)

LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26
advisories (advisories lsexperts de)

ntopng 1.2.0 XSS injection using monitored network traffic 2014-08-25
Steffen Bauch (mail steffenbauch de)

[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-25
security-alert hp com

[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)

MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com

DNN(DotNetNukeŽ) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

DNN(DotNetNukeŽ) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

Malware

RDN/Generic PUP.x!clz!2E0947B78E50

RDN/Generic PWS.y!b2u!2CDAC0446556

RDN/Generic PUP.x!2E0402515608

Generic PUP.x!2C4526C882C6

Generic PUP.x!301C1E58CC80

RDN/Generic.bfr!583A93256C4F

Generic PUP.x!2E6151D57092

Generic PUP.x!E1EC11BC302A

RDN/Generic PUP.x!clz!2B25F317194F

Generic PUP.x!56E460B97AE4

Generic PUP.x!773F105CC847

Generic PUP.x!C7E8D3D1A993

BackDoor-FBOB!6D43FE1902BB

Generic PUP.x!AE8C10232B34

RDN/Generic PUP.x!2BA92552F15C

RDN/Generic PUP.x!clz!71D53C9FEB08

RDN/Downloader.gen.a!5116E588B250

W32/Virut.gen!B6353F3B667F

BackDoor-FBOB!FD21D2BDB7F9

RDN/Generic Dropper!vc!B7D344EDD310

RDN/Generic PUP.x!clz!607B470EB2F6

RDN/Generic.bfr!2D0A667CB4E7

RDN/Generic PUP.x!clz!5FCA14074301

W32/Sality.gen!B3C59539F803

Generic PUP.x!BA92BD64077F

Downloader.gen.a!092FAC647C70

BackDoor-FBOB!DF52F81C950C

BackDoor-FBOB!7B4F49E67EED

RDN/Generic.grp!B5754BC23A19

RDN/Generic.bfr!hp!2B4BECCD6C44

Phishing

Apple

27th August 2014

Confirm your informations for
our new system !

Support

26th August 2014

[Apple] Check your information
REF:56452214-IOS

Vulnerebility

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68983

Wonderware Information Server CVE-2014-2381 Weak Encryption Security Weakness
2014-08-27
http://www.securityfocus.com/bid/69415

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68645

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-27
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-08-27
http://www.securityfocus.com/bid/66363

Cisco IOS XR Software Packet Parsing CVE-2014-3335 Denial of Service Vulnerability
2014-08-27
http://www.securityfocus.com/bid/69383

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-27
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-08-27
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-08-27
http://www.securityfocus.com/bid/67900

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-08-27
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-08-27
http://www.securityfocus.com/bid/67898

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68678

Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68742

ModSecurity 'mod_headers' module Security Bypass Vulnerability
2014-08-27
http://www.securityfocus.com/bid/66550

Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
2014-08-27
http://www.securityfocus.com/bid/68745

php-sqrl 'sqrl_verify.php' SQL Injection Vulnerabilitiy
2014-08-27
http://www.securityfocus.com/bid/69270

Exploit

  glibc Off-by-One NUL Byte gconv_translit_find Exploit

  ntopng 1.2.0 - XSS Injection

  VTLS Virtua InfoStation.cgi - SQL Injection

26.8.2014

Bugtraq

[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)

MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com

DNN(DotNetNukeŽ) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

DNN(DotNetNukeŽ) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)

Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3011-1] mediawiki security update 2014-08-23
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3010-1] python-django security update 2014-08-22
Salvatore Bonaccorso (carnil debian org)

Malware

Generic Downloader.x!5DF28122FEB9

Generic PUP.x!8D3AF9130814

Generic Downloader.x!BEB3ACA13F38

Generic PUP.x!84AC7F327B5D

RDN/Generic PUP.x!BECF17CAB1A3

CryptDomaIQ!64050EDCE4B6

RDN/PWS-Mmorpg!lr!BE2C864B41E6

Generic PUP.x!BA9A223DAC46

RDN/Generic Downloader.x!kv!A4558BCC8F95

Generic PUP.x!B0B524DA1CFA

RDN/Downloader.a!st!D404575AA706

PUP-FMK!64083FD01A04

Generic PUP.x!01C05ED56557

Generic PUP.x!F3398D9A6D08

RDN/Generic PUP.x!cl3!C6FE804DF447

RDN/Generic.bfr!DB26A822E310

Generic PUP.x!B68CCD1BA4EC

CryptDomaIQ!640806A0912B

RDN/Downloader.a!st!1FF8AC1321F7

FakeAV-M.bfr!0DD23B0BD825

RDN/Generic BackDoor!zo!B336A06DDCA4

Generic PUP.x!268944FC49F5

Generic PUP.x!520C3B94B62C

Generic PUP.x!A9F7FAE56EC1

Generic PUP.x!D47526F4AE4D

Generic PUP.x!17C30BD32422

Downloader.gen.a!68C3509DEFCC

Generic PUP.x!E5AD8AAD4509

Generic PUP.x!4A4C65E38B4E

Generic PUP.x!D0C15F4DFD9A

Phishing

Barclays

24th August 2014

YOUR ACCOUNT IS TEMPORARILY
LIMITED

Lloyds

24th August 2014

Account Limited

Barclays

23rd August 2014

Your Account Is Temporarily
Limited

Vulnerebility

HP Service Manager CVE-2014-2634 Unspecified Remote Unauthorized Access Vulnerability
2014-08-26
http://www.securityfocus.com/bid/69379

Zarafa WebAccess and WebApp Incomplete Fix Multiple Local Information Disclosure Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/69362

Zarafa '/var/log/zarafa/' Directory Multiple Local Information Disclosure Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/69365

Zarafa WebAccess and WebApp '/tmp' Directory Multiple Local Information Disclosure Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/69369

Zarafa '/etc/zarafa/license/' Directory Multiple Local Information Disclosure Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/69370

Advantech WebAccess CVE-2014-2364 Multiple Remote Stack Based Buffer Overflow Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/68714

MayGion IP Camera CVE-2013-1604 Directory Traversal Vulnerability
2014-08-26
http://www.securityfocus.com/bid/60192

Multiple Microsoft Products Arbitrary Memory Write Privilege Escalation Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/68764

Oracle VM VirtualBox CVE-2014-2477 Local Privilege Escalation Vulnerability
2014-08-26
http://www.securityfocus.com/bid/68613

QEMU 'pcihp.c' Out of Bounds Memory Corruption Vulnerability
2014-08-26
http://www.securityfocus.com/bid/69356

Microsoft Windows Ancillary Function Driver CVE-2014-1767 Local Privilege Escalation Vulnerability
2014-08-26
http://www.securityfocus.com/bid/68394

Multiple Yokogawa Products 'BKFSim_vhfd.exe' Stack Based Buffer Overflow Vulnerability
2014-08-26
http://www.securityfocus.com/bid/68428

Microsoft Internet Explorer Enhanced Protected Mode CVE-2013-5045 Security Bypass Vulnerability
2014-08-26
http://www.securityfocus.com/bid/64115

Samsung iPOLiS Device Manager ActiveX Control Multiple Remote Code Execution Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/67822

Symantec Workspace Streaming XMLRPC Unauthorized Access Vulnerability
2014-08-26
http://www.securityfocus.com/bid/67189

Easy File Sharing Web Server Stack Buffer Overflow Vulnerability
2014-08-26
http://www.securityfocus.com/bid/67406

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-08-26
http://www.securityfocus.com/bid/67121

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-26
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-26
http://www.securityfocus.com/bid/68636

Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
2014-08-26
http://www.securityfocus.com/bid/67532

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/68162

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-08-26
http://www.securityfocus.com/bid/68881

Huawei HiLink E3236 and E3276 Cross Site Request Forgery Vulnerability
2014-08-26
http://www.securityfocus.com/bid/69162

MediaWiki 'jsonp callbacks' Unspecified Security Vulnerability
2014-08-26
http://www.securityfocus.com/bid/69136

MediaWiki Unspecified Clickjacking Vulnerability
2014-08-26
http://www.securityfocus.com/bid/69137

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-08-26
http://www.securityfocus.com/bid/65400

Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
2014-08-26
http://www.securityfocus.com/bid/67617

Serf CVE-2014-3504 SSL Certificate Validation Information Disclosure Vulnerability
2014-08-26
http://www.securityfocus.com/bid/69238

Drupal XML-RPC Endpoint Multiple Denial of Service Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/69146

WordPress Multiple Security Vulnerabilities
2014-08-26
http://www.securityfocus.com/bid/69096

Exploit

  Innovaphone PBX Admin-GUI - CSRF Vulnerability

  ManageEngine Password Manager MetadataServlet.dat SQL Injection

  ntopng 1.2.0 - XSS Injection

  VTLS Virtua InfoStation.cgi - SQL Injection

  Innovaphone PBX Admin-GUI - CSRF Vulnerability

  ManageEngine Password Manager MetadataServlet.dat SQL Injection

25.8.2014

Bugtraq

DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
Fernando Gont (fgont si6networks com)

[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-21
security-alert hp com

CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
Herbert Duerr (hdu apache org)

CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
Herbert Duerr (hdu apache org)

[SECURITY] [DSA 3009-1] python-imaging security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)

Malware

Downloader.gen.a!DC7C498A9931

PUP-FMK!FF62124BFC61

Generic PUP.x!EF2EF9E27990

CryptDomaIQ!FF78A2E7A332

Generic PUP.x!FF6ACD2E6F86

Generic PUP.x!96864469C5C3

RDN/Generic BackDoor!zo!3743A5BA18BB

Generic PUP.x!77B1DB3051E4

Generic.dx!DC783727A74C

Generic PUP.x!4073F47DA8BF

Generic PUP.x!AD0A1052FD6D

CryptDomaIQ!FF6789616D45

RDN/Generic.bfr!FB73645ECE86

CryptDomaIQ!FF4A49523D5F

Generic PUP.x!CFD816B07A4D

Generic PUP.x!DBD9953F84BB

FakeAV-M.bfr!139A29AC0E05

RDN/Downloader.gen.a!E1F31008F4EC

Generic PUP.x!DC3E5838A1A8

Generic PUP.x!084CE5BFBADA

Generic PUP.x!051E959FADCF

Generic PUP.x!DDBD77184305

RDN/Generic BackDoor!zo!DEB924414335

Generic Downloader.x!E4AAEF2A2811

CryptDomaIQ!FF4C15C4DD02

RDN/Generic PUP.x!clx!857EFFE1834F

Generic Downloader.x!F9F21E3FF2DE

MultiPlug!FF4A7FAD128F

RDN/Generic.bfr!32A6DE5D44D0

PUP-FMK!FF4BB4917C84

Phishing

Barclays

24th August 2014

YOUR ACCOUNT IS TEMPORARILY
LIMITED

Lloyds

24th August 2014

Account Limited

Barclays

23rd August 2014

Your Account Is Temporarily
Limited

Vulnerebility

Multiple ManageEngine Products CVE-2014-3996 SQL Injection Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69305

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66911

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66903

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69083

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66904

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-08-25
http://www.securityfocus.com/bid/66899

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69079

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69078

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69076

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69081

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-08-25
http://www.securityfocus.com/bid/69084

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/69077

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66919

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-08-22
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66910

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-08-22
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66915

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66873

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-2402 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66898

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66887

Exploit

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities

22.8.2014

Bugtraq

[SECURITY] [DSA 2940-1] libstruts1.2-java security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3008-1] php5 security update 2014-08-21
Salvatore Bonaccorso (carnil debian org)

ToorCon 16 Call For Papers! 2014-08-20
h1kari toorcon org

ArcGIS for Server Vulnerability Disclosure 2014-08-20
Romano, Christian (cromano caanes com)

CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

Malware

CryptDomaIQ!D78A92FCE66B

CryptDomaIQ!D7B9D9617294

iBryte!7B760BAC4CB7

RDN/Generic.bfr!hp!5D8629DC6644

Generic PUP.x!40AB98A5212F

PUP-FNX!3D31CF6CE619

Generic PUP.x!AA4D882A5605

Generic PUP.x!B5CFCD0D4330

Generic PUP.x!B2F1FEDF883A

Generic PUP.x!A634162F7DAE

RDN/Generic Downloader.x!kv!4D950A3923E8

RDN/Downloader.a!sr!1C2D6D6E2FF7

Generic PUP.x!91C583C9E2CB

Generic PUP.x!8211F008ACE6

RDN/Generic BackDoor!zn!EB44359AE361

Generic PUP.x!00F243CA7407

RDN/Spybot.bfr!n!EE95DC154F8A

RDN/Generic PUP.x!clr!6FA5A54C546F

MultiPlug!D869F6259C6A

Generic PUP.x!72FF3FAB00AB

Generic PUP.x!821366AA2E77

Generic PUP.x!A8E4F772823C

Generic PUP.x!8B1DE6A55E02

Generic PUP.x!A6999089A586

CryptDomaIQ!D7F39CCCECA8

Generic PUP.x!ADA8227219D7

Generic PUP.x!79BE0E13BDC4

CryptDomaIQ!D7D9BCC242A9

Generic PUP.x!693E4F7657D9

Generic.dx!9549CD8D855E

Phishing

PayPal

22nd August 2014

Temporarely Blocked Account

Halifax

20th August 2014

[SUSPECTED ] Halifax - Monthly
e-statement is ready

Vulnerebility

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66887

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-22
http://www.securityfocus.com/bid/67899

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/67898

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68632

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/69325

PHP 'ext/spl/spl_dllist.c' Local Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68513

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68348

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/68624

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-08-22
http://www.securityfocus.com/bid/69183

Drupal XML-RPC Endpoint Multiple Denial of Service Vulnerabilities
2014-08-22
http://www.securityfocus.com/bid/69146

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-2403 Remote Security Vulnerability
2014-08-22
http://www.securityfocus.com/bid/66918

Exploit

   HybridAuth install.php PHP Code Execution

  MyBB 1.8 Beta 3 - Multiple Vulnerabilities  

21.8.2014

Bugtraq

CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

SQL Injection Vulnerability in ArticleFR 2014-08-20
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-5307 - Privilege Escalation in Panda Security Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 3007-1] cacti security update 2014-08-20
Moritz Muehlenhoff (jmm debian org)

Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities 2014-08-20
CERT telekom de

ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20
jackie sdiwc info

[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities 2014-08-19
security-alert hp com

[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-08-19
security-alert hp com

Malware

Generic PUP.x!0C204FDE7B86

RDN/Generic PUP.x!clq!FF671F5AA3E5

Generic PUP.x!5C0F16FF5863

RDN/Downloader.a!sq!A3C3FD650D87

Generic PUP.x!8939F187BB57

PUP-FMK!3D9279CB2352

RDN/Generic PUP.x!8AD8A57D3C30

Generic PUP.x!8B9E18721B78

PUP-FMK!89B3A792B87A

Generic PUP.x!60503134FC5D

Generic PUP.x!89FAC80D5C6D

RDN/Generic Downloader.x!kv!64EAD1CE8C6C

RDN/Spybot.bfr!45A1E07D0A66

PUP-FMK!8974090249A0

Generic PUP.x!E99409CD2D43

RDN/Generic PUP.x!8D130A9842B1

PUP-FMK!8B0F63C711EA

PUP-FMK!8B069AE89AFA

Generic PUP.x!8B78E33964B8

Generic PUP.x!5F030CF87FCF

PUP-FMK!8B645CC4137C

Generic PUP.x!397839349DD4

Generic PUP.x!632507E475FB

Generic PUP.x!612F0BCC8106

Generic PUP.x!3C9259606529

Generic PUP.x!3C832DFC43EC

PUP-FMK!3D8111762A6F

PUP-FMK!3C019A6C6A4F

Generic PUP.x!5E44C8FB463F

Generic PUP.x!3D29C4F18403

Phishing

Halifax

20th August 2014

[SUSPECTED ] Halifax - Monthly
e-statement is ready

Amazon.com

19th August 2014

Account Confirmation

Barclays Bank PLC

19th August 2014

YOUR ACCOUNT HAS BEEN FLAGGED

Vulnerebility

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69075

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69076

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69078

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69081

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-21
http://www.securityfocus.com/bid/67899

RSA Archer GRC CVE-2014-0640 Unspecified Information Disclosure Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69288

EMC RSA Archer GRC CVE-2014-2505 Unspecified Remote Code Execution Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69290

RSA Archer GRC CVE-2014-0641 Unspecified Cross Site Request Forgery Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69289

EMC RSA Archer GRC CVE-2014-2517 Unspecified Privilege Escalation Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69287

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-08-21
http://www.securityfocus.com/bid/66363

Check_MK CVE-2014-5339 Arbitrary File Overwrite Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69310

IBM Rational Directory Server CVE-2014-3089 Local Information Disclosure Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69300

Baidu Spark Browser Stack Overflow Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/68288

IBM WebSphere Application Server CVE-2014-0965 Unspecified Information Disclosure Vulnerability
2014-08-21
http://www.securityfocus.com/bid/68210

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-08-21
http://www.securityfocus.com/bid/66303

RiverBed Stingray Traffic Manager Virtual Appliance Cross Site Scripting Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69243

IBM WebSphere Application Server CVE-2014-3022 Unspecified Information Disclosure Vulnerability
2014-08-21
http://www.securityfocus.com/bid/68211

IBM Security Access Manager for Web CVE-2014-0963 Remote Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/67238

OpenStack Compute (Nova) SSL Certificate Validation Security Bypass Vulnerability
2014-08-21
http://www.securityfocus.com/bid/65276

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/67233

WordPress Disqus Comment System Plugin Multiple Security Vulnerabilities
2014-08-21
http://www.securityfocus.com/bid/69205

WordPress Disqus Comment System Plugin Multiple Cross Site Request Forgery Vulnerabilities
2014-08-21
http://www.securityfocus.com/bid/69244

Feng Office 'customer name' Field HTML Injection Vulnerability
2014-08-21
http://www.securityfocus.com/bid/69080

Samba CVE-2014-3493 Memory Corruption Vulnerability
2014-08-21
http://www.securityfocus.com/bid/68150

Samba 'nmbd' NetBIOS Name Serives Daemon Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/68148

OpenStack Keystone V3 API Authentication Denial of Service Vulnerability
2014-08-21
http://www.securityfocus.com/bid/66736

PyCADF Notifier Middleware Information Disclosure Vulnerability
2014-08-21
http://www.securityfocus.com/bid/68149

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-08-21
http://www.securityfocus.com/bid/66914

QEMU Image Size Validation Integer Overflow Vulnerability
2014-08-21
http://www.securityfocus.com/bid/67391

Exploit

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

20.8.2014

Bugtraq

ESA-2014-071: RSA ArcherŽ GRC Platform Multiple Vulnerabilities 2014-08-19
Security Alert (Security_Alert emc com)

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

Malware

RDN/Generic.bfr!CC375F631A4E

Generic PUP.x!52928A444DEC

Generic PUP.x!30B7C7480C0F

Generic PUP.x!045F3825D781

Generic PUP.x!64986BE36D9C

W32/Agent!486C0E6EEADF

Generic PWS.y!A7D0D53F0F69

Generic PUP.x!3623875E6B76

W32/Agent!6C4A668450F8

RDN/Generic.tfr!ed!9C4B91425BFF

RDN/Generic PUP.x!cln!D89813CC07F9

Generic.dx!C07C67CB80BA

W32/Agent!C11E2E01CFB8

Generic PUP.x!336F42DC8711

RDN/Generic PWS.y!b2s!593869F46AE2

RDN/Generic.dx!d2t!5F5B3ED8A3D9

RDN/Generic PUP.x!cln!DFE89220324D

RDN/Generic.tfr!ed!6632B9A411C1

RDN/Generic BackDoor!zm!9875E4DB4956

RDN/Generic PUP.x!cln!0AFFA6025D26

RDN/Generic PUP.x!cln!48E06AB96DF3

W32/Agent!B0DFAA10B66E

Generic PUP.x!8D07C2A47AF4

Generic PUP.x!2146DFDBB8E5

RDN/Generic PWS.y!b2s!57C9D5C5AE94

W32/Agent!4CFBE029BDF6

Downloader.gen.a!1CACD40DA3B9

Generic PUP.x!02FA1F62876E

Generic PUP.x!02D61E35B35E

W32/Agent!F8D28E6337D8

Phishing

Amazon.com

19th August 2014

Account Confirmation

Barclays Bank PLC

19th August 2014

YOUR ACCOUNT HAS BEEN FLAGGED

HSBC Bank

19th August 2014

Your Account is Innactive

Amazon

19th August 2014

AMAZON : YOUR ACCOUNT HAS BEEN
SUSPENDED .! 19/08/2014
01:46:55

Vulnerebility

Cisco ASR 5000 Series Software CVE-2014-3331 Denial of Service Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69281

QEMU Image Size Validation Integer Overflow Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67391

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67357

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69168

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-08-20
http://www.securityfocus.com/bid/66356

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67193

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-08-20
http://www.securityfocus.com/bid/66363

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67899

Adobe Flash Player and AIR CVE-2014-0542 Unspecified Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69194

Adobe Flash Player and AIR CVE-2014-0544 Unspecified Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69196

Adobe Flash Player and AIR CVE-2014-0538 Use After Free Remote Code Execution Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69192

Adobe Flash Player and AIR CVE-2014-0545 Unspecified Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69197

Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69191

Adobe Flash Player and AIR CVE-2014-0540 Unspecified Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69190

Adobe Flash Player and AIR CVE-2014-0543 Unspecified Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69195

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-08-20
http://www.securityfocus.com/bid/68678

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67898

Linux Kernel CVE-2014-5206 Local Security Bypass Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69214

Linux Kernel CVE-2014-5207 Local Security Bypass Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69216

Samba 'nmbd' NetBIOS Name Services Daemon Remote Code Execution Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69021

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-08-20
http://www.securityfocus.com/bid/67671

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-1819 Local Privilege Escalation Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69143

Microsoft Windows Kernel Pool Allocation CVE-2014-4064 Local Information Disclosure Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69144

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0318 Local Privilege Escalation Vulnerability
2014-08-20
http://www.securityfocus.com/bid/69142

Cisco NX-OS Software CVE-2014-3341 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/69266

Mozilla Firefox and Thunderbird CVE-2013-1670 Cross Site Scripting Vulnerability
2014-08-19
http://www.securityfocus.com/bid/59865

Exploit

 

19.8.2014

Bugtraq

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3006-1] xen security update 2014-08-18
Moritz Muehlenhoff (jmm debian org)

Outlook.com for Android fails to validate server certificates 2014-08-17
Securify B.V. (lists securify nl)

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request 2014-08-17
tekwizz123 riseup net

Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more) 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more) 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Malware

Generic PUP.x!D17D556AB2A1

RDN/Generic PWS.y!b2r!1CE828E65DA1

RDN/Generic PUP.x!13EFCA0531D6

Generic PUP.x!E5251D67DF41

Generic PUP.x!0F1539BC11C0

RDN/Spybot.bfr!n!76009EEDBFD5

RDN/Generic PUP.x!clm!F8B2336E860A

CryptDomaIQ!F31B767EC17F

Generic.dx!427351117509

Generic PUP.x!14ED09D6ACC4

W32/Virus.gen!B8115DBA7C22

Generic PUP.x!605128B8DB0E

Generic PUP.x!772235C96E34

Generic PUP.x!6A54F0010CE8

RDN/Generic.dx!d2t!BA27E95FA7FC

Generic PUP.x!0625CACA32D6

RDN/PWS-Mmorpg!le!72E0A7408FA9

Generic PUP.x!83AF022CFA43

Generic PUP.x!3A81F3F93D2C

RDN/Generic.bfr!14AF329F39B5

RDN/PWS-Mmorpg!le!7244F461E98C

Generic PUP.x!FC1EA541274C

RDN/Generic Downloader.x!kt!B223377D6A89

Generic PUP.x!A46F9AC8BA84

RDN/Generic PUP.x!clm!8CB82925E1EA

Generic PUP.x!0F84D578996A

Generic PUP.x!18618C80353F

PUP-FMK!F309D612922F

Generic PUP.x!79C39106E78C

Generic PUP.x!73AF95D35908

Phishing

Amazon

19th August 2014

AMAZON : YOUR ACCOUNT HAS BEEN
SUSPENDED .! 19/08/2014
01:46:55

HSBC Bank ;

18th August 2014

Your Account is Innactive

Natwest

18th August 2014

Verify your online account

Paypal

17th August 2014

YOUR ACCOUNT HAS BEEN LIMITED

Service Paypal

17th August 2014

YOUR ACCOUNT WILL BE LIMITED !

NatWest

17th August 2014

*** CACTUS *** review your
account activity

Vulnerebility

Xen CVE-2013-4368 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/62935

Xen CVE-2013-4329 Local Privilege Escalation Vulnerability
2014-08-19
http://www.securityfocus.com/bid/62307

Xen CVE-2013-1442 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/62630

Xen Page Reference Counting CVE-2013-1432 Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60799

Xen CVE-2013-2195 Pointer Dereference Privilege Escalation Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60701

Xen CVE-2013-4355 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/62708

Xen CVE-2013-2194 Remote Privilege Escalation Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60702

Xen CVE-2013-2196 Remote Privilege Escalation Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60703

libxenlight (libxl) Library For Xen Local Security Bypass Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60721

Xen CVE-2013-2076 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60282

Xen CVE-2013-2078 Remote Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60278

Xen CVE-2013-2077 Remote Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/60277

GitLab 'SSH key upload' Feature CVE-2013-4490 Remote Code Execution Vulnerability
2014-08-19
http://www.securityfocus.com/bid/63513

Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68740

389 Directory Server CVE-2014-3562 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/69149

Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68745

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68678

Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68742

Kolibri Remote Buffer Overflow Vulnerability
2014-08-19
http://www.securityfocus.com/bid/45579

Kolibri CVE-2014-4158 Stack Based Buffer Overflow Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68195

Tor CVE-2014-5117 RELAY_EARLY Security Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68968

Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
2014-08-19
http://www.securityfocus.com/bid/69038

Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
2014-08-19
http://www.securityfocus.com/bid/69046

Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
2014-08-19
http://www.securityfocus.com/bid/69041

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-19
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/67898

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-08-19
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-08-19
http://www.securityfocus.com/bid/67900

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-19
http://www.securityfocus.com/bid/68636

Exploit

  Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability

  Firefox toString console.time Privileged Javascript Injection

15.8.2014

Bugtraq

[SECURITY] [DSA 3005-1] gpgme1.0 security update 2014-08-14
Salvatore Bonaccorso (carnil debian org)

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 2014-08-13
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code 2014-08-13
security-alert hp com

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13
security-alert hp com

Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12
Andrea Barisani (lcars ocert org)

Malware

Generic PUP.x!5EAF4DC5656F

CryptDomaIQ!613DEE1AA9E4

CryptDomaIQ!61A4606F9F7B

Generic PUP.x!D592A80D7EA3

Generic PUP.x!BD19C7D6EFB9

RDN/Generic.dx!d2r!439AC4BF6F9D

Generic PUP.x!07B47210CFA1

W32/Virut.n.gen!DDC0396D5BC6

RDN/Generic BackDoor!zl!CED420B564FF

RDN/Generic.dx!d2r!694F0B99D9DC

Generic.bfr!C4FF5021A5A1

RDN/Generic Downloader.x!kt!E7954A704FDF

RDN/Generic Downloader.x!77BC1B2BD9A3

Generic PUP.x!1E91A68167B9

Generic PUP.x!799557409014

Generic.bfr!62988F8D0E6A

iBryte!A1B03AFC72DA

Generic PUP.x!37B7E8CC72D9

Generic PUP.x!1DBAD420686C

RDN/PWS-Banker!dk!A921E6800E4E

RDN/Generic PWS.y!b2r!D57962293480

RDN/Generic.tfr!ed!577783DB7328

RDN/Generic.bfr!hp!BD1F672233F7

RDN/Generic PUP.z!ed!A9E10036ABAF

Generic PUP.x!1D2C6843FC93

CryptDomaIQ!6131045B79C3

RDN/Generic PUP.x!cl3!A83C5AFCBAC4

CryptDomaIQ!61211D33DB54

CryptDomaIQ!61B955BF39EA

RDN/Generic.bfr!hp!258D7ED949D9

Phishing

Customerservice@MBNA.co.uk

14th August 2014

MBNA - NEW ASSIGNED CREDIT
LIMIT

Wells Fargo

13th August 2014

Important Notice Regarding
Your Account

Apple

13th August 2014

YOU APPLE ACCOUNT HAS BEEN
LIMITED

Vulnerebility

Apache Subversion CVE-2014-3528 Insecure Authentication Weakness
2014-08-15
http://www.securityfocus.com/bid/68995

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-08-15
http://www.securityfocus.com/bid/65434

Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
2014-08-15
http://www.securityfocus.com/bid/51706

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/64918

Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
2014-08-14
http://www.securityfocus.com/bid/49303

Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
2014-08-14
http://www.securityfocus.com/bid/47820

Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
2014-08-14
http://www.securityfocus.com/bid/51407

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
2014-08-14
http://www.securityfocus.com/bid/49957

Microsoft Internet Explorer CVE-2014-4051 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69126

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68562

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-08-14
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2013-2461 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/60645

Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
2014-08-14
http://www.securityfocus.com/bid/56071

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2014-08-14
http://www.securityfocus.com/bid/57712

Exploit

    VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

  VirtualBox 3D Acceleration Virtual Machine Escape

  Disqus for Wordpress 2.7.5 Admin Stored CSRF and XSS 

14.8.2014

Bugtraq

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13
security-alert hp com

Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12
Andrea Barisani (lcars ocert org)

BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04] 2014-08-12
security (security modzero ch)

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
Gregory Pickett (gpickett71 yahoo com)

Apache Cordova 3.5.1: CVE-2014-3502 update 2014-08-11
Marcel Kinard (cmarcelk gmail com)

[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11
security-alert hp com

[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11
Raphael Geissert (geissert debian org)

Malware

RDN/Generic BackDoor!zl!E68B1B9A909D

RDN/Generic BackDoor!zl!D87E239269F8

RDN/Generic Downloader.x!kt!8F858D36A167

RDN/Generic Downloader.x!kt!FDC0A04B588B

Generic PUP.x!C4FB73B94C1A

Generic PUP.x!B7CEB1116131

Generic PUP.x!0020F4091EEF

Generic PUP.x!BA0E734C3E04

Generic PUP.x!1B53D9330121

RDN/Generic PUP.x!clh!C14853CF221A

DNSChanger.bfr!FCEB0BD6DC79

iBryte!6CB2A8B6B14A

Generic PUP.x!0021559049AF

PWS-Lineage!FCA0C564703B

RDN/PWS-Mmorpg!le!C708D98F6896

Generic PUP.x!BFA9B5157153

RDN/Generic PUP.x!FB0C34E2BF2A

RDN/Generic.bfr!hp!B439364F47F2

Generic PUP.x!65CB25F3A1E9

Generic Downloader.x!02DF46777E28

Generic PUP.x!D4FDA0479187

Generic PUP.x!EA909393FE47

RDN/Generic BackDoor!zl!BF2A095BCB4A

RDN/Generic PUP.x!clh!3D0A9AE977B4

RDN/Generic.tfr!eb!EAC0EAC1D114

RDN/PWS-Banker!dk!F3F4C6B45308

iBryte!230D02990BD8

Generic PUP.x!001389F978FB

RDN/Generic.bfr!hp!EAB758DEBBDC

RDN/Generic.bfr!hp!A8E17CFE73B5

Phishing

Wells Fargo

13th August 2014

Important Notice Regarding
Your Account

Apple

13th August 2014

YOU APPLE ACCOUNT HAS BEEN
LIMITED

PayPal

12th August 2014

Your PayPal Account Has Been
Limited PP:6755

Vulnerebility

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-08-14
http://www.securityfocus.com/bid/68615

Microsoft Internet Explorer CVE-2014-2827 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69124

Microsoft Internet Explorer CVE-2014-4058 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69131

Microsoft Internet Explorer CVE-2014-4056 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69129

Microsoft Internet Explorer CVE-2014-4052 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69127

Microsoft Internet Explorer CVE-2014-4055 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69128

Catfish '/usr/bin/catfish' Local Privilege Escalation Vulnerability
2014-08-14
http://www.securityfocus.com/bid/65761

Catfish CVE-2014-2094 Local Privilege Escalation Vulnerability
2014-08-14
http://www.securityfocus.com/bid/65791

Catfish CVE-2014-2095 Local Privilege Escalation Vulnerability
2014-08-14
http://www.securityfocus.com/bid/65793

Catfish CVE-2014-2096 Local Privilege Escalation Vulnerability
2014-08-14
http://www.securityfocus.com/bid/65794

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-14
http://www.securityfocus.com/bid/67899

Microsoft Internet Explorer CVE-2014-2820 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69116

Microsoft Internet Explorer CVE-2014-2818 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69115

Adobe Flash Player and AIR CVE-2014-0540 Unspecified Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69190

Microsoft Internet Explorer CVE-2014-4063 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69132

Microsoft Internet Explorer CVE-2014-2774 Remote Memory Corruption Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69090

Cisco Unified Communications Manager and Unified Presence Server SQL Injection Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69200

Attachmate Reflection FTP Client ActiveX Control CVE-2014-0606 Remote Code Execution Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69156

Attachmate Reflection FTP Client ActiveX Control CVE-2014-0605 Remote Code Execution Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69155

F5 Networks ARX Data Manager CVE-2014-2949 SQL Injection Vulnerabilitiy
2014-08-14
http://www.securityfocus.com/bid/68078

HP Application Lifecycle Management CVE-2014-2631 Local Privilege Escalation Vulnerability
2014-08-14
http://www.securityfocus.com/bid/69063

Exploit

VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation

13.8.2014

Bugtraq

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
Gregory Pickett (gpickett71 yahoo com)

Apache Cordova 3.5.1: CVE-2014-3502 update 2014-08-11
Marcel Kinard (cmarcelk gmail com)

[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11
security-alert hp com

[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11
Raphael Geissert (geissert debian org)

IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) 2014-08-11
Jamie Riden (jamie riden gmail com)

[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!9013C2196DC9

Generic PUP.x!8A9B26012124

Generic BackDoor!8626B626C1DF

RDN/Generic.bfr!33AF5259E1AA

RDN/Generic.grp!D7E433C049B0

Generic PUP.x!2C51624F9F37

Generic PUP.x!ABF910D3EC3E

Generic PUP.x!AC4406EF9CB1

RDN/Generic BackDoor!zk!D1F88DCB9459

RDN/Generic Dropper!va!8A600BDF0C66

RDN/Generic PUP.x!clg!AE7F20E9DF44

Generic PUP.x!FBEB8E96BD7F

Generic PUP.x!18628EAAAC47

RDN/Generic BackDoor!zk!F5875D99901B

RDN/Downloader.gen.a!90F26DD090E4

Generic PUP.x!641F17466338

Generic PUP.x!25CB943F21ED

Generic PUP.x!CDD46FE4F30F

Generic PUP.x!AB611FD1E3D6

Generic PUP.x!90F973E397D3

RDN/Generic BackDoor!zk!499390CC4A85

RDN/Generic PUP.x!90E0F365FA42

RDN/Generic PUP.x!clg!D8F8EFFCA3E6

RDN/Generic PUP.x!clg!65F8DF39564F

RDN/Generic.tfr!eb!EA9A3D4FDF70

RDN/Generic PUP.x!clg!906446C564FD

RDN/Generic PUP.x!clg!90C0C078D6DA

RDN/Generic PUP.x!clg!7AD6E0D0DD78

SquareNet!D5EF5196E1A8

RDN/Generic PWS.y!b2q!254185AD26BB

Phishing

PayPal

12th August 2014

Your PayPal Account Has Been
Limited PP:6755

Google

11th August 2014

Important Document

Vulnerebility

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68603

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-13
http://www.securityfocus.com/bid/67899

Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability
2014-08-13
http://www.securityfocus.com/bid/69191

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4247 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68626

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-08-13
http://www.securityfocus.com/bid/68615

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68816

Mozilla Firefox/Thunderbird CVE-2014-1547 Multiple Memory Corruption Vulnerabilities
2014-08-12
http://www.securityfocus.com/bid/68811

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1548 Multiple Memory Corruption Vulnerabilities
2014-08-12
http://www.securityfocus.com/bid/68818

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68822

Cisco Unified Communications Manager CVE-2014-3338 Command Injection Vulnerability
2014-08-12
http://www.securityfocus.com/bid/69176

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-08-12
http://www.securityfocus.com/bid/66801

Exploit

 

10.8.2014

Bugtraq

[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3003-1] libav security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3002-1] wireshark security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3001-1] wordpress security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend 2014-08-09
Benjamin Kaduk (kaduk MIT EDU)

[SECURITY] [DSA 3000-1] krb5 security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2999-1] drupal7 security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!F2448D269864

RDN/Generic PUP.x!DCCF14667FEF

CryptDomaIQ!4A4A980FED95

Somoto-BetterInstaller!4A4F6A31A839

Generic PUP.x!2F6696046CDD

Generic PUP.x!4A0472CF5447

PUP-FMK!4A575BA30588

CryptDomaIQ!4A5E3900424B

CryptDomaIQ!4ABF22512E1D

CryptDomaIQ!4A87260DDCAD

iBryte!7B039DA43CF7

CryptDomaIQ!4A956AEE49E3

Generic.bfr!F22F7C0BB929

Generic PUP.x!3044ED379E96

CryptDomaIQ!4A8B21ACD4EB

CryptDomaIQ!4A83AF88F3CA

RDN/Generic.dx!DBB650E32BE7

CryptDomaIQ!4A6462895D3E

Generic PUP.x!F3130A5AAB42

iBryte!4A96543FD9FD

CryptDomaIQ!4A4C01FABEA1

iBryte!7409EDDCBA81

Generic.tfr!D6EFDD77C0EE

Generic PUP.z!F32AC518557E

CryptDomaIQ!4A86C26015AC

CryptDomaIQ!4A8A3D903C58

CryptDomaIQ!4A4F795BFFDC

CryptDomaIQ!4A64AD6B0106

PUP-FMU!4A5B32B0B18F

CryptDomaIQ!49DA1BB2CDBB

Phishing

Google

11th August 2014

Important Document

AMAZON

10th August 2014

Amazon : Verify your account
✔

PayPal

10th August 2014

PayPal Security & Privacy
Update.

Vulnerebility

Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
2014-08-12
http://www.securityfocus.com/bid/69046

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68576

Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68224

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-08-12
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-08-12
http://www.securityfocus.com/bid/65768

Linux Kernel CVE-2014-0181 Local Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/67034

Mozilla Firefox/Thunderbird CVE-2014-1551 Use After Free Memory Corruption Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68817

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68822

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68562

Cisco Unity Connection CVE-2014-3336 SQL Injection Vulnerability
2014-08-12
http://www.securityfocus.com/bid/69163

Spring Security ActiveDirectoryLdapAuthenticator Authentication Bypass Vulnerability
2014-08-12
http://www.securityfocus.com/bid/66135

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-08-12
http://www.securityfocus.com/bid/67745

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-08-12
http://www.securityfocus.com/bid/67741

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-08-12
http://www.securityfocus.com/bid/67749

Symantec Endpoint Protection Local Client ADC Buffer Overflow Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68946

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-08-12
http://www.securityfocus.com/bid/67748

Mozilla Firefox/Thunderbird CVE-2014-1548 Multiple Memory Corruption Vulnerabilities
2014-08-12
http://www.securityfocus.com/bid/68818

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-08-12
http://www.securityfocus.com/bid/68824

Exploit

 

9.8.2014

Bugtraq

[security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-08
security-alert hp com

[ MDVSA-2014:158 ] openssl 2014-08-08
security mandriva com

[ MDVSA-2014:159 ] wireshark 2014-08-08
security mandriva com

ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability 2014-08-08
Security Alert (Security_Alert emc com)

[WorldCIST'15]: Call for Workshops Proposals - Proceedings by Springer 2014-08-07
ML (marialemos72 gmail com)

[security bulletin] HPSBUX03087 SSRT101413 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-08-07
security-alert hp com

Beginners error: QuickTime for Windows runs rogue program C:\Program.exe when opening associated files 2014-08-07
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege 2014-08-07
security-alert hp com

[ MDVSA-2014:157 ] ipython 2014-08-08
security mandriva com

[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code 2014-08-07
security-alert hp com

Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities 2014-08-07
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PUP.x!7E5E04B6DBB7

RDN/Generic PWS.y!8AD39AE900FE

Generic PUP.x!FA919C009814

RDN/Generic PUP.x!310FAE209BFD

RDN/Generic PUP.x!C1F195AFFBF0

Generic PUP.x!61FFE105D74D

Generic PUP.x!9B765B9DC201

RDN/Generic.bfr!97B290BF2888

RDN/Ransom!9086F66B397B

RDN/Generic PUP.x!974585DD7C7E

RDN/Generic.bfr!hp!2F5318283D20

Generic PUP.x!E37E8643EB0E

RDN/Generic PUP.x!E1A9A5D14805

Generic Dropper!D5705F627BAE

Generic.dx!7F9D3169E171

Downloader.gen.a!1F8DA5B5367F

Generic PUP.x!14B5B0F9EFA1

Generic PUP.x!D0C6D4C0D314

RDN/Generic.grp!hl!4CCB956FB142

Generic PUP.x!3B20DDB5566B

Generic PUP.x!0AE8332F429F

Generic PUP.x!B25FEC7B2BE3

RDN/Spybot.bfr!106F567745FB

RDN/Generic PUP.x!402C60F04680

RDN/BackDoor-CMQ!03B878E7493A

RDN/Generic PUP.x!29C660BFE681

Generic PUP.x!B2801F5F579D

Generic PUP.x!95EE3853B9F8

Generic Downloader.x!A25E15BD4F38

RDN/Generic PUP.x!442078F0D373

Phishing

AMAZON

10th August 2014

Amazon : Verify your account
✔

PayPal

10th August 2014

PayPal Security & Privacy
Update.

PayPal

10th August 2014

Your PayPal account is limited
until we hear from you.

support

9th August 2014

YOU HAVE A PROBLEM IN YOUR
ACCOUNT PLEASE UPDATE YOUR
INFORMATION

support

8th August 2014

YOU HAVE A PROBLEM IN YOUR
ACCOUNT PLEASE UPDATE YOUR
INFORMATION

Amazon

8th August 2014

ACCOUNT CONFIRMATION

Vulnerebility

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-08-11
http://www.securityfocus.com/bid/66801

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-08-11
http://www.securityfocus.com/bid/66363

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67898

Wireshark GTP and GSM Management Dissector CVE-2014-5163 Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69005

Wireshark Catapult IrDA Dissector CVE-2014-5161 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69001

Wireshark Catapult DCT2000 Dissector CVE-2014-5162 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69003

Wireshark RLC Dissector CVE-2014-5164 Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69002

Wireshark ASN.1 BER Dissector CVE-2014-5165 Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69000

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67121

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69084

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69078

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69076

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69081

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69075

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-08-11
http://www.securityfocus.com/bid/66397

Ubuntu 'Unity' Package Lock Screen Local Security Bypass Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68987

Sphider 'admin.php' Multiple Input Validation Vulnerabilities
2014-08-11
http://www.securityfocus.com/bid/68985

Lyris ListManager 'doemailpassword.tml' Cross Site Scripting Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68973

Drupal Freelinking And Freelinking Case Tracker Modules Security Bypass Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68861

WordPress Lead Octopus Power 'id' Parameter SQL Injection Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68934

WordPress SI CAPTCHA Anti-Spam Plugin 'index.php' Cross Site Scripting Vulnerability
2014-08-11
http://www.securityfocus.com/bid/69011

IPython Notebook Websocket Hijacking Remote Code Execution Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68680

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67900

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68909

CHICKEN 'read-u8vector!' Procedure Remote Buffer Overflow Vulnerability
2014-08-11
http://www.securityfocus.com/bid/67468

Linux Kernel CVE-2014-3534 Local Privilege Escalation Vulnerability
2014-08-11
http://www.securityfocus.com/bid/68940

Exploit

 

8.8.2014

Bugtraq

[SECURITY] [DSA 2998-1] openssl security update 2014-08-06
Raphael Geissert (geissert debian org)

[ MDVSA-2014:152 ] glibc 2014-08-06
security mandriva com

[ MDVSA-2014:154 ] readline 2014-08-06
security mandriva com

[ MDVSA-2014:153 ] mediawiki 2014-08-06
security mandriva com

[ MDVSA-2014:151 ] cups 2014-08-06
security mandriva com

Cisco Security Advisory: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability 2014-08-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic.bfr!3B29609A2250

Downloader.gen.a!FD5FC2EDEF54

RDN/BackDoor-CMQ!f!16E30608BBAC

RDN/Spybot.bfr!02C2333F6E4A

RDN/Generic Dropper!uz!7FD40CB71BC8

Generic PUP.x!15282FD5BCAB

RDN/Generic PUP.x!cl3!BDEAB08A6988

RDN/Generic.dx!d2q!EFA1AE2A7768

RDN/Generic PUP.x!1D09F27288D3

RDN/Generic PUP.x!cl3!062C1DB72C65

RDN/Generic.dx!d2q!6CEE7A5D0E8A

RDN/Generic PUP.x!cl3!B032210337F1

RDN/Generic Dropper!uz!E4F0C2B45294

Generic PUP.x!1F9A60626FF9

RDN/Generic PUP.x!cl3!AEAD6A2C5E6E

RDN/Generic PUP.x!cl3!43B0A1AE1E39

RDN/Generic PUP.x!cl3!02D3F09A5BD3

RDN/Generic PUP.x!cl3!D5B1F0754EEF

RDN/Generic PUP.x!cl3!9BAD0AC8F813

RDN/Generic PUP.x!cl3!5CC4E432E392

RDN/Generic.grp!hl!1593AD1449AD

RDN/Generic Dropper!uz!78897DA6D20E

RDN/Generic.bfr!hp!A992D563F820

Generic PUP.x!1FA0D800EF14

RDN/Generic Downloader.x!682944D849ED

RDN/Generic Dropper!uz!FBD1DB524D09

RDN/Generic Dropper!uz!EB9B675561F2

Downloader.gen.a!6C2DDD0FA240

Generic BackDoor!2108012364F9

RDN/BackDoor-AWQ!bv!1489F7656119

Phishing

ON BEHALF OF Customer Financ

7th August 2014

Access to your Visa card has
been blocked!

NatWest

7th August 2014

Restriction On Your Account

Visa Service

6th August 2014

YOUR CREDIT CARD HAS BEEN
SUSPENDED

service-customer

6th August 2014

ALERT#3245:PLEASE CHECK THE
INFORMATION ASSOCIATED WITH
YOUR ACCOUNT DATA

=?UTF-8?Q?PayPal?=

6th August 2014

=?UTF-8?Q?Your_account_will_be
_locked_within_=32=34_hours=2e
?=

PayPal

6th August 2014

Your Credit/Debit Card expired
in your account
#PP-982-761-668

Vulnerebility

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66915

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66873

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66891

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/66883

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69084

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68639

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69079

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69081

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69076

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69083

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69078

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69075

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-08-08
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-08-08
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-08-08
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-08-08
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-08-08
http://www.securityfocus.com/bid/65768

Cisco Unified Communications Manager Concurrent Login Security Bypass Vulnerability
2014-08-08
http://www.securityfocus.com/bid/69068

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-08-08
http://www.securityfocus.com/bid/68636

Exploit

 

7.8.2014

Bugtraq

PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-08-06
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:149 ] php 2014-08-06
security mandriva com

[security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege 2014-08-05
security-alert hp com

PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability 2014-08-06
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2997-1] reportbug security update 2014-08-05
Salvatore Bonaccorso (carnil debian org)

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
Georg Lukas (lukas rt-solutions de)

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
mike manzotti dionach com

Apache Cordova 3.5.1 2014-08-04
Marcel Kinard (cmarcelk gmail com)

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04
Mike Antcliffe (mikeantcliffe logicallysecure com)

SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

RDN/Generic PUP.x!clc!E8FF5FF1D3A0

RDN/Generic PUP.x!clc!5D6A09BE4670

RDN/Generic PUP.x!clc!0FBE07BF61F7

RDN/Generic.tfr!eb!D2EB83586600

RDN/Generic BackDoor!zj!E47138296721

RDN/Generic Dropper!E408F16FB487

RDN/Generic PUP.x!clc!DBC697DA98B1

RDN/Generic PUP.x!clc!1925F434586B

RDN/Generic PUP.x!clc!8D8F36CBB344

RDN/Generic.dx!d2o!7CB0F9922B61

RDN/Generic PUP.x!clc!CF0DBFAACCD3

GenericATG-FACO!138434AC9516

RDN/Generic BackDoor!zj!387339B51FA0

RDN/Downloader.gen.a!6357BB1B0377

PUP-FLT!F769AA76515D

RDN/Generic PUP.x!clc!C1B98F772ECB

RDN/Downloader.a!sl!6357BB1B0377

Generic PUP.x!84027B280340

Generic PUP.x!B8F5FC1D972F

Trojan-FEKR!7F4CCE5073AE

RDN/Generic Downloader.x!kr!34F456651A47

RDN/Generic PUP.x!D693583628C4

RDN/Generic PUP.x!4DDF6B193DE7

RDN/Generic.dx!A97AD32C01CC

RDN/Downloader.a!sl!D489B5AE4D4A

RDN/BackDoor-CMQ!f!0058849D0CAD

Trojan-FDKL!67A5766EDB6D

RDN/Generic PUP.x!clc!F2DF207A29CB

RDN/Generic Dropper!uz!339A1203649B

PUP-FLT!90EC4E499CC9

Phishing

NatWest

7th August 2014

Restriction On Your Account

Visa Service

6th August 2014

YOUR CREDIT CARD HAS BEEN
SUSPENDED

service-customer

6th August 2014

ALERT#3245:PLEASE CHECK THE
INFORMATION ASSOCIATED WITH
YOUR ACCOUNT DATA

=?UTF-8?Q?PayPal?=

6th August 2014

=?UTF-8?Q?Your_account_will_be
_locked_within_=32=34_hours=2e
?=

PayPal

6th August 2014

Your Credit/Debit Card expired
in your account
#PP-982-761-668

Vulnerebility

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-08-07
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-08-07
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-08-07
http://www.securityfocus.com/bid/66866

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68348

PHP 'ext/spl/spl_array.c' Use After Free Memory Corruption Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68511

Microsoft IIS HTTP TRACK Method Information Disclosure Vulnerability
2014-08-07
http://www.securityfocus.com/bid/33374

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68241

PHP '/ext/standard/info.c' Type Confusion Information Disclosure Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68423

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68238

PHP unserialize() Function Type Confusion Security Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68237

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/67765

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/67759

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68007

PHP Fileinfo Component Out of Bounds Memory Corruption Vulnerability
2014-08-07
http://www.securityfocus.com/bid/66002

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-08-07
http://www.securityfocus.com/bid/65596

PHP CVE-2013-6712 Remote Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/64018

file Composite Document File Format Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/52225

GNU Readline '_rl_tropen()' Insecure Temporary File Handling Vulnerability
2014-08-07
http://www.securityfocus.com/bid/66369

GNU glibc 'xc_cpupool_getinfo()' Function Use After Free Memory Corruption Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68006

GNU glibc Locale Environment Handling Directory Traversal Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68505

CUPS Web Interface CVE-2014-5030 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68846

CUPS Web Interface CVE-2014-5029 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68842

CUPS Web Interface CVE-2014-5031 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68847

CUPS Web Interface CVE-2014-3537 Local Privilege Escalation Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68788

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68814

Samba 'nmbd' NetBIOS Name Services Daemon Remote Code Execution Vulnerability
2014-08-07
http://www.securityfocus.com/bid/69021

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-08-07
http://www.securityfocus.com/bid/67741

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-08-07
http://www.securityfocus.com/bid/67121

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68243

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-08-07
http://www.securityfocus.com/bid/68120

Exploit

 

6.8.2014

Bugtraq

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
Georg Lukas (lukas rt-solutions de)

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
mike manzotti dionach com

Apache Cordova 3.5.1 2014-08-04
Marcel Kinard (cmarcelk gmail com)

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04
Mike Antcliffe (mikeantcliffe logicallysecure com)

SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

[security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information 2014-08-04
security-alert hp com

CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall 2014-08-04
Portcullis Advisories (advisories portcullis-security com)

[security bulletin] HPSBMU03083 rev.1 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-04
security-alert hp com

Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

ownCloud Unencrypted Private Key Exposure 2014-08-04
Senderek Web Security (support senderek ie) (1 replies)

Re: ownCloud Unencrypted Private Key Exposure 2014-08-04
Frank Stanek (frank frank-stanek de) (2 replies)

Re: ownCloud Unencrypted Private Key Exposure 2014-08-05
Anthony Dubuissez (anthony dubuissez webera fr)

Malware

 

Phishing

Visa Service

5th August 2014

YOUR CREDIT CARD HAS BEEN
SUSPENDED

Visa Service

4th August 2014

YOUR CREDIT CARD HAS BEEN
SUSPENDED

Discover Customer Service

4th August 2014

IMPORTANT MESSAGE ABOUT YOUR
DISCOVERÂŽ

Apple.inc

4th August 2014

YOU HAVE A PROBLEM IN YOUR
ACCOUNT PLEASE UPDATE YOUR
INFORMATION

Vulnerebility

Symantec Endpoint Protection Local Client ADC Buffer Overflow Vulnerability
2014-08-06
http://www.securityfocus.com/bid/68946

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-06
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-08-06
http://www.securityfocus.com/bid/67901

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-08-06
http://www.securityfocus.com/bid/66363

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-08-06
http://www.securityfocus.com/bid/67898

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-06
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-08-06
http://www.securityfocus.com/bid/67900

Yum 'yum-cron/yum-cron.py' Security Bypass Vulnerability
2014-08-06
http://www.securityfocus.com/bid/65119

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66902

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-08-06
http://www.securityfocus.com/bid/65400

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/64918

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-08-06
http://www.securityfocus.com/bid/66690

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66914

Multiple Hitachi Products Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
2014-08-06
http://www.securityfocus.com/bid/68015

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66919

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-08-06
http://www.securityfocus.com/bid/65568

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-08-06
http://www.securityfocus.com/bid/67601

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-08-06
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66910

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-06
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66911

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-08-06
http://www.securityfocus.com/bid/66873

Exploit

Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow

5.8.2014

Bugtraq

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

ownCloud Unencrypted Private Key Exposure 2014-08-04
Senderek Web Security (support senderek ie)

[SECURITY] [DSA 2996-1] icedove security update 2014-08-03
Moritz Muehlenhoff (jmm debian org)

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2995-1] lzo2 security update 2014-08-03
Salvatore Bonaccorso (carnil debian org)

[slackware-security] dhcpcd (SSA:2014-213-02) 2014-08-01
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-213-01) 2014-08-01
Slackware Security Team (security slackware com)

Microsoft Exchange Multiple Vulnerabilities 2014-08-01
np securitypentest com

Malware

 

Phishing

Visa Service

4th August 2014

YOUR CREDIT CARD HAS BEEN
SUSPENDED

Discover Customer Service

4th August 2014

IMPORTANT MESSAGE ABOUT YOUR
DISCOVERÂŽ

Apple.inc

4th August 2014

YOU HAVE A PROBLEM IN YOUR
ACCOUNT PLEASE UPDATE YOUR
INFORMATION

NatWest Online Banking

2nd August 2014

Your Securtiy is important

BARCLAYS

2nd August 2014

ACCOUNT VALIDATION REQUIRED
[#9384-BDA]

Vulnerebility

Symantec Endpoint Protection Local Client ADC Buffer Overflow Vulnerability
2014-08-05
http://www.securityfocus.com/bid/68946

WordPress MF Gig Calendar Plugin CVE-2012-4242 Cross Site Scripting Vulnerability
2014-08-05
http://www.securityfocus.com/bid/55622

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-08-05
http://www.securityfocus.com/bid/68816

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66916

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-08-05
http://www.securityfocus.com/bid/67601

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-05
http://www.securityfocus.com/bid/67899

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/67193

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66919

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66904

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-08-05
http://www.securityfocus.com/bid/63676

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-08-05
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-0463 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/66908

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/63115

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/61310

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2014-08-05
http://www.securityfocus.com/bid/57778

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/63224

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2014-08-05
http://www.securityfocus.com/bid/63089

Zend Framework 'PDO_MySql' Security Bypass Vulnerability
2014-08-05
http://www.securityfocus.com/bid/47919

GNU glibc 'getaddrinfo()' Remote Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/63299

GNU glibc 'getaddrinfo()' CVE-2013-4357 Remote Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/67992

GNU glibc Locale Environment Handling Directory Traversal Vulnerability
2014-08-05
http://www.securityfocus.com/bid/68505

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-08-05
http://www.securityfocus.com/bid/59797

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-08-05
http://www.securityfocus.com/bid/67669

Exploit

  Video WiFi Transfer 1.01 - Directory Traversal Vulnerability

  FreeDisk v1.01 iOS - Multiple Vulnerabilities

  Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh

4.8.2014

Bugtraq

[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31
security-alert hp com

Malware

W32/Expiro!08DB7DDE3814

W32/Expiro!056E87849E07

RDN/Generic PUP.x!ckt!0A5AFC45C3A6

RDN/Generic PUP.x!ckt!CA5362C7469F

RDN/Generic PUP.x!ckt!C70525C46D4A

Generic PUP.x!159ABAC7A572

Generic PUP.x!2DBE68F6E8EB

RDN/FakeAV-M.bfr!8BBE1B37FA4B

W32/Expiro!05B2A253463C

Generic PUP.x!8C14093241EF

Generic.tfr!E44566C58343

W32/Expiro!04A09DE44611

Downloader.gen.a!FEE1BC2B60EF

Generic PUP.x!36E6DFC40F67

Generic PUP.x!0085CB177B28

Generic.tfr!2B32D9BCA821

Somoto-BetterInstaller!5655811B468F

PUP-FMH!C66C0A0C5812

CryptDomaIQ!C622A061874A

CryptDomaIQ!C6EFEDDC16C4

Generic PUP.x!E7A29C8ADAB5

Generic.dx!39F09EEDBB74

CryptDomaIQ!C64238627A2E

Downloader.gen.a!BEBDD8448060

PUP-FMU!C71617B70793

CryptDomaIQ!C662BC2AF6F9

CryptDomaIQ!C70C239C2D64

Generic PUP.x!21841B079132

Generic PUP.x!8C0FC97C4407

W32/Expiro!08FBA30FB1B1

Phishing

NatWest Online Banking

2nd August 2014

Your Securtiy is important

BARCLAYS

2nd August 2014

ACCOUNT VALIDATION REQUIRED
[#9384-BDA]

Microsoft

1st August 2014

For security purposes, your
online account has been
locked.

Vulnerebility

RETIRED: WordPress A Page Flip Book Plugin 'pageflipbook.php' Local File Include Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68959

WordPress PageflipBook Plugin 'pageflipbook_language' Parameter Local File Include Vulnerability
2014-08-04
http://www.securityfocus.com/bid/54368

RubyGems CVE-2013-4363 Denial of Service Vulnerability
2014-08-04
http://www.securityfocus.com/bid/62442

RubyGems CVE-2013-4287 Denial of Service Vulnerability
2014-08-04
http://www.securityfocus.com/bid/62281

AlienVault Prior to 4.6.0 Command Injection Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68864

CUPS Web Interface CVE-2014-5031 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68847

CUPS Web Interface CVE-2014-3537 Local Privilege Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68788

CUPS Web Interface CVE-2014-5030 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68846

CUPS Web Interface CVE-2014-5029 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68842

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
2014-08-04
http://www.securityfocus.com/bid/57954

ImageMagick PSD Image File Handling Remote Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65478

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65192

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
2014-08-04
http://www.securityfocus.com/bid/65492

ImageMagick PSD Image File Processing 'DecodePSDPixels()' Function Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65563

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65243

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65188

Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/57951

Pidgin CVE-2013-6486 Incomplete Fix Remote Code Execution Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65189

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65683

Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
2014-08-04
http://www.securityfocus.com/bid/57952

Pidgin 'sipmsg_parse_header()' Function Buffer Overflow Vulnerability
2014-08-04
http://www.securityfocus.com/bid/65195

Multiple Cisco Products CVE-2013-0149 Remote Security Bypass Vulnerability
2014-08-04
http://www.securityfocus.com/bid/61566

OpenStack Keystone Trust Chained Delegation Privilage Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68026

OpenStack Keystone Trust CVE-2014-3520 Privilage Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68344

D-Bus '_dbus_printf_string_upper_bound()' Function Denial of Service Vulnerability
2014-08-04
http://www.securityfocus.com/bid/60546

Django CVE-2014-0474 Multiple Data Type Injection Vulnerabilities
2014-08-04
http://www.securityfocus.com/bid/67038

Django CVE-2014-0473 Cross Site Request Forgery Vulnerability
2014-08-04
http://www.securityfocus.com/bid/67040

Django 'reverse()' Function Arbitrary Code Execution Vulnerability
2014-08-04
http://www.securityfocus.com/bid/67041

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-08-04
http://www.securityfocus.com/bid/68213

Linux Kernel CVE-2014-3534 Local Privilege Escalation Vulnerability
2014-08-04
http://www.securityfocus.com/bid/68940

Exploit

  TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

2.8.2014

Bugtraq

[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31
security-alert hp com

[ MDVSA-2014:148 ] dbus 2014-07-31
security mandriva com

[ MDVSA-2014:147 ] sendmail 2014-07-31
security mandriva com

[SECURITY] [DSA 2994-1] nss security update 2014-07-31
Raphael Geissert (geissert debian org)

Malware

Generic.dx!EEDB021B4107

RDN/Downloader.a!si!FCF87BC81A5C

Generic PUP.x!C85F72BE47E0

RDN/Generic PUP.x!ckp!91718CE7DF49

RDN/Downloader.a!si!9FCE9CA3EAA1

RDN/Generic PUP.x!CF9A187C4140

RDN/Generic PUP.x!ckp!B0E0AA08AEC6

RDN/Generic PUP.x!ckp!D2907F32D3CD

RDN/Downloader.a!si!955FCDD7C6D5

RDN/Generic PUP.x!ckp!C91E19742A91

RDN/Downloader.a!si!7DFD452CD00E

RDN/Generic PUP.x!ckp!DA1442EF00B2

Generic.tfr!CD9F60E3921E

RDN/Downloader.a!si!604162E987A6

RDN/Generic Dropper!uy!9E6EB4FC4214

RDN/Generic PUP.x!ckp!A5308C29F05A

RDN/Downloader.a!si!D009C32F14E4

Generic.bfr!B0FFF36BF2B5

RDN/Downloader.a!si!402CC248306D

RDN/Downloader.a!si!C079FE18B514

Generic.dx!D9B152FE7207

RDN/Generic PUP.x!573A22EE2532

RDN/Generic PUP.x!ckp!4EE62C3F1B49

RDN/Downloader.a!si!1A37C6F758CD

RDN/Generic PUP.x!CD7A281E9FC6

Generic PUP.x!0A829E08A0A9

Generic PUP.x!BC798CE217F9

RDN/Generic PUP.x!ckp!716983CD6054

RDN/Downloader.a!si!FB52784E4A50

RDN/Generic Dropper!uy!2AD89A67786E

Phishing

BARCLAYS

2nd August 2014

ACCOUNT VALIDATION REQUIRED
[#9384-BDA]

Microsoft

1st August 2014

For security purposes, your
online account has been
locked.

Vulnerebility

RETIRED: WordPress A Page Flip Book Plugin 'pageflipbook.php' Local File Include Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68959

WordPress PageflipBook Plugin 'pageflipbook_language' Parameter Local File Include Vulnerability
2014-08-02
http://www.securityfocus.com/bid/54368

RubyGems CVE-2013-4363 Denial of Service Vulnerability
2014-08-02
http://www.securityfocus.com/bid/62442

RubyGems CVE-2013-4287 Denial of Service Vulnerability
2014-08-02
http://www.securityfocus.com/bid/62281

AlienVault Prior to 4.6.0 Command Injection Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68864

CUPS Web Interface CVE-2014-5031 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68847

CUPS Web Interface CVE-2014-3537 Local Privilege Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68788

CUPS Web Interface CVE-2014-5030 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68846

CUPS Web Interface CVE-2014-5029 Incomplete Fix Local Privilege Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68842

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
2014-08-02
http://www.securityfocus.com/bid/57954

ImageMagick PSD Image File Handling Remote Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65478

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65192

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
2014-08-02
http://www.securityfocus.com/bid/65492

ImageMagick PSD Image File Processing 'DecodePSDPixels()' Function Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65563

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65243

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65188

Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/57951

Pidgin CVE-2013-6486 Incomplete Fix Remote Code Execution Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65189

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65683

Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
2014-08-02
http://www.securityfocus.com/bid/57952

Pidgin 'sipmsg_parse_header()' Function Buffer Overflow Vulnerability
2014-08-02
http://www.securityfocus.com/bid/65195

Multiple Cisco Products CVE-2013-0149 Remote Security Bypass Vulnerability
2014-08-02
http://www.securityfocus.com/bid/61566

OpenStack Keystone Trust Chained Delegation Privilage Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68026

OpenStack Keystone Trust CVE-2014-3520 Privilage Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68344

D-Bus '_dbus_printf_string_upper_bound()' Function Denial of Service Vulnerability
2014-08-02
http://www.securityfocus.com/bid/60546

Django CVE-2014-0474 Multiple Data Type Injection Vulnerabilities
2014-08-02
http://www.securityfocus.com/bid/67038

Django CVE-2014-0473 Cross Site Request Forgery Vulnerability
2014-08-02
http://www.securityfocus.com/bid/67040

Django 'reverse()' Function Arbitrary Code Execution Vulnerability
2014-08-02
http://www.securityfocus.com/bid/67041

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-08-02
http://www.securityfocus.com/bid/68213

Linux Kernel CVE-2014-3534 Local Privilege Escalation Vulnerability
2014-08-02
http://www.securityfocus.com/bid/68940

Exploit

 

1.8.2014

Bugtraq

[ MDVSA-2014:144 ] live 2014-07-30
security mandriva com

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

RE: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Joe Souza (Joe Souza NetMotionWireless com) (1 replies)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:143 ] phpmyadmin 2014-07-30

Malware

RDN/Generic PUP.x!ckm!3E423F5F8F30

RDN/Generic.tfr!CB6A7DBABD38

RDN/Generic Downloader.x!kh!C37092056D60

RDN/Generic PUP.x!ckm!D8977D71ECB0

PUP-FMU!89B26B09C874

Generic PUP.x!6A2348DF5D07

Generic Downloader.x!11B9D320C370

Generic PUP.x!5E69780849E8

RDN/Generic PUP.x!E0D5C8BA68FC

Generic PUP.x!50988E37F4CB

PUP-FMU!FC88EAC1B034

RDN/Generic PWS.y!DBC0D4AF2723

CryptDomaIQ!9504335A721E

Generic PUP.x!4644B244F268

PUP-FMU!4576D80B3D68

PUP-FMU!25054506CF8E

RDN/Generic Dropper!uy!2AF0D9057C2D

RDN/Generic BackDoor!3DFF29FC14FC

RDN/Generic Dropper!uy!4E85CA323FF2

PUP-FMU!7ED025401F9C

RDN/Generic PUP.x!ckm!5F22DB062A0A

RDN/Generic PUP.x!0BB41C1261B0

Generic PUP.x!0B6A06193743

RDN/Generic.grp!hj!7CD8725E9561

Generic PUP.x!A556729C4351

RDN/Generic PUP.x!ckm!3D5F913DEBA1

RDN/Downloader.a!ry!E2304190B95A

RDN/Generic.dx!ddv!DB87E324A3E1

Generic PUP.x!63F3C1D81140

CryptDomaIQ!94FF124814A9

Phishing

Microsoft

1st August 2014

For security purposes, your
online account has been
locked.

PaypalService

1st August 2014

Update Your Account

MBNA Europe Bank Limited

31st July 2014

New Security Update.

Discover Customer Service

31st July 2014

MESSAGE ABOUT YOUR DISCOVERÂŽ

Halifax

31st July 2014

1 New Halifax Account Messege

Vulnerebility

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66351

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-08-01
http://www.securityfocus.com/bid/67309

Linux Kernel 'mac80211/sta_info.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66591

Linux Kernel 'futex.c' Function Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/67395

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66543

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66492

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66779

Tor CVE-2014-5117 RELAY_EARLY Security Vulnerability
2014-08-01
http://www.securityfocus.com/bid/68968

Microsoft Office CVE-2013-5057 ASLR Security Bypass Vulnerability
2014-08-01
http://www.securityfocus.com/bid/64095

Oracle Outside In Technology CVE-2013-5791 Stack Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/63076

Wireshark MPEG File Parser 'wiretap/mpeg.c' Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66066

Schneider Electric OPC Factory Server Local Stack Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/65871

Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability
2014-08-01
http://www.securityfocus.com/bid/63971

Adobe Flash Player CVE-2014-0515 Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/67092

JBoss Enterprise Application Platform CVE-2012-0874 Multiple Security Bypass Vulnerabilities
2014-08-01
http://www.securityfocus.com/bid/57552

PosterSoftware Publish-it '.PUI' File Handling Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/65366

Microsoft Windows TCP/IP IPv6 Router Advertisement Remote Denial of Service Vulnerability
2014-08-01
http://www.securityfocus.com/bid/65409

Adobe Flash Player CVE-2013-0634 Remote Memory Corruption Vulnerability
2014-08-01
http://www.securityfocus.com/bid/57787

Microsoft Internet Explorer CVE-2013-3897 Memory Corruption Vulnerability
2014-08-01
http://www.securityfocus.com/bid/62811

Multiple WellinTech Products ActiveX Remote Code Execution Vulnerability
2014-08-01
http://www.securityfocus.com/bid/64941

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-08-01
http://www.securityfocus.com/bid/67899

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0323 Local Information Disclosure Vulnerability
2014-08-01
http://www.securityfocus.com/bid/66007

Ericom AccessNow Server 'AccessServer32.exe' Stack Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/67777

IcoFX CVE-2013-4988 '.ico' File Remote Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/64221

Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2014-08-01
http://www.securityfocus.com/bid/65997

Microsoft Internet Explorer CVE-2014-1776 Remote Code Execution Vulnerability
2014-08-01
http://www.securityfocus.com/bid/67075

LIVE555 Streaming Media 'parseRTSPRequestString()' Function Buffer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/65139

Adobe Acrobat and Reader CVE-2013-2729 Unspecified Remote Integer Overflow Vulnerability
2014-08-01
http://www.securityfocus.com/bid/59918

Multiple HP Products 'AgentController' Remote Code Execution Vulnerability
2014-08-01
http://www.securityfocus.com/bid/62359

Exploit

 

31.7.2014

Bugtraq

Vulnerabilities in Facebook and Facebook Messenger for Android [STIC-2014-0529] 2014-07-29
Programa STIC (stic fundacionsadosky org ar)

[security bulletin] HPSBMU03078 rev.1 - HP CloudSystem Foundation and HP CloudSystem Enterprise Software running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-07-29
security-alert hp com

[ MDVSA-2014:141 ] java-1.7.0-openjdk 2014-07-29
security mandriva com

[Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS 2014-07-29
Onapsis Research Labs (research onapsis com)

Malware

RDN/Generic Dropper!uy!05B9CE22C78C

Generic PUP.x!9788D5D70DAF

RDN/Generic Dropper!uy!21343AB51C9B

RDN/Generic.dx!9834CF05FE92

RDN/Generic PUP.x!BCFA4B4BAB7D

RDN/Generic.dx!4E3D06158622

RDN/Generic PUP.z!8241EF0E1E48

RDN/Generic.dx!2FAB026C650D

RDN/Generic.dx!FA0F54EFFBAD

Generic PUP.z!3186E2351D8D

Generic Downloader.x!8B6EF59B0CB9

RDN/Generic PUP.x!ck3!DEA2152247F1

Generic PUP.x!10B147851ED5

RDN/Generic PUP.x!AB422E003BF4

Generic.bfr!8E56CFC5DB68

RDN/Generic PUP.x!D975E01C91C1

RDN/Generic PUP.x!ADEFB5F6037C

RDN/Generic.bfr!9563A32F7466

Generic.dx!41BB53A4DA5E

Generic PUP.z!90339B7FFD36

Somoto-BetterInstaller!4544E05DF1EA

RDN/Generic PUP.x!ck3!3C32C76D6720

Generic PUP.x!62568192C39D

Generic PUP.x!BAF618224750

Generic PUP.x!6722FE89449E

Generic PUP.x!1DD778E673FA

RDN/Generic Dropper!uy!875D82F09673

RDN/Generic PUP.x!ck3!D12826863A13

Keylog-Ardamax.dll!96C2B9FDA079

RDN/Generic Dropper!uy!56109A3FFEB5

Phishing

Apple

31st July 2014

Update your apple account

Chase

30th July 2014

Online Notification #3281
Chase

BT

30th July 2014

We are unable to process your
recent payment

Halifax

30th July 2014

Account restricted
[HBOS-28734MV]

Vulnerebility

phpMyAdmin 'structure.lib.php' Cross Site Scripting Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68798

phpMyAdmin 'rte_list.lib.php' Cross Site Scripting Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68799

phpMyAdmin CVE-2014-4987 Remote Security Bypass Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68804

phpMyAdmin 'functions.js' Multiple Cross Site Scripting Vulnerabilities
2014-07-31
http://www.securityfocus.com/bid/68803

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68678

Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68742

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68814

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67193

Linux Kernel 'futex.c' Function Denial of Service Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67395

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-07-31
http://www.securityfocus.com/bid/67309

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67321

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68824

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-07-31
http://www.securityfocus.com/bid/66356

Mozilla Firefox/Thunderbird CVE-2014-1547 Multiple Memory Corruption Vulnerabilities
2014-07-31
http://www.securityfocus.com/bid/68811

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68822

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68816

Mozilla Firefox/Thunderbird CVE-2014-1548 Multiple Memory Corruption Vulnerabilities
2014-07-31
http://www.securityfocus.com/bid/68818

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-07-31
http://www.securityfocus.com/bid/66363

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67898

Trusted Boot 'loader.c' Security Bypass Vulnerability
2014-07-31
http://www.securityfocus.com/bid/68960

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67899

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-31
http://www.securityfocus.com/bid/66801

CMSimple 'required_classes.php' Remote File Include Vulnerability
2014-07-31
http://www.securityfocus.com/bid/66980

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67671

Microsoft Internet Explorer CVE-2014-1762 Remote Code Execution Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67511

Oracle VM VirtualBox 'crNetRecvWriteback()' Function Memory Corruption Vulnerability
2014-07-31
http://www.securityfocus.com/bid/66132

Oracle VM VirtualBox 'crServerDispatchVertexAttrib4NubAR()' Function Memory Corruption Vulnerability
2014-07-31
http://www.securityfocus.com/bid/66133

Elasticsearch CVE-2014-3120 Arbitrary Java Code Execution Vulnerability
2014-07-31
http://www.securityfocus.com/bid/67731

Exploit

  Dlink DWR-113 Rev. Ax - CSRF Denial of Service

  SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities

  SkaDate Lite 2.0 - Remote Code Execution Exploit

  D-Link AP 3200 Multiple Vulnerabilities

30.7.2014

Bugtraq

[Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass 2014-07-29
Onapsis Research Labs (research onapsis com)

[ MDVSA-2014:139 ] nss 2014-07-29
security mandriva com

[Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication 2014-07-29
Onapsis Research Labs (research onapsis com)

Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities 2014-07-29
Vulnerability Lab (research vulnerability-lab com)

WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities 2014-07-29
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2992-1] linux security update 2014-07-29
Salvatore Bonaccorso (carnil debian org)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-28
Stefan Kanthak (stefan kanthak nexgo de)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-28
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:140 ] owncloud 2014-07-29
security mandriva com

Kunena Forum Extension for Joomla Multiple Reflected Cross-Site Scripting Vulnerabilities 2014-07-28
vulns dionach com

Kunena Forum Extension for Joomla Multiple SQL Injection Vulnerabilities 2014-07-28
vulns dionach com

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!347D4B4C4326

RDN/Generic Dropper!uy!3F1A117FB195

W32/Virut.gen!9A58C37833C4

RDN/Generic Dropper!uy!50AB979CCBB2

Generic PUP.x!3DEE2CD98EC1

Downloader.gen.a!BF6812F96F24

Generic PUP.x!C3FBD2B90161

RDN/Generic Dropper!uy!EF5B451AC51E

Generic.dx!56712E8DD619

Downloader.gen.a!22639189873A

Generic PUP.x!6CD9643A23B2

Generic.dx!9F47AD3ABBFC

RDN/Generic Downloader.x!kq!692139441961

RDN/Generic PUP.x!ckf!932080EDC6CF

Generic PUP.x!6C7CDFB07537

RDN/Generic PUP.x!ckf!45E634161A32

Generic PUP.x!57AE027CCD3D

RDN/Generic Downloader.x!kq!E7FD2E4E6016

Generic PUP.x!55D8EE4DA380

RDN/Generic PUP.x!12F900D43B03

RDN/Generic.tfr!18624E7023F5

Generic.dx!5EAB16967A03

Generic PUP.x!1363D42406F2

RDN/Generic PUP.x!6F0926C88FB2

RDN/Generic BackDoor!zg!EC3AD1FF8EB1

RDN/Generic Dropper!uy!0A0CD81B5F0E

RDN/Generic PUP.x!ckf!D9CA5E390CE4

RDN/Generic Dropper!uy!F0A4CAA0C9AE

Generic PUP.x!8C24E217A4C9

RDN/Generic PUP.x!ckf!2EA6F4569442

Phishing

BT

30th July 2014

We are unable to process your
recent payment

Halifax

30th July 2014

Account restricted
[HBOS-28734MV]

Skype

29th July 2014

Fw: PayPal Payment To Skype !

amazon customer

29th July 2014

WARNING YOUR AMAZON ACCOUNT
HAS BEEN LIMITED

Vulnerebility

Cisco Unified Customer Voice Portal CVE-2014-3325 Multiple Cross Site Scripting Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68691

phpMyAdmin CVE-2014-4348 Multiple Cross Site Scripting Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68201

phpMyAdmin 'import.php' Cross Site Scripting Vulnerability
2014-07-30
http://www.securityfocus.com/bid/65717

phpMyAdmin CVE-2014-4349 Multiple Cross Site Scripting Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68205

phpMyAdmin CVE-2013-5003 Multiple SQL Injection Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/61923

phpMyAdmin CVE-2013-5000 Multiple Unspecified Full Path Information Disclosure Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/61515

phpMyAdmin CVE-2013-4999 Multiple Unspecified Full Path Information Disclosure Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/61512

phpMyAdmin CVE-2013-5029 Clickjacking Vulnerability
2014-07-30
http://www.securityfocus.com/bid/61804

phpMyAdmin CVE-2013-4998 Multiple Unspecified Full Path Information Disclosure Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/61513

Moodle Repositories CVE-2014-3541 PHP Code Injection Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68778

Moodle Quiz CVE-2014-3545 Remote Code Execution Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68774

Moodle Shibboleth Plugin CVE-2014-3552 Authentication Bypass Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68780

Moodle CVE-2014-3543 XML External Entity Information Disclosure Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68755

Moodle CVE-2014-3546 Multiple Information Disclosure Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68773

Moodle CVE-2014-3551 Multiple Cross Site Scripting Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68763

Moodle CVE-2014-3547 Cross Site Scripting Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68758

Moodle CVE-2014-3548 Multiple Cross Site Scripting Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68766

Moodle CVE-2014-3550 Cross Site Scripting Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68762

Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68772

Moodle CVE-2014-3549 Cross Site Scripting Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68761

Moodle LTI Module CVE-2014-3542 XML External Entity Information Disclosure Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68754

Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68756

Drupal Multiple Remote Security Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/68706

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-07-30
http://www.securityfocus.com/bid/68590

Linux Kernel 'futex.c' Function Denial of Service Vulnerability
2014-07-30
http://www.securityfocus.com/bid/67395

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-07-30
http://www.securityfocus.com/bid/66543

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-07-30
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-07-30
http://www.securityfocus.com/bid/67309

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-07-30
http://www.securityfocus.com/bid/66779

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-07-30
http://www.securityfocus.com/bid/66351

Exploit

  Dlink DWR-113 Rev. Ax - CSRF Denial of Service

  WiFi HD v7.3.0 iOS - Multiple Vulnerabilities

29.7.2014

Bugtraq

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2991-1] modsecurity-apache security update 2014-07-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN02936 rev.1 - HP and H3C VPN Firewall Module Products, Remote Denial of Service (DoS) 2014-07-25
security-alert hp com

Web Encryption Extension security update 2014-07-25
Ralf Senderek (support senderek ie)

Malware

RDN/Autorun.worm!dl!23960BDAA96B

Generic.tfr!F3145EAD6387

Generic.tfr!F18BA3F881F8

RDN/Generic Downloader.x!kq!A70F945A8B16

RDN/Generic.bfr!DDB196FF4DE1

RDN/Generic PUP.x!ckd!C4E04A8A7D10

RDN/Generic PUP.x!cgj!245D04B7E251

RDN/Generic PUP.x!ckd!AD589883C8C6

RDN/Generic.bfr!ho!D70D73C2AB12

RDN/Generic BackDoor!AB54C5017AC4

Generic PUP.x!0CE8649679F4

RDN/Downloader.gen.a!355FAFE0B9FC

RDN/Generic Downloader.x!kk!00402FF7ACD5

Generic.dx!186DEE900ADC

RDN/Generic.dx!d2i!036898628862

RDN/Generic PUP.x!4B5CDA711DA2

Generic PUP.x!178718679375

CryptDomaIQ!6C5CCE42DFA5

RDN/Generic PUP.x!ckd!3CDFCF1A3B1E

RDN/Generic PUP.x!ckd!1C98B86418C0

RDN/Generic PUP.x!ckd!584CFD8E439D

RDN/Generic PUP.x!ckd!D5A22317ECD1

RDN/Generic PUP.z!ed!EF2292EDFFCA

RDN/Generic PUP.x!ckd!2BD7A7661D58

Generic.tfr!0FB55B0CE6FB

RDN/Generic PUP.x!cgg!26857ABDDBFF

CryptDomaIQ!6C123F9338E3

RDN/Generic.dx!dc3!7B317D66F39D

RDN/BackDoor-CMQ!e!0DC192AB6F2C

Generic PUP.x!CF0DAFBDFEA3

Phishing

 

Vulnerebility

WordPress Vitamin Plugin 'path' Parameter Multiple Remote File Disclosure Vulnerabilities
2014-07-29
http://www.securityfocus.com/bid/54856

Cisco Prime Data Center Network Manager CVE-2014-3329 Cross Site Scripting Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68926

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68881

RETIRED: Skybox Security Multiple Denial of Service Vulnerabilities
2014-07-29
http://www.securityfocus.com/bid/67352

Skybox Security Multiple Security Vulnerabilities
2014-07-29
http://www.securityfocus.com/bid/67347

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4247 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68626

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68639

PulseAudio 'pa_rtp_recv()' Function Remote Denial of Service Vulnerability
2014-07-29
http://www.securityfocus.com/bid/67814

Lime Survey Multiple Input Validation Vulnerabilities
2014-07-29
http://www.securityfocus.com/bid/68429

vBulletin CVE-2014-5102 SQL Injection Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68709

ManageEngine EventLog Analyzer '/event/j_security_check' Cross Site Scripting Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68854

WeBid Multiple Cross Site Scripting And LDAP Injection Vulnerabilities
2014-07-29
http://www.securityfocus.com/bid/68519

Omeka HTML Injection and Cross Site Request Forgery Vulnerabilities
2014-07-29
http://www.securityfocus.com/bid/68707

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-07-29
http://www.securityfocus.com/bid/68562

Exploit

  Oxwall 1.7.0 - Remote Code Execution Exploit

  Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

  Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities

28.7.2014

Bugtraq

Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities 2014-07-25
Vulnerability Lab (research vulnerability-lab com)

Easy file sharing web server - persist XSS in forum msgs 2014-07-25
joseph giron13 gmail com

[SECURITY] [DSA 2989-1] apache2 security update 2014-07-24
Stefan Fritsch (sf debian org)

Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 2014-07-24
dkl mozilla com

Malware

Generic PUP.x!7054A6D105A8

Generic PUP.x!825E00D3772B

Generic PUP.x!F9FCDBF1BF87

Generic PUP.x!366DAA1CFF85

RDN/Generic PUP.x!ckc!04F21DBAB65F

Generic PUP.x!2B055F3E8DFE

RDN/Generic.tfr!39E73C262941

Generic PUP.x!AF50DBBB85E3

Generic.dx!8C962249B186

Generic PUP.x!67E0DC1A43F7

RDN/Generic PUP.x!3117175A7400

CryptDomaIQ!4E1F5A9B9E59

Generic PUP.x!CF392432A7D2

RDN/Generic.dx!d2i!0F6149BEF7C4

RDN/Generic.bfr!hn!5696FEF7A995

Generic PUP.x!AF4A58E7D6A7

CryptDomaIQ!43C67EA4B0CC

CryptDomaIQ!4F8CF66D4755

Generic PUP.x!32FE47D0E8A0

Generic PUP.x!DAA70A391BB4

Generic PUP.x!A28CD307DA82

Generic PUP.x!509092C1C25A

Adware-FFN!FEA838DCBF26

RDN/Generic PUP.x!ckc!FB3AECDBD69E

Generic PUP.x!1CBC1C4C0DCD

Generic PUP.x!4BDC8C1821C6

Generic PUP.x!450113E10535

RDN/Generic PUP.x!4C18ECD314B0

Generic PUP.x!77A30D43AA43

RDN/Generic PUP.x!ckc!0EF67E7FBC5A

Phishing

NationWide

25th July 2014

Account Review

PayPal

25th July 2014

YOUR ACCOUNT WILL BE LIMITED !

Apple Inc.

25th July 2014

VALIDATE YOUR ACCOUNT
INFORMATION APPLE ! CASE : 958

Apple

25th July 2014

[iTunes] Credit Card -
Decliend
=?UTF-8?Q?=E2=9C=94_?=

Vulnerebility

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-28
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68632

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68678

Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68740

Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68742

Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68745

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-07-28
http://www.securityfocus.com/bid/67748

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68590

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-07-28
http://www.securityfocus.com/bid/67745

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-07-28
http://www.securityfocus.com/bid/67749

Barracuda Networks Web Firewall Multiple HTML Injection Vulnerabilities
2014-07-28
http://www.securityfocus.com/bid/65695

Xen CVE-2014-4021 Information Disclosure Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68070

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-28
http://www.securityfocus.com/bid/66801

Microsoft Internet Explorer CVE-2014-2786 Remote Memory Corruption Vulnerability
2014-07-28
http://www.securityfocus.com/bid/68371

Webmin Usermin Popup Windows Multiple Cross Site Scripting Vulnerabilities
2014-07-28
http://www.securityfocus.com/bid/67649

Exploit

  Moodle 2.7 - Persistent XSS

  ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability

  Sagem Fast 3304-V1 - Denial Of Service Vulnerability

  DirPHP 1.0 - LFI Vulnerability

25.7.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-204-03) 2014-07-24
Slackware Security Team (security slackware com)

Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 2014-07-24
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] mozilla-firefox (SSA:2014-204-02) 2014-07-24
Slackware Security Team (security slackware com)

[slackware-security] httpd (SSA:2014-204-01) 2014-07-24
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-07-23

Malware

CryptDomaIQ!2E975734AB10

Generic PUP.x!665AD7EC274F

RDN/Generic.bfr!hn!E720AC27FDFC

RDN/Generic.bfr!hn!CEA8B35DDCE4

RDN/Downloader.a!sf!C331B371E02D

RDN/Generic PUP.x!cj3!E81CC32D6D5F

RDN/Generic PUP.z!ed!968674DAFC05

RDN/Generic PUP.z!ed!5896773C5591

RDN/Downloader.a!sf!C5BB92F0D255

Generic PUP.x!11AF7970DA7A

RDN/Generic PUP.x!cj3!78171FE1D588

RDN/Generic.dx!438614CC102F

Generic PUP.x!66536690BF85

Generic PUP.x!21F4982B6DDA

RDN/Generic PUP.x!cj3!752252B7CCA6

RDN/Generic Dropper!uw!74B15FEAA61E

RDN/Generic PUP.x!cj3!73FDA746466D

RDN/Downloader.a!sf!0A961870B6EC

RDN/Generic Downloader.x!kp!136213B0F2A6

RDN/Generic PUP.x!cj3!75038F8A313D

RDN/Downloader.a!sf!39341696DCC5

Generic PUP.x!4CDF4B145BCE

RDN/Generic PUP.x!cj3!73106E9E17DF

RDN/Generic PUP.x!cj3!732300FE0F51

RDN/Generic PUP.x!cj3!7982F03E48BD

RDN/Generic PUP.x!cj3!7142EF8CD946

RDN/Generic PUP.x!cj3!78BB1FD0C802

RDN/Generic PUP.x!cj3!712A51A131E1

RDN/Generic PUP.x!cj3!7544E7EA0BC3

RDN/Generic PUP.x!cj3!75AC3E93A8E7

Phishing

MBNA

24th July 2014

Urgent Update Required.

National

23rd July 2014

NATWEST

apple

23rd July 2014

your apple account has been
limited !

Vulnerebility

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67745

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67748

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-07-25
http://www.securityfocus.com/bid/67749

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67302

IBM WebSphere DataPower XC10 Appliance CVE-2013-5403 Unauthorized Access Vulnerability
2014-07-25
http://www.securityfocus.com/bid/62683

Samba Uninitialized Memory Information Disclosure Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67686

Samba CVE-2014-3493 Memory Corruption Vulnerability
2014-07-25
http://www.securityfocus.com/bid/68150

Samba 'nmbd' NetBIOS Name Serives Daemon Denial of Service Vulnerability
2014-07-25
http://www.securityfocus.com/bid/68148

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-07-25
http://www.securityfocus.com/bid/67309

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66779

Linux Kernel CVE-2014-2568 Information Disclosure Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66348

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67300

Linux Kernel '/fs/aio.c' Local Information Disclosure Vulnerability
2014-07-25
http://www.securityfocus.com/bid/68176

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67289

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67899

JSON-C 'printbuf' API CVE-2013-6370 Denial of Service Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66720

JSON-C Weak Hash Function CVE-2013-6371 Denial of Service Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66715

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-25
http://www.securityfocus.com/bid/67668

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66896

Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66850

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66846

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66835

Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66890

Oracle MySQL Server CVE-2014-2432 Remote Security Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66875

QEMU IDE SMART Out of Bounds Local Privilege Escalation Vulnerability
2014-07-25
http://www.securityfocus.com/bid/66932

Exploit

    Omeka 2.2.1 - Remote Code Execution Exploit

  Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities

  Lian Li NAS - Multiple Vulnerabilities

  BulletProof FTP Client 2010 - Buffer Overflow (SEH)

  Make 3.81 - Heap Overflow PoC

24.7.2014

Bugtraq

[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information 2014-07-23
security-alert hp com

SQL Injection in Ð?2 2014-07-23
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-005] LPAR2RRD input sanitization errors 2014-07-23
Daniele Bianco (danbia ocert org)

Multiple Vulnerabilities in ParallelsŽ Plesk Sitebuilder 2014-07-23
cseye_ut yahoo com

[SECURITY] [DSA 2985-1] mysql-5.5 security update 2014-07-22
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2984-1] acpi-support security update 2014-07-22
Luciano Bello (luciano debian org)

Malware

Generic PUP.x!FBB683D93F91

Generic PUP.x!DCF13596A558

Generic PUP.x!CB5720D62F21

Generic PUP.x!92C35355184B

Generic PUP.x!77009A8B173B

Generic PUP.x!169ABD35FD2F

Generic PUP.x!DE9D75F705B0

RDN/Generic.bfr!EF0B7939D99B

Generic PUP.x!D2984610BD77

Generic PUP.x!14F70E2B8A25

Generic PUP.x!67CAD928ECEF

Generic PUP.x!271FDF1C0F23

RDN/Generic.bfr!23C21945FFB0

Generic PUP.x!603585DAC1BA

Generic PUP.x!8BF6CA1339F5

RDN/Generic PWS.y!5CB706E921A9

Generic PUP.x!E8485C7275D0

Generic PUP.x!C6B0878222F7

RDN/Generic.bfr!E097321E6844

Generic PUP.x!F604EE96D042

Generic PUP.x!92361EBA422A

Generic PUP.x!BC7D47DFEE15

RDN/Generic PUP.x!cjs!60D4C46DEE2B

Generic PUP.x!BD67BB124A65

Generic PUP.x!70C68391CA3B

Generic.tfr!85A5DE10520F

Generic PUP.x!D34E38EA0AA9

Generic.tfr!4D20546FAE10

Generic PUP.x!A12556193EFD

Generic PUP.x!FD5D17ED1EE2

Phishing

National

23rd July 2014

NATWEST

apple

23rd July 2014

your apple account has been
limited !

Vulnerebility

Google Chrome Prior to 36.0.1985.122 Multiple Security Vulnerabilities
2014-07-24
http://www.securityfocus.com/bid/68677

Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability
2014-07-24
http://www.securityfocus.com/bid/67374

Google Chrome CVE-2014-1741 Integer Overflow Vulnerability
2014-07-24
http://www.securityfocus.com/bid/67376

Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability
2014-07-24
http://www.securityfocus.com/bid/67972

Google Chrome Multiple Security Vulnerabilities
2014-07-24
http://www.securityfocus.com/bid/67082

Google Chrome CVE-2014-1742 Use After Free Remote Code Execution Vulnerability
2014-07-24
http://www.securityfocus.com/bid/67375

Google Chrome CVE-2014-3155 Out of Bounds Memory Corruption Vulnerability
2014-07-24
http://www.securityfocus.com/bid/67980

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68642

Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
2014-07-24
http://www.securityfocus.com/bid/68495

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-0454 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/66905

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-07-24
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68583

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-07-24
http://www.securityfocus.com/bid/68824

Exploit

Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability

23.7.2014

Bugtraq

[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information 2014-07-22
security-alert hp com

Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)

Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080 2014-07-22
audit1 a2secure com

Cross-site Scripting in EventLog Analyzer 9.0 build #9000 2014-07-22
audit1 a2secure com

[oCERT-2014-004] Ansible input sanitization errors 2014-07-22
Andrea Barisani (lcars ocert org)

Call for Papers / Speakers for ISACA Ireland Conference on 3rd Oct in Dublin 2014-07-21
president isaca ie

[SECURITY] [DSA 2983-1] drupal7 security update 2014-07-20
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic BackDoor!ze!740CDC3C12EF

Generic PUP.x!F3BB19EA9674

Generic.tfr!73F59DC6A2E0

Generic PUP.x!3681A013D157

Downloader.gen.a!DF4248209B24

Generic PUP.x!3677C7D70563

Generic.tfr!1F67FD9D1F97

Generic.tfr!73CA039688D7

Generic.dx!838AF843905F

Generic.tfr!1D4F60427F18

Generic BackDoor!1BC18FD73F60

RDN/Generic.dx!5C668FBC846D

Generic Downloader.x!76342CFD6B41

RDN/Generic Dropper!uv!006D526A88F3

Generic.bfr!46B81620501D

RDN/Generic.bfr!hn!910B0097085D

RDN/Generic Downloader.x!kp!72F88BD3652D

Generic PUP.x!72E3CE106531

Generic PUP.x!72E8375552FF

RDN/Generic Dropper!uv!1648FE70B5EF

W32/Sdbot.worm!72C992ABE67D

Generic.tfr!8A8AEDC3857F

Generic Downloader.x!72D2CFE5EB9D

SoftDropper!8FC15B64B8F8

Generic PUP.x!362593BEE9AF

RDN/Generic PUP.x!cjp!10416630832D

FakeAV-M.bfr!B12F11DDDE7C

RDN/Generic PUP.x!cjp!728F7B54330D

RDN/Generic.dx!F57B1F415F28

RDN/Generic BackDoor!ze!981BA1A68F51

Phishing

 

Vulnerebility

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/65332

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-07-23
http://www.securityfocus.com/bid/65335

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-07-23
http://www.securityfocus.com/bid/64944

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67975

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68816

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-07-23
http://www.securityfocus.com/bid/66356

Linux Kernel CVE-2014-0181 Local Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67034

Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68224

Linux Kernel '/fs/aio.c' Local Information Disclosure Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68176

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-07-23
http://www.securityfocus.com/bid/67309

Linux Kernel CVE-2014-3940 Unspecified Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67786

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67321

Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68593

Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68579

Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68564

Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68573

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-07-23
http://www.securityfocus.com/bid/67749

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67748

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67745

OpenSSL 'ssl_get_algorithm2()' Function Remote Denial of Service Vulnerability
2014-07-23
http://www.securityfocus.com/bid/64530

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-07-23
http://www.securityfocus.com/bid/64691

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-07-23
http://www.securityfocus.com/bid/64618

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-23
http://www.securityfocus.com/bid/67899

Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
2014-07-23
http://www.securityfocus.com/bid/68740

Skybox Security Multiple Denial of Service Vulnerabilities
2014-07-22
http://www.securityfocus.com/bid/67352

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68583

Zend Framework 'Zend_Db_Select::order()' Function SQL Injection Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68031

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68645

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68678

IBM 1754 GCM16 and GCM32 Global Console Managers Multiple Cross Site Scripting Vulnerabilities
2014-07-22
http://www.securityfocus.com/bid/68777

Exploit

  Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation

  Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation

  DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation

22.7.2014

Bugtraq

 

Malware

Generic PUP.x!FFFD5AF1D6A9

RDN/Generic BackDoor!zd!CB5A802D59A5

RDN/Generic PUP.x!cjm!19B9376E7039

Generic PUP.x!9E6DAEF4F8D0

Generic.bfr!60E48EF986E5

Generic PUP.x!0B6E92C44621

RDN/Generic.bfr!ho!EF43FF9F445E

Generic.tfr!EC8672711BD6

Generic.tfr!E8A79E786E54

Generic Downloader.x!E5E8D5BFACA4

Generic PUP.x!8422260342BA

RDN/Generic PUP.x!cjm!830E913C85A0

Generic PUP.x!F6CF2EC25B4D

Generic.dx!2F8E3C5A3AE6

Downloader.gen.a!DB82E1F9D9EC

RDN/Generic PUP.x!cjm!9BCACF3FFA85

Generic.tfr!D8C1FF44D853

Generic PUP.x!41955A93F9C1

Generic Downloader.x!63993D2E34A2

Generic PUP.x!5925E7B4609B

Generic PUP.x!AE1C2980B882

RDN/Generic PUP.x!E7EE9B3C7453

RDN/Generic PUP.x!7BD01FDB12F8

Generic PUP.x!776D0DC2B43F

Generic PUP.x!9BAE5AD3CCD9

RDN/Generic.dx!d2d!ABC1FA4FA27C

RDN/Generic PUP.x!7C21D007DB6D

iBryte!7423B42E40AC

Somoto-BetterInstaller!A2F230FE672B

Generic.tfr!CC2AC4C9985C

Phishing

Bay

21st July 2014

eBay Customer Support made a
decision

PayPal

21st July 2014

This is the last chance to
update your paypal account
information !

AMAZON

20th July 2014

You Must Confirm Your Amazon
Account Before We Close it

Vulnerebility

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68645

dpkg Source Package Index: pseudo-header Processing Multiple Local Directory Traversal Vulnerability
2014-07-22
http://www.securityfocus.com/bid/67727

dpkg Source Package Header Line Processing Local Directory Traversal Vulnerability
2014-07-22
http://www.securityfocus.com/bid/67725

Transmission Out of Bounds Memory Corruption Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68487

OCS Inventory NG Multiple Unspecified HTML Injection Vulnerabilities
2014-07-22
http://www.securityfocus.com/bid/68292

Skybox Security Multiple Denial of Service Vulnerabilities
2014-07-22
http://www.securityfocus.com/bid/67352

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-22
http://www.securityfocus.com/bid/64918

Oracle Outside In Technology CVE-2013-5879 Local Security Vulnerability
2014-07-22
http://www.securityfocus.com/bid/64825

Oracle BI Publisher CVE-2014-4249 Directory Traversal Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68605

Advantech WebAccess CVE-2014-2365 Remote Code Execution Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68718

Advantech WebAccess CVE-2014-2364 Multiple Remote Stack Based Buffer Overflow Vulnerabilities
2014-07-22
http://www.securityfocus.com/bid/68714

Advantech WebAccess CVE-2014-2366 Remote Information Disclosure Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68717

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68678

Open Handset Alliance Android SSL Certificate Spoofing Vulnerability
2014-07-22
http://www.securityfocus.com/bid/48940

Advantech WebAccess CVE-2014-2367 Remote Authentication Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68716

Blender CVE-2010-5105 Insecure Temporary File Creation Vulnerability
2014-07-22
http://www.securityfocus.com/bid/55578

Linux Kernel CVE-2012-4542 Remote Security Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/58088

Advantech WebAccess CVE-2014-2368 Unsafe ActiveX Control Remote Security Weakness
2014-07-22
http://www.securityfocus.com/bid/68715

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/67121

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-07-22
http://www.securityfocus.com/bid/65400

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/65999

Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/67064

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-22
http://www.securityfocus.com/bid/65773

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-07-22
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-07-22
http://www.securityfocus.com/bid/65767

Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
2014-07-22
http://www.securityfocus.com/bid/66474

PolarSSL CVE-2014-4911 Remote Denial of Service Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68748

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-07-22
http://www.securityfocus.com/bid/68642

Exploit

  Linux Kernel ptrace/sysret - Local Privilege Escalation

  Apache 2.4.7 mod_status Scoreboard Handling Race Condition

21.7.2014

Bugtraq

 

Malware

RDN/Generic PUP.x!cjl!462C0A052B11

Generic PUP.x!7E0F291B5DFE

Generic.tfr!9B87F8DB94D4

RDN/Generic PUP.x!cjl!0C57980A5258

Generic.tfr!8B9FD7BF6877

RDN/Generic PUP.x!cjl!1F06A190539B

RDN/Generic PUP.x!cjl!333C715F221C

RDN/Generic BackDoor!zd!F70FD15A2449

Generic PUP.x!C3C198E49829

Generic PUP.x!51291298E108

Generic PUP.x!666D4CA5C72E

RDN/Generic PUP.x!cjl!9F97B8A2E81F

Generic PUP.x!7D691C0F7D84

Generic PUP.x!F7F69B8709D7

Generic PUP.x!7DB477A2450C

Generic PUP.x!7D61FB5AEEEB

Generic PUP.x!949B1024B58B

RDN/Generic PUP.x!cjl!6CCA4701CC7F

Generic PUP.x!2D0A2CD216EC

Generic PUP.x!12418A20627D

CryptDomaIQ!FE6F605D76A2

Generic PUP.x!5A23535EF3BA

RDN/Downloader.a!sc!E31A2B71254B

RDN/Generic.bfr!ho!90823538FAAF

RDN/Spybot.bfr!E02D3A234477

CryptDomaIQ!F26671074CE9

RDN/Generic PUP.x!cjl!FB04FA838867

Generic Downloader.x!298257DB93E7

PUP-FIC!FE7AB5CA56DA

PowerPack!FE71E0B34A05

Phishing

AMAZON

20th July 2014

You Must Confirm Your Amazon
Account Before We Close it

MBNA

19th July 2014

MBNA - Refund Stated In Your
Account

Vulnerebility

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-2490 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66911

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66904

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66887

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2014-07-21
http://www.securityfocus.com/bid/62445

Multiple HP Products CVE-2014-2622 Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68547

Multiple HP Products CVE-2014-2621 Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68546

Multiple HP Products CVE-2014-2620 Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68544

Multiple HP Products CVE-2014-2619 Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68543

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66919

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/67667

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-07-21
http://www.securityfocus.com/bid/66355

Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/63183

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-21
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-07-21
http://www.securityfocus.com/bid/67669

OpenSSL Multiple Vulnerabilities
2014-07-21
http://www.securityfocus.com/bid/51281

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-07-21
http://www.securityfocus.com/bid/68164

Exploit

  IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities

  Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

  MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities

  World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow

18.7.2014

Bugtraq

Ignore the amount customers confirm is no security vulnerability according to PayPal 2014-07-17
Jan Kechel (jan kechel de)

IP.Board 3.4 cross-site scripting in Referer header 2014-07-16
stormhacker hotmail com

[SECURITY] [DSA 2765-2] davfs regression update 2014-07-16
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability 2014-07-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August 2014-07-17
Hafez Kamal (aphesz hackinthebox org)

Malware

RDN/Generic PUP.x!cj3!796CC3DA9D01

RDN/Generic PUP.x!cj3!4E96AEB2C0F6

RDN/Downloader.a!sb!B368CE62FE32

RDN/Generic PUP.x!cj3!C29E3C6AAF1F

RDN/Generic PUP.x!cj3!CABAE545AF74

RDN/Generic PUP.x!cj3!2E46071ADC76

Generic PUP.x!D3FF3E894097

Generic PUP.x!FCBEA1A3842C

W32/Sdbot.worm!B29030063EFA

RDN/Generic PUP.x!cj3!2CE402874C4E

RDN/Generic PUP.x!cj3!E56BD9BA40A4

Generic PUP.x!BC3CD2F6F93A

Generic PUP.x!DDB0E2AA8561

RDN/Generic PUP.x!CBCA184F9B82

RDN/Generic PUP.x!cj3!2F33BE731846

Generic PUP.x!C2248C521F53

RDN/Generic PUP.x!cj3!12FB3FF1ECBB

RDN/Generic BackDoor!zc!91C931F256F0

RDN/Generic PUP.x!cj3!081D9D6EFC9D

RDN/Generic PUP.x!cj3!C0A63E72490D

CryptDomaIQ!D69DBEFA4ACD

RDN/Generic PUP.x!cj3!99C0259BA1DF

RDN/Generic PUP.x!cj3!43B564A4701A

PUP-FLT!923B22A7FC1A

RDN/Generic PUP.x!cj3!4F876D29233E

RDN/Generic PUP.x!cj3!C8BF0712C37C

iBryte!53899B73E938

RDN/Generic PUP.x!cj3!4DC9EA7D6689

RDN/Generic PUP.x!cj3!52BBBB604F61

RDN/Generic PUP.x!cj3!4F7392CE0885

Phishing

Natwest

18th July 2014

IMPORTANT NATWEST NOTIFICATION

Halifax

17th July 2014

IMPORTANT MESSAGE FROM HALIFAX
BANK CUSTOMER SERVICE

Halifax Bank

17th July 2014

HALIFAX ACCOUNT NOTICE
 

Vulnerebility

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68620

Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
2014-07-18
http://www.securityfocus.com/bid/68495

Cisco Unified Communications Domain Manager Admin HTTP Open Redirection Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68694

Cisco Unified Contact Center Enterprise CVE-2014-3323 Information Disclosure Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68686

Perl libwww-perl (LWP) Module Peer Certificate Validation Security Bypass Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67202

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-2490 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68636

OpenSSL DTLS CVE-2012-0050 Remote Denial of Service Vulnerability
2014-07-18
http://www.securityfocus.com/bid/51563

Fail2ban Postfix Filter Remote Denial of Service Vulnerability
2014-07-18
http://www.securityfocus.com/bid/65184

Fail2ban Cyrus-imap Filter Remote Denial of Service Vulnerability
2014-07-18
http://www.securityfocus.com/bid/65187

Mozilla Firefox/Thunderbird CVE-2014-1541 Memory Corruption Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67979

IBM Scale Out Network Attached Storage Administrator Password Information Disclosure Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68708

Mozilla Firefox/Thunderbird CVE-2014-1536 Memory Corruption Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67966

Mozilla Firefox/Thunderbird CVE-2014-1533 Multiple Memory Corruption Vulnerabilities
2014-07-18
http://www.securityfocus.com/bid/67965

Mozilla Firefox/Thunderbird CVE-2014-1534 Multiple Memory Corruption Vulnerabilities
2014-07-18
http://www.securityfocus.com/bid/67964

Adobe Flash Player and AIR CVE-2014-4671 Unspecified Security Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68457

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67975

Adobe Flash Player and AIR CVE-2014-0537 Unspecified Security Bypass Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68455

Mozilla Firefox/Thunderbird CVE-2014-1537 Memory Corruption Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67971

Adobe Flash Player and AIR CVE-2014-0539 Unspecified Security Bypass Vulnerability
2014-07-18
http://www.securityfocus.com/bid/68454

Mozilla Firefox/Thunderbird CVE-2014-1538 Memory Corruption Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67976

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-07-18
http://www.securityfocus.com/bid/67121

Exploit

  Omeka 2.2 - CSRF And Stored XSS Vulnerability

17.7.2014

Bugtraq

SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Reflected Cross-Site Scripting (XSS) in e107 2014-07-16
High-Tech Bridge Security Research (advisory htbridge com)

VUPEN Security Research - Microsoft Windows "DirectShow" Privilege Escalation Vulnerability (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog()" Sandbox Bypass (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

RDN/Generic.bfr!F57D6C773F5B

Generic PUP.x!FB04E96DBC1D

RDN/Generic PUP.x!cjb!45687DE66FA7

RDN/Generic.tfr!38A592F8A0E8

Generic PUP.x!E87DE9AF9C28

Generic PUP.x!ED4434313D78

W32/Sality.gen.z!2AA0C13C7C88

RDN/Generic Downloader.x!ko!9B6058EF99D6

RDN/Generic PUP.x!cjb!6ED6EAAEE164

RDN/Generic PUP.x!cjb!EB1EC7BCF1E4

PUP-FLN!E53205CAEC3E

Generic PUP.x!A9DDF8552E8E

W32/Sality.gen.z!A6A271552823

RDN/Generic PUP.x!cjb!FAB8ED9F30F7

RDN/Generic PUP.x!cjb!BABFE724DCB7

Generic PUP.x!31BCBF253ECC

RDN/Generic.dx!816422A7E325

PUP-FLN!EADBFC783931

Generic PUP.x!91715A5F67DB

RDN/Generic PUP.x!cjb!3CB1575FE513

RDN/Generic PUP.x!cjb!EDFE7D031A9D

RDN/Generic PUP.x!cjb!A1A3563DC24B

RDN/Downloader.a!sb!134409FC325E

RDN/Generic PUP.x!cjb!B99906B597B4

Generic PUP.x!8310BB7F3328

RDN/Generic BackDoor!zc!AD23306B5A01

Generic.bfr!7733020793C7

RDN/Generic PUP.x!cjb!08A7CAFD46BD

RDN/Generic PUP.x!cjb!51889FAD0048

PUP-FLN!E9DB5373977A

Phishing

Halifax Bank

17th July 2014

HALIFAX ACCOUNT NOTICE

RBS

16th July 2014

RBS - Secure Message.

HSBC

16th July 2014

Account Notification

Halifax Bank

16th July 2014

Halifax Account Notice

itunes

16th July 2014

Important message from Apple
itunes !

Vulnerebility

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-2490 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66911

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66904

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66887

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2014-07-17
http://www.securityfocus.com/bid/62445

Multiple HP Products CVE-2014-2622 Information Disclosure Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68547

Multiple HP Products CVE-2014-2621 Information Disclosure Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68546

Multiple HP Products CVE-2014-2620 Information Disclosure Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68544

Multiple HP Products CVE-2014-2619 Information Disclosure Vulnerability
2014-07-17
http://www.securityfocus.com/bid/68543

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-07-17
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/66920

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-07-16
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/66910

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-07-16
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/66907

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/66916

Exploit

Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities

  Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability

  Joomla Youtube Gallery Component - SQL Injection Vulnerability

  Node Browserify 4.2.0 - Remote Code Execution Vulnerability

16.7.2014

Bugtraq

Node Browserify RCE vuln (<= 4.2.0) 2014-07-15
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk)

[security bulletin] HPSBGN03068 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information 2014-07-15
security-alert hp com

Ruxcon 2014 Final Call For Presentations 2014-07-15
cfp ruxcon org au

[security bulletin] HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information 2014-07-14
security-alert hp com

Malware

RDN/Generic PUP.x!c2y!743ED6323429

Generic PUP.x!1491892063BC

RDN/Downloader.gen.a!91180C182246

RDN/Generic.bfr!5B0D7E317664

CryptDomaIQ!E6F5215DA2D3

RDN/Generic BackDoor!zb!BEDE883DE987

CryptDomaIQ!E6FA23690A36

Generic PUP.x!7885C6ED25CE

Trojan-FDSS!E6F91E9200A2

Adware-DomaIQ!987962A11850

RDN/Generic.bfr!ho!8287915B8425

Generic PUP.x!2404797898B4

Generic.bfr!7AC755D3413B

RDN/Generic BackDoor!zb!E8931E76E821

RDN/Generic PWS.y!0FE96D5DF110

Generic PUP.x!D9BBFEEB1288

RDN/Spybot.bfr!n!C3F585CDEECA

PUP-FHQ!E6E27A6B7F98

RDN/Generic BackDoor!zb!FC4E7AD60258

PUP-FIC!E6EDB30CD9C3

RDN/Generic BackDoor!zb!BF4202ED6442

CryptDomaIQ!E6FE1BA1CA39

Adware-DomaIQ!9843350DDFD4

Generic Downloader.x!6FB96E5E744A

Generic PUP.x!F0D17D9BF8B2

CryptDomaIQ!E6E27D26D5D9

RDN/Generic.bfr!ho!32C39407353E

CryptDomaIQ!E6FA7B7EFAAF

PUP-FLN!E6FC38FB375C

Generic PUP.x!A7A2AF864D4A

Phishing

Inc Apple

15th July 2014

YOUR ACCOUNT HAS BEEN LIMITED

BT

15th July 2014

Your account might be
de-activated.

PAYPAL INC

15th July 2014

Your Paypal Account Will be
banned

Vulnerebility

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-07-16
http://www.securityfocus.com/bid/67382

Oracle Database Server CVE-2013-3774 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/61207

RETIRED: Oracle Database Server CVE-2013-3774 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68637

Oracle Database Server CVE-2013-3751 Stack Overflow Remote Code Execution Vulnerability
2014-07-16
http://www.securityfocus.com/bid/61206

RETIRED: Oracle Database Server CVE-2013-3751 Remote Security Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68622

Oracle Mojarra 'HtmlResponseWriter' Cross Site Scripting Vulnerability
2014-07-16
http://www.securityfocus.com/bid/65600

Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
2014-07-16
http://www.securityfocus.com/bid/57777

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2014-07-16
http://www.securityfocus.com/bid/63736

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-07-16
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/59797

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-07-16
http://www.securityfocus.com/bid/66303

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-16
http://www.securityfocus.com/bid/65773

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-16
http://www.securityfocus.com/bid/67899

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-07-16
http://www.securityfocus.com/bid/67121

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/67898

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-16
http://www.securityfocus.com/bid/66801

WordPress BSK PDF Manager Plugin 'wp-admin/admin.php' Multiple SQL Injection Vulnerabilities
2014-07-16
http://www.securityfocus.com/bid/68488

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68348

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68243

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68238

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68120

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/66406

Cisco IOS XR Software MPLS Packet Handling Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68536

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-07-16
http://www.securityfocus.com/bid/67900

PHP 'ext/spl/spl_dllist.c' Local Denial of Service Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68513

Microsoft Windows On-Screen Keyboard CVE-2014-2781 Local Privilege Escalation Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68397

Microsoft DirectX DirectShow CVE-2014-2780 Local Privilege Escalation Vulnerability
2014-07-16
http://www.securityfocus.com/bid/68392

Exploit

 

15.7.2014

Bugtraq

[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability 2014-07-14
Egidio Romano (research karmainsecurity com)

[ MDVSA-2014:138 ] asterisk 2014-07-11
security mandriva com

Malware

Generic PUP.x!5E1E22E0F429

CryptDomaIQ!0E121C45A9C7

Generic PUP.x!E01A07C2A0F0

Generic PUP.x!AD360808C7F7

RDN/Generic PUP.x!D8FA966F14B3

Generic.bfr!98C3705879E9

RDN/Spybot.bfr!59865A9AFAC8

RDN/PWS-ZBot.auh!a!724994970A81

RDN/BackDoor-FBSA!a!7000C5DD9A07

RDN/Downloader.gen.a!E8F90104CBFD

CryptDomaIQ!1479B1D4D8C4

PUP-FLY!0DFC1788CF3E

Generic PUP.x!EDBE609F4AA5

PUP-FLN!1486370D4348

RDN/Generic PUP.x!c2x!9F56B46D01BC

RDN/Generic PUP.x!c2x!9964F144A235

RDN/Generic.dx!CA78DC3FC569

Generic PUP.x!72DD34217EF5

Generic PUP.x!CF3E4946CC3D

RDN/PWS-Mmorpg!lc!61279722355E

RDN/Generic.bfr!97E5CAA94ED9

RDN/Generic PUP.x!c2x!759FF41D4E37

RDN/Generic PUP.x!c2x!9604FFF54611

iBryte!148431D8E579

CryptDomaIQ!147C50B4851E

Generic PUP.x!A518A1747B4D

Generic Downloader.x!9899D93D80B0

Generic PUP.x!9D035A01AB22

Generic PUP.x!B3A57B6C9E01

RDN/Downloader.gen.a!526479194A75

Phishing

PAYPAL INC

15th July 2014

Your Paypal Account Will be
banned

Btinternet

13th July 2014

EXPIRATION OF YOUR BTINTERNET
EMAIL !

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1497 Out of Bounds Memory Corruption Vulnerability
2014-07-15
http://www.securityfocus.com/bid/66423

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1508 Information Disclosure Vulnerability
2014-07-15
http://www.securityfocus.com/bid/66426

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-07-15
http://www.securityfocus.com/bid/65400

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-07-15
http://www.securityfocus.com/bid/65999

Apache Struts 'CookieInterceptor' Security Bypass Vulnerability
2014-07-15
http://www.securityfocus.com/bid/67218

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1505 Information Disclosure Vulnerability
2014-07-15
http://www.securityfocus.com/bid/66418

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-07-14
http://www.securityfocus.com/bid/66363

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-14
http://www.securityfocus.com/bid/64918

Oracle Outside In Technology CVE-2013-5879 Local Security Vulnerability
2014-07-14
http://www.securityfocus.com/bid/64825

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1514 Out of Bounds Memory Corruption Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66240

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1513 Out of Bounds Memory Corruption Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66203

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1509 Remote Memory Corruption Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66425

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1511 Security Bypass Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66207

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1510 Privilege Escalation Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66206

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1512 Remote Code Execution Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66209

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1493 Multiple Memory Corruption Vulnerabilities
2014-07-14
http://www.securityfocus.com/bid/66412

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67121

Docker CVE-2014-3499 Local Privilege Escalation Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68303

Webmin 'view.cgi' Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/66248

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65773

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67673

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67667

Cisco Adaptive Security Appliance ASA CVE-2013-6691 Remote Denial of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68517

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67899

Exploit

  D-Link info.cgi POST Request Buffer Overflow

  D-Link HNAP Request Remote Buffer Overflow

  D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection

  HP Data protector manager 8.10 remote command execution

  Shopizer 1.1.5 - Multiple Vulnerabilities

14.7.2014

Bugtraq

[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com

[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com

SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)

[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com

Malware

RDN/Generic PUP.x!2AB0A95436EC

Generic PUP.x!0C0569C86B11

RDN/Generic.bfr!ho!4276D0EBDA40

Generic.dx!4581F73EB6E7

RDN/Generic PUP.x!c2v!D66BB496A44E

Generic PUP.x!A4F2C321C18B

Generic PUP.x!49E5141BBEF9

PUP-FHQ!ED1E3B6C08D0

Generic.dx!856D1D886122

Generic PUP.x!4FAE9060641E

Generic PUP.x!7015CB220C15

PUP-FLN!12F00BCBFE9A

CryptInno!12F05854B605

RDN/Downloader.a!rz!0D244EBEC070

Generic PUP.x!BABA08DF01D4

RDN/Generic.dx!E73855B66515

RDN/Autorun.worm.gen!6B8A6CF58C2F

Generic PUP.x!2EF4248573AA

Generic.dx!AED2CBEEBDB3

RDN/Generic.dx!dd3!60C9628CBF00

RDN/Generic BackDoor!za!A36C1E279963

RDN/Generic BackDoor!za!A42CE501C83D

RDN/Generic BackDoor!za!A3C6B8434ED6

CryptDomaIQ!ED34DC3CAD43

CryptDomaIQ!12E64396620C

Generic PUP.x!A33977B81928

PUP-FLN!ED1EB4EDAE0F

PUP-FLN!ED24C92DB8A7

PUP-FIC!12E5F4EB8212

Generic PUP.x!C886F8153B57

Phishing

Btinternet

13th July 2014

EXPIRATION OF YOUR BTINTERNET
EMAIL !

WESTERN UNION PAYMENT SERVICE

12th July 2014

Pick Up Your First Payment

NatWest

11th July 2014

Restriction On Your Account !

Halifax

11th July 2014

NEW MESSAGE FROM HALIFAX
CUSTOMER SERVICE.

Paypal

11th July 2014

VERIFY YOUR PAYPAL ACCOUNT
INFORMATION

NatWest ;

11th July 2014

Your Account As Temporarily
Limited

NatWest

11th July 2014

Access to Online Banking
Service

PAYPAI

11th July 2014

Security notice!

Vulnerebility

xClassified 'ads.php' SQL Injection Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68438

Multiple Asterisk Products CVE-2014-4046 Remote Privilege Escalation Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68040

WordPress Meta Slider Plugin 'admin.php' Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68283

WordPress BannerMan Plugin 'bannerman_background' Parameter Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68278

FoeCMS Multiple Input Validation Vulnerabilities
2014-07-14
http://www.securityfocus.com/bid/68416

WordPress Blogstand Banner Plugin 'options-general.php' Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68282

WordPress Random Banner Plugin 'options.php' Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68280

WordPress WP Construction Mode Plugin 'wp-admin/admin.php' Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68287

AtomCMS SQL Injection and Arbitrary File Upload Vulnerabilities
2014-07-14
http://www.securityfocus.com/bid/68437

Zend Framework 'Zend_Db_Select::order()' Function SQL Injection Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68031

Zend Framework HTML Attributes Multiple Cross Site Scripting Vulnerabilities
2014-07-14
http://www.securityfocus.com/bid/66971

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67233

Libav LZO 'av_lzo1x_decode' Function Memory Corruption Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68217

LZ4 'lz4.c' Memory Corruption Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68349

X.Org xf86-video-intel Video Driver 'tools/backlight_helper.c' Unspecified Security Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68412

PNP4Nagios 'kohana_error_page.php' Cross Site Scripting Vulnerability
2014-07-14
http://www.securityfocus.com/bid/68350

PNP4Nagios Multiple Cross Site Scripting Vulnerabilities
2014-07-14
http://www.securityfocus.com/bid/68352

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-14
http://www.securityfocus.com/bid/64918

Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67532

Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67534

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/59797

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67673

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-07-14
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65773

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-07-14
http://www.securityfocus.com/bid/65769

Exploit

 

11.7.2014

Bugtraq

[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com

[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com

SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)

[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com

Malware

RDN/Generic PUP.x!c2q!2C62561A14DA

RDN/Generic PUP.x!c2q!2988F6AE5A82

Generic PUP.x!1DAD7D8D16C7

Generic PUP.x!57DB6AD90A19

Generic PUP.x!A43C1C64AA28

RDN/Generic PUP.x!c2q!8B0DC6A437DA

Generic PUP.x!60257433A6F1

Generic PUP.x!4A27F236340B

Generic PUP.x!CE2DB4FDDF5E

RDN/Generic PUP.x!c2q!A45A67078272

Generic PUP.x!AEC6CD4C344D

Generic PUP.x!81A2FC0365D1

RDN/Generic PUP.x!c2q!E0A70AAD9457

RDN/Generic PUP.x!c2q!7BEB7DEEEC15

RDN/Generic PUP.x!c2q!A20847612D7E

Generic PUP.x!1A27D0D4F11C

Generic.tfr!007DAA750AB5

Generic PUP.x!373DCD6CFCF8

Generic PUP.x!5DC875C59A96

RDN/Generic PUP.x!c2q!3ECDCC103355

Generic PUP.x!5747E9F7FC07

Generic PUP.x!6A8E71BCCDCD

RDN/Generic PUP.x!c2q!55295D81FC31

Generic PUP.x!5B974969D889

Generic PUP.x!9C91E274E0F4

Generic PUP.x!66C82829E2A7

Generic PUP.x!BFC09B15DFBA

Generic PUP.x!0A981C8678E9

Generic PUP.x!8EABA4859314

Generic PUP.x!F15D2A0FE779

Phishing

 

Vulnerebility

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67900

RETIRED: FireEye Malware Analysis System Multiple Security Vulnerabilities
2014-07-11
http://www.securityfocus.com/bid/68422

Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
2014-07-11
http://www.securityfocus.com/bid/68495

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/66801

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-07-11
http://www.securityfocus.com/bid/66363

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67193

Microsoft Internet Explorer Multiple Arbitrary Code Execution Vulnerabilities
2014-07-11
http://www.securityfocus.com/bid/66244

HP Universal Configuration Management Database Multiple Security Vulnerabilities
2014-07-11
http://www.securityfocus.com/bid/68363

Microsoft Windows Ancillary Function Driver CVE-2014-1767 Local Privilege Escalation Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68394

Microsoft Internet Explorer CVE-2014-2761 Remote Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67847

Microsoft DirectX DirectShow CVE-2014-2780 Local Privilege Escalation Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68392

Microsoft Internet Explorer CVE-2014-2813 Remote Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68390

Microsoft Windows On-Screen Keyboard CVE-2014-2781 Local Privilege Escalation Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68397

Microsoft Internet Explorer CVE-2014-1763 Use-After-Free Remote Code Execution Vulnerability
2014-07-11
http://www.securityfocus.com/bid/66200

Microsoft Internet Explorer CVE-2014-1769 Remote Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67863

Liferay Portal CVE-2014-2963 Multiple Cross Site Scripting Vulnerabilities
2014-07-11
http://www.securityfocus.com/bid/68472

Microsoft Internet Explorer CVE-2014-2792 Remote Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68377

Microsoft Internet Explorer CVE-2014-2791 Remote Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68376

Netgear D6300B Router Multiple Security Vulnerabilities
2014-07-11
http://www.securityfocus.com/bid/65444

Microsoft Internet Explorer CVE-2014-2809 Remote Memory Corruption Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68389

HP SiteScope CVE-2014-2614 Unspecified Authentication Bypass Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68361

Linux Kernel CVE-2014-2039 Local Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/65700

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/65459

Python JSON Module '_json.c' Local Information Disclosure Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68119

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/63886

Linux Kernel 'mm/slab.c' Local Denial of Service Vulnerability
2014-07-11
http://www.securityfocus.com/bid/68125

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-07-11
http://www.securityfocus.com/bid/67300

Exploit

  Infoblox 6.8.2.11 - OS Command Injection

  C99.php Shell - Authentication Bypass

10.7.2014

Bugtraq

[SECURITY] [DSA 2975-1] phpmyadmin security update 2014-07-09
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Weak Local Database Credentials in Infoblox Network Automation 2014-07-09
nate depthsecurity com

OS Command Injection Infoblox Network Automation 2014-07-09
nate depthsecurity com

[ MDVSA-2014:132 ] libxfont 2014-07-09
security mandriva com

[ MDVSA-2014:131 ] file 2014-07-09
security mandriva com

[ MDVSA-2014:129 ] ffmpeg 2014-07-09
security mandriva com

[ MDVSA-2014:130 ] php 2014-07-09
security mandriva com

[ MDVSA-2014:128 ] iodine 2014-07-09
security mandriva com

[ MDVSA-2014:127 ] gnupg 2014-07-09
security mandriva com

Android NFC Service Denial of Service 2014-07-09
vuln nipc org cn

CVE-2014-4331 OctavoCMS reflected XSS vulnerability 2014-07-09
andreu antonio gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PUP.x!c2m!F1D3969F39D2

Generic PUP.x!BC4A8B125CB7

Generic PWS.y!D6CF2C52D42A

Generic PUP.x!C5AEDFDAA272

Generic PUP.x!115BD571B053

Generic PUP.x!1FD399C7F624

Generic PUP.x!54466D4C094A

Generic PUP.x!7E386F9295C4

Downloader.gen.a!D352EC7B94BC

RDN/Generic.bfr!ho!30A9E6863FCE

Generic PUP.x!F3344D9B5794

Generic.bfr!81CCFB1F0FBC

RDN/DNSChanger.bfr!d!3FB4C40A98BD

RDN/Generic BackDoor!yz!0DB782839A71

Generic PUP.x!030248669920

Generic PUP.x!D3B209B7BE6B

Generic PUP.x!06A5D489E677

Generic PUP.x!F7289BEF2C09

Generic PUP.x!842CFF6BB1E1

RDN/Generic.tfr!1E5BD179FCCB

RDN/Generic.hra!bz!DFA6C95527D8

Generic PUP.x!F859B3C772F2

Generic PUP.x!42DC35E41DE9

Generic PUP.x!044FA3272242

RDN/Generic PUP.x!c2m!7538AAFE3938

Generic PUP.x!7CB1DAE6E8E3

Generic PUP.x!05B1981E8C44

Generic PUP.x!49CF057AAEED

RDN/Generic.grp!hj!36E5B97F7A4A

Generic PUP.x!4FD281AAC7FB

Phishing

LLOYDS TSB

10th July 2014

*** *** ACCOUNT ON HOLD

NatWest

9th July 2014

Access to Online Banking
Service.

BT

9th July 2014

Your BT Account Validation

Vulnerebility

phpMyAdmin CVE-2013-5002 Cross Site Scripting Vulnerability
2014-07-10
http://www.securityfocus.com/bid/61516

phpMyAdmin 'import.php' Cross Site Scripting Vulnerability
2014-07-10
http://www.securityfocus.com/bid/65717

phpMyAdmin CVE-2013-4996 Multiple Cross Site Scripting Vulnerabilities
2014-07-10
http://www.securityfocus.com/bid/61921

phpMyAdmin CVE-2013-5003 Multiple SQL Injection Vulnerabilities
2014-07-10
http://www.securityfocus.com/bid/61923

phpMyAdmin CVE-2013-4995 Cross Site Scripting Vulnerability
2014-07-10
http://www.securityfocus.com/bid/61510

Samba CVE-2014-3493 Memory Corruption Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68150

Samba 'nmbd' NetBIOS Name Serives Daemon Denial of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68148

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-10
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-10
http://www.securityfocus.com/bid/67667

Adobe Flash Player and AIR CVE-2014-4671 Unspecified Security Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68457

Adobe Flash Player and AIR CVE-2014-0539 Unspecified Security Bypass Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68454

Adobe Flash Player and AIR CVE-2014-0537 Unspecified Security Bypass Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68455

XWork 'ParameterInterceptor' Class OGNL (CVE-2010-1870) Security Bypass Vulnerability
2014-07-10
http://www.securityfocus.com/bid/41592

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68238

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68243

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68241

PHP '/ext/standard/info.c' Type Confusion Information Disclosure Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68423

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68120

PHP unserialize() Function Type Confusion Security Vulnerability
2014-07-10
http://www.securityfocus.com/bid/68237

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67899

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-07-09
http://www.securityfocus.com/bid/68213

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-09
http://www.securityfocus.com/bid/66801

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67193

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67233

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68007

Exploit

 

9.7.2014

Bugtraq

[ MDVSA-2014:126 ] phpmyadmin 2014-07-08
security mandriva com

CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX 2014-07-08
Portcullis Advisories (advisories portcullis-security com)

Abusing Oracle's CREATE DATABASE LINK Privilege for fun and Profit 2014-07-08
Sumit Siddharth (sid notsosecure com)

[security bulletin] HPSBGN03050 rev.1 - HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-07-08
security-alert hp com

[SECURITY] [DSA 2973-1] vlc security update 2014-07-07
Moritz Muehlenhoff (jmm debian org)

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

Malware

Generic PUP.x!01F25DE45911

RDN/Generic.bfr!ho!A37DF268A5A0

Generic PUP.x!FAABB628B84D

Generic PUP.x!4F07C5FDFCB2

RDN/Generic PUP.x!c2h!897AE36999C2

Generic PUP.x!029AFA627816

Generic PUP.x!0DCA2E568C73

Generic PUP.x!15968C8E3983

Generic PUP.x!2B0360693D4B

CryptDomaIQ!785429AB3E6F

Generic PUP.x!63527212A000

Generic PUP.x!F966C17CD501

Generic PUP.x!FC0D37A0F51D

Generic PUP.x!D16FEA1E4C0B

Generic PUP.x!DFF5DDF565CF

Generic PUP.x!FA1479BB67F7

CryptDomaIQ!792E3378647D

Generic PUP.x!E22D0E098A35

RDN/Downloader.a!rw!7A51DE8EBC24

RDN/Generic.dx!dd3!D3D0D6A45DD3

RDN/Generic PWS.y!b2g!B919F3340BFB

RDN/Generic PUP.x!c2h!2EACF378B500

Generic PUP.x!7CAD0541199B

Generic PUP.x!C1AD9367C4A3

Generic PUP.x!6DFCB5E19353

Generic PUP.x!9A592DD647AC

CryptDomaIQ!7878A43E78FD

Generic PUP.x!E582686EC23E

RDN/Generic PUP.x!BF158A8D3E93

RDN/Generic PUP.x!D6E8BE5004B1

Phishing

NatWest Bank

9th July 2014

ACCOUNT UPDATE

service@paypal.co.uk

8th July 2014

Notice of changes to the
PayPal User Agreement :

PayPal

7th July 2014

PayPal Update !

Vulnerebility

PHP '/ext/standard/info.c' Type Confusion Information Disclosure Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68423

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68120

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68243

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68238

PHP unserialize() Function Type Confusion Security Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68237

D-Bus 'activation.c' Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/67986

D-Bus CVE-2014-3532 Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68337

D-Bus CVE-2014-3533 Denial of Service Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68339

WordPress MailPoet Newsletters Plugin Remote File Upload Vulnerability
2014-07-09
http://www.securityfocus.com/bid/68310

phpMyAdmin CVE-2014-4348 Multiple Cross Site Scripting Vulnerabilities
2014-07-09
http://www.securityfocus.com/bid/68201

phpMyAdmin CVE-2014-4349 Multiple Cross Site Scripting Vulnerabilities
2014-07-09
http://www.securityfocus.com/bid/68205

Linux Kernel 'shmem.c' CVE-2014-4171 Local Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68157

Microsoft Internet Explorer CVE-2014-1775 Remote Memory Corruption Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67871

Microsoft Internet Explorer Multiple Arbitrary Code Execution Vulnerabilities
2014-07-08
http://www.securityfocus.com/bid/66244

Microsoft Internet Explorer CVE-2014-1763 Use-After-Free Remote Code Execution Vulnerability
2014-07-08
http://www.securityfocus.com/bid/66200

IBM AIX CVE-2014-3074 Temporary File Creation Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68296

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-07-08
http://www.securityfocus.com/bid/66363

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67898

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67193

D-Link DIR-645 Multiple Buffer Overflow and Cross Site Scripting Vulnerabilities
2014-07-08
http://www.securityfocus.com/bid/61579

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-08
http://www.securityfocus.com/bid/66801

Cisco IOS XR Software Static Punt Policer Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68351

Trimble Sketchup CVE-2013-3664 Stack Based Buffer Overflow Vulnerability
2014-07-08
http://www.securityfocus.com/bid/60248

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-08
http://www.securityfocus.com/bid/65773

Exploit

  Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow

  Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities

8.7.2014

Bugtraq

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities 2014-07-07
Security Alert (Security_Alert emc com)

Photo Org WonderApplications v8.3 iOS - File Include Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic.dx!C68E97ECEF94

PUP-FIC!4A2652F26AB9

CryptDomaIQ!97A9C2BD0886

PUP-FIC!96D4743B1463

Generic PUP.x!4A0807CC8087

CryptInno!49C0E98CB5D4

PowerPack!49C2C5C8E72F

CryptDomaIQ!95F049D120F7

PUP-FIC!4A7FB1F2A585

Generic PUP.x!5635A3B281BC

Adware-FFN!4A6D978DD2FB

RDN/Generic StartPage!BA5B7B0D04F2

CryptDomaIQ!96051C35AEFF

PUP-FLN!960880F0DE62

CryptDomaIQ!96069A733F2D

PUP-FIC!957EE307FE30

CryptDomaIQ!499BE40F0567

PUP-FIC!96175103557B

Generic PUP.x!961550F9471D

PUP-FIC!971B2649E08C

PUP-FIC!499A0E3F7640

CryptDomaIQ!95B8A9FB11E9

CryptDomaIQ!95B07D8FCFE7

CryptDomaIQ!4A511F0B4BA5

PowerPack!4A0D1DEAC0D8

CryptDomaIQ!49F4E7B086FA

Generic PUP.x!2AF65ADEABF7

CryptDomaIQ!95B35166199F

PowerPack!4A7B6DBF67C6

Generic PUP.x!2BB8FC5B01C6

Phishing

 

Vulnerebility

D-Bus CVE-2014-3533 Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68339

D-Bus CVE-2014-3532 Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68337

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68243

PHP unserialize() Function Type Confusion Security Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68237

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68238

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68007

PHP FPM 'php-fpm.conf.in' Local Privilege Escalation Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67118

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2014-07-08
http://www.securityfocus.com/bid/61776

PHP '/tmp/phpglibccheck' Symlink Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67837

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-07-08
http://www.securityfocus.com/bid/64225

PHP CVE-2011-4718 Session Fixation Vulnerability
2014-07-08
http://www.securityfocus.com/bid/61929

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68120

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2014-07-08
http://www.securityfocus.com/bid/61128

php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/66233

WordPress MailPoet Newsletters Plugin Remote File Upload Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68310

GitList CVE-2014-4511 Unspecified Remote Code Execution Vulnerability
2014-07-08
http://www.securityfocus.com/bid/68253

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67671

NetGear N150 WNR1000v3 Password Recovery Feature Information Disclosure Vulnerability
2014-07-08
http://www.securityfocus.com/bid/64940

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-08
http://www.securityfocus.com/bid/64918

Microsoft Internet Explorer CVE-2014-0325 Memory Corruption Vulnerability
2014-07-08
http://www.securityfocus.com/bid/66646

Oracle Event Processing CVE-2014-2424 Remote Code Execution Vulnerability
2014-07-08
http://www.securityfocus.com/bid/66871

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-07-08
http://www.securityfocus.com/bid/65223

MediaWiki Multiple Security Vulnerabilities
2014-07-08
http://www.securityfocus.com/bid/65003

MediaWiki 'InfoAction.php' HTML Injection Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67068

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-07-08
http://www.securityfocus.com/bid/67759

Exploit

  Oracle Event Processing FileUploadServlet Arbitrary File Upload

  Gitlist Unauthenticated Remote Command Execution

  Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload

  Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

7.7.2014

Bugtraq

[SECURITY] CVE-2014-3503 Apache Syncope 2014-07-07
Francesco Chicchiriccò (ilgrosso apache org)

Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability 2014-07-07
Vulnerability Lab (admin vulnerability-lab com)

PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Backdoor access to Techboard/Syac devices 2014-07-07
roberto paleari emaze net

{CVE-ID request} - OCS-Inventory-NG Multiple Stored Cross Site Scripting Vulnerabilities. 2014-07-07
Madhu Akula (madhu akula hotmail com)

iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries 2014-07-07
Stefan Kanthak (stefan kanthak nexgo de)

CVE-2014-3863 - Stored XSS in JChatSocial 2014-07-07
Teodor Lupan (teodor lupan safetech ro)

Re: Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-07-07
a blas actisec com

[SECURITY] [DSA 2972-1] linux security update 2014-07-06
Salvatore Bonaccorso (carnil debian org)

Lime Survey 2-05+ Multiple Vulnerabilities 2014-07-06
g-damore outlook com

Malware

RDN/Generic PUP.x!c2c!6A6767A2517C

Generic PUP.x!E65DA192DC9C

Generic PUP.x!E9F18A00408F

Generic PUP.x!83DC7837C31E

RDN/Generic PUP.x!02A4325D91F6

Generic PUP.x!C80C4296C438

Downloader.gen.a!4499F7605801

Generic PUP.x!EBD228CD7B15

Downloader.gen.a!7A60098A38F0

Generic PUP.x!2C868E1CA7F2

Somoto-BetterInstaller!802236535680

RDN/Generic PUP.x!382297DF380B

Generic PUP.x!E46D97C21FF7

RDN/Generic PUP.x!c2c!595F753285BD

RDN/Generic PUP.x!c2c!58BA57BE409E

RDN/Generic PUP.x!c2c!5970C43D41BD

RDN/Generic PUP.x!c2c!58B7597C3A59

RDN/Generic Dropper!ut!5D27BB8E90C2

Generic PUP.x!40170F39B862

Generic PUP.x!5ED0EE35DF6F

Generic PUP.x!594F99580D2A

RDN/Generic PUP.x!c2c!5B36FC067321

RDN/Generic PUP.x!c2c!401FFA92D22A

RDN/Generic PUP.x!c2c!F1AF1492E14D

RDN/Generic PUP.x!c2c!5CC287A2AB9C

CryptInno!80172A045334

RDN/Generic PUP.x!c2c!582CCC7C2AE8

RDN/Generic PUP.x!c2c!565153409427

RDN/Generic PUP.x!c2c!56743A23ED9A

RDN/Generic.dx!dds!55D01F96B7CF

Phishing

PayPal

7th July 2014

PayPal Update !

HSBC BANK PLC

7th July 2014

YOUR HSBC SECURE KEY

NatWest

7th July 2014

Important information about
your account

HSBC BANK PLC

6th July 2014

YOUR HSBC SECURE KEY

Natwest

5th July 2014

Access to Online Banking
Service

Apple

5th July 2014

Apple

HSBC BANK PLC

5th July 2014

Your Hsbc Online Secure Key..

NatWest Bank

4th July 2014

NATWEST BANK ALERT:
UNAUTHORIZED ACCESS ON YOUR
ACCOUNT

Vulnerebility

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-07
http://www.securityfocus.com/bid/64918

Microsoft Internet Explorer CVE-2014-0325 Memory Corruption Vulnerability
2014-07-07
http://www.securityfocus.com/bid/66646

Oracle Event Processing CVE-2014-2424 Remote Code Execution Vulnerability
2014-07-07
http://www.securityfocus.com/bid/66871

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-07-07
http://www.securityfocus.com/bid/65223

MediaWiki Multiple Security Vulnerabilities
2014-07-07
http://www.securityfocus.com/bid/65003

MediaWiki 'InfoAction.php' HTML Injection Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67068

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68243

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67759

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68348

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68238

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/66406

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68239

file Composite Document File Format Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/52225

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68120

kdelibs CVE-2014-3494 SSL Certificate Validation Security Bypass Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68113

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-07-07
http://www.securityfocus.com/bid/66397

php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/66233

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68007

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67765

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-07-07
http://www.securityfocus.com/bid/66363

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-07
http://www.securityfocus.com/bid/66801

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67899

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67668

User Friendly SVN CVE-2014-4719 Cross Site Scripting Vulnerability
2014-07-07
http://www.securityfocus.com/bid/68155

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-07
http://www.securityfocus.com/bid/67667

Exploit

Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

4.7.2014

Bugtraq

POC2014 Call for Paper 2014-07-03
pocadm gmail com

[security bulletin] HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass 2014-07-02
security-alert hp com

[security bulletin] HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code 2014-07-02
security-alert hp com

Malware

RDN/Generic PUP.x!ch3!C6E9BC74AE01

RDN/Generic Downloader.x!km!F93A05E9A2FB

RDN/Generic.dx!273D3A1A4307

RDN/Generic PWS.y!101B987D40F4

RDN/Generic PWS.y!F88B487390F0

Generic.bfr!7145A5385929

PUP-FLN!4FB79AF808C7

Generic PUP.x!CE3ACBE91579

Generic PUP.x!21C9D3938428

Generic PUP.x!EB43BC91005D

Generic PUP.x!8BFDEADC1F8A

Generic PUP.x!9AD45C8621AF

Generic PUP.x!2D511ADBE3A7

Generic PUP.x!2A60920B9AE9

Generic PUP.x!8643FE89FE8A

Generic PUP.x!784A9B4367CE

Generic PUP.x!03EBC2022A00

RDN/Downloader.gen.a!0BF17746FEC4

Generic PUP.x!93DA728580B8

RDN/Generic PUP.x!5A2432A0AE2E

Generic PUP.x!DFF89532622F

Generic PUP.x!E1D1D25FC3FB

Generic PUP.x!0764F739866A

Generic PUP.x!10474AA13D95

RDN/Generic.bfr!hk!F73C1F53C0C2

Generic PUP.x!90D575CF1172

Generic PUP.x!F0EF17DBDC8B

Generic PUP.x!767953505BF8

Generic PUP.x!C160230EF9BE

Generic PUP.x!00B64CA077D5

Phishing

HSBC BANK PLC

3rd July 2014

Your Hsbc Secure Key

National Westminster

3rd July 2014

Account Reveiw

Vulnerebility

WordPress WP Social Invitations Plugin 'url' Paramater Cross Site Scripting Vulnerability
2014-07-03
http://www.securityfocus.com/bid/65268

WordPress SS Downloads Plugin Multiple Cross Site Scripting Vulnerabilities
2014-07-03
http://www.securityfocus.com/bid/65141

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67899

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/62043

Linux Kernel 'tcp_rcv_state_process()' Function Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/65654

WordPress WooCommerce SagePay Direct Payment Gateway Plugin Cross Site Scripting Vulnerability
2014-07-03
http://www.securityfocus.com/bid/65355

RETIRED: Linux Kernel 'control.c' Local Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/68165

D-Bus CVE-2014-3533 Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/68339

D-Bus 'activation.c' Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67986

D-Bus CVE-2014-3532 Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/68337

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/65270

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/66457

cURL/libcURL CVE-2014-2522 SSL Certificate Validation Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/66296

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/66458

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67898

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-07-03
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-03
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2014-07-03
http://www.securityfocus.com/bid/63089

Mozilla Firefox/Thunderbird CVE-2014-1541 Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67979

Mozilla Firefox/Thunderbird CVE-2014-1537 Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67971

Mozilla Firefox CVE-2014-1542 Remote Buffer Overflow Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67968

Mozilla Firefox/Thunderbird CVE-2014-1533 Multiple Memory Corruption Vulnerabilities
2014-07-03
http://www.securityfocus.com/bid/67965

Mozilla Firefox/Thunderbird CVE-2014-1534 Multiple Memory Corruption Vulnerabilities
2014-07-03
http://www.securityfocus.com/bid/67964

Mozilla Firefox CVE-2014-1540 Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67978

Mozilla Firefox CVE-2014-1543 Heap Buffer Overflow Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67969

Mozilla Firefox/Thunderbird CVE-2014-1536 Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67966

Mozilla Firefox/Thunderbird CVE-2014-1538 Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67976

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67121

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/66397

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/66801

Exploit

 

3.7.2014

Bugtraq

 

Malware

Generic PUP.x!F0187C3E63FB

Generic Downloader.x!C25E30DE3FB2

Generic Downloader.x!426A1111565C

Generic PUP.x!33AC7A4D0651

Generic PUP.x!A07B88A89289

Downloader.gen.a!F556D0891219

CryptInno!9C475B29BAD5

Generic PUP.x!62F71BBF3ADD

Generic PUP.x!5FEC3FD1E291

Generic PUP.x!C0EED7BDA1E3

Generic PUP.x!009096DFCC8D

Generic PUP.x!BC2161E2B2F4

Generic PUP.x!37D61EB2DDAC

Generic PUP.x!5ECF162914E9

Generic PUP.x!16CD3CB54511

Generic PUP.x!D38141F0D38F

Generic PUP.x!D4AF67C9E38B

Generic PUP.x!B899F5675D30

Generic PUP.x!A0901533DB51

Generic PUP.x!A253D0EC06CA

Generic PUP.x!C5759B3711C5

Generic PUP.x!980D422FB245

Generic PUP.x!A531D6D8CFEE

RDN/Generic.tfr!96EF6D358F59

Generic PUP.x!1F08D5C5454A

Generic PUP.x!C0A41452354F

Generic PUP.x!C2AF8CB9394C

Generic PUP.x!73239D5923CE

Generic PUP.x!4DF6FB7178C8

Generic PUP.x!AE3A15660462

Phishing

National Westminster

3rd July 2014

Account Reveiw

NatWest

2nd July 2014

We have temporarily suspended
access to your Natwest
Account.

BT

2nd July 2014

Confirm your BT.com email
address

Vulnerebility

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-07-03
http://www.securityfocus.com/bid/68213

LibreOffice CVE-2014-0247 Security Vulnerability
2014-07-03
http://www.securityfocus.com/bid/68151

D-Bus 'activation.c' Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67986

D-Bus CVE-2014-3533 Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/68339

D-Bus CVE-2014-3532 Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/68337

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67975

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67901

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67900

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-07-03
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67898

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-07-03
http://www.securityfocus.com/bid/67667

IP.Board And IP.Nexus Arbitrary File Include and Cross Site Scripting Vulnerabilities
2014-07-03
http://www.securityfocus.com/bid/67164

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-07-03
http://www.securityfocus.com/bid/66303

IBM Sametime Meeting Server Arbitrary File Upload Vulnerability
2014-07-02
http://www.securityfocus.com/bid/68291

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67669

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-07-02
http://www.securityfocus.com/bid/66363

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65773

Samba Uninitialized Memory Information Disclosure Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67686

Samba DNS Protocol Handling Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67691

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65769

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66914

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65400

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/64918

phpPgAdmin 'function.php' Cross Site Scripting Vulnerability
2014-07-02
http://www.securityfocus.com/bid/52761

Exploit

  Zurmo CRM - Persistent XSS Vulnerability

  Kerio Control 8.3.1 - Blind SQL Injection

  Baidu Spark Browser v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)

2.6.2014

Bugtraq

SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom 2014-07-01
SEC Consult Vulnerability Lab (research sec-consult com)

Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30
info fereidani com

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

Malware

CryptDomaIQ!C1C865E2ABEC

PUP-FIC!C15D0EF35311

RDN/Generic PUP.x!chs!69B20FB38F30

RDN/Generic PUP.x!23D5CB788D50

Generic PUP.x!B15BF848FAFA

CryptInno!23F5ADE1351B

PUP-FIC!23B7FF54164E

Cryptlore!23A0CFB9B183

RDN/Generic.tfr!ea!2A3BCEA98A4D

RDN/Generic PWS.y!b2f!E5C980EEC3BF

RDN/Generic.bfr!hk!1866E728F487

RDN/Generic PUP.x!chs!C35B400410F4

RDN/Generic PUP.x!chs!C160ADF132B8

RDN/Generic PUP.x!chs!C282686EA662

RDN/Generic PUP.x!chs!C85919F38ADD

CryptDomaIQ!C1CCC0244DB5

RDN/Generic PUP.x!chs!C33F573E897B

RDN/Generic PUP.x!chs!C6762FB5E9F7

Somoto-BetterInstaller!0A1869D78D13

Generic PUP.x!C286B329C9EC

PUP-FIC!C1AF3A80F6A2

CryptDomaIQ!C27CDF9582C5

RDN/Generic.dx!24147BE7390E

PowerPack!C17B4AB96AA2

CryptDomaIQ!C17293798158

PUP-FIC!C322AF1022D8

RDN/Generic PUP.x!chs!240837F6E615

CryptDomaIQ!23C20ED3E729

RDN/Generic PUP.x!chs!C27AAB1EF5AD

RDN/Generic PUP.x!chs!23CD3D826440

Phishing

 

Vulnerebility

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65773

Samba Uninitialized Memory Information Disclosure Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67686

Samba DNS Protocol Handling Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67691

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65769

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66914

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/65400

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/64918

phpPgAdmin 'function.php' Cross Site Scripting Vulnerability
2014-07-02
http://www.securityfocus.com/bid/52761

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/64930

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67601

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-07-02
http://www.securityfocus.com/bid/64937

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67899

Netty 'WebSocket08FrameDecoder' Class Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67182

Ignite Realtime Smack API Multiple Information Disclosure Vulnerabilities
2014-07-02
http://www.securityfocus.com/bid/67119

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66397

Ignite Realtime Smack API 'ParseRoster' Security Bypass Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67124

Openfire XMPP Server XMPP-Layer Compression Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66717

Openfire jabber:iq:auth 'passwd_change' Remote Password Change Vulnerability
2014-07-02
http://www.securityfocus.com/bid/34804

Nagios Plugin Incomplete Fix Information Disclosure Vulnerability
2014-07-02
http://www.securityfocus.com/bid/68251

Nagios Plugins Multiple Arbitrary File Access Vulnerabilities
2014-07-02
http://www.securityfocus.com/bid/67433

Ruby on Rails 'implicit render' Functionality Directory Traversal Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67244

FFmpeg LZO 'LZ4_decompress_generic()' Function Memory Corruption Vulnerability
2014-07-02
http://www.securityfocus.com/bid/68219

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-07-02
http://www.securityfocus.com/bid/66690

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66779

Linux Kernel 'mlock_vma_page()' Function Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/67162

Linux Kernel 'get_rx_bufs()' Function Denial of Service Vulnerability
2014-07-02
http://www.securityfocus.com/bid/66441

Exploit

     Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass

  IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities

  Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure

1.7.2014

 

Bugtraq

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

APPLE-SA-2014-06-30-4 Apple TV 6.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-06-30-3 iOS 7.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information 2014-06-30
security-alert hp com

APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS 2014-06-30
SEC Consult Vulnerability Lab (research sec-consult com)

ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability 2014-06-30
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2970-1] cacti security update 2014-06-29
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!93DB3237A4D1

Generic PUP.x!93E10B991CFA

Generic PUP.x!951E0B7659D1

Generic PUP.x!8B5C18C5E644

Generic PUP.x!D6930E4AFEBD

Generic PUP.x!9479C88D1A67

Generic PUP.x!94BD0030A0DB

Generic PUP.x!9512BE780657

Generic PUP.x!95E8625E8A02

Generic PUP.x!95D86D1D1336

VTFlooder!C5F06FED1331

RDN/Generic PUP.x!chq!C4B9B0C203AE

RDN/Generic.bfr!hk!F0BC4B9DCB30

CryptDomaIQ!C4BB069D06D2

Generic PUP.x!957C671F593C

Generic PUP.x!74BEF60535CB

RDN/Generic.dx!C066F1153E2A

Generic PUP.x!93A9E519B758

RDN/Generic PUP.x!chq!EE50B8ED8B7B

RDN/Generic PUP.x!chq!B198F82FFAA1

Generic PUP.x!8FC1ECEFE4F0

Generic PUP.x!C4AAC334568E

RDN/Generic PUP.x!chq!A086B86A9A1A

Generic PUP.x!A0B28B4F669C

RDN/Generic BackDoor!yx!71E31325F7C8

Generic PUP.x!955A7DE45E55

Generic PUP.x!6A55F77A7C51

Downloader.gen.a!D97BF6A09159

CryptInno!C4AA33CA967E

Generic.bfr!93B2DBA6AFA0

Phishing

NATWEST

1st July 2014

Verification of Account

Natwest

1st July 2014

NatWest YourPoints Online

Halifax

30th June 2014

DEAR HALIFAX MEMBER,

Amazon Security Team

30th June 2014

UPDATE MISSING INFORMATION

Apple

30th June 2014

NOTIFICATION OF EXPIRATION OF
YOUR ACCOUNT.

Vulnerebility

GnuPG 'compress.c' Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/68156

kdelibs CVE-2014-3494 SSL Certificate Validation Security Bypass Vulnerability
2014-07-01
http://www.securityfocus.com/bid/68113

kdelibs CVE-2013-2074 Local Password Disclosure Vulnerability
2014-07-01
http://www.securityfocus.com/bid/59808

KDE KSSL Common Name SSL Certificate Spoofing Vulnerability
2014-07-01
http://www.securityfocus.com/bid/49925

OpenLDAP 'modrdn' Request Multiple Vulnerabilities
2014-07-01
http://www.securityfocus.com/bid/41770

KDE kdelibs IP Address SSL Certificate Security Bypass Vulnerability
2014-07-01
http://www.securityfocus.com/bid/46789

Wireshark Frame Metadissector CVE-2014-4020 Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/68044

Wireshark M3UA Dissector CVE-2014-2282 Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/66070

Wireshark NFS Dissector CVE-2014-2281 Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/66068

Wireshark RLC Dissector 'packet-rlc.c' CVE-2014-2283 Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/66072

Wireshark MPEG File Parser 'wiretap/mpeg.c' Buffer Overflow Vulnerability
2014-07-01
http://www.securityfocus.com/bid/66066

Wireshark RTP Dissector CVE-2014-2907 Remote Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/67046

Wireshark 'libpcap' File Parsing Memory Corruption Vulnerability
2014-07-01
http://www.securityfocus.com/bid/66755

OpenLDAP Weak Cipher Encryption Security Weakness
2014-07-01
http://www.securityfocus.com/bid/53823

OpenLDAP Multiple Security Bypass Vulnerabilities
2014-07-01
http://www.securityfocus.com/bid/46363

OpenLDAP 'UTF8StringNormalize()' Remote Buffer Overflow Vulnerability
2014-07-01
http://www.securityfocus.com/bid/50384

OpenLDAP 'modrdn' NULL OldDN Remote Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/46831

OpenLDAP X.509 Certificate NULL Character Certificate Validation Security Bypass Vulnerability
2014-07-01
http://www.securityfocus.com/bid/36844

OpenLDAP LDAP Search Request Remote Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/52404

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-07-01
http://www.securityfocus.com/bid/67749

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-07-01
http://www.securityfocus.com/bid/67745

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-07-01
http://www.securityfocus.com/bid/67748

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-07-01
http://www.securityfocus.com/bid/67741

WebKit CVE-2014-1346 Cross-Origin Security Bypass Vulnerability
2014-07-01
http://www.securityfocus.com/bid/67554

WebKit CVE-2013-2927 Use After Free Remote Code Execution Vulnerability
2014-07-01
http://www.securityfocus.com/bid/63025

WebKit Multiple Unspecified Memory Corruption Vulnerabilities
2014-07-01
http://www.securityfocus.com/bid/67553

WebKit CVE-2014-1731 Unspecified Memory Corruption Vulnerability
2014-07-01
http://www.securityfocus.com/bid/67572

WebKit CVE-2013-2875 Out of Bounds Memory Corruption Vulnerability
2014-07-01
http://www.securityfocus.com/bid/61057

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-07-01
http://www.securityfocus.com/bid/65270

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2014-07-01
http://www.securityfocus.com/bid/63154

Exploit

Gitlist <= 0.4.0 - Remote Code Execution

28.6.2014

Bugtraq

[SECURITY] [DSA 2969-1] libemail-address-perl security update 2014-06-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03056 rev.1 - HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27
security-alert hp com

[security bulletin] HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27
security-alert hp com

[security bulletin] HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege 2014-06-27
security-alert hp com

[SECURITY] [DSA 2968-1] gnupg2 security update 2014-06-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03058 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-06-26
security-alert hp com

CFP 1st International Conference on Information Systems Security and Privacy - ICISSP 2015 2014-06-26
calendarsites insticc org

Malware

Generic.dx!DD45C6E12E29

RDN/Generic PUP.x!chh!DAA38AB4DE9F

RDN/Generic PUP.x!chh!9F6E1C267D86

PUP-FIC!D9053AB0B92C

Generic PUP.x!B42006DCFF9C

RDN/Generic PUP.x!149DD9EE882C

RDN/Generic.bfr!hk!B95C1F129AC0

CryptDomaIQ!D6BEEEA7373A

CryptInno!D81699977BF5

Generic PUP.x!FB1FFC9699B5

Generic PUP.x!836453BB5662

Generic PUP.x!F56E8A0EEA04

PowerPack!D810D3298DCB

Generic PUP.x!17FB5D425C7B

Generic PUP.x!650243FDD8DA

RDN/Generic PUP.x!chh!5C0A7D3FB576

RDN/Generic PUP.x!chh!1441C619E994

RDN/Generic PUP.x!chh!ACDAEF506CA2

Generic PUP.x!177E6935325C

Generic PUP.x!B18ADA577322

PUP-FIC!D9DF4AA80AB5

RDN/Generic.dx!ddl!2693385997A9

PUP-FIC!D9D9CD118F72

Generic PUP.x!316079CB4CF2

Generic PUP.x!18D674774C40

RDN/Generic.bfr!hk!D8E5C6E7482D

RDN/Generic PUP.x!chh!16291336ADCE

RDN/Generic PUP.x!chh!D94559862157

RDN/Generic PUP.x!chh!B83AF37C7798

Generic PUP.x!E3EF0A5A4696

Phishing

NatWest

28th June 2014

IMPORTANT INFORMATION ABOUT
YOUR ACCOUNT

Paypal Customers Service

27th June 2014

NOTICE OF CHANGES TO THE
PAYPAL USER AGREEMENT

Vulnerebility

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67901

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-28
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-28
http://www.securityfocus.com/bid/66363

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67900

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-06-28
http://www.securityfocus.com/bid/68084

WordPress TimThumb WebShot Feature Arbitrary Code Execution Vulnerability
2014-06-28
http://www.securityfocus.com/bid/68180

KDE Konqueror Multiple Security Vulnerabilities
2014-06-28
http://www.securityfocus.com/bid/55879

Gnew Multiple SQL Injection and Cross Site Scripting Vulnerabilities
2014-06-28
http://www.securityfocus.com/bid/61721

SAP Enterprise Portal Information Disclosure Vulnerability
2014-06-28
http://www.securityfocus.com/bid/58156

SAP Solution Manager Diagnostics Agent Code Injection Vulnerability
2014-06-28
http://www.securityfocus.com/bid/58179

DataLife Engine Session Fixation Vulnerability
2014-06-28
http://www.securityfocus.com/bid/57766

LZ4 'lz4.c' Memory Corruption Vulnerability
2014-06-28
http://www.securityfocus.com/bid/68218

UnrealIRCd Unspecified Multiple Denial of Service Vulnerabilities
2014-06-28
http://www.securityfocus.com/bid/63910

Red Hat sos GRUB Bootloader Password Information Disclosure Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67634

SAP J2EE Core Service Remote Arbitrary File Access Vulnerability
2014-06-28
http://www.securityfocus.com/bid/58175

Google Android PRNG Entropy Weakness
2014-06-28
http://www.securityfocus.com/bid/61813

Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2014-06-28
http://www.securityfocus.com/bid/65997

PHP-Fusion 'Authenticate.class.php' SQL Injection Vulnerabilities
2014-06-28
http://www.securityfocus.com/bid/58011

Python JSON Module '_json.c' Local Information Disclosure Vulnerability
2014-06-28
http://www.securityfocus.com/bid/68119

GnuPG RSA Key Extraction Information Disclosure Vulnerability
2014-06-28
http://www.securityfocus.com/bid/64424

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-06-28
http://www.securityfocus.com/bid/67309

Linux Kernel '/drivers/media/media-device.c' Local Information Disclosure Vulnerability
2014-06-28
http://www.securityfocus.com/bid/68048

HP Service Virtualization CVE-2013-6221 Unspecified Remote Code Execution Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67989

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67300

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-06-28
http://www.securityfocus.com/bid/66779

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-28
http://www.securityfocus.com/bid/67302

Exploit

  HP AutoPass License Server File Upload

  chkrootkit 0.49 - Local Root Vulnerability

  MS14-009 .NET Deployment Service IE Sandbox Escape

  MS13-097 Registry Symlink IE Sandbox Escape

  Python CGIHTTPServer Encoded Path Traversal

  Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities

  Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities

  Endeca Latitude 2.2.2 - CSRF Vulnerability

27.6.2014

Bugtraq

[SECURITY] [DSA 2967-1] gnupg security update 2014-06-25
Salvatore Bonaccorso (carnil debian org)

CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

Malware

RDN/Generic Dropper!519351F39961

Generic PUP.x!712AFDF8BA0C

Generic PUP.x!1F6D8B9B4A52

Generic PUP.x!DA16F7696035

Generic PUP.x!CDA9011EC4CF

Generic PUP.x!D9CA13D500DE

RDN/Downloader.a!ro!D948D19D991A

RDN/Generic PUP.x!chc!D984241F0DD7

Generic PUP.x!36BCDDAC7BB5

Generic PUP.x!46EFFD09EE21

RDN/Generic PUP.x!chc!D9876E6D3135

Generic PUP.x!D9873F64A666

Generic PUP.x!C25DFA615C1A

Generic PUP.x!7BC6BE55EBB8

Generic PUP.x!1C6314A32637

Generic.bfr!5D160AD64001

Generic PUP.x!6678F1B9A35D

RDN/Generic PUP.x!chc!D8BD43949AE4

Generic PUP.x!51DDC635A811

Generic PUP.x!D8CFF4F8ADF5

Generic.dx!D8B3DE4D8D8B

RDN/Generic PUP.x!chc!D8822D3F2C1D

RDN/Generic.dx!dd3!D6A830D12603

RDN/Generic PUP.x!chc!E4BE1CDFBB3F

RDN/Generic.dx!dd3!D8B51BE6EC72

RDN/Generic PUP.x!chc!61375B2B6D7F

RDN/Generic.bfr!hk!D7F58DED75AC

Generic PUP.x!5FDEC90E7243

Generic.dx!D84345A0C9D0

Generic.dx!D646C1124843

Phishing

BT

27th June 2014

BT Planned Software Uprade

Chase

26th June 2014

Your Chase Account Has Been
Blocked!

Natwest Bank UK

26th June 2014

NOTIFICATION FROM NATWEST BANK

Vulnerebility

Samba CVE-2014-3493 Memory Corruption Vulnerability
2014-06-27
http://www.securityfocus.com/bid/68150

GnuPG 'compress.c' Denial of Service Vulnerability
2014-06-27
http://www.securityfocus.com/bid/68156

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-06-27
http://www.securityfocus.com/bid/66920

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-27
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-06-27
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-06-27
http://www.securityfocus.com/bid/66870

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-06-27
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-06-27
http://www.securityfocus.com/bid/66883

Samba DNS Protocol Handling Denial of Service Vulnerability
2014-06-27
http://www.securityfocus.com/bid/67691

Samba 'nmbd' NetBIOS Name Serives Daemon Denial of Service Vulnerability
2014-06-27
http://www.securityfocus.com/bid/68148

Samba Uninitialized Memory Information Disclosure Vulnerability
2014-06-27
http://www.securityfocus.com/bid/67686

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67898

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66801

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66891

JBoss Seam CVE-2014-0248 Remote Code Execution Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68174

RETIRED: ISC BIND EDNS Options CVE-2014-3859 Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68193

Openstack Swift 'WWW-Authenticate' Header Cross Site Scripting Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68116

OpenStack Neutron L3-agent Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68064

Dovecot Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67306

OpenStack Neutron CVE-2014-0187 CIDR Security Bypass Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67012

OpenStack Neutron Sudo Configuration Local Privilege Escalation Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67804

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66911

Exploit

 

26.6.2014

Bugtraq

[SECURITY] [DSA 2967-1] gnupg security update 2014-06-25
Salvatore Bonaccorso (carnil debian org)

CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite 2014-06-25
High-Tech Bridge Security Research (advisory htbridge com)

NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25
\VMware Security Response Center\ (security vmware com)

[slackware-security] seamonkey (SSA:2014-175-05) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-175-04) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] bind (SSA:2014-175-01) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] gnupg (SSA:2014-175-02) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] gnupg2 (SSA:2014-175-03) 2014-06-24
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!57025514A1C2

Generic PUP.x!763FC5832083

Generic PUP.x!5A55896FF1D3

Generic PUP.x!DA74D30E6D29

Generic PUP.x!5FE39A6278AC

Generic.bfr!65CD782E4227

Generic PUP.x!F08A5F859774

Generic.bfr!1FD0EE705E19

Generic PUP.x!584FF73826D4

RDN/Generic PUP.x!chb!A9834259B392

Generic.dx!D4C63EB71468

Generic PUP.x!655F4AB04646

PUP-FIC!6769CE595E59

PUP-FIC!20E55DAA81CF

Generic PUP.x!65E0D554FA54

Generic PUP.x!65CD62C5CC8E

Generic PUP.x!CAE2FEB28033

Generic PUP.x!21F1AA74E35C

Generic PUP.x!568A32EF018E

Generic PUP.x!68C616C778AB

Generic PUP.x!9A9BE2BA555D

Generic PUP.x!9FFC53664E62

RDN/Generic.dx!ddh!B4314B5EC1DD

Generic PUP.x!64D9F8D732F3

Generic PUP.x!660BE3F12BDC

Generic PUP.x!A3B1A268391C

Generic PUP.x!9A64E1CC2CAC

Generic PUP.x!7D48D926469A

Generic PUP.x!CE26A4A57B4B

RDN/Generic.bfr!hn!98888CEA430B

Phishing

 

Vulnerebility

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67193

Piwigo 'picture_modify.php' SQL Injection Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68142

Xen CVE-2014-3968 Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67824

Xen 'HVM MSI injection' CVE-2014-3967 Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67794

Dnsmasq Multiple Remote Denial of Service Vulnerabilities
2014-06-26
http://www.securityfocus.com/bid/57458

Dnsmasq Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/54353

Sophos Antivirus Configuration Console Multiple Cross Site Scripting Vulnerabilities
2014-06-26
http://www.securityfocus.com/bid/68190

Samba Uninitialized Memory Information Disclosure Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67686

Samba 'nmbd' NetBIOS Name Serives Daemon Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68148

Samba CVE-2014-3493 Memory Corruption Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68150

OpenStack Neutron L3-agent Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68064

DenyHosts 'regex.py' Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/64478

Network Audio System CVE-2013-4258 Format String Vulnerability
2014-06-26
http://www.securityfocus.com/bid/61852

Network Audio System CVE-2013-4256 Multiple Buffer Overflow Vulnerabilities
2014-06-26
http://www.securityfocus.com/bid/61848

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67900

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-26
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-26
http://www.securityfocus.com/bid/66363

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67901

Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67534

Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67532

Dovecot Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67306

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-06-26
http://www.securityfocus.com/bid/68007

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67759

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67765

PHP FPM 'php-fpm.conf.in' Local Privilege Escalation Vulnerability
2014-06-26
http://www.securityfocus.com/bid/67118

GnuPG 'compress.c' Denial of Service Vulnerability
2014-06-25
http://www.securityfocus.com/bid/68156

ownCloud Multiple Cross Site Scripting Vulnerabilities
2014-06-25
http://www.securityfocus.com/bid/67451

A10 Networks ACOS Remote Buffer Overflow Vulnerability
2014-06-25
http://www.securityfocus.com/bid/66588

Exploit

  Cogent DataHub Command Injection

  Thomson TWG87OUIR - POST Password CSRF

25.6.2014

Bugtraq

Boolean algebra and CSS history theft 2014-06-24
Michal Zalewski (lcamtuf coredump cx)

Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-06-23
Roee Hay (roeeh il ibm com)

Malware

Generic PUP.x!5EAFB530CA33

Generic PUP.x!BEB8B2EDC03F

Generic PUP.x!E8F851101498

RDN/Generic PUP.x!cg3!6CFF23DCDFAB

RDN/Generic PUP.x!cg3!626654FA80ED

RDN/Generic PUP.x!cg3!2E0C998A069E

RDN/Generic PUP.x!cg3!3E36FBD462F6

RDN/Generic PUP.x!cg3!00C75AB6FD3B

Generic PUP.x!19967A9C9946

Generic.dx!0633E858ACFB

Generic PUP.x!87E1CAE71B9E

Generic PUP.x!6E6496FB2926

RDN/Generic.dx!ddf!2A51443A7FBC

RDN/Generic PUP.x!cg3!2B248D60478D

RDN/Generic PUP.x!cg3!F49584D3FA43

Generic PUP.x!9E98AFC50D3E

Generic PUP.x!F4F43218B2D6

RDN/Generic PUP.x!cg3!6A9C916A7735

Generic PUP.x!DC9650147541

Generic PUP.x!1955117CFE02

Generic PUP.x!C3FADE6BCF1A

Generic PUP.x!1B5B20EEFC93

Generic PUP.x!E7517CC902D0

Generic PUP.x!A0D0FF04F031

Generic PUP.x!D10E289661EC

Generic PUP.x!1488CAB73074

Generic PUP.x!0119B33BE5E1

RDN/Generic PUP.x!cg3!F496DEFB066C

RDN/Generic PUP.x!cg3!F4AAD471C131

RDN/Generic PUP.x!cg3!F4BF1187A70A

Phishing

Halifax Bank

24th June 2014

We need to update some
important information.

Vulnerebility

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-25
http://www.securityfocus.com/bid/67898

PHP Fileinfo Component Out of Bounds Memory Corruption Vulnerability
2014-06-25
http://www.securityfocus.com/bid/66002

file Composite Document File Format Denial of Service Vulnerability
2014-06-25
http://www.securityfocus.com/bid/52225

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-06-25
http://www.securityfocus.com/bid/65596

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-06-25
http://www.securityfocus.com/bid/66406

Cogent Real-Time Systems DataHub 'GetPermissions.asp' Remote Code Execution Vulnerability
2014-06-25
http://www.securityfocus.com/bid/67486

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-25
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-25
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66891

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-24
http://www.securityfocus.com/bid/66363

Oracle Java SE CVE-2013-5775 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/63144

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/63135

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67193

Oracle Java SE CVE-2013-5852 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/63130

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/64882

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/64919

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-06-24
http://www.securityfocus.com/bid/67309

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66779

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67321

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67302

Linux Kernel CVE-2014-2568 Information Disclosure Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66348

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
2014-06-24
http://www.securityfocus.com/bid/57714

Exploit

  D-Link authentication.cgi Buffer Overflow

  D-Link hedwig.cgi Buffer Overflow in Cookie Header

  AlienVault OSSIM av-centerd Command Injection

24.6.2014

Bugtraq

[security bulletin] HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosur 2014-06-23
security-alert hp com

[SECURITY] [DSA 2966-1] samba security update 2014-06-23
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 2965-1] tiff security update 2014-06-22
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2964-1] iodine security update 2014-06-21
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!845A337B7CAB

RDN/Generic PUP.x!cgv!1E4F529FFD96

Generic PUP.x!E93D39CF5CF7

Generic PUP.x!B4C08821EEC6

RDN/Generic PUP.x!cgv!E21AAC96E391

RDN/Generic PUP.x!cgv!72B162893D2F

Generic PUP.x!E224642A7BEA

Generic PUP.x!1C017613EA83

RDN/Generic BackDoor!206E36311129

PUP-FIC!4F06C455F02F

Generic PUP.x!1B9625D1AC3E

PUP-FIC!6DDCA7D5E6FE

CryptInno!5ECD15839320

Generic PUP.x!715C159D2297

PUP-FIC!6B1DD24DEC15

RDN/Generic.bfr!hl!197CA99C6F23

PUP-FIC!6B764068CD58

PUP-FIC!6C12A1A336C6

Generic PUP.x!55D81AD7384C

RDN/Generic.dx!dd3!1FBDAFD0A797

Generic PUP.x!21D4E2A22B89

Generic PUP.x!E9C7F1AA152A

RDN/Generic PUP.x!41FFF4209106

PUP-FIC!7321F7B27891

Generic PUP.x!E6006C4F967D

Generic PUP.x!4758A21D2913

PUP-FIC!5DF61D0598AE

Generic.bfr!3BE4DE6A9480

Generic PUP.x!A4F364A45152

RDN/Generic BackDoor!yu!174561120742

Phishing

 

Vulnerebility

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-24
http://www.securityfocus.com/bid/66363

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67759

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67765

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-06-24
http://www.securityfocus.com/bid/68007

PHP FPM 'php-fpm.conf.in' Local Privilege Escalation Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67118

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/65943

Mozilla Firefox CVE-2014-1543 Heap Buffer Overflow Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67969

Mozilla Firefox CVE-2014-1540 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67978

Mozilla Firefox CVE-2014-1542 Remote Buffer Overflow Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67968

Mozilla Firefox/Thunderbird CVE-2014-1539 Clickjacking Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67967

Mozilla Firefox/Thunderbird CVE-2014-1541 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67979

Mozilla Firefox/Thunderbird CVE-2014-1533 Multiple Memory Corruption Vulnerabilities
2014-06-24
http://www.securityfocus.com/bid/67965

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67975

Mozilla Firefox/Thunderbird CVE-2014-1538 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67976

Mozilla Firefox/Thunderbird CVE-2014-1536 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67966

Mozilla Firefox/Thunderbird CVE-2014-1534 Multiple Memory Corruption Vulnerabilities
2014-06-24
http://www.securityfocus.com/bid/67964

Mozilla Firefox/Thunderbird CVE-2014-1537 Memory Corruption Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67971

Castor Library CVE-2014-3004 XML External Entity Information Disclosure Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67676

WordPress WP GPX Maps Plugin Arbitrary File Upload Vulnerability
2014-06-24
http://www.securityfocus.com/bid/53909

D-Bus 'activation.c' Denial of Service Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67986

Linux Kernel CVE-2014-4014 Local Privilege Escalation Vulnerability
2014-06-24
http://www.securityfocus.com/bid/67988

Piwigo 'ws.php' Cross-Site Request Forgery Vulnerability
2014-06-24
http://www.securityfocus.com/bid/65811

Drupal Custom Meta Module Multiple Cross Site Scripting Vulnerabilities
2014-06-24
http://www.securityfocus.com/bid/68108

OpenSSL Multiple Vulnerabilities
2014-06-23
http://www.securityfocus.com/bid/51281

Drupal Easy Breadcrumb Module Unspecified Cross Site Scripting Vulnerability
2014-06-23
http://www.securityfocus.com/bid/68106

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67193

Exploit

 

23.6.2014

Bugtraq

 

Malware

Generic PUP.x!555FC8381E5C

Generic PUP.x!AFE2B4FC1CD1

Generic PUP.x!0101C4D9DB67

Generic PUP.x!91B18C63604E

Generic PUP.x!A7E1F62F0E51

Generic PUP.x!617DBE14481F

RDN/Generic PUP.x!cgs!5E26CA1346AD

Generic PUP.x!FCD84A5EC4D5

Generic PUP.x!D51801D0B6F7

Generic PUP.x!45C376F6A0D1

RDN/Generic PUP.x!cgs!2062220D4C15

Generic PUP.x!BF9DF4473170

Generic.bfr!0E980D79F8D9

Generic PUP.x!77AE04B0A1F7

Generic PUP.x!F8C1EA6E8A95

Generic.tfr!F717C0B148A1

Downloader.gen.a!E09A773F6BEE

RDN/Generic PUP.x!cgs!2BF2C01480BB

RDN/Generic PUP.x!cgs!E0398A53D28B

RDN/Downloader.a!rm!FD2271A95A64

RDN/Downloader.a!rm!0A012D809CDF

Generic PUP.x!B5A147CDA395

RDN/Generic PWS.y!zq!992A623F3816

Generic PUP.x!51289A4A0253

Generic PUP.x!F6128E23BD67

Generic PUP.x!75D6061751DA

Generic PUP.x!9DD266EE22B1

RDN/Generic.dx!ddd!6674365A217F

Generic PUP.x!62166E4E60AB

Generic PUP.x!9B85DC5B9AB1

Phishing

Barclays

22nd June 2014

Dear Barclays Memeber,

Barclays

21st June 2014

Restriction On Your Account

Barclays

21st June 2014

Dear Barclays Memeber,

Vulnerebility

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67302

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/65459

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/63886

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67300

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66458

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66457

nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66537

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2014-06-23
http://www.securityfocus.com/bid/63802

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2014-06-23
http://www.securityfocus.com/bid/63738

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2014-06-23
http://www.securityfocus.com/bid/63737

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2014-06-23
http://www.securityfocus.com/bid/58796

Network Security Services Uninitialized Data Read Security Vulnerability
2014-06-23
http://www.securityfocus.com/bid/62966

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2014-06-23
http://www.securityfocus.com/bid/63736

Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
2014-06-23
http://www.securityfocus.com/bid/57777

LibTIFF CVE-2013-4243 Heap Buffer Overflow Vulnerability
2014-06-23
http://www.securityfocus.com/bid/62082

iodine Authentication Bypass Vulnerability
2014-06-23
http://www.securityfocus.com/bid/68069

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66920

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67900

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67901

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-23
http://www.securityfocus.com/bid/66801

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-23
http://www.securityfocus.com/bid/66363

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-23
http://www.securityfocus.com/bid/67899

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-06-23
http://www.securityfocus.com/bid/63676

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-23
http://www.securityfocus.com/bid/64493

Exploit

 

21.6.2014

Bugtraq

[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-18
security-alert hp com

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!31FE28CB292D

Generic PUP.x!04906D4BC409

RDN/Generic PUP.x!cgp!6DCF6B78BC72

CryptInno!6DDE07C3A56D

Generic.dx!2F9F060940CA

RDN/Generic PUP.x!cgp!6D8D4E3C08F5

Generic PUP.x!70F5E218A860

Generic.dx!9CFC834D3873

RDN/Generic.tfr!ea!8849F119F147

PUP-FIC!51C9458E889A

RDN/Generic PUP.x!cgp!6B3CB1F4DACE

Generic PUP.x!9D29A7265FA0

Generic Downloader.x!1135C1EF78F9

CryptInno!0CD05D3BDEB3

CryptInno!6B0F2EC1FF9A

Generic PUP.x!04E3754EDDE5

Generic PUP.x!32E0C96B2973

Generic PUP.x!2929829EFDC8

RDN/Generic PUP.x!cgp!6D29C2820CCA

CryptInno!2CBC2CB70445

RDN/Generic.bfr!gf!3F6760B91319

RDN/Generic PUP.x!cgp!4C10595F92CC

Generic PUP.x!77653A3AA19C

RDN/Generic PUP.x!cgp!35ADA0CE755E

Generic PUP.x!E0748F386FEC

RDN/Generic.bfr!gf!35B0F0E15F7E

Generic PUP.x!FD9C373723BD

RDN/Generic PUP.x!cgp!16B3B8A0DCB0

RDN/Generic PUP.x!cgp!09658492B174

RDN/Generic PUP.x!cgp!20405291A078

Phishing

Barclays

21st June 2014

Restriction On Your Account

Barclays

21st June 2014

Dear Barclays Memeber,

Barclays

20th June 2014

Dear Barclays Memeber,

PayPal

20th June 2014

Your account has been
temporarily blocked

Lloyds

20th June 2014

Important Security Message.
from Lloyds Bank

Lloyds

20th June 2014

Lloyds Bank Important
Notification.

David Gibson

20th June 2014

Important Document!

Lloyds

19th June 2014

Important Security Message.
from Lloyds Bank

PayPal

19th June 2014

PAYPAL ISSUE ; INFORMATIONS
REQUIRED

Bank Of America

19th June 2014

ONLINE BANKING : IMPORTANT
MESSAGE

Vulnerebility

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-06-21
http://www.securityfocus.com/bid/66914

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67121

Cisco WebEx Meetings Server CVE-2014-3296 Information Disclosure Vulnerability
2014-06-21
http://www.securityfocus.com/bid/68118

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67193

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67899

Linux Kernel Unspecified Local Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/68126

Webmin Usermin Popup Windows Multiple Cross Site Scripting Vulnerabilities
2014-06-21
http://www.securityfocus.com/bid/67649

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67898

OpenSSH CVE-2010-5107 Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/58162

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-06-21
http://www.securityfocus.com/bid/65999

Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67064

Apache Struts 'getClass()' Method Security Bypass Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67081

Webmin Multiple Unspecified Cross Site Scripting Vulnerabilities
2014-06-21
http://www.securityfocus.com/bid/67647

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/65400

TYPO3 HTTP Host Header Spoofing Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67626

TYPO3 Backend Subcomponent Unspecified Cross Site Scripting Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67625

TYPO3 Unspecified PHP Object Injection Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67630

Linux Kernel 'tcp_rcv_state_process()' Function Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/65654

Linux Kernel CVE-2014-2039 Local Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/65700

Linux Kernel 'mm/slab.c' Local Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/68125

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/63886

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-06-21
http://www.securityfocus.com/bid/65459

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67302

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67300

Ubisoft Rayman Legends 'memset()' Function Stack Based Buffer Overflow Vulnerability
2014-06-21
http://www.securityfocus.com/bid/68080

BarracudaDrive '/rtl/protected/admin/ddns/' Multiple Cross Site Scripting Vulnerabilities
2014-06-21
http://www.securityfocus.com/bid/68079

LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
2014-06-21
http://www.securityfocus.com/bid/56715

ntopng 'lua/host_details.lua' Cross Site Scripting Vulnerability
2014-06-21
http://www.securityfocus.com/bid/66456

Sendmail File Descriptor Security Vulnerability
2014-06-21
http://www.securityfocus.com/bid/67791

PolarSSL RSA Private Key Recovery Security Bypass Vulnerability
2014-06-21
http://www.securityfocus.com/bid/62771

Exploit

  Linux Kernel <= 3.13 - Local Privilege Escalation PoC (gid)

  D-link DSL-2760U-E1 - Persistent XSS

  Wordpress 3.9.1 - CSRF Vulnerability

20.6.2014

Bugtraq

[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-18
security-alert hp com

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in Dolphin 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!BA11BD630B2C

Generic PUP.x!E525FBDB37FB

RDN/Generic PUP.x!cg3!39AD02A26B5A

Generic.bfr!AD4ACB86B1F9

Generic PUP.x!6796644345FA

Generic PUP.x!3C55BFC32BAB

Generic PUP.x!39168612C3D9

Generic PUP.x!3A23B43C5640

Downloader.gen.a!4366E53CC071

Generic.bfr!10F3AFAA0E8F

Generic PUP.x!7D7F1323A9A3

RDN/Generic PUP.x!4C2E1F975110

Generic PUP.x!B16A538D9C90

RDN/Generic PUP.x!cg3!C2E423FE781A

Generic PUP.x!649C3D0062F2

Generic PUP.x!45436234A249

RDN/Generic.bfr!hl!66810F6BC4C8

RDN/Generic PUP.x!cg3!373F24778006

Generic PUP.x!AE71ADCD47E8

RDN/Generic PUP.x!cg3!366B86D2C73F

Generic PUP.x!A7E02EF02D52

Generic PUP.x!9B7AC2BB60B7

Generic.bfr!6CE986507AE6

Generic PUP.x!664084FD98C0

Generic PUP.x!3842B7537A2D

Generic PUP.x!7B4645A7F55B

RDN/Generic PUP.x!cg3!D98A60698BF4

Generic.bfr!66FE555355A5

Generic PUP.x!8256D3B41D14

Generic PUP.x!1576034F8AC2

Phishing

Lloyds

19th June 2014

Important Security Message.
from Lloyds Bank

PayPal

19th June 2014

PAYPAL ISSUE ; INFORMATIONS
REQUIRED

Bank Of America

19th June 2014

ONLINE BANKING : IMPORTANT
MESSAGE

Barclays

19th June 2014

Dear Barclays Memeber,

Vulnerebility

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-20
http://www.securityfocus.com/bid/66363

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67898

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67193

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/67309

AlienVault OSSIM CVE-2014-3804 Multiple Unspecified Remote Code Execution Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/67999

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/65459

Linux Kernel 'mm/slab.c' Local Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/68125

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2014-2039 Local Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/65700

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67302

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-06-20
http://www.securityfocus.com/bid/63886

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/66303

Wireshark 'libpcap' File Parsing Memory Corruption Vulnerability
2014-06-20
http://www.securityfocus.com/bid/66755

Novell Open Enterprise Server CVE-2014-0599 Unspecified Cross Site Scripting Vulnerability
2014-06-20
http://www.securityfocus.com/bid/68068

Novell Open Enterprise Server CVE-2014-0598 Unspecified Directory Traversal Vulnerability
2014-06-20
http://www.securityfocus.com/bid/68066

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-20
http://www.securityfocus.com/bid/66801

Parallels Plesk Panel XML External Entity Injection and Cross Site Scripting Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/68030

Ajenti Multiple Cross Site Scripting Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/68047

AlienVault Multiple Security Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/68018

WebTitan 4.01 Multiple Security Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/67921

Drupal Touch Theme Cross Site Scripting Vulnerability
2014-06-20
http://www.securityfocus.com/bid/68045

NICE Recording eXpress Multiple Security Vulnerabilities
2014-06-20
http://www.securityfocus.com/bid/67677

SQL Buddy 'browse.php' Cross Site Scripting Vulnerability
2014-06-20
http://www.securityfocus.com/bid/68017

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67741

Mozilla Firefox/Thunderbird CVE-2014-1538 Memory Corruption Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67976

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-20
http://www.securityfocus.com/bid/67121

Exploit

  Ericom AccessNow Server Buffer Overflow

  web2Project 3.1 - Multiple Vulnerabilities

19.6.2014

Bugtraq

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
[SECURITY] [DSA 2963-1] lucene-solr security updateVulnerability Lab (research vulnerability-lab com)

Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in Dolphin 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal 2014-06-17
security-alert hp com

 2014-06-17
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-17
security-alert hp com

[SECURITY] [DSA 2962-1] nspr security update 2014-06-17
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!267F3DA9E607

Generic PUP.x!BFC93059E2BE

Downloader.gen.a!1DCCE9873B75

Generic PUP.x!BB6A43BFE064

Generic PUP.x!507E8D0DD6F2

Generic PUP.x!9828046AD4F9

Generic PUP.x!694E30BDE4A7

Generic PUP.x!6974FC58BF4B

Generic PUP.x!66DCCAFB8FFF

RDN/Generic PUP.x!cgd!21E4309AA7D2

Generic PUP.x!28B090B4D259

Generic PUP.x!A1B1E949C14C

Generic PUP.x!059A59DA575B

Generic PUP.x!7F29EB48D7BE

W32/Sdbot.worm!A99B7DB3BFA9

Generic PUP.x!535A0D9D16C0

Generic PUP.x!09952FBE2E44

Generic.bfr!8E43DE1BC26D

Generic PUP.x!212DA14CAD53

Generic PUP.x!1869C2B209A0

Generic PUP.x!505B9B4FE884

Generic PUP.x!11071D5A690B

Generic PUP.x!61E9478AEEF8

Generic PUP.x!5612D5F770B4

Generic PUP.x!687B8CA787B6

Generic PUP.x!625D31A5A1EC

Generic PUP.x!4B62EB784166

Generic PUP.x!60EBCABF40E3

Generic PUP.x!40B4BA6790A0

Generic PUP.x!22B6459FEF2C

Phishing

Barclays

19th June 2014

Dear Barclays Memeber,

Financial Services Authority

18th June 2014

[WARNING: VIRUS REMOVED]New
eDocument arrived

Barclays

18th June 2014

Dear Barclays Memeber,

Vulnerebility

Microsoft Internet Explorer CVE-2014-0282 Remote Memory Corruption Vulnerability
2014-06-19
http://www.securityfocus.com/bid/67862

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-19
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-06-19
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-06-19
http://www.securityfocus.com/bid/64937

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-06-19
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-06-19
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-06-19
http://www.securityfocus.com/bid/66914

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66397

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/65400

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-06-18
http://www.securityfocus.com/bid/63135

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/61310

Linux Kernel 'futex.c' Function Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67395

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66543

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66351

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-06-18
http://www.securityfocus.com/bid/66279

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67302

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/65459

Linux Kernel Memory Leak Multiple Local Information Disclosure Vulnerabilities
2014-06-18
http://www.securityfocus.com/bid/64685

Linux Kernel 'pn_recvmsg()' Function Local Information Disclosure Vulnerability
2014-06-18
http://www.securityfocus.com/bid/64677

Linux Kernel CVE-2013-7263 Multiple Information Disclosure Vulnerabilities
2014-06-18
http://www.securityfocus.com/bid/64686

Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/64013

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/65943

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/63983

Linux Kernel 'mlock_vma_page()' Function Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67162

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67901

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67193

Exploit

  Rocket Servergraph Admin Center fileRequestor Remote Code Execution

  docker 0.11 VMM-container Breakout

  Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

18.6.2014

Bugtraq

[SECURITY] [DSA 2961-1] php5 security update 2014-06-16
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2950-2] openssl update 2014-06-16
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2960-1] icedove security update 2014-06-16
Moritz Muehlenhoff (jmm debian org)

[CFP] Hacktivity 2014 CFP is open 2014-06-16
ferenc spala hacktivity com

Malware

Generic PUP.x!37E10FBE2F52

Generic PUP.x!F9B822B9D814

RDN/Generic PUP.x!cgc!D93DA4732D0C

Generic PUP.x!12F14387945A

Generic PUP.x!9C7C61B5420C

Generic.bfr!08AD80AB7225

Generic.bfr!73130BE0F5E5

Generic PUP.x!9D7FCB428829

Generic PUP.x!C9AE208BDED4

Generic.bfr!E45969B7095A

Generic PUP.x!9B2FAE1F0CAB

Generic PUP.x!FF8528A56AA8

Generic PUP.x!C8FE2389E1EB

Generic PUP.x!D09E2F20A02E

Generic.bfr!DA7134C80F06

Generic PUP.x!E04A8C400321

RDN/Downloader.a!rk!BB444E4C2511

Generic.bfr!4DD466D249D1

Generic PUP.x!5F480E05098A

Generic PUP.x!1D9F6F878920

Generic PUP.x!46B3139B48FB

Generic PUP.x!AAD4131FE4CD

Generic.bfr!E97F199F1D90

Generic PUP.x!999325794ADA

Generic.bfr!A96F54140456

Generic PUP.x!5D5E8D894EC3

Generic PUP.x!F0932739C8D0

Generic PUP.x!2994640F0756

Generic PUP.x!E914D9D2BA0F

Generic PUP.x!F42939053A8A

Phishing

Barclays

18th June 2014

Dear Barclays Memeber,

Virgin Media

18th June 2014

Virgin Media Update

Virgin Media

17th June 2014

[Norton Anti]Virgin Media
Automated Billing Reminder

Virgin Media Online

17th June 2014

Virgin Media Automated Billing
Reminder

Vulnerebility

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-18
http://www.securityfocus.com/bid/66363

Cisco Adaptive Security Appliance WebVPN Portal Information Disclosure Vulnerability
2014-06-18
http://www.securityfocus.com/bid/68063

Apache Solr CVE-2013-6407 XML External Entity Injection Vulnerability
2014-06-18
http://www.securityfocus.com/bid/64008

Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
2014-06-18
http://www.securityfocus.com/bid/63935

Apache Solr CVE-2013-6408 XML External Entity Injection Vulnerability
2014-06-18
http://www.securityfocus.com/bid/64009

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67975

apt CVE-2014-0478 Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/68034

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67233

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67898

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66801

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-06-18
http://www.securityfocus.com/bid/66279

openSUSE rubygems Unspecified Security Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66062

Symantec Web Gateway CVE-2014-1651 SQL Injection Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67754

Symantec Web Gateway CVE-2014-1652 Multiple Cross Site Scripting Vulnerabilities
2014-06-18
http://www.securityfocus.com/bid/67755

Adobe Flash Player and AIR CVE-2014-0535 Unspecified Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67970

Adobe Flash Player and AIR CVE-2014-0531 Unspecified Cross Site Scripting Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67962

Adobe Flash Player and AIR CVE-2014-0532 Unspecified Cross Site Scripting Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67973

Adobe Flash Player and AIR CVE-2014-0533 Unspecified Cross Site Scripting Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67974

Adobe Flash Player and AIR CVE-2014-0534 Unspecified Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67963

Adobe Flash Player and AIR CVE-2014-0536 Unspecified Memory Corruption Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67961

Linux Kernel CVE-2014-3940 Unspecified Security Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67786

Linux Kernel AACRAID Driver Compat IOCTL Local Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/63888

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/66678

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67193

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67899

Google Chrome CVE-2013-2877 Out of Bounds Denial of Service Vulnerability
2014-06-18
http://www.securityfocus.com/bid/61050

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-18
http://www.securityfocus.com/bid/67121

SAP NetWeaver Business Client Multiple Cross Site Scripting Vulnerabilities
2014-06-18
http://www.securityfocus.com/bid/67995

Exploit

  Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

  Java Debug Wire Protocol Remote Code Execution

  Adobe Reader for Android addJavascriptInterface Exploit

  Motorola SBG901 Wireless Modem - CSRF Vulnerability

  ZTE WXV10 W300 - Multiple Vulnerabilities

17.6.2014

Bugtraq

[SECURITY] [DSA 2960-1] icedove security update 2014-06-16
Moritz Muehlenhoff (jmm debian org)

[CFP] Hacktivity 2014 CFP is open 2014-06-16
ferenc spala hacktivity com

[SECURITY] [DSA 2959-1] chromium-browser security update 2014-06-14
Michael Gilbert (mgilbert debian org)

[SE-2014-01] Security vulnerabilities in Oracle Database Java VM 2014-06-16
Security Explorations (contact security-explorations com)

ClipBucket CMS Xss Vulnerability 2014-06-14
iedb team gmail com

Malware

Generic PUP.x!9029A777A670

Generic PUP.x!C5CEB22DBF83

Generic.dx!000FD2678BBF

Generic PUP.x!D7EF75B8630D

Generic PUP.x!C265D53056C7

Generic PUP.x!764E467BC1DD

Generic PUP.x!87EF977E4594

Generic PUP.x!31288963B755

RDN/Generic PUP.z!eb!464CB826686D

Generic PUP.x!E0799769F010

RDN/Spybot.bfr!0C03E8DD073E

Generic PUP.x!E0973C17EBAA

Generic.bfr!A4B811716CA6

RDN/Generic.dx!dcv!F68323707D19

Generic Downloader.x!9DAE48EBE350

Generic PUP.x!C6AA7C6F3AEA

Generic PUP.x!C637D8DB5531

Generic PUP.x!9D21D00C8A16

Generic PUP.x!D3EA96D37E55

RDN/Generic.dx!5E2FCF93265B

Generic PUP.x!0011B6E185E0

RDN/Generic PUP.x!C9A177CB1CC3

Generic PUP.x!C70ACE58DEED

Generic PUP.x!154A2E87A0BE

Generic Downloader.x!243ABCD5E169

Generic PUP.x!B278B6BA8A54

Generic PUP.x!AE1E8DF6EE0F

Generic PUP.x!B4EEDD0714A6

Generic PUP.x!C71E3E29E0AC

RDN/Generic.bfr!hj!2A7B0881C811

Phishing

Barclays

17th June 2014

Dear Barclays Memeber,

Halifax

16th June 2014

IMPORTANT - Halifax Online
Service Message.

PayPal

16th June 2014

REQUIRE: UPDATE YOUR PAYPAL
PROFILE INFORMATION

UNITED NATIONS ORGANIZATION

14th June 2014

CONFIRM THE CHANGE OF ACCOUNT

Vulnerebility

Microsoft Internet Explorer CVE-2014-1794 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67886

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67899

Microsoft Internet Explorer CVE-2014-2757 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67842

Microsoft Internet Explorer CVE-2014-1788 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67880

Microsoft Internet Explorer CVE-2014-2756 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67841

Microsoft Internet Explorer CVE-2014-2755 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67840

Microsoft Internet Explorer CVE-2014-2753 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67838

Microsoft Internet Explorer CVE-2014-2754 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67839

Microsoft Internet Explorer CVE-2014-1781 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67874

Microsoft Internet Explorer CVE-2014-1783 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67876

Microsoft Internet Explorer CVE-2014-1780 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67873

Microsoft Internet Explorer CVE-2014-1789 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67881

Microsoft Internet Explorer CVE-2014-1782 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67875

Microsoft Internet Explorer CVE-2014-1797 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67890

Microsoft Internet Explorer CVE-2014-1796 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67889

Microsoft Internet Explorer CVE-2014-1779 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67872

Microsoft Internet Explorer CVE-2014-1784 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67877

Microsoft Internet Explorer CVE-2014-1799 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67891

Microsoft Internet Explorer CVE-2014-1791 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67884

Microsoft Internet Explorer CVE-2014-1795 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67887

Microsoft Internet Explorer CVE-2014-1792 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67885

Microsoft Internet Explorer CVE-2014-1786 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67879

Microsoft Internet Explorer CVE-2014-1790 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67883

Microsoft Internet Explorer CVE-2014-1785 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67878

Microsoft Internet Explorer CVE-2014-1777 Information Disclosure Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67869

Microsoft Internet Explorer CVE-2014-1771 Information Disclosure Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67861

Microsoft Internet Explorer CVE-2014-1802 Remote Memory Corruption Vulnerability
2014-06-17
http://www.securityfocus.com/bid/67833

Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2014-06-17
http://www.securityfocus.com/bid/61189

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67898

Microsoft Internet Explorer CVE-2014-2759 Remote Memory Corruption Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67845

Exploit

  Java Debug Wire Protocol Remote Code Execution

  Easy File Management Web Server Stack Buffer Overflow

  Adobe Reader for Android addJavascriptInterface Exploit

16.6.2014

Bugtraq

[ MDVSA-2014:124 ] kernel 2014-06-13
security mandriva com

[SECURITY] CVE-2013-2251: Apache Continuum affected by Remote Command Execution 2014-06-13
Brett Porter (brett apache org)

[security bulletin] HPSBUX03046 SSRT101590 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-13
security-alert hp com

AST-2014-006: Asterisk Manager User Unauthorized Shell Access 2014-06-12
Asterisk Security Team (security asterisk org)

CVE-2014-0228: Apache Hive Authorization vulnerability 2014-06-12
Thejas Nair (thejas hortonworks com)

[security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information 2014-06-12
security-alert hp com

AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions 2014-06-12
Asterisk Security Team (security asterisk org)

AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections 2014-06-12
Asterisk Security Team (security asterisk org)

Malware

Phishing

 

Vulnerebility

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67900

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67899

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/66492

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-06-16
http://www.securityfocus.com/bid/66779

Microsoft Internet Explorer CVE-2014-1776 Remote Code Execution Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67075

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67975

chkrootkit 'slapper()' Function Local Privilege Escalation Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67813

Microsoft Windows 'Windows Shell' Handler Local Privilege Escalation Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67276

Microsoft .NET Framework TypeFilterLevel CVE-2014-1806 Remote Privilege Escalation Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67286

AlienVault Multiple Security Vulnerabilities
2014-06-16
http://www.securityfocus.com/bid/68018

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67321

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67302

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67300

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-06-16
http://www.securityfocus.com/bid/67309

RETIRED: Linux Kernel 'n_tty.c' Memory Corruption Vulnerability
2014-06-16
http://www.securityfocus.com/bid/67282

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/66678

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/66543

Linux Kernel 'mac80211/sta_info.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/66591

Linux Kernel 'ip6_route_add()' Function Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/66095

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/65943

Linux Kernel CVE-2014-2039 Local Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/65700

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-06-16
http://www.securityfocus.com/bid/66279

Linux Kernel '/fs/cifs/file.c' Local Memory Corruption Vulnerability
2014-06-16
http://www.securityfocus.com/bid/65588

Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability
2014-06-16
http://www.securityfocus.com/bid/62044

Linux Kernel KVM 'kvm_set_irq()' Function Local Buffer Overflow Vulnerability
2014-06-16
http://www.securityfocus.com/bid/54063

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-06-16
http://www.securityfocus.com/bid/65459

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-16
http://www.securityfocus.com/bid/66363

Horde_Ldap Authentication Bypass Vulnerability
2014-06-16
http://www.securityfocus.com/bid/68014

Exploit

 

13.6.2014

Bugtraq

[security bulletin] HPSBUX03046 SSRT101590 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-13
security-alert hp com

AST-2014-006: Asterisk Manager User Unauthorized Shell Access 2014-06-12
Asterisk Security Team (security asterisk org)

CVE-2014-0228: Apache Hive Authorization vulnerability 2014-06-12
Thejas Nair (thejas hortonworks com)

[security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information 2014-06-12
security-alert hp com

AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions 2014-06-12
Asterisk Security Team (security asterisk org)

Malware

Generic PUP.x!4F1625E56C9B

Generic PUP.x!0198BF5519FE

Generic PUP.x!BA0593BA83E8

Generic PUP.x!171D190F2C4D

Generic PUP.x!7DA4C250F12A

Generic PUP.x!55E0AEB7BA42

Generic PUP.x!97BDACE8E7CD

Generic PUP.x!0EC8F4CB1FAB

Generic PUP.x!621E0719B7A5

Generic PUP.x!B65B10AC52BA

Generic PUP.x!35C2A3037941

Generic Downloader.x!D8D229A8DBA5

Generic PUP.x!0524DCBEA108

Generic PUP.x!080FAF320D0C

RDN/Generic.bfr!hi!47151F64FC74

Generic.tfr!CDE55C90FABA

Generic PUP.x!2EA9A94CFE76

Generic PUP.x!61F61748AA90

RDN/Generic.dx!dct!8E8A69E6EB99

Generic PUP.x!30F52F6C113F

RDN/Generic.bfr!CB88D6B1DCED

Generic PUP.x!45A22F141692

Generic PUP.z!DB70A042E285

Generic PUP.x!0185FBDF05AA

Generic.bfr!0B8A7331E835

Generic PUP.x!4215D1838140

Generic PUP.x!B16BB740F0FD

RDN/Generic BackDoor!AA03C9F4FB1C

RDN/Downloader.a!rh!535C9F1AA3DC

RDN/Generic.bfr!CEF77754A1B2

Phishing

 

Vulnerebility

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67899

MediaWiki 'Special:PasswordReset' Cross Site Scripting Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67787

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67302

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/66351

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67745

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-06-13
http://www.securityfocus.com/bid/67749

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67748

JSON-C 'printbuf' API CVE-2013-6370 Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/66720

JSON-C Weak Hash Function CVE-2013-6371 Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/66715

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-06-13
http://www.securityfocus.com/bid/66690

GnuTLS 'gnutls_x509_dn_oid_name()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67739

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67741

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67901

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-13
http://www.securityfocus.com/bid/66363

MediaWiki 'InfoAction.php' HTML Injection Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67068

MediaWiki Multiple Security Vulnerabilities
2014-06-13
http://www.securityfocus.com/bid/65003

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-06-13
http://www.securityfocus.com/bid/65223

Microsoft Internet Explorer CVE-2014-2772 Remote Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67857

Microsoft Internet Explorer CVE-2014-1797 Remote Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67890

Microsoft Internet Explorer CVE-2014-1800 Remote Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67831

Microsoft Internet Explorer CVE-2014-2758 Remote Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67843

Microsoft Internet Explorer CVE-2014-2757 Remote Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67842

Microsoft Internet Explorer CVE-2014-1799 Remote Memory Corruption Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67891

Microsoft Internet Explorer CVE-2014-1766 Remote Code Execution Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67518

HP Service Virtualization CVE-2013-6221 Unspecified Remote Code Execution Vulnerability
2014-06-13
http://www.securityfocus.com/bid/67989

Exploit

  ZTE and TP-Link RomPager - DoS Exploit

  Yealink VoIP Phone SIP-T38G - Default Credentials

  Yealink VoIP Phone SIP-T38G - Local File Inclusion

  Yealink VoIP Phone SIP-T38G - Remote Command Execution

  Yealink VoIP Phone SIP-T38G - Privileges Escalation

  IBM AIX 6.1.8 libodm - Arbitrary File Write

  Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit

  ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation

  PostgreSQL <= 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service Vulnerability

12.6.2014

Bugtraq

CVE-2014-3977 - Privilege Escalation in IBM AIX 2014-06-11
Portcullis Advisories (advisories portcullis-security com)

NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities 2014-06-11
\VMware Security Response Center\ (security vmware com)

[security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution 2014-06-10
security-alert hp com

[ MDVSA-2014:120 ] miniupnpc 2014-06-10
security mandriva com

[ MDVSA-2014:118 ] emacs 2014-06-10
security mandriva com

[ MDVSA-2014:121 ] libgadu 2014-06-10
security mandriva com

[ MDVSA-2014:119 ] mediawiki 2014-06-10
security mandriva com

Malware

Generic PUP.x!F93D22F0E33F

Generic PUP.x!7672ACD56EBE

Generic PUP.x!072D6D6054AC

Generic PUP.x!C2748F3EC2E7

Generic PUP.x!7FF5C943DA82

Generic PUP.x!4BCD152F7D0E

Generic PUP.x!4A6DCAC40FFC

Generic PUP.x!88BC09237709

Generic PUP.x!FEFC4E7AFB7B

Generic PUP.x!9BCA1F78621C

Generic PUP.x!85BD48782369

Generic PUP.x!522D40DCB069

Generic PUP.x!FC6F7A573369

Generic PUP.x!C80042A441AA

Generic PUP.x!DD92459A447B

Generic PUP.x!C411C1230619

RDN/Generic.dx!dcs!FD781559041C

Generic PUP.x!DBB008C9BE05

RDN/Generic Downloader.x!kj!DAC04D843D16

Generic PUP.x!C1D8CE5A57A9

RDN/Generic PUP.x!9787D6E4CEEA

Generic PUP.x!55492CEF3146

Generic PUP.x!8055B6FEE4B9

Generic PUP.x!DDCD2123DA43

RDN/Generic.bfr!C25B1F188E9D

Generic PUP.x!C1F1A46AC736

Generic PUP.x!C20EFFCDDF75

Generic PUP.x!225516523A47

Generic PUP.x!496EF6F5A803

Generic PUP.x!FAF3C3A40927

Phishing

PayPal

12th June 2014

PAYPAL ISSUE ; INFORMATIONS
REQUIRED

Vulnerebility

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67302

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66351

Mozilla Firefox CVE-2014-1542 Remote Buffer Overflow Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67968

Mozilla Firefox/Thunderbird CVE-2014-1536 Memory Corruption Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67966

Mozilla Firefox/Thunderbird CVE-2014-1537 Memory Corruption Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67971

Mozilla Firefox CVE-2014-1540 Memory Corruption Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67978

Mozilla Firefox/Thunderbird CVE-2014-1534 Multiple Memory Corruption Vulnerabilities
2014-06-12
http://www.securityfocus.com/bid/67964

Mozilla Firefox/Thunderbird CVE-2014-1541 Memory Corruption Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67979

Mozilla Firefox/Thunderbird CVE-2014-1538 Memory Corruption Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67976

Mozilla Firefox/Thunderbird CVE-2014-1533 Multiple Memory Corruption Vulnerabilities
2014-06-12
http://www.securityfocus.com/bid/67965

Linux Kernel CVE-2014-3940 Unspecified Security Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67786

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67394

QEMU Multiple Memory Corruption Vulnerabilities
2014-06-12
http://www.securityfocus.com/bid/67483

QEMU IDE SMART Out of Bounds Local Privilege Escalation Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66932

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67392

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66976

Cisco NX-OS Software HSRP Packet Parsing Denial of Service Vulnerability
2014-06-12
http://www.securityfocus.com/bid/67983

Jinja2 'jinja2.bccache.FileSystemBytecodeCache' Insecure File Permissions Vulnerability
2014-06-12
http://www.securityfocus.com/bid/64759

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66909

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-06-12
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-06-12
http://www.securityfocus.com/bid/66866

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2014-06-11
http://www.securityfocus.com/bid/62857

GnuPG CVE-2012-6085 Multiple Remote Memory Corruption Vulnerabilities
2014-06-11
http://www.securityfocus.com/bid/57102

GnuPG Key Flags Subpacket Security Bypass Vulnerability
2014-06-11
http://www.securityfocus.com/bid/62921

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67900

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66801

Exploit

  IBM AIX 6.1.8 libodm - Arbitrary File Write

  SHOUTcast DNAS 2.2.1 - Stored XSS

11.6.2014

Bugtraq

[ MDVSA-2014:110 ] curl 2014-06-10
security mandriva com

[ MDVSA-2014:112 ] python-django 2014-06-10
security mandriva com

[ MDVSA-2014:111 ] otrs 2014-06-10
security mandriva com

[slackware-security] php (SSA:2014-160-01) 2014-06-09
Slackware Security Team (security slackware com)

[ MDVSA-2014:108 ] gnutls 2014-06-09
security mandriva com

[ MDVSA-2014:109 ] gnutls 2014-06-09
security mandriva com

[ MDVSA-2014:107 ] libtasn1 2014-06-09
security mandriva com

[ MDVSA-2014:106 ] openssl 2014-06-09
security mandriva com

Malware

Generic PUP.x!111575284A48

Generic PUP.x!4F5F4A758BB8

Generic PUP.x!0F7CEEDFAA63

Generic PUP.x!64EEF4389131

RDN/Downloader.gen.a!2E7ADA774FD1

Generic PUP.x!1251462A26C1

Generic PUP.x!37C2EBF0D8F5

Generic PUP.x!0337F0A07839

Generic PUP.x!26F3718D140D

RDN/Generic BackDoor!yq!2EDB24D22CE8

RDN/Generic PUP.x!cfj!E292C00DED1D

Generic PUP.x!102BAE03B849

Generic PUP.x!05E8B7251755

Generic PUP.x!599A253690F2

Generic PUP.x!2F59A309CEC4

RDN/Generic PUP.x!cfj!115726B125F0

Generic PUP.x!9E69E93404B9

Generic PUP.x!0CDE94974D16

Generic PUP.x!7C916743B019

Generic Downloader.x!2393AE519CA7

Generic PUP.x!0722916ABE18

Generic PUP.x!0FEBB92C71C1

Generic PUP.x!05B95F218D4D

Generic PUP.x!025B8C3004F3

Generic PUP.x!4FC95EF53F79

Generic PUP.x!10915721DA17

RDN/Generic PUP.x!cfj!D5C321490E1B

Generic.bfr!007416AEAB61

RDN/Generic PUP.x!cfj!411CC75E3F2E

Generic PUP.x!11F9CFF0BC87

Phishing

 

Vulnerebility

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66351

Linux Kernel CVE-2014-1737 Function Local Privilege Escalation Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2014-1738 Local Privilege Escalation Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67302

Mozilla Firefox/Thunderbird CVE-2014-1541 Memory Corruption Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67979

Mozilla Firefox/Thunderbird CVE-2014-1538 Memory Corruption Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67976

Mozilla Firefox/Thunderbird CVE-2014-1533 Multiple Memory Corruption Vulnerabilities
2014-06-11
http://www.securityfocus.com/bid/67965

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67392

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67394

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66976

QEMU Multiple Memory Corruption Vulnerabilities
2014-06-11
http://www.securityfocus.com/bid/67483

QEMU IDE SMART Out of Bounds Local Privilege Escalation Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66932

libgadu CVE-2014-3775 Memory Corruption Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67471

MediaWiki 'Special:PasswordReset' Cross Site Scripting Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67787

GNU Emacs Multiple Insecure Temporary File Handling Vulnerabilities
2014-06-11
http://www.securityfocus.com/bid/67253

SAP System Landscape Directory Unauthorized Access Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67923

Multiple SAP Components Hardcoded Credentials Information Disclosure Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67920

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67899

Microsoft Internet Explorer CVE-2014-1770 Remote Code Execution Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67544

Microsoft Internet Explorer CVE-2014-1762 Remote Code Execution Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67511

Microsoft Internet Explorer CVE-2014-1766 Remote Code Execution Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67518

Microsoft Internet Explorer CVE-2014-1764 Remote Code Execution Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67295

Squid CVE-2014-0128 Remote Denial of Service Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66112

policycoreutils seunshare CVE-2014-3215 Local Privilege Escalation Vulnerability
2014-06-11
http://www.securityfocus.com/bid/67341

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66846

Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66850

Oracle MySQL Server CVE-2014-2432 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66875

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66896

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-06-11
http://www.securityfocus.com/bid/66835

Exploit

  ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability

10.6.2014

Bugtraq

DNN (DotNetNukeŽ) dnnUI_NewsArticlesSlider Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNukeŽ) responsivesidebar Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNukeŽ) eventscalendar Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNukeŽ) EasyDnnGallery Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNukeŽ) CodeEditor Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNukeŽ) ASPSlideshow Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

[security bulletin] HPSBMU03024 rev.3 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information 2014-06-09
security-alert hp com

[slackware-security] mozilla-firefox (SSA:2014-157-01) 2014-06-07
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!7C5A3325FCEC

Generic PUP.x!12F22DFC8AD1

Generic PUP.x!A6ADAE3F9CF3

Generic PUP.x!FE26847681A4

Generic PUP.x!ADE94005CD99

RDN/Generic.dx!dcq!DB63662E0BF9

RDN/Generic PUP.x!cfg!EB20AD8996A4

Generic PUP.x!7C0FD9937783

Generic PUP.x!19EE3BADE782

Generic.bfr!7F7577CBADA9

RDN/Generic PUP.x!C255F4C64905

Generic PUP.x!ADF7A4C54546

Generic PUP.x!384FE196A48A

RDN/Generic.bfr!4AF476E6A56E

Generic PUP.x!A25041135656

Generic PUP.x!5681B27945E9

RDN/Generic.bfr!4E6ED20147E7

Generic PUP.x!A6C4B816CEF3

Generic PUP.x!F4BC373E428E

RDN/Generic.bfr!hh!5B83ABA70043

RDN/Generic PUP.x!cfg!25EFDD87B095

Generic.bfr!57499CD3A0B4

Generic PUP.x!CFF5E95181F5

Generic PUP.x!F86BACEEEDF0

Generic PUP.x!79F5F0ADF99A

Generic-FAGW!E2E07755233B

Generic-FAGW!BC91A2D7E0BD

Generic PUP.x!7DE260264754

Generic PUP.x!769F8329AE60

Generic PUP.x!81E4AA889B2F

Phishing

BT

9th June 2014

BT Planned Software Uprade

CService@btinternet.com DnGMod

8th June 2014

CASE BT-0225-199852

Vulnerebility

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67121

Cisco Wireless LAN Controller CVE-2014-3291 Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67926

Cisco AsyncOS Software CVE-2014-3289 Cross Site Scripting Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67943

GnuTLS 'gnutls_x509_dn_oid_name()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67739

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67741

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67900

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67899

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67745

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67748

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-06-10
http://www.securityfocus.com/bid/67749

Dovecot Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67306

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67233

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-06-10
http://www.securityfocus.com/bid/66690

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/67193

RubyGems i18n Cross Site Scripting Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64076

Ruby on Rails CVE-2013-6416 Cross Site Scripting Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64071

Ruby on Rails 'NumberHelper' Module Multiple Cross Site Scripting Vulnerabilities
2014-06-10
http://www.securityfocus.com/bid/65647

RubyGems Action Mailer CVE-2013-4389 Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/63179

Ruby on Rails 'number_to_currency' Helper Cross Site Scripting Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64077

RubyGems actionpack CVE-2013-6414 Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64074

SUSE Studio CVE-2013-3712 Unspecified Security Vulnerability
2014-06-10
http://www.securityfocus.com/bid/65782

Ruby on Rails CVE-2014-0082 Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/65604

will_paginate Ruby Gem unspecified Cross Site Scripting Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64509

Samba SAMR Server Password Lockout Bypass Information Disclosure Weakness
2014-06-10
http://www.securityfocus.com/bid/66336

Samba CVE-2013-4124 Local Denial of Service Vulnerability
2014-06-10
http://www.securityfocus.com/bid/61597

Samba 'dcerpc_read_ncacn_packet_done()' Function Heap Buffer Overflow Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64191

Samba SWAT Cross Site Request Forgery and Clickjacking Vulnerabilities
2014-06-10
http://www.securityfocus.com/bid/57631

Samba 'pam_winbind' Configuration File Security Bypass Vulnerability
2014-06-10
http://www.securityfocus.com/bid/64101

Exploit

  eFront 3.6.14.4 (surname param) - Persistent XSS Vulnerability

  WebTitan 4.01 (Build 68) - Multiple Vulnerabilities

  DevExpress ASPxFileManager 10.2 to 13.2.8 - Directory Traversal

9.6.2014

Bugtraq

[Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components 2014-06-06
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-020] SAP SLD Information Tampering 2014-06-06
Onapsis Research Labs (research onapsis com)

[slackware-security] openssl (SSA:2014-156-03) 2014-06-06
Slackware Security Team (security slackware com)

[slackware-security] sendmail (SSA:2014-156-04) 2014-06-06
Slackware Security Team (security slackware com)

SEC Consult SA-20140606-0 :: Multiple critical vulnerabilities in WebTitan 2014-06-06
SEC Consult Vulnerability Lab (research sec-consult com)

[slackware-security] gnutls (SSA:2014-156-01) 2014-06-06
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!D80B3F6AD766

RDN/Generic PUP.x!cfd!0F50C95951F4

RDN/Generic PUP.x!cfd!F1E914B0CFDD

Generic PUP.x!C05435681930

RDN/Generic PUP.x!cfd!6E51A1FC88E1

Generic PUP.x!F6DB70E195FB

Generic PUP.x!D5609B0651BB

RDN/Generic.dx!dcp!F9391C1B5D90

Generic PUP.x!D35AEF182A39

RDN/Generic PUP.x!52FF5F06C734

RDN/Generic PUP.x!cfd!B8F87A78A83C

Generic PUP.x!F8681B881486

Generic PUP.x!9CEB91358F94

RDN/Generic PUP.x!FC6155B85663

Generic PUP.x!3D72D657DFE3

Generic PUP.x!DA00B9E4D148

Generic PUP.x!4D422777C91C

Generic PUP.x!5468D5696DCE

RDN/Generic PUP.x!cfd!464EB9F883EF

Generic PUP.x!09877B7FEF30

RDN/Generic PUP.x!cfd!862E808D6D86

Generic Downloader.x!9B43100FE244

RDN/Generic PUP.x!F8306E03A4D0

RDN/Generic PUP.x!cfd!0C7475760A6A

Generic Downloader.x!BF52BDC92BF3

RDN/Generic PUP.x!cfd!099EB89A8407

Generic PUP.x!C5F5D26E76B1

RDN/Generic PUP.x!cfd!6C92A726D4C7

Generic PUP.x!391509E22613

Generic Downloader.x!BB6CE32DA5E4

Phishing

CService@btinternet.com DnGMod

8th June 2014

CASE BT-0225-199852

Paypal

7th June 2014

YOUR PAYPAL HAS BEEN LIMITED

BT

7th June 2014

Update For June 2014

Vulnerebility

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67898

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-06-09
http://www.securityfocus.com/bid/66690

dpkg Source Package Header Line Processing Local Directory Traversal Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67725

dpkg Source Package Index: pseudo-header Processing Multiple Local Directory Traversal Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67727

Linux Kernel CVE-2014-3153 Local Privilege Escalation Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67906

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67899

OpenSSL ECC Private Key Information Disclosure Vulnerability
2014-06-09
http://www.securityfocus.com/bid/50882

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67900

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67741

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67121

echoping CVE-2010-5111 Multiple Remote Buffer Overflow Vulnerabilities
2014-06-09
http://www.securityfocus.com/bid/45394

Mumble CVE-2014-0044 Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/65369

Mumble CVE-2014-3756 Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67401

Mumble CVE-2014-3755 Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67400

Mumble CVE-2014-0045 Heap Based Buffer Overflow Vulnerability
2014-06-09
http://www.securityfocus.com/bid/65374

EMC Documentum Content Server CVE-2014-2507 Shell Command Injection Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67916

EMC Documentum Content Server Remote Privilege Escalation Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67917

libfep Local Privilege Escalation Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67903

Linux Kernel CVE-2014-2568 Information Disclosure Vulnerability
2014-06-09
http://www.securityfocus.com/bid/66348

Linux Kernel 'mlock_vma_page()' Function Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67162

Linux Kernel 'get_rx_bufs()' Function Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/66441

Linux Kernel 'ipc_rcu_putref()' Function Local Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/63445

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/64781

Linux Kernel CVE-2013-4470 Multiple Local Memory Corruption Vulnerabilities
2014-06-09
http://www.securityfocus.com/bid/63359

Linux Kernel CVE-2013-4387 Memory Corruption Vulnerability
2014-06-09
http://www.securityfocus.com/bid/62696

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-06-09
http://www.securityfocus.com/bid/66914

FreeBSD CVE-2014-3000 Remote Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/67153

FreeBSD CVE-2014-1453 Remote Denial of Service Vulnerability
2014-06-09
http://www.securityfocus.com/bid/66726

MuPDF 'xps_parse_color()' Function Stack Buffer Overflow Vulnerability
2014-06-09
http://www.securityfocus.com/bid/65036

Exploit

  Wordpress Theme Elegance - Post Local File Disclosure

  Wordpress Theme Infocus - Post Local File Disclosure

6.6.2014

Bugtraq

[security bulletin] HPSBMU03029 rev.2 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information 2014-06-05
security-alert hp com

Details for CVE-2014-0220 2014-06-05
tucu cloudera com

Malware

RDN/Generic PUP.x!c2y!EB5FAA71EF8C

RDN/Generic PUP.x!7600A1238FA6

RDN/Generic.tfr!ea!386341CF2D89

RDN/Generic PUP.x!c2y!F2EFB045DFE3

Generic PUP.x!76EFE6939698

Generic PUP.x!F52A87CCFA47

Generic PWS.y!7D9CAC5560F5

Generic.dx!EB45BC2DF903

RDN/Generic PUP.x!c2y!E9F01E0DADC3

RDN/Generic PUP.x!c2y!EB75D283D4E9

Generic PUP.x!3A20000D22A6

RDN/Generic.bfr!hf!A23E1F7B3455

RDN/Generic PUP.x!c2y!EA7D762016AB

Generic.dx!00B4A0A43678

RDN/Generic PUP.x!c2y!EA09FC0416CE

Generic.bfr!F77A91B7716C

Generic PUP.x!1D2D93E46AEB

Generic PUP.x!32234E455B90

Generic PUP.x!27CF59080F8E

RDN/Generic PUP.x!c2y!EA1B0CA3E1CD

RDN/Generic.bfr!hf!C95D10A92F7D

Generic.tfr!DD170D0A79E1

Generic PUP.x!7D7B75252EE7

Generic PUP.x!170768B54CBC

Generic.tfr!A308180AD4EF

RDN/Generic PUP.x!c2y!EA0A83B2F5F1

Generic PUP.x!B78AF7551054

Generic.tfr!480709465CA4

Generic.tfr!63D42A974ED6

Generic PUP.x!EAACDFCCA9CE

Phishing

 

Vulnerebility

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67193

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-06-06
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-06
http://www.securityfocus.com/bid/66363

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-06-06
http://www.securityfocus.com/bid/67309

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67321

DIR-505 and DIR-505L Stack Buffer Overflow Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67651

Drupal Addressfield Tokens Module HTML Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67545

CoSoSys Endpoint Protector Multiple Security Vulnerabilities
2014-06-06
http://www.securityfocus.com/bid/67565

Glossaire Module for XOOPS '/modules/glossaire/glossaire-aff.php' SQL Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67460

PHP-Nuke 'Submit_News' Component SQL Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67656

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-06-06
http://www.securityfocus.com/bid/66397

TYPO3 Unspecified PHP Object Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67630

TYPO3 HTTP Host Header Spoofing Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67626

Multiple F5 BIG-IP and Enterprise Manager 'list.jsp' Multiple Cross Site Scripting Vulnerabilities
2014-06-06
http://www.securityfocus.com/bid/67771

TYPO3 Extbase Framework Information Disclosure Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67624

TYPO3 Authentication Subcomponent Security Bypass Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67627

TYPO3 Session Hijacking Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67629

TYPO3 Backend Subcomponent Unspecified Cross Site Scripting Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67625

Mutt Mailreader 'mutt_copy_hdr()' Function Heap Based Buffer Overflow Vulnerability
2014-06-06
http://www.securityfocus.com/bid/66165

SystemTap DWARF Expression Local Denial of Service Vulnerability
2014-06-06
http://www.securityfocus.com/bid/52121

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-06-06
http://www.securityfocus.com/bid/66678

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-06-06
http://www.securityfocus.com/bid/66279

X.Org X Server CVE-2013-6424 Local Denial of Service Vulnerability
2014-06-06
http://www.securityfocus.com/bid/64127

X.Org X11 CVE-2013-1940 Local Information Disclosure Vulnerability
2014-06-06
http://www.securityfocus.com/bid/59282

python-gnupg CVE-2014-1928 Incomplete Fix Unspecified Remote Command Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/65548

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2014-06-06
http://www.securityfocus.com/bid/62892

Python-gnupg CVE-2014-1929 Remote Command Execution Vulnerability
2014-06-06
http://www.securityfocus.com/bid/65539

python-gnupg CVE-2014-1927 Incomplete Fix Unspecified Remote Command Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/65546

python-gnupg CVE-2013-7323 Unspecified Remote Command Injection Vulnerability
2014-06-06
http://www.securityfocus.com/bid/65540

Python Bottle JSON 'content-type' Parsing Security Bypass Vulnerability
2014-06-06
http://www.securityfocus.com/bid/67711

Exploit

  Madness Pro <= 1.14 - Persistent XSS

  Madness Pro <= 1.14 - SQL Injection

5.6.2014

Bugtraq

multiple Vulnerability in "WahmShoppes eStore" 2014-06-05
cseye_ut yahoo com

FreeBSD Security Advisory FreeBSD-SA-14:14.openssl 2014-06-05
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 2949-1] linux security update 2014-06-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2950-1] openssl security update 2014-06-05
Moritz Muehlenhoff (jmm debian org)

[RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager 2014-06-05
RedTeam Pentesting GmbH (release redteam-pentesting de)

[security bulletin] HPSBMU03033 rev.3 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information 2014-06-04
security-alert hp com

[SECURITY] [DSA 2946-1] python-gnupg security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2948-1] python-bottle security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2947-1] libav security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)

ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability 2014-06-04
Security Alert (Security_Alert emc com)

Malware

RDN/Generic PWS.y!9C1F2B1B1648

RDN/Generic PUP.x!c2w!87C59D9E1472

RDN/Generic PWS.y!zu!13FEFBC65F7A

Generic PUP.x!2CA377AEF0D6

RDN/Generic.bfr!E693324ABD1F

RDN/FakeAV-N.bfr!d!160827D79093

Generic PUP.x!AA6BBA23F5A5

Generic PUP.x!9AF572CE6AB3

RDN/Generic.bfr!8776C0B44E4B

Generic PUP.x!09A1ECDB9A9D

Generic PUP.x!7DCF086C5064

Generic PUP.x!E697361019C0

Generic PUP.x!BDF57308CE55

Generic PUP.x!3C44A5571661

RDN/Generic PUP.x!c2w!D4DBC992B9DD

Generic PUP.x!B572D60E1FA1

Generic PUP.x!13D1B2CA15FB

Generic PUP.x!8C08D99CF5EB

RDN/Generic.bfr!hh!06D7859350FA

Generic PUP.x!4162735CA253

RDN/Downloader.a!rf!FC13041FD272

Generic PUP.x!0DBB857D2324

RDN/Generic.tfr!ea!D43FA5992107

Generic PUP.x!2C06409A68F5

Generic PUP.x!0BC934A0B5D1

Generic.bfr!E76D5AAD07D1

Generic PUP.x!4B5A138366C9

RDN/Generic Downloader.x!ki!066132901776

Generic PUP.x!5D5A0E147C22

Generic PUP.x!0CD56578BE2E

Phishing

Barclays

5th June 2014

For security purposes, your
online account has been
locked.

NatWest

4th June 2014

Access to Online Banking
Service !

Vulnerebility

Mutt Mailreader 'mutt_copy_hdr()' Function Heap Based Buffer Overflow Vulnerability
2014-06-05
http://www.securityfocus.com/bid/66165

SystemTap DWARF Expression Local Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/52121

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/66678

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-06-05
http://www.securityfocus.com/bid/66279

X.Org X Server CVE-2013-6424 Local Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/64127

X.Org X11 CVE-2013-1940 Local Information Disclosure Vulnerability
2014-06-05
http://www.securityfocus.com/bid/59282

python-gnupg CVE-2014-1928 Incomplete Fix Unspecified Remote Command Injection Vulnerability
2014-06-05
http://www.securityfocus.com/bid/65548

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2014-06-05
http://www.securityfocus.com/bid/62892

Python-gnupg CVE-2014-1929 Remote Command Execution Vulnerability
2014-06-05
http://www.securityfocus.com/bid/65539

python-gnupg CVE-2014-1927 Incomplete Fix Unspecified Remote Command Injection Vulnerability
2014-06-05
http://www.securityfocus.com/bid/65546

python-gnupg CVE-2013-7323 Unspecified Remote Command Injection Vulnerability
2014-06-05
http://www.securityfocus.com/bid/65540

Python Bottle JSON 'content-type' Parsing Security Bypass Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67711

chkrootkit 'slapper()' Function Local Privilege Escalation Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67813

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-06-05
http://www.securityfocus.com/bid/66397

Xen 'HVM MSI injection' CVE-2014-3967 Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67794

PulseAudio 'pa_rtp_recv()' Function Remote Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67814

SAP CCMS Agent Code Injection Vulnerability
2014-06-05
http://www.securityfocus.com/bid/58181

F-Secure Multiple Products ActiveX Remote Code Execution Vulnerability
2014-06-05
http://www.securityfocus.com/bid/59443

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-06-05
http://www.securityfocus.com/bid/66690

MediaWiki 'Special:PasswordReset' Cross Site Scripting Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67787

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-06-05
http://www.securityfocus.com/bid/66363

Sendmail File Descriptor Security Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67791

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67748

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67745

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-06-05
http://www.securityfocus.com/bid/67749

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67741

Squid CVE-2014-0128 Remote Denial of Service Vulnerability
2014-06-05
http://www.securityfocus.com/bid/66112

GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
2014-06-05
http://www.securityfocus.com/bid/52668

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-06-05
http://www.securityfocus.com/bid/67667

Daktronics Vanguard Hardcoded Credentials Information Disclosure Vulnerability
2014-06-04
http://www.securityfocus.com/bid/67828

Exploit

 

4.6.2014

Bugtraq

 

Malware

Generic PUP.x!AAE8957666BD

Generic PUP.x!D541D667CF68

Generic PUP.x!47F3B3A343CA

RDN/Generic PUP.x!c2u!6626FEBC0A28

RDN/PWS-Mmorpg!lc!199F51629939

RDN/Generic PUP.x!c2u!9774AD7E768F

Generic PUP.x!20177D5E8A85

Generic PUP.x!2955127D41D3

RDN/Generic PUP.x!c2u!5D58ECC527CD

Generic PUP.x!2B93E5B30B37

Generic.bfr!D4D1287CD744

RDN/Generic PUP.x!c2u!C8DC32918F57

Generic PUP.x!85D888B8F3D4

RDN/Generic.dx!dcn!1104216282F2

Generic PUP.x!27105BD056C4

Generic PUP.x!2A8832560725

Generic PUP.x!285FD908C7B9

Generic PUP.x!1A1D087D1B8C

Generic PUP.x!1FA6488261F0

Generic PUP.x!2A085ED290E8

Generic PWS.y!D2AEF481312A

Generic PUP.x!67434C542DEB

Downloader.gen.a!72BC09BEE4DC

Generic PUP.x!4819D84E392C

RDN/Spybot.bfr!8A53BE91A8E7

Generic PUP.x!E99CA192D78D

RDN/Generic.dx!dcn!1193EB2925E5

RDN/Generic PUP.x!c2u!AD3A4D2C8337

RDN/Generic.bfr!hh!BFEA75D7ED1D

RDN/Generic.bfr!hh!250CEB1E740D

Phishing

Apple

4th June 2014

YOUR APPLE ITUNES ACCOUNT HAS
BEEN LIMITED

NatWest

3rd June 2014

Access to Online Banking
Service.

Vulnerebility

GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
2014-06-04
http://www.securityfocus.com/bid/67745

GNU Libtasn1 'asn1_read_value_type()' Function Denial of Service Vulnerability
2014-06-04
http://www.securityfocus.com/bid/67748

GNU Libtasn1 CVE-2014-3467 Multiple Denial of Service Vulnerabilities
2014-06-04
http://www.securityfocus.com/bid/67749

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-04
http://www.securityfocus.com/bid/67741

Squid CVE-2014-0128 Remote Denial of Service Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66112

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/60627

IBM DB2 and DB2 Connect CVE-2013-6717 Remote Denial of Service Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64336

Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67617

Apache Struts 'CookieInterceptor' Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67218

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67121

RETIRED: Linux Kernel CVE-2014-0691 Local Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67543

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1518 Multiple Memory Corruption Vulnerabilities
2014-06-03
http://www.securityfocus.com/bid/67123

Mozilla Firefox and SeaMonkey CVE-2014-1522 Out of Bounds Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67127

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66356

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66903

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1529 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67135

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64493

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1532 Use After Free Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67130

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1531 Use After Free Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67134

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1530 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67137

Mozilla Firefox CVE-2014-1520 Local Privilege Escalation Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67126

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1519 Multiple Memory Corruption Vulnerabilities
2014-06-03
http://www.securityfocus.com/bid/67125

Mozilla Firefox and SeaMonkey CVE-2014-1525 Use After Free Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67136

Mozilla Firefox and Seamonkey CVE-2014-1526 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67132

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1524 Remote Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67131

Mozilla Firefox/SeaMonkey CVE-2014-1528 Out of Bounds Memory Corruption Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67133

Linux Kernel 'tcp_rcv_state_process()' Function Denial of Service Vulnerability
2014-06-03
http://www.securityfocus.com/bid/65654

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-06-03
http://www.securityfocus.com/bid/66303

Exploit

 

3.6.2014

Bugtraq

iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability 2014-06-03
Vulnerability Lab (admin vulnerability-lab com)

Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

TigerCom My Assistant v1.1 iOS - File Include Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

AllReader v1.0 iOS - Multiple Web Vulnerabilities 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

Files Desk Pro v1.4 iOS - File Include Web Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

NG WifiTransfer Pro 1.1 - File Include Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues 2014-06-03
advisories (advisories lsexperts de)

CVE-2013-6825 DCMTK Root Privilege escalation 2014-06-02
Hector Marco (hecmargi upv es)

FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS) 2014-06-02
Robin Bailey (Robin Bailey dionach com)

VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass (Pwn2Own) 2014-06-02
VUPEN Security Research (advisories vupen com)

[FD] CVE-2013-6876 s3dvt Root shell 2014-06-02
Hector Marco (hecmargi upv es)

ESA-2014-032: RSAŽ Adaptive Authentication (Hosted) DOM Cross-Site Scripting Vulnerability 2014-06-02
Security Alert (Security_Alert emc com)

CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" 2014-06-01
Christian Schneider (mail Christian-Schneider net)

CVE-2014-2233 - "Server-Side Request Forgery" (CWE-918) vulnerability in "infoware MapSuite" 2014-06-01
Christian Schneider (mail Christian-Schneider net)

CVE-2014-2232 - "Absolute Path Traversal" (CWE-36) vulnerability in "infoware MapSuite" 2014-06-01
Christian Schneider (mail Christian-Schneider net)

CVE-2014-1226 s3dvt Root shell (still) 2014-06-02
Hector Marco (hecmargi upv es)

[SECURITY] [DSA 2942-1] typo3-src security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2944-1] gnutls26 security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[slackware-security] mariadb (SSA:2014-152-01) 2014-06-01
Slackware Security Team (security slackware com)

Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress 2014-06-01
Yarubo Internet Security Scan (no-reply yarubo com)

[SECURITY] [DSA 2941-1] lxml security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2943-1] php5 security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2939-1] chromium-browser security update 2014-05-31
Michael Gilbert (mgilbert debian org)

Malware

Generic PUP.x!D5E0C6072B90

Generic PUP.x!30C01ED0E752

Generic PUP.x!A13A89F8DD4C

Generic PUP.x!40FF02EC873F

CryptInno!802EB529CFF2

Generic PUP.x!A8C5DA3113A5

CryptInno!809A7EC333CA

Generic PUP.x!04B028E481A6

RDN/Generic PUP.x!c2t!B9ED56936303

RDN/Spybot.bfr!743083F1D483

Generic PUP.x!03908C72AEB8

RDN/Generic PUP.x!214E7B9D27B3

Generic PUP.x!1BF43F7C82B2

Generic PUP.x!D077D267F39F

Generic PUP.x!5F0BB90DECFB

Generic.dx!9BC2DF2204C6

Generic PUP.x!E4581479CCFF

Generic PUP.x!43E29B009CF2

Generic Downloader.x!97695520F876

Generic PUP.x!B1A73FB7DD2C

Generic Downloader.x!B12557644E02

Generic PUP.x!397227FE0799

Generic PUP.x!625C37A9A2FB

RDN/Generic PUP.x!B9217C35E968

Generic PUP.x!183A2858F123

RDN/Generic Dropper!D021E091B859

Generic PUP.x!3E5A168C779E

Generic PUP.x!571A39DB4F36

Generic PUP.x!109DEA995E6D

Generic PUP.x!4DB67AA6F5A5

Phishing

Sainsburysbank.co.uk

3rd June 2014

LOCKED OUT OF SAINSBURY’S
ONLINE BANKING

Apple Europe

2nd June 2014

APPLE STORE PURCHASE
CONFIRMATION.

Vulnerebility

Apache Struts 'CookieInterceptor' Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67218

Apache Struts 'getClass()' Method Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67081

Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67064

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/65999

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66457

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64914

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-06-03
http://www.securityfocus.com/bid/66279

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67121

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-06-03
http://www.securityfocus.com/bid/66678

Linux Kernel AACRAID Driver Compat IOCTL Local Security Bypass Vulnerability
2014-06-03
http://www.securityfocus.com/bid/63888

IBM Security Access Manager for Web CVE-2014-0963 Remote Denial of Service Vulnerability
2014-06-03
http://www.securityfocus.com/bid/67238

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64928

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64907

Oracle Java SE CVE-2013-5888 Local Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64925

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64912

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64916

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64920

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64882

Oracle Java SE CVE-2013-5889 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64931

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-06-03
http://www.securityfocus.com/bid/64919

Exploit

     Wordpress Participants Database 1.5.4.8 - SQL Injection

  dbus-glib pam_fprintd - Local Root Exploit

  PHPBTTracker+ 2.2 - SQL Injection

  NG WifiTransfer Pro 1.1 - Local File Inclusion

  Files Desk Pro v1.4 iOS - Local File Inclusion

  Privacy Pro v1.2 HZ iOS - Local File Inclusion

  TigerCom My Assistant 1.1 iOS - Local File Inclusion

  AllReader 1.0 iOS - Multiple Vulnerabilities

  Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities

2.6.2014

Bugtraq

 

Malware

W32/Virus.gen!1DF570344FE4

Generic PUP.x!191734D6FAC7

Generic PUP.x!A1FFD41C222A

Generic PUP.x!E9B17414975B

Generic PUP.x!9FDADB0C7140

Generic PUP.x!EE9B03D7C7CB

Generic PUP.x!832058952004

Generic BackDoor!3313FA31AA71

Generic PUP.x!8793A2923140

Generic PUP.x!64B4C3ECD18E

Generic PUP.x!E12DA6D82DF1

Generic PUP.x!0F797399567C

Generic PUP.x!302BADDE926F

Generic PUP.x!8DD4F7A9F18C

Generic PUP.x!561EB04C21CB

Generic PUP.x!A00EE0E4AB23

Generic.dx!482D14CE2CC7

Generic PUP.x!E826B86E2A70

Generic PUP.x!7ED2ED8AD089

Generic PUP.x!108CA96A4DF9

Generic PUP.x!36AC110255BE

Generic PUP.x!06F6F4A4EF15

Generic PUP.x!0D351CE92788

Generic PUP.x!D08B9049E708

Generic.bfr!80FE41CA6CEA

Generic PUP.x!FF0A8477F1B5

Generic PUP.x!303CE7D61662

Generic PUP.x!9FDA1D6C6789

Generic PUP.x!DBF739FCB26B

Generic PUP.x!5E27C42520C3

Phishing

Sainsburysbank.co.uk

2nd June 2014

LOCKED OUT OF SAINSBURY’S
ONLINE BANKING

PayPal

2nd June 2014

PAYPAL ISSUE ; INFORMATIONS
REQUIRED

Sainsburysbank.co.uk

1st June 2014

LOCKED OUT OF SAINSBURY’S
ONLINE BANKING

PayPal

1st June 2014

PAYPAL ISSUE ; INFORMATIONS
REQUIRED

Vulnerebility

IBM WebSphere Application Server CVE-2014-0964 Denial of Service Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67322

Apache Struts 'CookieInterceptor' Security Bypass Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67218

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67121

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-06-02
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-06-02
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-06-02
http://www.securityfocus.com/bid/64914

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-06-02
http://www.securityfocus.com/bid/65767

dbus-glib CVE-2013-0292 Local Privilege Escalation Vulnerability
2014-06-02
http://www.securityfocus.com/bid/57985

Linux Kernel CVE-2013-2094 Local Privilege Escalation Vulnerability
2014-06-02
http://www.securityfocus.com/bid/59846

Cisco Unified Web and E-Mail Interaction Manager XML External Entity Injection Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67458

Fail2ban Multiple Denial of Service Vulnerabilities
2014-06-02
http://www.securityfocus.com/bid/60467

Fail2ban Postfix Filter Remote Denial of Service Vulnerability
2014-06-02
http://www.securityfocus.com/bid/65184

'libarchive' Multiple Remote Vulnerabilities
2014-06-02
http://www.securityfocus.com/bid/47737

libarchive 'archive_write_zip_data()' Function Local Denial of Service Vulnerability
2014-06-02
http://www.securityfocus.com/bid/58926

libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Variable Local Privilege Escalation Vulnerability
2014-06-02
http://www.securityfocus.com/bid/55517

GnuTLS 'gnutls_handshake.c' Memory Corruption Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67741

PHP FPM 'php-fpm.conf.in' Local Privilege Escalation Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67118

PHP Fileinfo Component Out of Bounds Memory Corruption Vulnerability
2014-06-02
http://www.securityfocus.com/bid/66002

lxml 'clean_html' Function Security Bypass Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67159

Google Chrome 35.0.1916.114 Multiple Security Vulnerabilities
2014-06-02
http://www.securityfocus.com/bid/67517

Moodle CVE-2014-0218 Cross Site Scripting Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67479

Moodle CVE-2014-0215 Remote Information Disclosure Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67476

Moodle CVE-2014-0213 Cross Site Request Forgery Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67477

Moodle MoodleMobile Token Expiry Security Bypass Weakness
2014-06-02
http://www.securityfocus.com/bid/67478

Moodle CVE-2014-0216 Unauthorized Access Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67475

Moodle courses Remote Information Disclosure Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67480

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1518 Multiple Memory Corruption Vulnerabilities
2014-06-02
http://www.securityfocus.com/bid/67123

Dojo Versions Prior to 1.4.2 Multiple Cross Site Scripting Vulnerabilities
2014-06-02
http://www.securityfocus.com/bid/38739

Mumble CVE-2014-0045 Heap Based Buffer Overflow Vulnerability
2014-06-02
http://www.securityfocus.com/bid/65374

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1524 Remote Memory Corruption Vulnerability
2014-06-02
http://www.securityfocus.com/bid/67131

Exploit

Easy File Management Web Server v5.3 - UserID Remote Buffer Overflow (ROP)

31.5.2014

Bugtraq

Google Compute Engine Multiple DOS Vulnerabilities 2014-05-30
Scott T. Cameron (routehero gmail com)

Google Compute Engine - Lateral Compromise 2014-05-30
Scott T. Cameron (routehero gmail com)

Malware

Generic PUP.x!83FF61379B73

RDN/Generic BackDoor!yn!4A11329D913C

Generic BackDoor!7A43FD6A0317

Generic PUP.x!23E64623AA33

Generic PUP.x!07E5DC888F0C

Generic PUP.x!2F5449BCD908

Generic.dx!AAE51DBB4D9D

Generic PUP.x!7C19EEBA8334

RDN/Generic Downloader.x!ki!688116E11209

RDN/Generic PWS.y!zt!349C5C9B097C

Generic.bfr!089A9547DF4D

RDN/Generic.bfr!5F82042E369C

RDN/Generic.bfr!63FC38E32EAD

Generic PUP.x!5ABAE9D4B892

Generic PUP.x!001AD2BA1CCB

Generic.bfr!E181A55D167B

Generic PUP.x!B5D13B322CCB

Generic PUP.x!4A486AB6D291

RDN/Generic PWS.y!49E3C93399D4

Generic PUP.x!7D09E5CEFB3A

Generic PUP.x!4B4B9C276CA1

Generic PUP.x!9E7A6D6F36FE

Generic PUP.x!AD5345A0382E

Generic PUP.x!9A701495049E

Generic PUP.x!5834EBF3BD46

Generic PUP.x!0A03140D2BC6

Generic PUP.x!94676B95C989

RDN/Generic PUP.x!457639667636

Generic.bfr!7DF5DCB0C870

FakeAV-N.bfr!58E5E20F5CB5

Phishing

 

Vulnerebility

Moodle CVE-2014-0218 Cross Site Scripting Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67479

Moodle CVE-2014-0215 Remote Information Disclosure Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67476

Moodle CVE-2014-0213 Cross Site Request Forgery Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67477

Moodle MoodleMobile Token Expiry Security Bypass Weakness
2014-05-31
http://www.securityfocus.com/bid/67478

Moodle CVE-2014-0216 Unauthorized Access Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67475

Moodle courses Remote Information Disclosure Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67480

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1518 Multiple Memory Corruption Vulnerabilities
2014-05-31
http://www.securityfocus.com/bid/67123

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-05-31
http://www.securityfocus.com/bid/64918

Dojo Versions Prior to 1.4.2 Multiple Cross Site Scripting Vulnerabilities
2014-05-31
http://www.securityfocus.com/bid/38739

Mumble CVE-2014-0045 Heap Based Buffer Overflow Vulnerability
2014-05-31
http://www.securityfocus.com/bid/65374

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1524 Remote Memory Corruption Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67131

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-05-31
http://www.securityfocus.com/bid/66356

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1529 Security Bypass Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67135

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1523 Out of Bounds Denial of Service Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67129

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1531 Use After Free Memory Corruption Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67134

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1530 Security Bypass Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67137

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1532 Use After Free Memory Corruption Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67130

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67121

Cumin CVE-2013-6445 Password Hash Algorithm Security Weakness
2014-05-31
http://www.securityfocus.com/bid/67733

Ruby on Rails 'implicit render' Functionality Directory Traversal Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67244

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-05-31
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-05-31
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-05-31
http://www.securityfocus.com/bid/66881

Joomla! Youtube Gallery Component 'flvthumbnail.php' Cross-Site Scripting Vulnerability
2014-05-31
http://www.securityfocus.com/bid/66245

PCMan's FTP Server 'USER' Command Buffer Overflow Vulnerability
2014-05-31
http://www.securityfocus.com/bid/60837

libgadu CVE-2014-3775 Memory Corruption Vulnerability
2014-05-31
http://www.securityfocus.com/bid/67471

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-05-31
http://www.securityfocus.com/bid/65188

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-05-31
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-05-31
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-05-31
http://www.securityfocus.com/bid/64935

Exploit

  Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit   

   ElasticSearch Dynamic Script Arbitrary Java Execution

  Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero

30.5.2014

Bugtraq

Mybb Sendthread Page Denial of Service Vulnerability 2014-05-29
iedb team gmail com

OpenCart 1.5.6.4 Directory Traversal Vulnerability 2014-05-29
iedb team gmail com

Defense in depth -- the Microsoft way (part 15): unquoted arguments in 120 (of 462) command lines 2014-05-28
Stefan Kanthak (stefan kanthak nexgo de)

[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script 2014-05-28
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script 2014-05-28
RedTeam Pentesting GmbH (release redteam-pentesting de)

Multiple vulnerabilities in Sharetronix 2014-05-28
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic Dropper!un!12F9D56754B2

Generic PUP.x!18F0A2DA27FD

Generic PUP.x!F9D12A1E03B2

RDN/Generic Downloader.x!ki!EEB108329182

FakeAV-N.bfr!EC3B0D5CEABA

Generic PUP.x!30FF6135E193

Generic PUP.x!103DD23C805F

RDN/Generic PUP.x!2A19A7E5C8D2

RDN/Generic.dx!5BAE6013A2D1

Generic PUP.x!7564A95AC3CE

Generic PUP.x!6AE3FE1AE44F

Generic PUP.x!BF4738DB8E7F

RDN/Generic PUP.x!978E91A686C9

W32/Spybot.bfr!0F122DDB9AD7

Generic PUP.x!8CE7B92AA0FB

RDN/Generic Downloader.x!ki!4369EDD8D776

RDN/Generic.bfr!hh!FECD3B62B663

RDN/Generic BackDoor!yn!28D9096A563B

RDN/Generic BackDoor!yn!EDF03E0CCC4F

RDN/Generic PUP.x!c2o!D1BBE83FC935

RDN/Generic PUP.x!c2o!F7CA7415471B

RDN/Generic BackDoor!F9C711C918B9

Generic PUP.x!22DA11B38296

Generic PUP.x!938CB624D92C

Generic.tfr!23087CD83CA2

Generic PUP.x!7BF6439D78ED

RDN/Generic.tfr!ea!E6B259491C63

RDN/DNSChanger.bfr!F910B4271B2C

RDN/Generic.bfr!hh!DB61BD435DDB

RDN/Generic PWS.y!zt!D56C061125A4

Phishing

Barclays

30th May 2014

ONLINE ACCESS SUSPENDED

Barclays

29th May 2014

Errors Were Detected On Your
Account

VirginMedia

29th May 2014

VirginMedia account disabled,
please confirm your profile!

Security-team

29th May 2014

POLICY UPDATES !

Vulnerebility

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-05-30
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66881

Joomla! Youtube Gallery Component 'flvthumbnail.php' Cross-Site Scripting Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66245

PCMan's FTP Server 'USER' Command Buffer Overflow Vulnerability
2014-05-30
http://www.securityfocus.com/bid/60837

libgadu CVE-2014-3775 Memory Corruption Vulnerability
2014-05-30
http://www.securityfocus.com/bid/67471

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-05-30
http://www.securityfocus.com/bid/65188

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66873

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66915

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66891

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66911

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-05-30
http://www.securityfocus.com/bid/63676

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66909

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-05-30
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66907

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-05-30
http://www.securityfocus.com/bid/67601

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-05-30
http://www.securityfocus.com/bid/66894

Exploit

ElasticSearch Dynamic Script Arbitrary Java Execution

29.5.2014

Bugtraq

Multiple vulnerabilities in Sharetronix 2014-05-28
High-Tech Bridge Security Research (advisory htbridge com)

SEC Consult SA-20140528-0 :: Root Backdoor & Unauthenticated access to voice recordings in NICE Recording eXpress 2014-05-28
SEC Consult Vulnerability Lab (research sec-consult com)

LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability 2014-05-28
LSE Leading Security Experts GmbH \(Security Advisories\) (advisories lsexperts de)

[SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze 2014-05-27
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2937-1] mod-wsgi security update 2014-05-27
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!9B254EFD85AC

Generic PUP.x!1F3C30D9A005

Generic PUP.x!A0E7FA903DA6

Generic PUP.x!098881D6E5EE

Generic PUP.x!27975741C7AD

Generic PUP.x!46D397D6EFC4

Generic PUP.x!C99D273A6A97

RDN/Vundo!du!E02BFE2312CF

RDN/Generic PUP.x!10B67E4AA5EB

Generic.bfr!4689A84BA6EE

Generic PUP.x!79B04CE8DB8D

RDN/Generic PUP.x!c2n!45A491358600

RDN/Generic BackDoor!ym!5038B00A7079

RDN/Generic PUP.x!c2n!4585910A42B6

RDN/Vundo!du!7D44804BCD91

RDN/Generic.dx!8382D4DF9074

Generic PUP.x!C62208F8BCC2

RDN/Generic PUP.z!06033F1D7E8E

Generic PUP.x!666F1DB1EFDA

RDN/Generic.bfr!hh!F4C4C4712763

RDN/Vundo!du!C0D426A88952

Generic PUP.x!417A64EA2F45

Generic PUP.x!14D1F6EFCCE3

RDN/Vundo!du!0DFB32B79158

Generic PUP.x!76DC83C19BA4

Generic.bfr!A9BBA92CAB4D

Generic PUP.x!B34248F7A063

RDN/Generic BackDoor!ym!3E8A6EEC7448

RDN/Generic.dx!FA250364F172

Generic PUP.x!EE2363ACD6B2

Phishing

Halifax

28th May 2014

Account Suspended

no-reply@bt.com

28th May 2014

WARNING:Your BT security is
still not active.

NatWest

28th May 2014

*** CACTUS *** NatWest -
Security centre

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1532 Use After Free Memory Corruption Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67130

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1530 Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67137

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67121

Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67617

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1524 Remote Memory Corruption Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67131

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1531 Use After Free Memory Corruption Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67134

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1523 Out of Bounds Denial of Service Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67129

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1518 Multiple Memory Corruption Vulnerabilities
2014-05-29
http://www.securityfocus.com/bid/67123

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1529 Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67135

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/66356

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-05-29
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-05-29
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-05-29
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/65773

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-05-29
http://www.securityfocus.com/bid/65400

Cisco Unified Communications Domain Manager Self-Care HTTP Open Redirection Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67665

Cisco Unified Communications Domain Manager Number Translation Information Disclosure Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67666

Cisco Unified Communications Domain Manager Remote Information Disclosure Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67664

Cisco Unified Communications Domain Manager VOSS Operating System User Enumeration Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67663

Cisco Unified Communications Domain Manager Remote Information Disclosure Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67661

Wireshark CVE-2013-4074 Denial of Service Vulnerability
2014-05-29
http://www.securityfocus.com/bid/60500

TORQUE CVE-2014-0749 Stack Buffer Overflow Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67420

GeoCore Multiple SQL Injection Vulnerabilities
2014-05-29
http://www.securityfocus.com/bid/67078

D-Link DAP-1350 SQL Injection Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67310

WordPress bib2html Plugin 'styleShortName' Parameter Cross Site Scripting Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67589

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67289

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/65270

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-05-29
http://www.securityfocus.com/bid/66457

Mozilla Firefox and SeaMonkey CVE-2014-1525 Use After Free Memory Corruption Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67136

Mozilla Firefox and SeaMonkey CVE-2014-1522 Out of Bounds Memory Corruption Vulnerability
2014-05-29
http://www.securityfocus.com/bid/67127

Exploit

 

28.5.2014

Bugtraq

call for papers- £Ã£Ó£Ó£Å£²£°£ą£´ 2014-05-27
cfp-conf2014.org (cfp-conf2014 org securityfocus com)

[security bulletin] HPSBGN03041 rev.1 - HP IceWall Configuration Manager running Apache Struts, Remote Execution of Arbitrary Code 2014-05-27
security-alert hp com

Malware

Generic PUP.x!BBE4894EE120

Generic PUP.x!82E302BB710B

RDN/Generic PUP.x!c2h!D52C8D42FC26

Generic PUP.x!7B42B4C64BCB

RDN/Generic PUP.x!E887D72B93D5

Generic PUP.x!72B54558F0A6

RDN/Generic PUP.x!c2h!1A48881BCC65

Generic PUP.x!83FF28D41404

FakeAV-N.bfr!F4E9C18DBABD

RDN/Generic PUP.x!c2h!496E79A4C717

Generic PUP.x!B00D2BAD552A

Generic PUP.x!71D6E054EAAB

Generic PUP.x!94B8F4967EF2

Generic PUP.x!EC5C1051FA52

RDN/Generic Downloader.x!kg!090CB7C8CF94

Generic PUP.x!491147C73839

Generic PUP.x!FAEBCBF47A5A

Generic PUP.x!89711471ADAC

Generic PUP.x!72FA4A8656E8

Generic PUP.x!FA374ECEDD02

RDN/FakeAV-N.bfr!898797CFC6FB

Generic PUP.x!868453B1DC2B

Generic PUP.x!07C90FB621C1

Generic PUP.x!30E15049258C

Generic.bfr!727BFFC68B13

RDN/Generic Downloader.x!kg!F0A3CF698CB2

RDN/Generic PUP.x!23855027A93D

Generic PUP.x!7D2B3A5440D7

RDN/DNSChanger.bfr!c!5742FFB8A101

RDN/Generic PUP.x!c2h!8A7681CCAECD

Phishing

 

Vulnerebility

IBM Security Access Manager for Web CVE-2014-0963 Remote Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67238

Linux Kernel 'raw_cmd_copyout()' Function Local Privilege Escalation Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67302

Linux Kernel 'raw_cmd_copyin()' Function Local Privilege Escalation Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67300

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66543

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66779

Linux Kernel 'get_rx_bufs()' Function Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66441

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66678

Linux Kernel 'arch_dup_task_struct()' Function Local Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66477

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66492

Linux Kernel 'mac80211/sta_info.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66591

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-05-28
http://www.securityfocus.com/bid/66279

Linux Kernel 'ip6_route_add()' Function Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66095

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/65943

IBM DB2 and DB2 Connect CVE-2013-6744 Privilege Escalation Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67616

Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67617

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-05-28
http://www.securityfocus.com/bid/66690

Multiple IBM Products CVE-2013-6747 Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/65156

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-05-28
http://www.securityfocus.com/bid/66457

NTP 'ntp_request.c' Remote Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/64692

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-05-28
http://www.securityfocus.com/bid/65270

Cisco IOS XE Software PPPoE Packet Handling Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67603

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67289

Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67532

Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67534

Easy File Sharing FTP Server Pass Command Remote Buffer Overflow Vulnerability
2014-05-28
http://www.securityfocus.com/bid/19243

Django 'Vary Header' Information Disclosure Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67408

Django 'is_safe_url()' Function URI Redirection Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67410

Linux Kernel '/fs/cifs/file.c' Local Memory Corruption Vulnerability
2014-05-28
http://www.securityfocus.com/bid/65588

Linux Kernel 'ipc_rcu_putref()' Function Local Denial of Service Vulnerability
2014-05-28
http://www.securityfocus.com/bid/63445

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-05-28
http://www.securityfocus.com/bid/67121

Exploit

  TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub

  Sharetronix 3.3 - Multiple Vulnerabilities

  Wireshark CAPWAP Dissector - Denial of Service (msf)

27.5.2014

Bugtraq

VUPEN Security Research - Adobe Acrobat & Reader XI-X Barcode Heap Overflow (Pwn2Own) 2014-05-26
VUPEN Security Research (advisories vupen com)

[security bulletin] HPSBUX02960 SSRT101419 rev.3 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-05-23
security-alert hp com

Malware

RDN/Generic PUP.x!E6AA67E46656

Generic PUP.x!8319E282C059

Generic PUP.x!6008B4D237A3

Generic PUP.x!D9AEE9FE982F

Generic.bfr!01A1E12AD9FD

Generic PUP.x!1D2BEF715D4D

Generic PUP.x!C6551035145E

RDN/Generic.dx!dcg!D3200BAB4D3D

Generic PUP.x!0A2F2F41C8CC

Generic PUP.x!FA1B6DEDED4B

Generic PUP.x!29D257030B43

Generic PUP.x!BF011DF65137

Generic PUP.x!B413A6DC162E

Generic PUP.x!57111F2A6485

Generic PUP.x!855D852A0559

Generic PUP.x!CA95600FCD22

RDN/Generic.bfr!hf!485C446CE83D

Generic PUP.x!BE625E9A5DE6

Generic PUP.x!4D3C06776156

Generic PUP.x!2F48853498A3

RDN/Generic.bfr!A6E8F04F5C19

RDN/Generic PUP.x!c2d!065CB1B1BDCA

RDN/Generic PUP.x!180980CE0A6A

RDN/Generic PUP.x!c2d!E8CCD53F5BEC

RDN/Vundo!du!37816C3E3CB6

RDN/Vundo!du!D4874EC3AB33

RDN/Generic PUP.x!c2d!133E7583B785

Generic PUP.x!867AAAFDA6C5

Generic PUP.x!8D69D010F3DD

Generic PUP.x!02423737DF3E

Phishing

BT

27th May 2014

Verify Your Account

Microsoft

27th May 2014

Your itunes account has been
frozen !

Microsoft

27th May 2014

Notification itunes !

Santander

26th May 2014

Irregular account activity
detected

BT

26th May 2014

Verify Your Account

Vulnerebility

User Cake Cross Site Request Forgery Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67604

Perl libwww-perl (LWP) Module Peer Certificate Validation Security Bypass Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67202

IBM Security Access Manager for Web CVE-2014-0963 Remote Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67238

Multiple IBM Products CVE-2013-6747 Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/65156

Linux Kernel 'raw_cmd_copyout()' Function Local Privilege Escalation Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67302

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66492

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-05-27
http://www.securityfocus.com/bid/67382

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-05-27
http://www.securityfocus.com/bid/66279

Linux Kernel 'raw_cmd_copyin()' Function Local Privilege Escalation Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67300

Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67534

Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67532

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66779

Linux Kernel CVE-2014-2678 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66543

Linux Kernel 'mac80211/sta_info.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66591

Linux Kernel 'ip6_route_add()' Function Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66095

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/65400

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/65943

Pimcore 'Pimcore_Tool_Newsletter::getObjectByToken()' PHP Object Injection Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66812

Linux Kernel 'handle_rx()' Function Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66678

Linux Kernel '/fs/cifs/file.c' Local Memory Corruption Vulnerability
2014-05-27
http://www.securityfocus.com/bid/65588

Linux Kernel 'ipc_rcu_putref()' Function Local Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/63445

Linux Kernel CVE-2013-7339 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66351

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67121

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/64691

OpenSSL 'ssl_get_algorithm2()' Function Remote Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/64530

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-05-27
http://www.securityfocus.com/bid/64618

Qt QtGui GIF Image Handler Local Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67087

Mutt Mailreader 'mutt_copy_hdr()' Function Heap Based Buffer Overflow Vulnerability
2014-05-27
http://www.securityfocus.com/bid/66165

IBM WebSphere Application Server CVE-2014-0964 Denial of Service Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67322

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-05-27
http://www.securityfocus.com/bid/67289

Exploit

    Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow

  D-Link Routers - Multiple Vulnerabilities

  Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerability

Symantec Workspace Streaming Arbitrary File Upload

  Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation

  D-Link Routers - Multiple Vulnerabilities

26.5.2014

Bugtraq

ESA-2014-021: RSA ArcherŽ GRC Multiple Cross-Site Scripting Vulnerabilities 2014-05-23
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2936-1] torque security update 2014-05-23
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!9245A4AB1143

Generic Downloader.x!1A817239502E

Generic PUP.x!FB62C913D24A

Generic PUP.x!CD3171280F90

Generic PUP.x!8479F4A7A8E3

Generic PUP.x!4FBBF1A71BB5

Generic PUP.x!EFDC814CDC74

Generic.tfr!A9B92A730178

Generic PUP.x!62B86900010B

Generic.tfr!D34D473118F8

Generic.tfr!D239C3916207

Generic PUP.x!118D1F5BD9E1

RDN/Generic BackDoor!yk!E62116BF450B

Generic PUP.x!98789BF26851

Generic PUP.x!486DE4E05F2C

Generic PUP.x!94126A428D65

RDN/Generic PUP.x!c2b!C38FED8A9766

Generic PUP.x!A536DBEDFEAA

RDN/Generic Downloader.x!E089555D5F8F

Generic PUP.x!68EF7234B68F

Generic PUP.x!3FC6785CD346

Generic PUP.x!417526705A16

Generic PUP.x!AA2681B96A51

Generic PUP.x!05B1C43AC45B

Generic PUP.x!D72AE03E257E

Generic PUP.x!6BCAD99F478D

Generic PUP.x!A72E4C561EF3

Generic PUP.x!B13C25D1DBE0

RDN/Generic PUP.x!50DD086D5F97

Generic PUP.x!8EDAD4085A71

Phishing

BT

26th May 2014

Verify Your Account

Nationwide Building Society

25th May 2014

YOUR ONLINE BANKING ACCESS
LOCKED

Santander

25th May 2014

[SUSPECTED ] IRREGULAR ACCOUNT
ACTIVITY DETECTED

NatWest.co.uk

24th May 2014

NatWest Statement

Lloyds Commercial Bank

24th May 2014

FW: Important - Commercial
Documents

Vulnerebility

Linux Kernel Memory Leak Multiple Local Information Disclosure Vulnerabilities
2014-05-26
http://www.securityfocus.com/bid/64685

Linux Kernel 'pn_recvmsg()' Function Local Information Disclosure Vulnerability
2014-05-26
http://www.securityfocus.com/bid/64677

Linux Kernel '/fs/cifs/file.c' Local Memory Corruption Vulnerability
2014-05-26
http://www.securityfocus.com/bid/65588

Linux Kernel 'net/ieee802154/dgram.c' Local Information Disclosure Vulnerability
2014-05-26
http://www.securityfocus.com/bid/64747

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/64781

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-05-26
http://www.securityfocus.com/bid/66279

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/65943

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/66492

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/63983

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/65459

Linux Kernel 'nf_nat_irc.c' Local Information Disclosure Vulnerability
2014-05-26
http://www.securityfocus.com/bid/65180

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-05-26
http://www.securityfocus.com/bid/64954

Linux Kernel 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
2014-05-26
http://www.securityfocus.com/bid/63743

Linux Kernel CVE-2013-7263 Multiple Information Disclosure Vulnerabilities
2014-05-26
http://www.securityfocus.com/bid/64686

Linux Kernel 'raw_cmd_copyout()' Function Local Privilege Escalation Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67302

Linux Kernel 'raw_cmd_copyin()' Function Local Privilege Escalation Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67300

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1529 Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67135

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-05-26
http://www.securityfocus.com/bid/66690

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/65400

Adobe Flash Player and AIR CVE-2014-0520 Unspecified Remote Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67372

Adobe Flash Player and AIR CVE-2014-0518 Unspecified Remote Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67371

Adobe Flash Player and AIR CVE-2014-0517 Unspecified Remote Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67364

Adobe Flash Player and AIR CVE-2014-0519 Unspecified Remote Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67373

Adobe Flash Player and AIR CVE-2014-0516 Same Origin Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67361

Adobe Flash Player and Adobe AIR CVE-2014-0510 Heap Based Buffer Overflow Vulnerability
2014-05-26
http://www.securityfocus.com/bid/66241

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1532 Use After Free Memory Corruption Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67130

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1530 Security Bypass Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67137

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1531 Use After Free Memory Corruption Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67134

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1523 Out of Bounds Denial of Service Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67129

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1524 Remote Memory Corruption Vulnerability
2014-05-26
http://www.securityfocus.com/bid/67131

Exploit

 

23.5.2014

Bugtraq

[SECURITY] [DSA 2936-1] torque security update 2014-05-23
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03025 rev.2 - HP Diagnostics running OpenSSL, Remote Disclosure of Information 2014-05-22
security-alert hp com

[security bulletin] HPSBMU02995 rev.8 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-05-22
security-alert hp com

Malware

RDN/Generic.bfr!he!1632BEBEA1FB

RDN/Generic.dx!dc3!DC6C36032694

Generic PUP.x!5DCCA9723B6E

Generic PUP.x!3E4D2A6264C6

Generic PUP.x!A417CE007C87

Generic PUP.x!FF1B89833CE9

RDN/Downloader.a!qx!AD3FF53BE9EB

Generic PUP.x!9F45555CAD08

Generic PUP.x!51F1D690717C

Generic PUP.x!F847D2A634E1

RDN/Generic PUP.x!cdw!B2D479FF1B12

Generic PUP.x!8A2766089EC9

Generic PUP.x!DFE6A4F8EC9C

Generic PUP.x!FB50F6075750

RDN/Generic.dx!dc3!4DA154D64E1A

Generic PUP.x!3D0781E2249A

Generic PUP.x!65CD62422C2B

Generic PUP.x!167C62E72893

Generic.bfr!99D804B2BEFB

Generic PUP.x!0E1538F3D535

Generic PUP.x!01F0BD0968AD

Generic PUP.x!F55FC7E5EA6E

Generic PUP.x!34309573DC23

Generic PUP.x!F9F6E49633D7

Generic PUP.x!322DB7E88B0C

RDN/Generic PUP.x!cdw!C3B135D178C6

Generic PUP.x!0FAF90400A02

Generic PUP.x!72DE032162EA

Generic PUP.x!C1771F0C3470

Generic PUP.x!DA2181FD32C3

Phishing

Lloyds Commercial Bank

23rd May 2014

FW: Important - Commercial
Documents

Vulnerebility

Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66850

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66835

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66846

Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66890

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66896

Oracle MySQL Server CVE-2014-2432 Remote Security Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66875

Juniper Junos 'SRX Series Services' Gateway Denial of Service Vulnerability
2014-05-23
http://www.securityfocus.com/bid/64764

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-05-23
http://www.securityfocus.com/bid/66881

Birebin.com for Android CVE-2014-2993 X.509 Certificate Validation Security Bypass Vulnerability
2014-05-23
http://www.securityfocus.com/bid/67524

Cisco Tidal Enterprise Scheduler Agent CVE-2014-3272 Local Privilege Escalation Vulnerability
2014-05-22
http://www.securityfocus.com/bid/67561

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66873

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-2413 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66917

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66891

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66893

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-0454 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66905

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-05-22
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66879

Exploit

 

22.5.2014

Bugtraq

Wordpress Booking System (Booking Calendar) plugin SQL Injection 2014-05-21
info sec (omgpdrv gmail com)

Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe 2014-05-20
Stefan Kanthak (stefan kanthak nexgo de)

APPLE-SA-2014-15-20-1 OS X Server 3.1.2 2014-05-20
Apple Product Security (product-security-noreply lists apple com)

CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

Malware

Generic PUP.x!CD6202B6D807

RDN/Generic PUP.x!cd3!9EAE5B57F3F8

Obfuscated-FAFB!hb!50B1EC0088ED

Generic Downloader.x!8240E9596EEF

Generic Downloader.x!448C79C63D51

Generic PUP.x!B58A5A676C78

RDN/Vundo!dt!7698567E980F

Generic PUP.x!97199DE3116B

RDN/Generic.bfr!hf!2B93811AB639

Generic.dx!9E4A8AC52E97

Generic PUP.x!203AE1256A51

Generic PUP.x!4516417BCBFF

Generic PUP.x!233EEE6488CD

RDN/Generic PUP.x!50533D613DAC

RDN/Generic PWS.y!zp!66D031558C5B

Generic PUP.x!D65D43DCA447

Generic PUP.x!8AED8844D36B

RDN/Generic Downloader.x!kf!210AA1842EB9

RDN/Generic Downloader.x!kf!67F9CE3FD3F3

RDN/Generic PUP.x!cd3!0D99EEA088B2

Generic.bfr!67604D03A273

Generic PUP.x!85F26F00E61A

Generic PUP.x!1131176A159F

Generic PUP.x!97142E5F9A57

Generic PUP.x!57452E6A886C

Generic PUP.x!08B9C0D43DCE

Generic.bfr!731FFB99F707

Generic PUP.x!4FA779758DE1

Generic PUP.x!01FBDD91E8F9

Generic PUP.x!3E635B5B4794

Phishing

Nationwide

22nd May 2014

Nationwide - Internet banking
service has been temporarily
suspended

Barclays

22nd May 2014

This is an important Barclays
bank security Message

Vulnerebility

Birebin.com for Android CVE-2014-2993 X.509 Certificate Validation Security Bypass Vulnerability
2014-05-23
http://www.securityfocus.com/bid/67524

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66877

RETIRED: Linux Kernel 'n_tty.c' Memory Corruption Vulnerability
2014-05-22
http://www.securityfocus.com/bid/67282

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-05-22
http://www.securityfocus.com/bid/67121

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66920

OpenJDK CVE-2014-0462 Unspecified Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/67508

Oracle Java SE CVE-2014-2403 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66918

OpenJDK CVE-2014-2405 Unspecified Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/67512

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-2413 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66917

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-0454 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66905

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66891

Oracle Java SE CVE-2014-2402 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66898

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66893

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66873

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-05-22
http://www.securityfocus.com/bid/66856

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-05-22
http://www.securityfocus.com/bid/65568

Linux Kernel 'drivers/isdn/mISDN/socket.c' Local Information Disclosure Vulnerability
2014-05-22
http://www.securityfocus.com/bid/64743

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-05-22
http://www.securityfocus.com/bid/64328

Exploit

 

21.5.2014

Bugtraq

Wordpress Booking System (Booking Calendar) plugin SQL Injection 2014-05-21
info sec (omgpdrv gmail com)

Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe 2014-05-20
Stefan Kanthak (stefan kanthak nexgo de)

APPLE-SA-2014-15-20-1 OS X Server 3.1.2 2014-05-20
Apple Product Security (product-security-noreply lists apple com)

CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-3450 - Privilege Escalation in Panda Security 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

[security bulletin] HPSBGN03007 rev.1 - HP IceWall MCRP and HP IceWall SSO, Remote Denial of Service (DoS) 2014-05-20
security-alert hp com

Construtiva CIS Manager CMS POST SQLi 2014-05-19
edge bitmessage ch

t2'14: Call for Papers 2014 (Helsinki / Finland) 2014-05-19
Tomi Tuominen (tomi tuominen t2 fi)

[SECURITY] [DSA 2934-1] python-django security update 2014-05-19
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03022 rev.3 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-05-19
security-alert hp com

Malware

RDN/Generic PUP.x!cds!6B7002FF4EC3

RDN/Generic PUP.x!cds!59253C4691AC

RDN/Generic PUP.x!cds!709F6EEA7753

Generic PUP.x!8AF0450175C0

RDN/Generic PUP.x!cds!64D393F8BDB0

RDN/Generic PUP.x!cds!A5DD3839677C

Generic.bfr!2EBD2B0D29F4

Generic PUP.x!FB5AA1BA5869

RDN/Generic Downloader.x!kf!878D2B922011

RDN/Generic.dx!dc3!2DB90235B4CC

RDN/Generic PUP.x!cds!6A05C3D0A2D4

RDN/Generic.bfr!he!4B9E8F00B5B7

Generic.bfr!FB4DF3A594ED

RDN/Generic PUP.x!cds!6D153741AC91

Generic PUP.x!3350611DD34E

Generic PUP.x!C12A701B5BE6

RDN/Generic PUP.x!cds!28EEC57BF651

RDN/Generic PUP.x!cds!8AAC4A73D0B5

RDN/Generic PUP.x!cds!B813F9B6CBC4

RDN/Generic PUP.x!cds!6818644DBBF0

Generic PUP.x!8127732995BB

Generic.bfr!2EF885F97BF1

BackDoor-FBIB!81BCE4B1823E

Generic PUP.x!335E3E8ACE47

RDN/Generic PUP.x!cds!04A63FB77E80

Generic PUP.x!2D5DEB648994

Generic.bfr!2EC46E477AB2

RDN/Generic PUP.x!cds!330118730964

RDN/Generic.bfr!2EF95145C5FA

Generic PUP.x!38297D2234B0

Phishing

Chase

20th May 2014

Your Account Is Suspended

no-reply@bt.com ;

20th May 2014

Verify Your Account.

BT

20th May 2014

VERIFY YOUR BT ACCOUNT

NS&I

19th May 2014

PROTECT YOUR MONEY

Vulnerebility

Birebin.com for Android CVE-2014-2993 X.509 Certificate Validation Security Bypass Vulnerability
2014-05-23
http://www.securityfocus.com/bid/67524

Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
2014-05-21
http://www.securityfocus.com/bid/51706

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-05-21
http://www.securityfocus.com/bid/66690

Apple Mac OS X CVE-2014-1322 Local Security Bypass Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67023

Cisco WebEx Business Suite 'meetinginfo.do' Information Disclosure Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67424

Cisco Unified Web and E-Mail Interaction Manager Session Identifiers Security Bypass Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67495

Cisco IOS XR Software DHCPv6 Packet Handling CVE-2014-3271 Denial of Service Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67488

Cisco IOS Software LLDP Request Processing Denial of Service Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67489

Cisco Email Security Appliance Remote Security Bypass Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67494

Cisco IOS XR Software DHCPv6 Packet Handling CVE-2014-3270 Denial of Service Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67492

Adobe Flash Player and Adobe AIR CVE-2014-0510 Heap Based Buffer Overflow Vulnerability
2014-05-21
http://www.securityfocus.com/bid/66241

Adobe Reader and Acrobat CVE-2014-0527 Use After Free Remote Code Execution Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67367

Symantec Workspace Streaming XMLRPC Unauthorized Access Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67189

Ruby Floating Point Parsing Heap Buffer Overflow Vulnerability
2014-05-21
http://www.securityfocus.com/bid/63873

SAP NetWeaver Central User Administration Information Disclosure Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67448

OpenStack Heat Template URL Information Disclosure Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67505

Microsoft Internet Explorer Multiple Arbitrary Code Execution Vulnerabilities
2014-05-21
http://www.securityfocus.com/bid/66244

MediaWiki Semantic Forms Extension Multiple Cross Site Request Forgery Vulnerabilities
2014-05-21
http://www.securityfocus.com/bid/64966

Microsoft Internet Explorer CVE-2014-0310 Memory Corruption Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67299

Collabtive 'desc' Parameter HTML Injection Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67343

Apple Mac OS X CVE-2014-1318 Remote Security Bypass Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67029

Multiple Apple Products CVE-2014-1320 Local Security Bypass Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67027

Microsoft Internet Explorer CVE-2014-0285 Memory Corruption Vulnerability
2014-05-21
http://www.securityfocus.com/bid/65384

Cisco IOS XR Software CVE-2014-3269 SNMP Request Processing Denial of Service Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67459

Cisco Unified Web and E-Mail Interaction Manager CVE-2014-2192 Cross Site Scripting Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67464

Django CVE-2014-0473 Cross Site Request Forgery Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67040

Django 'is_safe_url()' Function URI Redirection Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67410

Django CVE-2014-0474 Multiple Data Type Injection Vulnerabilities
2014-05-21
http://www.securityfocus.com/bid/67038

Django 'Vary Header' Information Disclosure Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67408

Django 'reverse()' Function Arbitrary Code Execution Vulnerability
2014-05-21
http://www.securityfocus.com/bid/67041

Exploit

  Easy File Management Web Server 5.3 - Stack Buffer Overflow

  Easy Address Book Web Server 1.6 - Stack Buffer Overflow

  Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities

20.5.2014

Bugtraq

[SECURITY] [DSA 2932-1] qemu security update 2014-05-19
Giuseppe Iuculano (iuculano debian org)

[SECURITY] [DSA 2931-1] openssl security update 2014-05-18
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!DEDA6D50EF85

Generic PUP.x!A30977EA4308

Generic PUP.x!2C12DB9CE9C0

Generic PUP.x!F3F0B4E7ADE6

Generic PUP.x!3379DB5E655E

Generic PUP.x!617B2A57C441

Generic PUP.x!96E1E4801938

Generic PUP.x!1193FAC3DC70

Generic PUP.x!AFC21996A9A0

Generic PUP.x!0C5D1D01A10E

Generic PUP.x!5369F7918687

Generic PUP.x!B37F03929B43

RDN/Generic.dx!1B3BFDC2EB9B

RDN/Generic PUP.x!cdn!237C36DC09A6

RDN/Generic PUP.x!cdn!7F921790A060

RDN/Generic PUP.x!cdn!334D777D8970

RDN/Generic Downloader.x!0B122893DCE0

Generic PUP.x!A2FB857F865E

RDN/Generic.bfr!5D643BEC77F7

Generic PUP.x!B169969E45B4

RDN/Generic PWS.y!zp!B5F4827D2E97

Generic PUP.x!80F7771E0C92

RDN/Generic PUP.x!cdn!BF99387C872F

FakeAV-N.bfr!363DDEACCEC0

RDN/Generic.bfr!2470720C49FE

Generic PUP.x!1414F2903048

Generic PUP.x!B1BDF95C8768

Generic PUP.x!D65BD85ECA9F

Generic.dx!1C8038E419BD

Generic PUP.x!B37808D8C507

Phishing

BT

20th May 2014

VERIFY YOUR BT ACCOUNT

NS&I

19th May 2014

PROTECT YOUR MONEY

.PayPal

19th May 2014

Your PayPal account is limited
until we hear from you

Vulnerebility

Cisco IOS XR Software CVE-2014-3269 SNMP Request Processing Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67459

Cisco Unified Web and E-Mail Interaction Manager CVE-2014-2192 Cross Site Scripting Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67464

Symantec Workspace Streaming XMLRPC Unauthorized Access Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67189

Django CVE-2014-0473 Cross Site Request Forgery Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67040

Django 'is_safe_url()' Function URI Redirection Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67410

Django CVE-2014-0474 Multiple Data Type Injection Vulnerabilities
2014-05-20
http://www.securityfocus.com/bid/67038

Django 'Vary Header' Information Disclosure Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67408

Django 'reverse()' Function Arbitrary Code Execution Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67041

Google Chrome CVE-2013-2877 Out of Bounds Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/61050

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67233

SolarWinds Server and Application Monitor 'PEstrarg1' ActiveX Heap Buffer Overflow Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67048

InduSoft Web Studio CVE-2014-0780 Directory Traversal Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67056

Linux Kernel 'raw_cmd_copyin()' Function Local Privilege Escalation Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67300

Linux Kernel 'raw_cmd_copyout()' Function Local Privilege Escalation Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67302

Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
2014-05-20
http://www.securityfocus.com/bid/66279

Linux Kernel CVE-2014-0101 NULL Pointer Dereference Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/65943

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/65459

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/66492

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-05-20
http://www.securityfocus.com/bid/64954

Linux Kernel 'nf_nat_irc.c' Local Information Disclosure Vulnerability
2014-05-20
http://www.securityfocus.com/bid/65180

Linux Kernel 'wanxl.c' Local Information Disclosure Vulnerability
2014-05-20
http://www.securityfocus.com/bid/64953

Linux Kernel 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
2014-05-20
http://www.securityfocus.com/bid/63743

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/63983

Linux Kernel 'farsync.c' Local Information Disclosure Vulnerability
2014-05-20
http://www.securityfocus.com/bid/64952

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/64781

Linux Kernel 'perf_event.c' Local Privilege Escalation Vulnerability
2014-05-20
http://www.securityfocus.com/bid/61793

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67394

Mutt Mailreader 'mutt_copy_hdr()' Function Heap Based Buffer Overflow Vulnerability
2014-05-20
http://www.securityfocus.com/bid/66165

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-05-20
http://www.securityfocus.com/bid/66976

Dovecot Denial of Service Vulnerability
2014-05-20
http://www.securityfocus.com/bid/67306

Exploit

 

19.5.2014

Bugtraq

[SECURITY] [DSA 2931-1] openssl security update 2014-05-18
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2930-1] chromium-browser security update 2014-05-17
Michael Gilbert (mgilbert debian org)

APPLE-SA-2014-05-16-1 iTunes 11.2.1 2014-05-17
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBHF02946 rev.2 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege 2014-05-16
security-alert hp com

Malware

Generic PUP.x!7B75D5C6EB1D

Generic PUP.x!4A56094DA991

Generic PUP.x!CBED42DB175E

Generic PUP.x!311D7EDACB79

Generic PUP.x!FB199BE8197D

Generic PUP.x!ED14377F9F20

Generic PUP.x!F603DB3B2B1A

Generic PUP.x!AB68D2AF9DAF

Generic PUP.x!F1446E58DBD2

Generic PUP.x!A3675F6ADD73

Generic PUP.x!C57BBEE17BE3

Generic PUP.x!36A7A74C6192

RDN/Generic PUP.x!cdl!F9C3AA9EB4CB

Generic.bfr!D72FB94DE737

RDN/Generic PUP.x!cdl!F8DA48AD2F7C

Generic PUP.x!59288C1DD6D4

RDN/Generic PUP.x!cdl!4646595DD77F

Generic PUP.x!10857511BE65

Generic PUP.x!F8AC539DAE4B

Generic.tfr!F1E12B680975

RDN/Generic PUP.x!15630E22075E

Generic PUP.x!AC585035E676

RDN/Generic PUP.x!cdl!BF6F57745BA2

FakeAV-N.bfr!48114AF2B7F4

Generic PUP.x!F992E32CAD9F

Generic PUP.x!9CCBD080E108

Generic PUP.x!98B05270EBB0

Generic PUP.x!435176B012F4

RDN/Generic.bfr!835305335D2A

Generic PUP.x!A98D88FA66F7

Phishing

ebilling@bt.com ;

18th May 2014

ACTION REQUIRED: Activate and
view your BT bill online

Yahoo

18th May 2014

YAHOO DE-ACTIVATION ALERT

Vulnerebility

Pango Font Parsing 'pangoft2-render.c' Heap Corruption Vulnerability
2014-05-19
http://www.securityfocus.com/bid/45842

CoreGraphics Font Glyph Rendering Library Remote Code Execution Vulnerability
2014-05-19
http://www.securityfocus.com/bid/35774

Pango 'pango_glyph_string_set_size()' Integer Overflow Vulnerability
2014-05-19
http://www.securityfocus.com/bid/34870

Pango 'hb_buffer_ensure()' Buffer Overflow Vulnerability
2014-05-19
http://www.securityfocus.com/bid/46632

Ettercap Multiple Stack Buffer Overflow Vulnerabilities
2014-05-19
http://www.securityfocus.com/bid/57175

Ettercap GTK Insecure Temporary File Creation and Format String Vulnerabilities
2014-05-19
http://www.securityfocus.com/bid/44078

Bacula Console ACL Access Security Bypass Vulnerability
2014-05-19
http://www.securityfocus.com/bid/55505

Rack 'Rack::File()' Insecure Temporary File Creation Vulnerability
2014-05-19
http://www.securityfocus.com/bid/57862

Rack Timing Attack Remote Code Execution Vulnerability
2014-05-19
http://www.securityfocus.com/bid/57860

Rack 'multipart/parser.rb' CVE-2013-0183 Denial of Service Vulnerability
2014-05-19
http://www.securityfocus.com/bid/58768

Rack 'Rack::Auth::AbstractRequest' CVE-2013-0184 Denial of Service Vulnerability
2014-05-19
http://www.securityfocus.com/bid/58769

Rack 'lib/rack/multipart.rb' CVE-2012-6109 Denial of Service Vulnerability
2014-05-19
http://www.securityfocus.com/bid/58767

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-05-19
http://www.securityfocus.com/bid/65683

Imagemagick 'gif.c' Memory Corruption Vulnerability
2014-05-19
http://www.securityfocus.com/bid/62080

ImageMagick PSD Image File Handling Remote Buffer Overflow Vulnerability
2014-05-19
http://www.securityfocus.com/bid/65478

ImageMagick Buffer Overflow and Denial of Service Vulnerabilities
2014-05-19
http://www.securityfocus.com/bid/51957

WordPress Multiple Security Vulnerabilities
2014-05-19
http://www.securityfocus.com/bid/66765

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-05-19
http://www.securityfocus.com/bid/67193

Google Chrome CVE-2014-1741 Integer Overflow Vulnerability
2014-05-19
http://www.securityfocus.com/bid/67376

Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability
2014-05-19
http://www.securityfocus.com/bid/67374

Google Chrome CVE-2014-1742 Use After Free Remote Code Execution Vulnerability
2014-05-19
http://www.securityfocus.com/bid/67375

IBM Security Access Manager for Web CVE-2014-0963 Remote Denial of Service Vulnerability
2014-05-19
http://www.securityfocus.com/bid/67238

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66915

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66893

Oracle Java SE CVE-2014-2402 Remote Security Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66898

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-05-19
http://www.securityfocus.com/bid/66881

Exploit

  AoA MP4 Converter 4.1.2 - ActiveX Exploit

  AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit

  AoA DVD Creator 2.6.2 - ActiveX Exploit

  CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow

  HP Release Control Authenticated XXE

  SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal

18.5.2014

Bugtraq

[ MDVSA-2014:104 ] egroupware 2014-05-16
security mandriva com

[ MDVSA-2014:101 ] owncloud 2014-05-16
security mandriva com

[ MDVSA-2014:093 ] couchdb 2014-05-16
security mandriva com

[ MDVSA-2014:099 ] dovecot 2014-05-16
security mandriva com

[ MDVSA-2014:097 ] libvirt 2014-05-16
security mandriva com

[ MDVSA-2014:091 ] cups 2014-05-16
security mandriva com

[ MDVSA-2014:103 ] wordpress 2014-05-16
security mandriva com

[ MDVSA-2014:100 ] java-1.7.0-openjdk 2014-05-16
security mandriva com

[ MDVSA-2014:102 ] mariadb 2014-05-16
security mandriva com

CA20140413-01: Security Notice for OpenSSL Heartbleed Vulnerability 2014-05-16
Williams, James K (Ken Williams ca com)

[ MDVSA-2014:096 ] python-jinja2 2014-05-16
security mandriva com

[ MDVSA-2014:094 ] rxvt-unicode 2014-05-16
security mandriva com

[ MDVSA-2014:098 ] rawtherapee 2014-05-16
security mandriva com

[ MDVSA-2014:095 ] struts 2014-05-16
security mandriva com

[ MDVSA-2014:092 ] cups 2014-05-16
security mandriva com

Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel 2014-05-16
High-Tech Bridge Security Research (advisory htbridge com)

[ MDVSA-2014:089 ] nagios 2014-05-16
security mandriva com

[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update 2014-05-16
Florian Weimer (fw deneb enyo de)

APPLE-SA-2014-05-15-2 iTunes 11.2 2014-05-15
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-05-15-1 OS X Mavericks v10.9.3 2014-05-15
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBMU02995 rev.7 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-05-15
security-alert hp com

[ MDVSA-2014:088 ] python-lxml 2014-05-15
security mandriva com

[CVE-2014-0749] TORQUE Buffer Overflow 2014-05-15
john fitzpatrick mwrinfosecurity com

[ MDVSA-2014:087 ] php 2014-05-15
security mandriva com

[REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability 2014-05-15
Matteo Beccati (php beccati com)

Bilyoner mobile apps prone to various SSL/TLS attacks 2014-05-15
harun esur sceptive com

[SECURITY] [DSA 2928-1] linux-2.6 security update 2014-05-14
dann frazier (dannf debian org)

Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability 2014-05-14
Vulnerability Lab (research vulnerability-lab com)

[security bulletin] HPSBMU03040 rev.1 - HP LoadRunner & HP Performance Center, running OpenSSL, Remote Disclosure of Information 2014-05-14
security-alert hp com

CSRF and Remote Code Execution in EGroupware 2014-05-14
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!B218EF14698F

Generic PUP.x!C5D66B45E62F

Generic PUP.x!D97400404E1B

Generic PUP.x!5E6BD8796973

Generic Downloader.x!DD84FC8C5590

Generic PUP.x!6EBD4F00DF3A

Generic PUP.x!69C9610EC7E1

RDN/Generic PUP.x!cdl!40BD9EC476D8

RDN/Generic PUP.x!cdl!BED211CB88C0

Generic PUP.x!BC91E5AD6958

RDN/Ransom!eg!09395F43A99F

Generic.dx!74FEDB2CD52A

Generic.dx!332D9752ECC3

Generic PUP.x!5A2FA8F082D2

RDN/Generic PUP.x!cdl!625925196F70

RDN/Downloader.a!qu!7828414640F7

Generic PUP.x!CF9B6CB60E95

Generic.dx!7DEC80E04128

Generic Downloader.x!F5C0E1EA80A9

Generic.dx!40C597B8E1CF

Generic PUP.x!C97BBD610104

RDN/Generic PUP.x!cdl!1D98390D6285

RDN/Generic PUP.x!cdl!3AC7CEC0F7FE

Generic PUP.x!7D29B0046F3F

RDN/Generic PUP.x!cdl!349C6813ECFB

Generic.dx!6144FAA0B8E9

RDN/Generic PUP.x!cdl!82CFEF882C62

RDN/Generic PUP.x!cdl!6D0633DE7C86

RDN/Generic PUP.x!cdl!82A3AB2D907F

Generic PUP.x!2EBD36585652

Phishing

NatWest ;

15th May 2014

Changes to your account
balance.

NatWest.co.uk

15th May 2014

NatWest Statement

American Express

14th May 2014

1 NEW MESSAGES !

Vulnerebility

IBM Security Access Manager for Web CVE-2014-0963 Remote Denial of Service Vulnerability
2014-05-18
http://www.securityfocus.com/bid/67238

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66915

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66893

Oracle Java SE CVE-2014-2402 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66898

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66881

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-05-18
http://www.securityfocus.com/bid/63676

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-05-18
http://www.securityfocus.com/bid/64493

eGroupWare 'call_user_func()' Function Remote Code Execution Vulnerability
2014-05-18
http://www.securityfocus.com/bid/67409

eGroupWare CVE-2014-2987 Cross Site Request Forgery Vulnerability
2014-05-18
http://www.securityfocus.com/bid/67303

WordPress Multiple Security Vulnerabilities
2014-05-18
http://www.securityfocus.com/bid/66765

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-05-18
http://www.securityfocus.com/bid/67289

libvirt Unsafe Paths Usage Symlink Multiple Security Vulnerabilities
2014-05-18
http://www.securityfocus.com/bid/65743

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66911

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66919

LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2014-05-18
http://www.securityfocus.com/bid/62060

Dovecot Denial of Service Vulnerability
2014-05-18
http://www.securityfocus.com/bid/67306

Oracle Java SE CVE-2014-2413 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66917

Oracle Java SE CVE-2014-2403 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66918

Oracle Java SE CVE-2014-0454 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66905

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-05-18
http://www.securityfocus.com/bid/66909

Exploit

 

28.4.2014

Bugtraq

[SECURITY] [DSA 2917-1] super security update 2014-04-28
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 2916-1] libmms security update 2014-04-28
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2915-1] dpkg security update 2014-04-28
Raphael Geissert (geissert debian org)

[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-04-26
security-alert hp com

[ANN] Struts 2.3.16.2 GA release available - security fix 2014-04-26
Lukasz Lenart (lukaszlenart apache org)

Malware

Generic.dx!C5D82D44BB86

Generic.bfr!618A32F9C97A

RDN/Generic.dx!dbj!B90CF6E074FD

RDN/Generic PUP.x!025D8193D0F2

q9.s_105021!9CAAEF359236

RDN/Generic.bfr!hb!1C091D9082BA

q9.s_105021!FAF892C6349B

RDN/Generic.dx!dbj!06537F86204D

RDN/Generic.dx!028DBA1F048E

RDN/Generic PUP.x!FB6435D8CC6D

RDN/Spybot.bfr!854E4A92DBAA

RDN/Generic PUP.x!cbv!5F531A29FD2E

Generic PUP.x!4DAF944A6059

Generic.bfr!38DF8C10C23E

q9.s_105021!8B1425F0568A

RDN/Generic PUP.x!cbv!41C657ED6C42

q9.s_105021!EC39D39C6609

RDN/Generic.dx!dbj!476024011E9D

RDN/Generic.bfr!hb!9E0EBCA24736

q9.s_105021!F764359713CE

Generic PUP.x!5C624216D9D5

q9.s_105021!7B45444EED82

RDN/Generic PUP.x!DF667A68C45B

q9.s_105021!9ECEBA1985D0

RDN/Generic.bfr!hb!27DAF7F97E05

Generic.bfr!0A8ED8B313B0

RDN/Generic BackDoor!ya!F6A138126902

Generic.bfr!89D73B696745

RDN/Generic.dx!FC4AF9AB24DA

q9.s_105021!7E35C2C7D78F

Phishing

 

Vulnerebility

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-04-28
http://www.securityfocus.com/bid/66690

Linux Kernel 'tcp_rcv_state_process()' Function Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/65654

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2014-04-28
http://www.securityfocus.com/bid/62043

Drupal Core Information Disclosure Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66977

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-04-28
http://www.securityfocus.com/bid/66464

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-04-28
http://www.securityfocus.com/bid/65999

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-04-28
http://www.securityfocus.com/bid/66363

Opera Web Browser 'dtoa()' Remote Code Execution Vulnerability
2014-04-28
http://www.securityfocus.com/bid/37078

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-2402 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66898

Mac OS X 'libc/strtod(3)' Memory Corruption Vulnerability
2014-04-28
http://www.securityfocus.com/bid/37687

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/64493

Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability
2014-04-28
http://www.securityfocus.com/bid/35510

SAP SDM Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/58157

SAP Enterprise Portal Multiple Unspecified Cross Site Scripting Vulnerabilities
2014-04-28
http://www.securityfocus.com/bid/58155

Qemu 'virtio-net.c' Local Integer Overflow Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66821

QEMU 'vhdx' Block Driver Local Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66480

Wireshark RTP Dissector CVE-2014-2907 Remote Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/67046

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66472

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66481

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-04-28
http://www.securityfocus.com/bid/66486

QEMU CVE-2014-0147 Multiple Local Denial of Service Vulnerabilities
2014-04-28
http://www.securityfocus.com/bid/66484

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66920

KDE KDELibs 'dtoa()' Remote Code Execution Vulnerability
2014-04-28
http://www.securityfocus.com/bid/37080

MATLAB 'dtoa' Implementation Memory Corruption Vulnerability
2014-04-28
http://www.securityfocus.com/bid/37688

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66915

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66914

Oracle Java SE CVE-2014-2403 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66918

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-04-28
http://www.securityfocus.com/bid/66916

Exploit

  McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities

  Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow

  Adem 0.5.1 - Local File Inclusion

  GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection

  Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities

  NTP ntpd monlist Query Reflection - Denial of Service

  Symantec Endpoint Protection Manager 12.1.x - SEH Overflow POC

25.4.2014

Bugtraq

[security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service 2014-04-24
security-alert hp com

Birebin.com Android App SSL certificate validation weakness 2014-04-24
harun esur sceptive com

Misli.com Android App SSL certificate validation weakness 2014-04-24
harun esur sceptive com

Weak firmware encryption and predictable WPA key on Sitecom routers 2014-04-24
roberto paleari emaze net

Malware

q9.s_105018!EB4BF277ADCD

q9.s_105018!1C066584588E

Generic.dx!952B5E8899BA

q9.s_105018!09CC5A6507AF

q9.s_105018!099C5F3EA8F2

q9.s_105018!6BADED7E9BF7

q9.s_105018!24C0BDA9FADE

Generic PUP.x!0889B1E847ED

Generic.bfr!6A047BD6F5D4

RDN/Generic BackDoor!69114194E654

q9.s_105018!C6A106C31C6B

q9.s_105018!CE5626A10406

q9.s_105018!758DFE49B50B

q9.s_105018!B6F17C2916AC

RDN/PWS-Banker!4519BF4A6D40

q9.s_105018!AA9031CF3A7A

q9.s_105018!E09BF19BEDC1

q9.s_105018!CEDFE316707D

RDN/Generic PWS.y!zh!38B7EA4F4A38

q9.s_105018!B3112FC886E0

q9.s_105018!F6A4B683695F

q9.s_105018!671950091656

q9.s_105018!523F06433325

q9.s_105018!A143365C9DDF

RDN/Generic PUP.x!cbr!BB428DF4E84A

RDN/Generic.dx!dbg!4BAA6121E8D5

q9.s_105018!1EA2358969FC

q9.s_105018!C11867346F88

q9.s_105018!0D6CD2185A9D

RDN/Generic.bfr!ha!29C87A24F792

Phishing

Apple ID

24th April 2014

WARNING ! : YOU MUST VERIFY
YOUR ACCOUNT!

Barclays

24th April 2014

*** ***
BARCLAYS.BANK.ONLINE..

Vulnerebility

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63134

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63089

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-5905 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64934

Oracle Java SE CVE-2013-5906 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64903

Oracle Java SE CVE-2013-5776 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63152

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63128

Oracle Java SE CVE-2013-5902 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64923

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66881

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-0418 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64917

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63150

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2013-2472 Buffer Overflow Vulnerability
2014-04-25
http://www.securityfocus.com/bid/60656

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2014-04-25
http://www.securityfocus.com/bid/63115

Exploit

  Bonefire v.0.7.1 - Reinstall Admin Account Exploit

  dompdf 0.6.0 (dompdf.php, read param) - Arbitrary File Read

  WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion

  AlienVault 4.3.1 - Unauthenticated SQL Injection

24.4.2014

Bugtraq

[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information 2014-04-23
security-alert hp com

[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-23
security-alert hp com

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability 2014-04-23
Vulnerability Lab (research vulnerability-lab com)

CVE-2014-2383 - Arbitrary file read in dompdf 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances 2014-04-23
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 2808-2] openjpeg regression update 2014-04-22
Raphael Geissert (geissert debian org)

[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

Malware

StartPage-NY!46F2D56AF5DA

Generic PUP.x!65278A193EB1

RDN/Generic PUP.x!cb3!60B2B8F48DBC

RDN/Generic PUP.x!cb3!60AD23211BD7

RDN/Generic PUP.x!cb3!F0CC294B963F

Generic PUP.x!C096F7634D4C

RDN/Generic PUP.x!cb3!252F6955F1BD

RDN/Generic PUP.x!cb3!35ED7296D8FF

Generic.bfr!60C1330CC27C

RDN/Generic PUP.x!cb3!4F29B40FAE80

RDN/Generic PUP.x!cb3!34944EE6B643

RDN/Generic.bfr!60B2197E2168

Generic PUP.x!C907FC075DA0

RDN/Generic PUP.x!cb3!613D6A80C043

RDN/Generic PUP.x!cb3!0B7767D99DFA

RDN/Generic Dropper!uh!EFF729BB6616

RDN/Generic PUP.x!cb3!1B3B01D4F720

Generic.bfr!6077F155B0FB

Generic PUP.x!922C02AE46CD

RDN/Generic PUP.x!cb3!6140DBF049EE

Generic PUP.x!47A7917AD58F

Generic PUP.x!67DF2556B471

RDN/Generic PUP.x!cb3!5FD1D20DC1F4

RDN/Generic PUP.x!cb3!AA7456E9F772

RDN/Generic PUP.x!cb3!608113C06A15

RDN/Generic PUP.x!cb3!47C1A188ED1F

Generic PUP.x!F00BE835330B

RDN/Generic.bfr!gz!613D3EC91A6A

RDN/Generic PUP.x!cb3!60191C682F95

RDN/Generic.bfr!1C1C7407B2FF

Phishing

Tesco

23rd April 2014

CUSTOMER SATISFACTION SURVEY

Service Update

23rd April 2014

WARNING! SOME INFORMATION ON
YOUR ACCOUNT APPEARS TO BE
MISSING OR INCORRECT.?

Dear Client.

23rd April 2014

YOUR ACCOUNT HAS BEEN
TEMPORARILY SUSPENDED .

Nationwide

23rd April 2014

Account Review
 

Vulnerebility

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-04-24
http://www.securityfocus.com/bid/66690

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66891

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66893

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66903

Oracle Java SE CVE-2014-0456 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-2398 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66920

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-0457 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66870

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-04-24
http://www.securityfocus.com/bid/65773

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-04-24
http://www.securityfocus.com/bid/65767

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-04-24
http://www.securityfocus.com/bid/65400

OpenStack Dashboard (Horizon) CVE-2014-0157 Multiple Cross Site Scripting Vulnerabilities
2014-04-24
http://www.securityfocus.com/bid/66706

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-04-24
http://www.securityfocus.com/bid/66363

Oracle Java SE CVE-2014-0432 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66897

Oracle Java SE CVE-2014-2414 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66894

Oracle Java SE CVE-2014-0429 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66856

Oracle Java SE CVE-2014-2401 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66911

Oracle Java SE CVE-2014-2403 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66918

Oracle Java SE CVE-2014-2402 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66898

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-04-24
http://www.securityfocus.com/bid/64493

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-04-24
http://www.securityfocus.com/bid/63676

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-04-24
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66902

Oracle Java SE CVE-2014-0460 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66916

Oracle Java SE CVE-2014-2409 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66915

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66904

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-04-24
http://www.securityfocus.com/bid/66907

Exploit

  Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

  Acunetix 8 build 20120704 - Remote Stack Based Overflow

  Bonefire v.0.7.1 - Reinstall Admin Account Exploit

23.4.2014

Bugtraq

APPLE-SA-2014-04-22-2 iOS 7.1.1 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-04-22-3 Apple TV 6.1.1 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-04-22-1 Security Update 2014-002 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 2911-1] icedove security update 2014-04-22
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

[security bulletin] HPSBMU03017 rev.1 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

Malware

Generic.dx!CBC4A7701FF9

RDN/Generic PUP.x!cb3!B7FAFA412568

Generic PUP.x!DD1A5171616F

RDN/Generic PUP.x!cb3!B7CF0EB0C75A

Generic PUP.x!FDB6DE4306A4

RDN/Generic PWS.y!zg!3B9A851ABB0D

RDN/Generic.tfr!dz!3269E9D28891

RDN/Generic PUP.x!cb3!4CFFB09B2FC2

RDN/Generic PUP.x!cb3!ABCD4FE6CA29

Generic PUP.x!EA599D14CD99

RDN/Generic PUP.x!cb3!2FED9D7617DB

RDN/Generic.bfr!FCF139FD988D

RDN/Hybris.kit!a!4AF5839BBA00

Generic PUP.x!B0DA62BC3E00

Generic PUP.x!40A70C14DAEE

RDN/Generic.bfr!gy!26D948AB6343

W32/Pate.b!1C0F0A58A7F4

Generic PUP.x!E538CFAC58D8

RDN/Generic PUP.x!cb3!8C3280DC3F49

RDN/Generic.bfr!gy!B1205BAE32CD

RDN/Generic.bfr!gf!0EBE9EE5028F

RDN/Generic.bfr!gf!1504D5903D08

RDN/Generic PUP.x!cb3!33A4684E4FB6

W32/Fujacks!A3A834E4C5C7

Generic.dx!E13047947714

RDN/Generic PUP.x!cb3!298AE814A5A6

Generic PUP.x!40798576C08A

RDN/Generic.tfr!dz!CE9340AA2710

RDN/Generic PUP.x!EF2FEFCA6EFD

RDN/Generic.tfr!dz!E5D9D345D426

Phishing

 

Vulnerebility

WebKit Use-After-Free Remote Code Execution Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66243

WebKit CVE-2014-1305 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66587

WebKit CVE-2014-1308 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66573

WebKit CVE-2014-1307 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66572

WebKit CVE-2014-1304 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66586

WebKit Unspecified Heap Based Buffer Overflow Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66242

WebKit CVE-2014-1302 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66585

WebKit CVE-2014-1299 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66581

WebKit CVE-2014-1311 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66577

WebKit CVE-2014-1298 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66576

WebKit CVE-2013-2871 Use After Free Remote Code Execution Vulnerability
2014-04-23
http://www.securityfocus.com/bid/61054

WebKit CVE-2014-1309 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66574

WebKit CVE-2014-1310 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66575

WebKit CVE-2014-1313 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66579

WebKit CVE-2014-1312 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66578

WebKit CVE-2014-1300 Unspecified Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66583

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63101

Ruby Floating Point Parsing Heap Buffer Overflow Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63873

Apple Mac OS X CoreGraphics PDF Handling Buffer Overflow Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63330

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-04-23
http://www.securityfocus.com/bid/65258

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63143

Oracle Java SE CVE-2013-5818 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63157

IBM Java CVE-2013-5457 Unspecified Arbitrary Code Execution Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63622

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1514 Out of Bounds Memory Corruption Vulnerability
2014-04-23
http://www.securityfocus.com/bid/66240

Oracle Java SE CVE-2013-5820 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63133

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63137

Oracle Java SE CVE-2013-5824 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63139

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-04-23
http://www.securityfocus.com/bid/65767

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2014-04-23
http://www.securityfocus.com/bid/63121

Exploit

  Sixnet Sixview 2.4.1 - Web Console Directory Traversal

  No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

  kitForm CRM Extension 0.43 (sorter.php, sorter_value param) - SQL Injection

22.4.2014

Bugtraq

[SECURITY] [DSA 2901-3] wordpress regression update 2014-04-21
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2895-2] prosody regression update 2014-04-20
Luciano Bello (luciano debian org)

Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl 2014-04-19
craig arendt stratumsecurity com

Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2 2014-04-19
craig arendt stratumsecurity com

[security bulletin] HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-04-19
security-alert hp com

[SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability 2014-04-19
Brett Porter (brett apache org)

[SECURITY] [DSA 2901-2] wordpress regression update 2014-04-18
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information 2014-04-18
security-alert hp com

[security bulletin] HPSBMU02995 rev.4 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-18
security-alert hp com

[SECURITY] [DSA 2910-1] qemu-kvm security update 2014-04-18
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2909-1] qemu security update 2014-04-18
Salvatore Bonaccorso (carnil debian org)

[SECURITY] CVE-2013-2251: Apache Archiva Remote Command Execution 2014-04-19
Brett Porter (brett apache org)

Remote Command Injection in Ruby Gem sfpagent 0.4.14 2014-04-18
Larry W. Cashdollar (larry0 me com)

[SECURITY] [DSA 2908-1] openssl security update 2014-04-17
Raphael Geissert (geissert debian org)

Security advisory for Bugzilla 4.5.3, 4.4.3, 4.2.8, and 4.0.12 2014-04-17
LpSolit gmail com

[security bulletin] HPSBMU02995 rev.3 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) 2014-04-17
security-alert hp com

[ MDVSA-2014:079 ] json-c 2014-04-17
security mandriva com

[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02935 rev.2 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com

D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities 2014-04-17
kyle Lovett (krlovett gmail com)

[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code 2014-04-16
security-alert hp com

Buggy insecure "security" software executes rogue binary during installation and uninstallation 2014-04-16
Stefan Kanthak (stefan kanthak nexgo de)

CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server 2014-04-16
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com

Malware

Generic.bfr!35129A2B7E30

RDN/Generic BackDoor!xx!7B91C5FE92B9

Generic PUP.x!A6500816AA4B

Generic.bfr!33B0224D5BA4

Generic.bfr!38158E58CAD3

RDN/Generic.bfr!gy!2B12C06A1D75

RDN/Generic.bfr!91EE5232C984

RDN/Generic PUP.x!cbc!0CF95BA4E398

RDN/Generic.bfr!gy!2BBD42F0092C

Generic.bfr!34F614E6E543

RDN/Generic BackDoor!1589EA5207EE

RDN/Generic PUP.x!cbc!18D4A589811C

Generic.bfr!3826350E9A72

Generic.bfr!37C9EBAF812B

Generic.bfr!3804203BF91F

Generic.bfr!3558E34A5A62

RDN/Generic PUP.x!cbc!54DF10F5D7B4

Generic.bfr!381C28F10683

RDN/Generic.bfr!6D80A7553940

RDN/Generic PUP.x!cbc!4CD9C9EB5FC8

Generic.bfr!332AB5CA33B7

RDN/Generic.bfr!gy!85BA101D6A19

RDN/Generic.bfr!gz!30DB7E2467B1

RDN/Generic PUP.x!cbc!A93E16256DE6

Generic.bfr!34EB8099D961

RDN/Generic PUP.x!cbc!D4349F5C692D

Generic.bfr!2E12E902581B

Generic.bfr!AAD3C46509A2

RDN/Generic PUP.x!cbc!4FB6462C7296

RDN/Generic PUP.x!cbc!1CF64C2B3AF2

Phishing

Natwest

21st April 2014

NATWEST OFFERS YOU A BONUS

Dear Client.

21st April 2014

YOUR ACCOUNT HAS BEEN
TEMPORARILY SUSPENDED .

Barclays Bank Plc

21st April 2014

Please Unflag Your Barclays
Accounts

MBNA

18th April 2014

YOUR MBNA/VIRGIN CARD..

Chase

18th April 2014

IMPORTANT MESSAGE FROM CHASE

Vulnerebility

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-04-22
http://www.securityfocus.com/bid/66690

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/64691

Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2014-04-22
http://www.securityfocus.com/bid/61189

libmms MMSH Server Response Heap-Based Buffer Overflow Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66933

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-04-22
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-04-22
http://www.securityfocus.com/bid/65773

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/65400

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-04-22
http://www.securityfocus.com/bid/65768

Prosody XMPP Server CVE-2014-2744 XMPP-Layer Compression Denial of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66723

Prosody XMPP Server CVE-2014-2745 XMPP-Layer Compression Denial of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66724

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-04-22
http://www.securityfocus.com/bid/64618

Multiple IBM Products CVE-2013-6747 Denial of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/65156

WordPress Multiple Security Vulnerabilities
2014-04-22
http://www.securityfocus.com/bid/66765

Oracle Outside In Technology CVE-2013-5791 Stack Buffer Overflow Vulnerability
2014-04-22
http://www.securityfocus.com/bid/63076

Oracle Outside In Technology CVE-2013-5763 Stack Buffer Overflow Vulnerability
2014-04-22
http://www.securityfocus.com/bid/63741

Oracle Outside In Technology CVE-2013-5879 Local Security Vulnerability
2014-04-22
http://www.securityfocus.com/bid/64825

Adobe Flash Player CVE-2013-0634 Remote Memory Corruption Vulnerability
2014-04-22
http://www.securityfocus.com/bid/57787

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-04-22
http://www.securityfocus.com/bid/66363

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2014-04-22
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-04-22
http://www.securityfocus.com/bid/64918

Google Chrome Prior to 34.0.1847.116 Multiple Security Vulnerabilities
2014-04-22
http://www.securityfocus.com/bid/66704

phpMyID 'openid_error' Parameter Cross Site Scripting Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66665

Linux Kernel 'bpf_jit_compile()' Function Denial of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66931

QEMU IDE SMART Out of Bounds Local Privilege Escalation Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66932

X.Org libXfont BDF Font File Handling Stack Buffer Overflow Vulnerability
2014-04-22
http://www.securityfocus.com/bid/64694

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2014-04-22
http://www.securityfocus.com/bid/62892

X.Org X Server CVE-2013-6424 Local Denial of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/64127

Sfpagent Ruby Gem Remote Command Injection Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66935

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66779

Siemens SINEMA Server CVE-2014-2733 Denial of Service Vulnerability
2014-04-22
http://www.securityfocus.com/bid/66967

Exploit

     Adobe Flash Player Regular Expression Heap Overflow

  SAP Router - Timing Attack Password Disclosure

  Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF Vulnerability

17.4.2014

Bugtraq

[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com

[CORE-2014-0003] - SAP Router Password Timing Attack 2014-04-16
CORE Advisories Team (advisories coresecurity com)

[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com

[Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 2014-04-16
Security Alert (Security_Alert emc com)

[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information 2014-04-16
security-alert hp com

SQL Injection in mAdserve 2014-04-16
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-2735 - WinSCP: missing X.509 validation 2014-04-16
Micha Borrmann (micha borrmann syss de)

[SECURITY] [DSA 2905-1] chromium-browser security update 2014-04-16
Michael Gilbert (mgilbert debian org)

Malware

RDN/Generic PUP.x!bzw!DD65E7C49E9D

RDN/Generic PUP.x!bzw!CA7FCF6BFAC4

Generic PUP.x!220090B85E2B

RDN/Generic PWS.y!ze!2B21F38E19FE

Generic.bfr!A9364122DB0C

RDN/Generic PUP.x!bzw!48FD2EE78379

RDN/Generic PUP.x!bzw!3C6D11423297

Generic PUP.x!1E1B19288276

Generic PUP.x!DA081F4DC549

Generic PUP.x!29E9DC26EF73

Generic PUP.x!96625FD13F56

Generic PUP.x!76C7AFE36883

Generic PUP.x!62BEBB5ECE80

Generic PUP.x!8277EA469CC8

RDN/Generic BackDoor!3774B700C629

Generic PUP.x!D0A87A0F7810

RDN/Generic PUP.x!bzw!36DF9747F557

RDN/Spybot.bfr!B70079A52842

Generic PUP.x!B1995FFCD3A0

Generic PUP.x!5D562C54EFF6

RDN/Generic PUP.x!bzw!27A613BF0902

Generic PUP.x!D975614CB3A0

Generic PUP.x!8C06D1ACF437

Generic PUP.x!B4D15B4CB7A0

RDN/Generic PUP.x!A47D6F67BE9F

Generic PUP.x!0A62B729EE42

RDN/Generic PUP.x!bzw!83E053030AC4

W32/Sdbot.worm!7E735FDF0862

RDN/Downloader.a!pz!29107EFB9690

RDN/Generic PUP.x!bzw!F23BE4276A9D

Phishing

 

Vulnerebility

OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/64140

OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/64121

OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/64118

OpenJPEG CVE-2013-6054 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/64113

OpenJPEG CVE-2013-4290 Multiple Stack Buffer Overflow Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/62362

OpenJPEG CVE-2013-6045 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/64109

OpenJPEG CVE-2013-1447 Multiple Denial Of Service Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/64142

OpenJPEG CVE-2013-4289 Multiple Heap Buffer Overflow Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/62363

Puppet CVE-2013-4761 Arbitrary Code Execution Vulnerability
2014-04-17
http://www.securityfocus.com/bid/61806

WordPress Multiple Security Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/66765

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-04-17
http://www.securityfocus.com/bid/64691

Multiple Rockwell Automation Products CVE-2012-4690 Remote Denial of Service Vulnerability
2014-04-17
http://www.securityfocus.com/bid/56872

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/66690

'pam_cifscreds' PAM Module 'cifskey.c' Stack Buffer Overflow Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66743

OpenStack Keystone V3 API Authentication Denial of Service Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66736

IOServer CVE-2014-0777 Out-of-Bounds Read Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66761

Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66614

JBIG-KIT LibJbig Image File Handling CVE-2013-6369 Remote Buffer Overflow Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66697

GNU a2ps CVE-2014-0466 Arbitrary Command Execution Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66660

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66406

Samba 'pam_winbind' Configuration File Security Bypass Vulnerability
2014-04-17
http://www.securityfocus.com/bid/64101

Samba SAMR Server Password Lockout Bypass Information Disclosure Weakness
2014-04-17
http://www.securityfocus.com/bid/66336

Samba 'smbcacls' Command Security Bypass Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66232

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/66734

qEngine Database Backup Information Disclosure Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66395

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66478

Python 'readline()' Function Denial of Service Vulnerability
2014-04-17
http://www.securityfocus.com/bid/63804

Zend Framework Multiple Information Disclosure and Security Bypass Vulnerabilities
2014-04-17
http://www.securityfocus.com/bid/66358

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-04-17
http://www.securityfocus.com/bid/65258

OSIsoft PI Interface for DNP3 CVE-2013-2828 Local Denial of Service Vulnerability
2014-04-17
http://www.securityfocus.com/bid/66712

Exploit

MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free

16.4.2014

Bugtraq

[SECURITY] [DSA 2904-1] virtualbox security update 2014-04-15
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information 2014-04-15
security-alert hp com

[SECURITY] CVE-2014-0111 Apache Syncope 2014-04-15
Francesco Chicchiriccò (ilgrosso apache org)

RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 2014-04-14
Ruckus Product Security Team (security ruckuswireless com)

VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) 2014-04-14
VUPEN Security Research (advisories vupen com)

[SECURITY] [DSA 2903-1] strongswan security update 2014-04-14
Moritz Muehlenhoff (jmm debian org)

PDF Album v1.7 iOS - File Include Web Vulnerability 2014-04-14
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!A1A6C8335AE1

Generic PUP.x!240E7127CAA7

Generic Downloader.x!B7910320D00A

Generic PUP.x!19AFA7066E57

RDN/Generic PUP.x!bzp!8D921007BCAB

Generic PUP.x!F844FBA4F882

Generic PUP.x!2AA958169F15

RDN/Generic.bfr!gv!C9B382DCB5D4

RDN/Generic.bfr!gv!EC4E83CE0A77

Generic PUP.x!E2EAC351FA35

Generic PUP.x!3B5B9BB262F5

RDN/Generic PUP.x!bzp!FC781C33472F

RDN/Generic PUP.x!bzp!2815D329BAD5

RDN/Generic Dropper!uf!457228228207

Generic PUP.x!77679D973EB6

Generic PUP.x!8480093F96A9

RDN/Generic PUP.x!bzp!C4458C4B7CDE

Downloader.gen.a!738F858DBD38

RDN/Generic PUP.x!bzp!D4479B0A9F49

Generic PUP.x!D86FC2AF37A1

RDN/Generic PUP.x!bzp!1469EF91EFA5

Generic PUP.x!80E2BAF0F5C6

Generic.bfr!ECBACFA82AFA

Generic PUP.x!8AF1ECC67E45

RDN/Generic PUP.x!7CB77D8ECED9

Generic.tfr!31C2255D6751

RDN/Generic.bfr!gv!ECC2D5826E26

Generic PUP.x!301E94758B71

Generic PUP.x!F9A755CA00C6

RDN/Generic PUP.x!bzp!1682110C691B

Phishing

REGIONS BANK

16th April 2014

Security Change To Your Online
Banking Profile

BT Yahoo Mail

14th April 2014

Account Verification

Linda Spells

14th April 2014

RE: ATTENTION: ACCOUNT
RESTRICTED

Vulnerebility

OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/64140

OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/64121

OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/64118

OpenJPEG CVE-2013-6054 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/64113

OpenJPEG CVE-2013-4290 Multiple Stack Buffer Overflow Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/62362

OpenJPEG CVE-2013-6045 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/64109

OpenJPEG CVE-2013-1447 Multiple Denial Of Service Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/64142

OpenJPEG CVE-2013-4289 Multiple Heap Buffer Overflow Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/62363

Puppet CVE-2013-4761 Arbitrary Code Execution Vulnerability
2014-04-16
http://www.securityfocus.com/bid/61806

WordPress Multiple Security Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/66765

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-04-16
http://www.securityfocus.com/bid/64691

Multiple Rockwell Automation Products CVE-2012-4690 Remote Denial of Service Vulnerability
2014-04-16
http://www.securityfocus.com/bid/56872

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/66690

'pam_cifscreds' PAM Module 'cifskey.c' Stack Buffer Overflow Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66743

OpenStack Keystone V3 API Authentication Denial of Service Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66736

IOServer CVE-2014-0777 Out-of-Bounds Read Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66761

Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66614

JBIG-KIT LibJbig Image File Handling CVE-2013-6369 Remote Buffer Overflow Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66697

GNU a2ps CVE-2014-0466 Arbitrary Command Execution Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66660

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66406

Samba 'pam_winbind' Configuration File Security Bypass Vulnerability
2014-04-16
http://www.securityfocus.com/bid/64101

Samba SAMR Server Password Lockout Bypass Information Disclosure Weakness
2014-04-16
http://www.securityfocus.com/bid/66336

Samba 'smbcacls' Command Security Bypass Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66232

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/66734

qEngine Database Backup Information Disclosure Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66395

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66478

Python 'readline()' Function Denial of Service Vulnerability
2014-04-16
http://www.securityfocus.com/bid/63804

Zend Framework Multiple Information Disclosure and Security Bypass Vulnerabilities
2014-04-16
http://www.securityfocus.com/bid/66358

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-04-16
http://www.securityfocus.com/bid/65258

OSIsoft PI Interface for DNP3 CVE-2013-2828 Local Denial of Service Vulnerability
2014-04-16
http://www.securityfocus.com/bid/66712

Exploit

  Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE

  Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution

  NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities

  Xerox DocuShare - SQL Injection

13.4.2014

Bugtraq

ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2012-032: RSA BSAFEŽ Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2014-003: RSAŽ Data Loss Prevention Improper Session Management Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2014-019: RSA BSAFEŽ Micro Edition Suite Certificate Chain Processing Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue 2014-04-11
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server 2014-04-11
SEC Consult Vulnerability Lab (research sec-consult com)

[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-11
security-alert hp com

[SECURITY] [DSA 2900-1] jbigkit security update 2014-04-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:076 ] a2ps 2014-04-10
security mandriva com

OWASP ZAP 2.3.0 2014-04-10
psiinon (psiinon gmail com)

Sendy 1.1.9.1 - SQL Injection Vulnerability 2014-04-10
marduk369 gmail com

[ MDVSA-2014:075 ] php 2014-04-10
security mandriva com

BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

iVault Private P&V 1.1 iOS - Path Traversal Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2899-1] openafs security update 2014-04-09
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 2898-1] imagemagick security update 2014-04-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-04-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[ MDVSA-2014:073 ] file 2014-04-09
security mandriva com

[ MDVSA-2014:070 ] yaml 2014-04-09
security mandriva com

[ MDVSA-2014:072 ] php-ZendFramework 2014-04-09
security mandriva com

[ MDVSA-2014:071 ] yaml 2014-04-09
security mandriva com

[ MDVSA-2014:069 ] perl-YAML-LibYAML 2014-04-09
security mandriva com

[ MDVSA-2014:068 ] openssh 2014-04-09
security mandriva com

SQL Injection in Orbit Open Ad Server 2014-04-09
High-Tech Bridge Security Research (advisory htbridge com)

Сross-Site Request Forgery (CSRF) in XCloner Standalone 2014-04-09
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-0160 mitigation using iptables 2014-04-09
Fabien Bourdaire (lists ecsc co uk)

[ MDVSA-2014:067 ] openssl 2014-04-09
security mandriva com

Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products 2014-04-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Generic.bfr!C047E34DDE75

StartPage-NY!24B3F9B4CDA2

RDN/Generic.bfr!42FDD3B7953B

Generic.bfr!C09C0D4C218D

Generic.bfr!3D2B9AECC8C8

Generic.bfr!0F868CB52202

Adware-FFN!33A333319A6B

Generic.bfr!09B5676E4579

Generic.bfr!BBDD9902881C

Generic.dx!339D728BEA78

Generic.bfr!1A2F56EA1536

RDN/Generic.bfr!gu!C084B6E43002

RDN/Generic.bfr!gu!C0A6470E8916

RDN/Generic.bfr!gu!6393677B46DE

RDN/Generic.bfr!gu!C0C7E4CCD8B8

Generic.bfr!BAA06577B7BC

RDN/Generic.bfr!gu!9B69F4336EA6

RDN/Generic.bfr!gu!E316330276A0

RDN/Generic.bfr!gu!D5ECB1041720

RDN/Generic.bfr!gu!B58BDF9DFEC5

RDN/Generic.bfr!CB75B9FA6DEA

RDN/Generic.bfr!gu!1A5994F205AD

RDN/Generic.bfr!gu!99F17568919A

RDN/Generic PUP.x!bzl!617FDBA6DB01

RDN/Generic PUP.x!bzl!3D76C1877F21

Generic.bfr!3C748870C1EC

RDN/Generic PUP.x!55BBC49E4458

RDN/Generic.bfr!gu!5C64E1807536

RDN/Generic.bfr!6649A570A523

RDN/Generic PUP.x!863E49053C27

Phishing

Microsoft

13th April 2014

Dear Westpac Customer,

Halifax

12th April 2014

OFFICIAL NOTIFICATION FROM
HALIFAX BANK

AKIN BADMUS

12th April 2014

RE:SECURE THIS OFFER!!!

eBay

12th April 2014

Your question from an eBay
member

Barclays Bank PLC

11th April 2014

YOUR ACCOUNT HAS BEEN FLAGGED
!

www.apple.com

11th April 2014

The important updates !

PayPal

10th April 2014

Update Your information

Vulnerebility

JBIG-KIT LibJbig Image File Handling CVE-2013-6369 Remote Buffer Overflow Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66697

Fortinet FortiADC 'locale' Parameter Cross Site Scripting Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66642

OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/66690

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-04-14
http://www.securityfocus.com/bid/66363

SAP ERP Enhancement Packages Security Bypass Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66683

SAP HANA Information Disclosure Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66675

Linux Kernel 'ping_init_sock()' Local Privilege Escalation Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66779

OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/64140

OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/64121

OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/64118

OpenJPEG CVE-2013-6054 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/64113

OpenJPEG CVE-2013-4290 Multiple Stack Buffer Overflow Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/62362

OpenJPEG CVE-2013-6045 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/64109

OpenJPEG CVE-2013-1447 Multiple Denial Of Service Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/64142

OpenJPEG CVE-2013-4289 Multiple Heap Buffer Overflow Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/62363

Puppet CVE-2013-4761 Arbitrary Code Execution Vulnerability
2014-04-14
http://www.securityfocus.com/bid/61806

WordPress Multiple Security Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/66765

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-04-14
http://www.securityfocus.com/bid/64691

Multiple Rockwell Automation Products CVE-2012-4690 Remote Denial of Service Vulnerability
2014-04-14
http://www.securityfocus.com/bid/56872

'pam_cifscreds' PAM Module 'cifskey.c' Stack Buffer Overflow Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66743

OpenStack Keystone V3 API Authentication Denial of Service Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66736

IOServer CVE-2014-0777 Out-of-Bounds Read Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66761

Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66614

GNU a2ps CVE-2014-0466 Arbitrary Command Execution Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66660

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66406

Samba 'pam_winbind' Configuration File Security Bypass Vulnerability
2014-04-14
http://www.securityfocus.com/bid/64101

Samba SAMR Server Password Lockout Bypass Information Disclosure Weakness
2014-04-14
http://www.securityfocus.com/bid/66336

Samba 'smbcacls' Command Security Bypass Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66232

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerabilities
2014-04-14
http://www.securityfocus.com/bid/66734

qEngine Database Backup Information Disclosure Vulnerability
2014-04-14
http://www.securityfocus.com/bid/66395

Exploit

CubeCart 5.2.8 - Session Fixation

  Microweber CMS 0.93 - CSRF Vulnerability

8.4.2014

Bugtraq

MacOSX/XNU HFS Multiple Vulnerabilities 2014-04-07
submit cxsec org

Pearson eSIS Enterprise Student Information System SQL Injection 2014-04-06
tudor enache helpag com

Pearson eSIS Enterprise Student Information System Stored XSS 2014-04-06
tudor enache helpag com

[SECURITY] [DSA 2894-1] openssh security update 2014-04-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2895-1] prosody security update 2014-04-05
Luciano Bello (luciano debian org)

Call for Papers 2014-04-05
education crownjournal org

Malware

Generic PUP.x!2A89A902E235

Generic PUP.x!A74099059E0E

RDN/Generic BackDoor!xs!3D137B3AB5AA

RDN/Generic.bfr!06AF0BCDC3EE

RDN/Generic.bfr!973B72E921B0

Generic.tfr!06B4C815FB9F

Generic PUP.x!AABD33AD11EC

RDN/Generic.bfr!F966997C16CD

RDN/Downloader.a!pv!A8C2D6E7E543

RDN/Generic PWS.y!zb!A6ACDDFB266E

Generic PUP.x!A6BC11F8BE73

RDN/Generic.bfr!gr!A6C8B314874E

RDN/PWS-Lineage!bf!05DD45A56DB1

Generic.tfr!A6B165F6B6BE

RDN/Generic.dx!d2o!064E70AF2DD1

Generic PUP.x!40541C0CBA78

RDN/Generic PWS.y!zb!A20DA976AAA5

RDN/Generic PUP.x!b2v!9EE0433268B6

Generic.dx!AE026B57987E

RDN/Generic PUP.x!b2b!9EDB559657EF

Generic.tfr!083CF144A090

RDN/Downloader.a!pv!07E86CA7054D

RDN/Generic BackDoor!D08C63A6D713

RDN/Downloader.a!pv!A4F5DA82999C

RDN/Generic.bfr!gr!A0C59CC3E9A2

RDN/Generic PWS.y!zb!04CAB1859D9D

RDN/PWS-Banker!A5438D923670

RDN/Generic.bfr!9EE3C58CC835

Generic PUP.x!504AC1DDC43A

Generic.bfr!3AE58B1E701B

Phishing

CreditCardOnline

8th April 2014

Credit card security - NatWest

NatWest

8th April 2014

ACCESS TO ONLINE BANKING
SERVICE

Lucy Snell

8th April 2014

Lloyds Packaged Current
Account Visits Available

Lloyds

8th April 2014

Irregular activity on your
Lloyds Debit Card

HALIFAX BANK UK

8th April 2014

HALIFAX BILLS MINIMUM PAYMENT
IS DUE

Vulnerebility

OptiPNG Use-After-Free Remote Code Execution Vulnerability
2014-04-08
http://www.securityfocus.com/bid/55566

OpenSSH Certificate Validation Security Bypass Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66459

libproxy CVE-2012-4504 Stack-Based Buffer Overflow Vulnerability
2014-04-08
http://www.securityfocus.com/bid/55909

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64921

TigerVNC CVE-2014-0011 Heap Buffer Overflow Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66313

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66397

OpenStack Keystone EC2-style Tokens Validation Privilage Escalation Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64253

OpenStack Keystone Trustee Token Revocation Failure Security Bypass Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65895

Munin CVE-2013-6359 Remote Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64189

Munin CVE-2013-6048 Remote Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64188

Icinga Classic UI 'MAX_INPUT_BUFFER' Value Multiple Buffer Overflow Vulnerabilities
2014-04-08
http://www.securityfocus.com/bid/66212

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65258

Cisco IOS XR Software ICMPv6 Processing Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66658

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2014-04-08
http://www.securityfocus.com/bid/63115

Xen '/hvm/hvm.c' Remote Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66407

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64935

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64894

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66478

Xen 'FLASK_AVC_CACHESTAT' Hypercall Off-By-One Error Local Memory Corruption Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65414

Linux Kernel CVE-2014-2568 Information Disclosure Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66348

Xen 'xc_cpupool_getinfo()' Function Use After Free Memory Corruption Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65529

Linux Kernel 'get_rx_bufs()' Function Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66441

Xen XSM/Flask Hypercalls Local Integer Overflow Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65419

Xen Linux netback CVE-2014-2580 Remote Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/66386

Xen libvchan Xenstore Ring Indexes Local Privilege Escalation Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65424

Xen Use After Free Memory Corruption Vulnerability
2014-04-08
http://www.securityfocus.com/bid/65097

Xen IOMMU TLB Flushing Suppress Flag Privilege Escalation Vulnerability
2014-04-08
http://www.securityfocus.com/bid/64195

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-04-08
http://www.securityfocus.com/bid/63983

Exploit

     XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF)

  JIRA Issues Collector Directory Traversal

7.4.2014

Bugtraq

CA20140403-01: Security Notice for CA Erwin Web Portal 2014-04-03
Kotas, Kevin J (Kevin Kotas ca com)

ESA-2013-039: RSA BSAFEŽ SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

ESA-2012-029: RSA BSAFEŽ SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

Malware

RDN/Generic PUP.x!b2t!AC24489522EB

RDN/Generic PUP.x!b2t!00BD739F3453

RDN/Generic PUP.x!b2t!975201FBB44C

RDN/Generic PUP.x!b2t!14F6E5B74B83

RDN/Generic PUP.x!b2t!2F0A0B8C3326

RDN/Downloader.a!pv!A0A3CD4C1684

RDN/Generic PUP.x!b2t!AE6D379A4F23

Generic PUP.x!3CFD69A7602B

Generic PUP.x!EAAE74DC4244

Generic PUP.x!298FE4BD760F

Generic PUP.x!14AC7EFDE352

Generic PUP.x!F743262265C8

Generic PUP.x!90E07CA5E793

Generic Downloader.x!ECC5081351FA

Generic PUP.x!841B705F9E6A

RDN/Generic PUP.x!b2t!827D6BDE6DA5

RDN/Generic.dx!d2n!CFB72747D3E6

Generic PUP.x!86D8B70A96E4

Generic PUP.x!22A78D5EFD78

Generic PUP.x!3217023256DD

Generic PUP.x!2370C9FC2907

Generic PUP.x!6A0E745943E6

Generic PUP.x!E7B8AAEFE25A

Generic PUP.x!10B040338431

Generic PUP.x!EAA41DB5C250

Generic PUP.x!0B3A89E94681

Generic PUP.x!3BF09BCEA21D

RDN/Generic PUP.x!BC679FE0ECFB

Generic PUP.x!BCD2712F4D9F

Generic PUP.x!0B06EBE4FFEB

Phishing

Barclays Bank

7th April 2014

Important Notice On Your
Account

HALIFAX Bank

7th April 2014

New Security Message

Barclays

7th April 2014

Account Review

Lloyds

7th April 2014

ALERT - BANKING SERVICES
RESTRICTED

Barclays

7th April 2014

Barclays Important Message -
Security & Privacy

Congratulations-CITIBank Accep

7th April 2014

Congratulations!
jmcrews@aol.com CITIBank
approval notice

National

7th April 2014

NatWest Bank Alert:
Unauthorized Access On Your
Account.

NatWest

6th April 2014

Access to Online Banking
Service !

Barclays Bank Plc

6th April 2014

New Payment Notification From
Barclays Bank Plc!

NatWest

6th April 2014

NatWest Online Banking
Security

Natwest

6th April 2014

UPDATES AND CONFIRMATION TO
YOUR ACCOUNT

Co-operative Bank Plc

6th April 2014

New Payment Notification From
Co-operative Bank Plc.

Blizzard Entertainment

6th April 2014

World of Warcraft - Account
Investigation

PayPal

6th April 2014

UPDATE YOUR INFORMATION

MBNA credit card

6th April 2014

*** CACTUS *** your official
notification from MBNA credit
card

Regions

6th April 2014

Regions - Update Your Online
Banking Information

NatWest

6th April 2014

NatWest Bank Alert:
Unauthorized Access On Your
Account.

Eve

6th April 2014

APPLICATION FOR THE POSITION
OF OUTDOOR SALES EXECUTIVE,
MARKETING EXECUTIVE, BUSINESS
DEVELOPMENT EXECUTIVE

O2

6th April 2014

Your O2 username

NatWest Credit Card

6th April 2014

ONLINE SERVICES - ACCOUNT
LOCKED

Verizon

5th April 2014

Verizon Notification ID :
FCWWUPLSXC

NatWest Credit Card

5th April 2014

*** *** ONLINE SERVICES -
ACCOUNT LOCKED

Pay Pal

5th April 2014

NOTICE OF POLICY UPDATES

Barclays Bank PLC

5th April 2014

Your Account Has Been Flagged

Vulnerebility

ASUS RT-N56U Router Remote Command Injection Vulnerability
2014-04-07
http://www.securityfocus.com/bid/60431

OpenSSH Certificate Validation Security Bypass Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66459

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66355

MediaWiki Multiple Security Vulnerabilities
2014-04-07
http://www.securityfocus.com/bid/65003

Mediawiki CSS Tags CVE-2013-4567 HTML Injection Vulnerability
2014-04-07
http://www.securityfocus.com/bid/63760

Mediawiki CSS Tags CVE-2013-4568 HTML Injection Vulnerability
2014-04-07
http://www.securityfocus.com/bid/63761

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-04-07
http://www.securityfocus.com/bid/65223

MediaWiki 'Special:ChangePassword' CVE-2014-2665 Cross Site Request Forgery Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66600

Mediawiki 'SVG' Files Cross Site Scripting Vulnerability
2014-04-07
http://www.securityfocus.com/bid/59594

Mediawiki Caching Session Cookies Information Disclosure Vulnerability
2014-04-07
http://www.securityfocus.com/bid/63757

Apache Camel CVE-2014-0002 XML External Entity Information Disclosure Vulnerability
2014-04-07
http://www.securityfocus.com/bid/65901

RESTEasy JaxB XML Entity References Information Disclosure Vulnerability
2014-04-07
http://www.securityfocus.com/bid/51766

RESTEasy XML Entity References Information Disclosure Vulnerability
2014-04-07
http://www.securityfocus.com/bid/51748

Bouncy Castle TLS CVE-2013-1624 Information Disclosure Vulnerability
2014-04-07
http://www.securityfocus.com/bid/57774

Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
2014-04-07
http://www.securityfocus.com/bid/65902

XStream CVE-2013-7285 Remote Code Execution Vulnerability
2014-04-07
http://www.securityfocus.com/bid/64760

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-04-07
http://www.securityfocus.com/bid/65400

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-04-07
http://www.securityfocus.com/bid/65773

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-04-07
http://www.securityfocus.com/bid/66363

Cisco Emergency Responder CVE-2014-2116 Multiple Cross Site Scripting Vulnerabilities
2014-04-07
http://www.securityfocus.com/bid/66632

Cisco Emergency Responder CVE-2014-2117 Open Redirection Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66634

Cisco Emergency Responder CVE-2014-2114 Cross Site Scripting Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66635

Cisco Emergency Responder CVE-2014-2115 Cross-Site Request Forgery Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66631

Cisco IOS and IOS XE Software CVE-2014-2143 Denial of Service Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66628

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-04-07
http://www.securityfocus.com/bid/66303

Linux-PAM 'format_timestamp_name()' Function Directory Traversal Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66493

Intelligent Platform Management Interface CVE-2013-4786 Information Disclosure Vulnerability
2014-04-07
http://www.securityfocus.com/bid/61076

RETIRED: HP Integrated Lights-Out CVE-2013-4786 Unspecified Authentication Bypass Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66627

IBM AIX CVE-2013-4011 Multiple Local Privilege Escalation Vulnerabilities
2014-04-07
http://www.securityfocus.com/bid/61287

WebKit CVE-2014-1297 Unspecified Security Bypass Vulnerability
2014-04-07
http://www.securityfocus.com/bid/66580

Exploit

 

4.4.2014

Bugtraq

ESA-2013-039: RSA BSAFEŽ SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

ESA-2012-029: RSA BSAFEŽ SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2014-04-03
security-alert hp com

[softScheck] Denial of Service in Microsoft Office 2007-2013 2014-04-03
Lubomir Stroetmann (lubomir stroetmann softscheck com)

Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability 2014-04-03
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.bfr!gi!10D04F9E0DD9

RDN/Generic.bfr!0ED19411EE02

RDN/Generic.bfr!gi!052040AEC1AF

RDN/Generic.bfr!gi!0FB26BA3D0B5

RDN/Generic.bfr!gi!033ACD2195C6

RDN/Generic.bfr!gi!169308FD40D3

RDN/Generic.bfr!gi!0378CBBE0611

RDN/Generic.bfr!go!046C483538C4

Generic PUP.x!296EBA8CDBC9

RDN/Generic.bfr!gi!0692DA9B1D6B

RDN/Generic.bfr!go!16F6BDFDE098

RDN/Generic.bfr!go!05C9627BA208

RDN/Generic.bfr!gi!1B70B4077794

RDN/Generic PUP.x!b2g!293FAFDFECF8

Generic PUP.x!E68F4D835F23

RDN/Generic.bfr!gi!09AB76029919

RDN/Generic.bfr!go!14E66A0EF87A

RDN/Generic.bfr!go!070CEA8A8241

RDN/Generic.bfr!gi!064C64D45DD2

RDN/Generic PUP.x!b2g!E68180334ADF

Generic PUP.x!2975590ED429

Generic.tfr!2976A393F1B9

RDN/Generic.bfr!go!0F6B0644EE9B

RDN/Generic PUP.x!b2g!E67DA7773FAB

Generic PUP.x!A529C00AD44B

PUP-FID!E6735C0550B5

RDN/Generic PUP.x!b2g!E67ED722DC20

RDN/Generic.tfr!dx!F2116F0064A6

RDN/Generic PUP.x!b2g!F606A822543A

RDN/Generic.bfr!go!0034C74FFDE0

Phishing

 

Vulnerebility

WebKit CVE-2014-1297 Unspecified Security Bypass Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66580

WebKit CVE-2014-1309 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66574

WebKit CVE-2014-1308 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66573

LibTIFF CVE-2013-4232 Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/61849

WebKit CVE-2014-1302 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66585

LibTIFF CVE-2013-4244 Out of Bounds Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/62019

LibTIFF CVE-2013-4231 Multiple Buffer Overflow Vulnerabilities
2014-04-04
http://www.securityfocus.com/bid/61695

LibTIFF CVE-2013-1961 Stack Based Buffer Overflow Vulnerability
2014-04-04
http://www.securityfocus.com/bid/59607

WebKit CVE-2014-1301 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66584

LibTIFF 't2_process_jpeg_strip()' Function Heap-based Buffer Overflow Vulnerability
2014-04-04
http://www.securityfocus.com/bid/59609

LibTIFF CVE-2013-4243 Heap Buffer Overflow Vulnerability
2014-04-04
http://www.securityfocus.com/bid/62082

WebKit CVE-2014-1312 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66578

WebKit CVE-2014-1310 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66575

WebKit CVE-2014-1304 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66586

WebKit CVE-2014-1311 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66577

WebKit CVE-2014-1305 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66587

WebKit CVE-2014-1307 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66572

WebKit CVE-2014-1300 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66583

WebKit CVE-2014-1313 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66579

WebKit CVE-2014-1298 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66576

WebKit CVE-2014-1299 Unspecified Memory Corruption Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66581

Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2014-04-04
http://www.securityfocus.com/bid/65997

IBM WebSphere Portal CVE-2014-0901 Cross Site Scripting Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66559

IBM WebSphere Portal CVE-2014-0828 Cross Site Scripting Vulnerability
2014-04-04
http://www.securityfocus.com/bid/66556

Xen 'hvm_do_hypercall()' Function Local Privilege Escalation Vulnerability
2014-04-04
http://www.securityfocus.com/bid/63931

Linux Kernel 'qeth_core_main.c' File Local Buffer Overflow Vulnerability
2014-04-04
http://www.securityfocus.com/bid/63890

Linux Kernel AACRAID Driver Compat IOCTL Local Security Bypass Vulnerability
2014-04-04
http://www.securityfocus.com/bid/63888

Linux Kernel 'ipc_rcu_putref()' Function Local Denial of Service Vulnerability
2014-04-04
http://www.securityfocus.com/bid/63445

Linux Kernel CVE-2013-7263 Multiple Information Disclosure Vulnerabilities
2014-04-04
http://www.securityfocus.com/bid/64686

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-04-04
http://www.securityfocus.com/bid/63983

Exploit

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

3.4.2014

Bugtraq

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)

Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Phishing

 

Vulnerebility

Linux Kernel 'compat_sys_recvmmsg()' Function Local Memory Corruption Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65255

ownCloud Multiple Arbitrary PHP Code Execution Vulnerabilities
2014-04-03
http://www.securityfocus.com/bid/58109

PostgreSQL CVE-2014-0065 Remote Stack Buffer Overflow Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65731

PostgreSQL CVE-2014-0064 Multiple Remote Buffer Overflow Vulnerabilities
2014-04-03
http://www.securityfocus.com/bid/65725

PostgreSQL CVE-2014-0063 Remote Stack Buffer Overflow Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65719

PostgreSQL CVE-2014-0066 Remote Denial Of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65728

PostgreSQL CVE-2014-0060 Security Bypass Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65723

PostgreSQL CVE-2014-0061 Security Bypass Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65724

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-04-03
http://www.securityfocus.com/bid/65727

Conga luci Multiple Local Information Disclosure Vulnerabilities
2014-04-03
http://www.securityfocus.com/bid/57322

Mozilla Network Security Services CVE-2014-1492 Unspecified Security Vulnerability
2014-04-03
http://www.securityfocus.com/bid/66356

War FTP Daemon Log Messages Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/58182

Memcached verbose mode CVE-2013-7291 Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/64989

memcached Verbose Mode Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/64978

memcache SASL Authentication Security Bypass Vulnerability
2014-04-03
http://www.securityfocus.com/bid/64559

Memcached 'items.c' Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/64988

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-04-03
http://www.securityfocus.com/bid/64914

PHP CVE-2011-4718 Session Fixation Vulnerability
2014-04-03
http://www.securityfocus.com/bid/61929

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2014-04-03
http://www.securityfocus.com/bid/61776

PHP CVE-2013-2110 Heap Based Buffer Overflow Vulnerability
2014-04-03
http://www.securityfocus.com/bid/60411

PHP Calendar Extension 'SndToJewish()' Remote Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/60731

PHP Fileinfo Component 'libmagic/softmagic.c' Remote Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/60728

Xen CVE-2013-1920 Memory Corruption Vulnerability
2014-04-03
http://www.securityfocus.com/bid/58880

Xen CVE-2013-1917 Remote Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/59291

Xen 'hvm_do_hypercall()' Function Local Privilege Escalation Vulnerability
2014-04-03
http://www.securityfocus.com/bid/63931

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/63983

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-04-03
http://www.securityfocus.com/bid/66397

Xen 'XENMEM_exchange' Local Privilege Escalation Vulnerability
2014-04-03
http://www.securityfocus.com/bid/56797

Xen 'extent_order' Values Multiple Local Denial of Service Vulnerabilities
2014-04-03
http://www.securityfocus.com/bid/56798

Xen PV Domain Builder Kernel Decompression Local Denial Of Service Vulnerability
2014-04-03
http://www.securityfocus.com/bid/56289

Exploit

 

2.4.2014

Bugtraq

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)

Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)

SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager 2014-04-02
SEC Consult Vulnerability Lab (research sec-consult com)

iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02
Vulnerability Lab (research vulnerability-lab com)

APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 2014-04-01
Apple Product Security (product-security-noreply lists apple com)

[IMF 2014] Call for Participation 2014-04-01
Oliver Goebel (goebel cert uni-stuttgart de)

Malware

RDN/Generic PUP.x!bxt!9B081DB4578F

RDN/Generic.bfr!gf!9B3515642B5E

RDN/Generic PUP.x!bxt!9AFDABFA3D74

RDN/Generic PUP.x!bxt!9AEF93192B58

RDN/Generic PUP.x!bxt!9AF5736DE71D

RDN/Generic PUP.x!bxt!9AEC6DC2B356

RDN/Generic PUP.x!bxt!9AEE1BBA2A86

RDN/Generic PUP.x!bxt!9AFE0577B1B7

RDN/Generic.bfr!gf!1563211B5158

RDN/Generic PUP.x!bxt!9B0EB48940A7

RDN/Generic PUP.x!bxt!9B13FC3948E0

RDN/Generic PUP.x!bxt!9AE8B0A9A1DB

RDN/Generic PUP.x!bxt!9AEEC4BD35DD

Generic PUP.x!119B529F4A5E

RDN/Generic PUP.x!bxt!9AF7CF60A71C

RDN/Generic PUP.x!bxt!9AF9C8C2AF54

DirectDownminer!9B2F8436298B

RDN/Generic PUP.x!bxt!9AE0B347E7D5

RDN/Generic PUP.x!bxt!9B13AE49B8BA

RDN/Generic PUP.x!bxt!9AE2445060CF

RDN/Generic PUP.x!bxt!9B0E9E437755

RDN/Generic PUP.x!bxt!9AD3D04BE03A

RDN/Generic PUP.x!bxt!9AEB064FB63E

RDN/Generic PUP.x!bxt!9ADF3C1828F6

StartPage-NY!9B2D0E6DBAF0

Generic PUP.x!9B05773325BC

Generic PUP.x!9B1B79A1A266

RDN/Generic PUP.x!bxt!9AE45518C6FF

RDN/Generic PUP.x!bxt!9AE895890F59

RDN/BackDoor-FBSA!a!08C14BFB20DF

Phishing

 

Vulnerebility

War FTP Daemon Log Messages Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/58182

Memcached verbose mode CVE-2013-7291 Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/64989

memcached Verbose Mode Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/64978

memcache SASL Authentication Security Bypass Vulnerability
2014-04-02
http://www.securityfocus.com/bid/64559

Memcached 'items.c' Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/64988

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-04-02
http://www.securityfocus.com/bid/64914

PHP CVE-2011-4718 Session Fixation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/61929

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2014-04-02
http://www.securityfocus.com/bid/61776

PHP CVE-2013-2110 Heap Based Buffer Overflow Vulnerability
2014-04-02
http://www.securityfocus.com/bid/60411

PHP Calendar Extension 'SndToJewish()' Remote Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/60731

PHP Fileinfo Component 'libmagic/softmagic.c' Remote Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/60728

Xen CVE-2013-1920 Memory Corruption Vulnerability
2014-04-02
http://www.securityfocus.com/bid/58880

Xen CVE-2013-1917 Remote Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/59291

Xen 'hvm_do_hypercall()' Function Local Privilege Escalation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/63931

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/63983

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-04-02
http://www.securityfocus.com/bid/66397

Xen 'XENMEM_exchange' Local Privilege Escalation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/56797

Xen 'extent_order' Values Multiple Local Denial of Service Vulnerabilities
2014-04-02
http://www.securityfocus.com/bid/56798

Xen PV Domain Builder Kernel Decompression Local Denial Of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/56289

Xen CVE-2013-4355 Information Disclosure Vulnerability
2014-04-02
http://www.securityfocus.com/bid/62708

Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/58323

Xen CVE-2013-4494 Denial of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/63494

lighttpd CVE-2013-1427 Insecure Temporary File Creation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/58528

Xen CVE-2013-2194 Remote Privilege Escalation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/60702

lighttpd Slow Request Handling Remote Denial Of Service Vulnerability
2014-04-02
http://www.securityfocus.com/bid/38036

Xen CVE-2013-2195 Pointer Dereference Privilege Escalation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/60701

Xen CVE-2013-4368 Information Disclosure Vulnerability
2014-04-02
http://www.securityfocus.com/bid/62935

Xen CVE-2013-2196 Remote Privilege Escalation Vulnerability
2014-04-02
http://www.securityfocus.com/bid/60703

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2014-04-02
http://www.securityfocus.com/bid/61128

PHP '_php_stream_scandir()' Buffer Overflow Vulnerability
2014-04-02
http://www.securityfocus.com/bid/54638

Exploit

 

1.4.2014

Bugtraq

[SECURITY] [DSA 2891-2] mediawiki regression update 2014-03-31
Thijs Kinkhorst (thijs debian org)

PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560) 2014-03-31
Jason Ostrom (jostrom storasec net)

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)

PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2891-1] mediawiki security update 2014-03-30
Thijs Kinkhorst (thijs debian org)

Malware

Generic PUP.x!50D4A36BA7C0

Generic PUP.x!2F4C58DCD882

Generic PUP.x!C78FB76BE4C9

Generic Downloader.sd!4725C040EB7A

Generic PUP.x!EEDA1FE33D22

Generic PUP.x!87308E2DA6CF

Generic PUP.x!5A6342DAD071

Generic PUP.x!93E3A2D8C32F

Generic PUP.x!3C34FB3C1B14

Generic PUP.x!C7582097A087

Generic PUP.x!05855C7D62A3

Generic PUP.x!5117363027C6

Generic PUP.x!535466C10799

Generic PUP.x!1B8188EFBDF9

Generic PUP.x!DA075FD73A00

Generic.bfr!5158F5BD285D

Generic PUP.x!5058D7F4D068

RDN/Generic PUP.x!bxj!3E208CB41B83

RDN/Generic PUP.x!bxj!C659E2A8B55E

RDN/Generic PUP.x!bxj!C6918377E4DF

Generic PUP.x!C03BB1F63B1C

Generic PUP.x!CB13D31C5CFB

Generic PUP.x!7AB14C8733F8

Generic PUP.x!5D695F4FBB93

Generic PUP.x!C4CEAC064B1F

Generic PUP.x!045B70CCBE0F

Generic PUP.x!518D173E741F

Generic PUP.x!E3CF93C31B8F

Generic PUP.x!11A413E12425

Generic PUP.x!B76C29D71CDC

Phishing

 

Vulnerebility

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-04-01
http://www.securityfocus.com/bid/63101

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/61310

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/63224

Multiple IBM Products CVE-2013-6747 Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/65156

cURL/libcURL CVE-2014-2522 SSL Certificate Validation Security Bypass Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66296

Apple Mac OS X APPLE-SA-2014-02-25-1 Multiple Security Vulnerabilities
2014-04-01
http://www.securityfocus.com/bid/65777

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66457

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66458

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-04-01
http://www.securityfocus.com/bid/66303

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66355

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-04-01
http://www.securityfocus.com/bid/65919

OpenLDAP 'rwm_conn_destroy' Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/63190

Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66474

ManageEngine OpStor Cross Site Scripting And Privilege Escalation Vulnerabilities
2014-04-01
http://www.securityfocus.com/bid/66499

IBM Eclipse Help System CVE-2013-5449 Cross Site Scripting Vulnerability
2014-04-01
http://www.securityfocus.com/bid/64058

SePortal 'sp_id' Parameter SQL Injection Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66315

Wireshark BSSGP Dissector Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/64413

AudioCoder '.m3u' File Buffer Overflow Vulnerability
2014-04-01
http://www.securityfocus.com/bid/59606

Joomla! Kunena '\bbcode\bbcode.php' HTML injection Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66502

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66478

Symantec LiveUpdate Administrator CVE-2014-1644 Unauthorized Access Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66399

Symantec LiveUpdate Administrator CVE-2014-1645 SQL Injection Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66400

Siemens SIMATIC S7-1200 CVE-2014-2254 Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66349

Siemens SIMATIC S7-1200 CVE-2014-2258 Denial of Service Vulnerability_
2014-04-01
http://www.securityfocus.com/bid/66344

Fitnesse CVE-2014-1216 Remote Code Execution Vulnerability
2014-04-01
http://www.securityfocus.com/bid/65921

Siemens SIMATIC S7-1200 CVE-2014-2256 Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66353

python 'os._get_masked_mode()' Function Local Race Condition Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66521

Linux Kernel 'arch_dup_task_struct()' Function Local Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66477

Linux Kernel 'drivers/net/wireless/ath/ath9k/xmit.c' Local Denial of Service Vulnerability
2014-04-01
http://www.securityfocus.com/bid/66492

Mediawiki Caching Session Cookies Information Disclosure Vulnerability
2014-04-01
http://www.securityfocus.com/bid/63757

Exploit

  SePortal SQLi Remote Code Execution

  PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities

  Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

  Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion

  EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read

31.3.2014

Bugtraq

Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk 2014-03-28
CERT telekom de

iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28
Vulnerability Lab (research vulnerability-lab com)

[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration 2014-03-27
RedTeam Pentesting GmbH (release redteam-pentesting de)

Malware

Generic.tfr!0A58B2F63A23

Generic.tfr!63B462B3D5A3

RDN/Generic PUP.x!bxh!F9C8C5015A88

Generic PUP.x!AF6D2CB539F7

RDN/Generic PUP.x!CDFE348F7582

RDN/PWS-Mmorpg!ky!9094A4FF86B1

RDN/Generic Downloader.x!423DFAACF336

Generic.dx!8D7E18609222

RDN/Generic.bfr!gn!6D05A95CCAED

RDN/Generic PUP.x!4F83B7B07D2D

RDN/Generic Downloader.x!283B8A94A5A1

RDN/Generic.dx!d2g!9261CEC8A0C3

Generic.dx!B09B4F477F90

RDN/Generic PUP.x!309C015807D1

RDN/Generic Downloader.x!C21D2BF55EB6

RDN/Generic PUP.x!F12CB913DDD7

RDN/PWS-Mmorpg!ky!BABA76129195

RDN/Generic PWS.y!A7E4D2A18299

RDN/Generic PUP.x!68749BDA4BD1

Generic.tfr!D406376B9C1A

RDN/Generic Downloader.x!jz!D1175D1D53F8

Generic PUP.x!B009902A4FF8

RDN/Generic PUP.x!44FAC8844DF5

RDN/Spybot.bfr!EFD931FD7C09

RDN/Generic Downloader.x!FDEEB20412F5

RDN/Generic Downloader.x!EC5D73B8A3AB

RDN/Generic PUP.x!81B7F5498EF7

Generic.tfr!FE46EB4B02D8

RDN/Generic PUP.x!B4BEDB24196F

RDN/Generic.dx!70B99874B22D

Phishing

 

Vulnerebility

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64928

Oracle Java SE CVE-2013-5888 Local Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64925

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64912

Oracle Java SE CVE-2013-5889 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64931

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64937

FFmpeg and Libav 'libavcodec/wmalosslessdec.c' Memory Corruption Vulnerability
2014-03-31
http://www.securityfocus.com/bid/66057

FFmpeg and Libav 'libavformat/mpegtsenc.c' Buffer Overflow Vulnerability
2014-03-31
http://www.securityfocus.com/bid/65560

FFmpeg and Libav 'msrle_decode_frame()' Function Out of Bounds Denial of Service Vulnerability
2014-03-31
http://www.securityfocus.com/bid/66060

FFmpeg Prior to 2.1 Multiple Remote Vulnerabilities
2014-03-31
http://www.securityfocus.com/bid/63936

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-03-31
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64919

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64907

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64932

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64882

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64916

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64920

Linux Kernel CVE-2011-4110 NULL Pointer Dereference Denial of Service Vulnerability
2014-03-28
http://www.securityfocus.com/bid/50755

Exploit

 

30.3.2014

Bugtraq

Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk 2014-03-28
CERT telekom de

iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28
Vulnerability Lab (research vulnerability-lab com)

[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration 2014-03-27
RedTeam Pentesting GmbH (release redteam-pentesting de)

[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update 2014-03-27
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update 2014-03-27
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBST02968 rev.2 - HP StoreOnce, Remote Unauthorized Access 2014-03-27
security-alert hp com

ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

ES746 DELL Support-Bulletin - EMS Vulnerability Resolved 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20140328-0 :: Multiple vulnerabilities in Symantec LiveUpdate Administrator 2014-03-28
SEC Consult Vulnerability Lab (research sec-consult com)

Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2889-1] postfixadmin security update 2014-03-28
Thijs Kinkhorst (thijs debian org)

[oCERT-2014-003] LibYAML input sanitization errors 2014-03-26
Andrea Barisani (lcars ocert org)

ESA-2014-016: EMC VPLEX Multiple Vulnerabilities 2014-03-26
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2886-1] libxalan2-java security update 2014-03-26
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update 2014-03-26
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2884-1] libyaml security update 2014-03-26
Salvatore Bonaccorso (carnil debian org)

Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516) 2014-03-26
Roee Hay (roeeh il ibm com)

Cisco Security Advisory: Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software SSL VPN Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2014-015: RSAŽ Authentication Manager Cross Frame Scripting Vulnerability 2014-03-26
Security Alert (Security_Alert emc com)

VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free (Pwn2Own) 2014-03-26
VUPEN Security Research (advisories vupen com)

Malware

Generic PUP.x!3749C44CC820

RDN/Generic PUP.x!bxg!A72A4E0A25B3

RDN/Generic.bfr!gn!AD96F637D91E

Generic Downloader.x!85B56C6907F3

Generic PUP.x!7A8D095E8371

Generic PUP.x!3FBA30F0B964

Generic PUP.x!FF2781D77875

RDN/Generic.bfr!gn!C734F0068C05

Generic PUP.x!03B46FD9A694

Generic Downloader.x!7D2A77388BB7

FakeAV-M.bfr!43A03569274E

Generic PUP.x!83DB9E737602

Generic Downloader.x!5304A89571A6

Downloader.gen.a!F7CEDA399735

Downloader.gen.a!A1CF38DE0EB1

Generic PUP.x!D0FF1F7E9EAA

Generic.tfr!9D8F565217FC

Generic PUP.x!460CDD7771AF

Generic Downloader.x!878A9E41231B

Generic.dx!0A92D42A8C62

Generic PUP.x!3849BA060F41

Generic.tfr!B0DCAEE488B7

Generic.tfr!7FBCD1CB442B

Generic PUP.x!591F1B0EC8B7

RDN/BackDoor-CEP!F8DD49D4704F

Generic.bfr!FC35A0E28C64

Generic Downloader.x!9635DFDE95B6

Downloader.gen.a!21E7E98B3E7C

Generic Downloader.x!FC6C86A7E60A

Generic.tfr!D93D9F2A72C2

Phishing

 

Vulnerebility

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64912

Oracle Java SE CVE-2013-5889 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64931

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64937

FFmpeg and Libav 'libavcodec/wmalosslessdec.c' Memory Corruption Vulnerability
2014-03-30
http://www.securityfocus.com/bid/66057

FFmpeg and Libav 'libavformat/mpegtsenc.c' Buffer Overflow Vulnerability
2014-03-30
http://www.securityfocus.com/bid/65560

FFmpeg and Libav 'msrle_decode_frame()' Function Out of Bounds Denial of Service Vulnerability
2014-03-30
http://www.securityfocus.com/bid/66060

FFmpeg Prior to 2.1 Multiple Remote Vulnerabilities
2014-03-30
http://www.securityfocus.com/bid/63936

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64922

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64928

Oracle Java SE CVE-2013-5888 Local Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64925

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-03-30
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64919

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64907

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64932

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64882

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64916

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-03-28
http://www.securityfocus.com/bid/64920

Linux Kernel CVE-2011-4110 NULL Pointer Dereference Denial of Service Vulnerability
2014-03-28
http://www.securityfocus.com/bid/50755

Exploit

  AudioCoder 0.8.29 - Memory Corruption (SEH)

  ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect Vulnerability

11.3.2014

Bugtraq

APPLE-SA-2014-03-10-2 Apple TV 6.1 2014-03-10
Apple Product Security (product-security-noreply lists apple com)

[ MDVSA-2014:050 ] wireshark 2014-03-10
security mandriva com

APPLE-SA-2014-03-10-1 iOS 7.1 2014-03-10
Apple Product Security (product-security-noreply lists apple com)

Android Vulnerability: Install App Without User Explicit Consent 2014-03-10
Daniel Divricean (divricean gmail com)

[security bulletin] HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability 2014-03-10
security-alert hp com

[SECURITY] [DSA 2872-1] udisks security update 2014-03-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2871-1] wireshark security update 2014-03-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:049 ] subversion 2014-03-10
security mandriva com

[ MDVSA-2014:048 ] gnutls 2014-03-10
security mandriva com

Malware

Generic PUP.x!9D1F6026B065

Generic PUP.x!1A1BE127FDBD

Generic PUP.x!7180FC04B584

RDN/Generic.bfr!ge!CEBFFAC33820

RDN/Generic.bfr!ge!F454D20E83AF

Generic PUP.x!554EB73AC8C8

Generic PUP.x!E223D1330EA2

RDN/Generic.bfr!ge!0A7EE0C42B5B

RDN/Generic.dx!czl!98AF2D4FA89C

Generic PUP.x!ABB14F83464B

Generic PUP.x!8A358B37B7E5

Generic PUP.x!E445C0AA6653

RDN/Generic PUP.x!btz!DDF4B4AD6827

Generic PUP.x!24664064ECA2

Generic PUP.x!058E406DC4C4

RDN/Generic.dx!czl!F27813D293A7

RDN/Generic.bfr!ge!E9EE755CE618

Generic PUP.x!D332FF3BBDA2

RDN/Generic.dx!czl!34E08BEDCD23

Generic PUP.x!2C6C16F27A42

Generic PUP.x!FD3EA9E0BA99

Generic PUP.x!6B5998FD49E1

Generic.bfr!D6B3153753A3

RDN/Generic.bfr!gg!40AB59AED47C

Generic PUP.x!8439B18DB451

Generic PUP.x!BF81D5679793

RDN/Generic PUP.x!btz!372F1964DDC2

Generic.dx!D09780E39566

Generic.bfr!22CCCA2B5D36

Generic.bfr!C29AD5F23E81

Phishing

Regions

11th March 2014

Regions - Update Your Online
Banking Information

alerts

10th March 2014

Regions Bank Alert: Account
Status Update.

Vulnerebility

Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65997

WebKit CVE-2013-2909 Use After Free Remote Code Execution Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64354

Apple Safari CVE-2013-5227 Multiple Cross Origin Information Disclosure Vulnerabilities
2014-03-11
http://www.securityfocus.com/bid/64355

Google Chrome CVE-2013-2926 Use After Free Remote Code Execution Vulnerability
2014-03-11
http://www.securityfocus.com/bid/63028

Google Chrome CVE-2013-6625 Use After Free Remote Code Execution Vulnerability
2014-03-11
http://www.securityfocus.com/bid/63672

Google Chrome CVE-2013-2928 Multiple Unspecified Security Vulnerabilities
2014-03-11
http://www.securityfocus.com/bid/63024

Apple Pages File Processing Remote Code Execution Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65113

libTIFF TIFF Image CVE-2012-2088 Buffer Overflow Vulnerability
2014-03-11
http://www.securityfocus.com/bid/54270

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/63676

WebKit CVE-2013-5198 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64359

WebKit CVE-2014-1269 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65780

WebKit CVE-2014-1270 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65781

WebKit CVE-2013-5225 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64360

WebKit CVE-2013-6635 Use After Free Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65779

WebKit CVE-2013-5199 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64361

WebKit CVE-2013-5196 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64356

WebKit CVE-2013-5228 Use After Free Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64362

WebKit CVE-2013-5197 Unspecified Memory Corruption Vulnerability
2014-03-11
http://www.securityfocus.com/bid/64358

Python SSL Module CVE-2013-4238 Security Bypass Vulnerability
2014-03-11
http://www.securityfocus.com/bid/61738

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2014-03-11
http://www.securityfocus.com/bid/63224

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-03-11
http://www.securityfocus.com/bid/63101

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-03-11
http://www.securityfocus.com/bid/61310

Ruby SSL Client Certificate Validation CVE-2013-4073 Security Bypass Vulnerability
2014-03-11
http://www.securityfocus.com/bid/60843

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65434

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65919

Atlassian JIRA Issue Collector Plugin Arbitrary File Creation Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65849

Atlassian JIRA Importers Plugin Arbitrary File Creation Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65841

Xen CVE-2013-4355 Information Disclosure Vulnerability
2014-03-11
http://www.securityfocus.com/bid/62708

Linux Kernel 'request_module() OOM' Local Denial Of Service Vulnerability
2014-03-11
http://www.securityfocus.com/bid/55361

WordPress Search Everything Plugin 'index.php' SQL Injection Vulnerability
2014-03-11
http://www.securityfocus.com/bid/65765

Exploit

  SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write

  Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities

10.3.2014

Bugtraq

[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability 2014-03-07
contact httpcs com

[security bulletin] HPSBUX02963 SSRT101297 rev.1 - HP-UX m4(1), Local Unauthorized Access 2014-03-07
security-alert hp com

SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot 2014-03-07
SEC Consult Vulnerability Lab (research sec-consult com)

CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
Portcullis Advisories (advisories portcullis-security com)

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
Vulnerability Lab (admin vulnerability-lab com)

[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06
Lukasz Lenart (lukaszlenart apache org)

[slackware-security] sudo (SSA:2014-064-01) 2014-03-06
Slackware Security Team (security slackware com)

Malware

RDN/Generic BackDoor!xi!0FF75C1096E6

Generic PUP.x!84DC1DCFADBF

Generic PUP.x!F0EF550AC1ED

RDN/Generic.dx!czk!FD1F3300D4E4

Generic PUP.x!495FBD71E5E1

Generic PUP.x!6972C4202239

Generic PUP.x!287483159EBE

Generic PUP.x!367C44F78EAA

Generic PUP.x!74218F8116CA

Generic PUP.x!0584C5E10A21

RDN/Generic.bfr!27BE325BA264

RDN/Generic.grp!gz!0B184CB5B7FA

Generic PUP.x!78FDD2B9A14D

RDN/Generic PUP.x!btx!C3A92B5E5FFE

RDN/Sytro.worm!c!AA242A0ACCC9

Generic PUP.x!00088979E043

Generic PUP.x!17C1E806D20F

Generic PUP.x!50CB434D7EFF

Generic PUP.x!08C96FAE756B

Generic.dx!22D56F37ECF5

Generic PUP.x!9FF5E60D544F

Generic PUP.x!785141F5C678

Generic PUP.x!E660D0E29377

Generic PUP.x!10BA356A7F50

Generic PUP.x!45F5D4CCB6BF

Generic PUP.x!F646EC1073E0

Generic PUP.x!ABD60F521DD7

Generic PUP.x!90EF5C07B322

RDN/Generic.bfr!ge!0013CBEAE4BF

Generic PUP.x!932E4B93C7B6

Phishing

Chase Notification (SM)

9th March 2014

New Message From Chase Online
(SM)

Apple

9th March 2014

YOUR APPLE ID WAS USED TO SIGN
IN TO ICLOUD ON AN

bt.comms@bt.com

9th March 2014

[SUSPECTED ] Important
Information About Your
Service-Mail Update�

Royalbankofscotland@rbs.com

8th March 2014

******ALERT MESSAGE FROM ROYAL
BANK OF SCOTLAND******
 

Vulnerebility

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-03-10
http://www.securityfocus.com/bid/65919

GnuTLS TLS And DTLS Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/57736

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-03-10
http://www.securityfocus.com/bid/65258

Ruby on Rails 'number_to_currency' Helper Cross Site Scripting Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64077

RubyGems i18n Cross Site Scripting Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64076

Ruby on Rails CVE-2013-6416 Cross Site Scripting Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64071

RubyGems actionpack CVE-2013-6414 Denial of Service Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64074

Ruby on Rails CVE-2013-6417 Unsafe SQL Query Generation Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64106

Libssh CVE-2014-0017 Random Number Generator Weakness
2014-03-10
http://www.securityfocus.com/bid/65963

Linux Kernel 'net/ieee802154/dgram.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64747

GnuTLS CVE-2014-1959 Certificate Validation Security Bypass Weakness
2014-03-10
http://www.securityfocus.com/bid/65559

Jenkins Multiple Remote Security Vulnerabilities
2014-03-10
http://www.securityfocus.com/bid/65694

Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2014-03-10
http://www.securityfocus.com/bid/65379

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-03-10
http://www.securityfocus.com/bid/65459

Google Android WebView Remote Security Bypass Vulnerability
2014-03-10
http://www.securityfocus.com/bid/62512

FFmpeg Multiple Security Vulnerabilities
2014-03-10
http://www.securityfocus.com/bid/65671

Linux Kernel KVM 'recalculate_apic_map()' Function Denial of Service Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64319

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-03-10
http://www.securityfocus.com/bid/63887

Linux Kernel NFS File System 'fs/nfs/write.c' Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/65688

Linux Kernel 'nf_nat_irc.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/65180

Linux Kernel 'net/packet/af_packet.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64744

Linux Kernel 'net/x25/af_x25.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64746

FFmpeg Multiple Denial of Service Vulnerabilities
2014-03-10
http://www.securityfocus.com/bid/65504

Linux Kernel 'net/netrom/af_netrom.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64742

Linux Kernel 'net/ipx/af_ipx.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64741

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64291

Linux Kernel 'drivers/isdn/mISDN/socket.c' Local Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64743

Linux Kernel Memory Leak Multiple Local Information Disclosure Vulnerabilities
2014-03-10
http://www.securityfocus.com/bid/64685

Linux Kernel 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
2014-03-10
http://www.securityfocus.com/bid/63743

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-03-10
http://www.securityfocus.com/bid/64328

Exploit

  GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution

  ClipSharePro <= 4.1 - Local File Inclusion

8.3.2014

Bugtraq

[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability 2014-03-07
contact httpcs com

[security bulletin] HPSBUX02963 SSRT101297 rev.1 - HP-UX m4(1), Local Unauthorized Access 2014-03-07
security-alert hp com

SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot 2014-03-07
SEC Consult Vulnerability Lab (research sec-consult com)

CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
Portcullis Advisories (advisories portcullis-security com)

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
Vulnerability Lab (admin vulnerability-lab com)

[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06
Lukasz Lenart (lukaszlenart apache org)

[slackware-security] sudo (SSA:2014-064-01) 2014-03-06
Slackware Security Team (security slackware com)

Malware

RDN/Generic Downloader.x!jw!48A35E916FC1

Generic BackDoor!B824B7722BD6

RDN/Generic.bfr!gc!E0C84AF44ED0

Generic PUP.x!A9E5866D0BB1

RDN/Generic.bfr!gc!A857FB71D0EA

Generic.tfr!32EB404F610E

RDN/Generic.dx!czj!0748493BCC77

RDN/Generic Downloader.x!jw!C4CF1F87C272

RDN/Generic Dropper!ty!FE8E0919A979

Generic Downloader.x!A833EA614DF3

RDN/Downloader.a!pj!8DF832CEA286

RDN/Generic PUP.x!btr!5A295A420C2B

RDN/Generic PUP.x!btr!FB307AE45545

RDN/Ransom!ec!D84CB06F9B43

Generic PUP.x!A8BD8B16A015

RDN/Generic BackDoor!xg!14CD43506AF1

Generic PUP.x!9AE86824D21A

RDN/Generic PUP.x!btr!E25BE66187C6

RDN/Generic PUP.x!btr!FF9CBCC46C0D

RDN/Generic PUP.x!btr!618736ED8D48

RDN/Generic PUP.x!btr!8361AD094D55

RDN/Generic PUP.x!btr!C2406593DBD5

Generic PUP.x!FDFF5EA118A1

Generic PUP.x!A611BB4CEF34

Generic PUP.x!A5D5038624CE

Generic PUP.x!A857C475935A

RDN/Generic Dropper!80079383F6AE

Generic PUP.x!A83ECB718138

RDN/Generic PUP.x!btr!9BD27EB6E99C

Generic PUP.x!A7CB8B3ACED9

Phishing

NatWest

7th March 2014

ACCESS TO ONLINE BANKING
SERVICE !

Verizon Wireless

7th March 2014

Verizon Notification ID :
NTVKDWQHQD

Pay Pal

7th March 2014

NEW PAYMENT TO SKYPE !

Daily

6th March 2014

Termination of account

Barclays Bank Plc

6th March 2014

Online Account Has Flagged !

Google Secured Document

6th March 2014

VERY IMPORTANT DOCUMENTS

Vulnerebility

Ruby on Rails 'number_to_currency' Helper Cross Site Scripting Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64077

RubyGems i18n Cross Site Scripting Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64076

Ruby on Rails CVE-2013-6416 Cross Site Scripting Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64071

RubyGems actionpack CVE-2013-6414 Denial of Service Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64074

Ruby on Rails CVE-2013-6417 Unsafe SQL Query Generation Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64106

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-03-08
http://www.securityfocus.com/bid/65919

Libssh CVE-2014-0017 Random Number Generator Weakness
2014-03-08
http://www.securityfocus.com/bid/65963

Linux Kernel 'net/ieee802154/dgram.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64747

GnuTLS CVE-2014-1959 Certificate Validation Security Bypass Weakness
2014-03-08
http://www.securityfocus.com/bid/65559

Jenkins Multiple Remote Security Vulnerabilities
2014-03-08
http://www.securityfocus.com/bid/65694

Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2014-03-08
http://www.securityfocus.com/bid/65379

Linux Kernel 'security_context_to_sid_core()' Function Local Denial of Service Vulnerability
2014-03-08
http://www.securityfocus.com/bid/65459

Google Android WebView Remote Security Bypass Vulnerability
2014-03-08
http://www.securityfocus.com/bid/62512

FFmpeg Multiple Security Vulnerabilities
2014-03-08
http://www.securityfocus.com/bid/65671

Linux Kernel KVM 'recalculate_apic_map()' Function Denial of Service Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64319

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-03-08
http://www.securityfocus.com/bid/63887

Linux Kernel NFS File System 'fs/nfs/write.c' Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/65688

Linux Kernel 'nf_nat_irc.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/65180

Linux Kernel 'net/packet/af_packet.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64744

Linux Kernel 'net/x25/af_x25.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64746

FFmpeg Multiple Denial of Service Vulnerabilities
2014-03-08
http://www.securityfocus.com/bid/65504

Linux Kernel 'net/netrom/af_netrom.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64742

Linux Kernel 'net/ipx/af_ipx.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64741

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64291

Linux Kernel 'drivers/isdn/mISDN/socket.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64743

Linux Kernel Memory Leak Multiple Local Information Disclosure Vulnerabilities
2014-03-08
http://www.securityfocus.com/bid/64685

Linux Kernel 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/63743

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64328

Linux Kernel 'net/appletalk/ddp.c' Local Information Disclosure Vulnerability
2014-03-08
http://www.securityfocus.com/bid/64739

Linux Kernel 'xfs_attrlist_by_handle()' Function Local Buffer Overflow Vulnerability
2014-03-08
http://www.securityfocus.com/bid/63889

Exploit

 

7.3.2014

Bugtraq

CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
Portcullis Advisories (advisories portcullis-security com)

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
Vulnerability Lab (admin vulnerability-lab com)

[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06
Lukasz Lenart (lukaszlenart apache org)

[slackware-security] sudo (SSA:2014-064-01) 2014-03-06
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!D75FC6A43027

Adware-FOO!3108969DFF00

Generic PUP.x!674B8F99A22A

Generic PUP.x!8A9CB25B0D54

Generic PUP.x!0E820FAB3E88

RDN/Generic.bfr!ge!D021352EA255

Generic PUP.x!774BB4F8D900

Generic.bfr!2F4A7B485E8B

Generic PUP.x!9FFF137FF37E

Generic PUP.x!6BA06ABA2A3E

RDN/Generic.tfr!du!94ACF8F1BD71

Generic PUP.x!A0566C2ADE08

Generic PUP.x!D02BEEEEE8C0

Generic PUP.x!2410F8710D87

RDN/Generic.bfr!5A720B78AEEB

Generic PUP.x!A2CCB64887B7

Generic PUP.x!05E07049EBF8

Generic PUP.x!6DEE1DDBB91C

Generic PUP.x!40C2B3C0F316

Generic.bfr!65E780645634

Generic PUP.x!73F7D682451F

Generic PUP.x!8942A3361432

Generic PUP.x!27D4FF016F31

Generic PUP.x!121BB86DA817

Generic PUP.x!F7D7743D97BD

RDN/Generic.dx!0C33D4FA532C

Generic.bfr!5EE2D115C3A3

Generic PUP.x!49E9218EE4E8

Generic PUP.x!D95E6117E6CD

Generic PUP.x!EBC6FD456B73

Phishing

Pay Pal

7th March 2014

NEW PAYMENT TO SKYPE !

Daily

6th March 2014

Termination of account

Barclays Bank Plc

6th March 2014

Online Account Has Flagged !

Vulnerebility

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65400

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-03-07
http://www.securityfocus.com/bid/65324

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65320

Mozilla Firefox/SeaMonkey CVE-2014-1488 Remote Code Execution Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65321

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65335

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65326

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-03-07
http://www.securityfocus.com/bid/65930

Mozilla Firefox/SeaMonkey CVE-2014-1485 Cross Site Scripting Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65322

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-03-07
http://www.securityfocus.com/bid/65317

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65330

Mozilla Firefox/SeaMonkey CVE-2014-1483 Multiple Information Disclosure Vulnerabilities
2014-03-07
http://www.securityfocus.com/bid/65316

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65328

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65334

Citrix NetScaler Application Delivery Controller Unspecified Security Vulnerability
2014-03-07
http://www.securityfocus.com/bid/66014

Citrix NetScaler Application Delivery Controller CVE-2013-6939 Denial of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/66010

Citrix NetScaler CVE-2013-6938 Denial of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/66008

Citrix NetScaler Application Delivery Controller Cross Site Request Forgery Vulnerability
2014-03-07
http://www.securityfocus.com/bid/66018

Net-SNMP snmptrapd Remote Denial of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65968

Net-SNMP ICMP-MIB Remote Denial of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65867

Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
2014-03-07
http://www.securityfocus.com/bid/62706

HawtJNI CVE-2013-2035 Local Privilege Escalation Vulnerability
2014-03-07
http://www.securityfocus.com/bid/59876

Spring Framework CVE-2013-4152 Multiple XML External Entity Injection Vulnerabilities
2014-03-07
http://www.securityfocus.com/bid/61951

Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65902

IcedTea-Web LiveConnect Implementation Insecure Temporary File Creation Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65437

OpenSAML-Java ParserPool and Decrypter XML External Entity Injection Vulnerability
2014-03-07
http://www.securityfocus.com/bid/64345

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65767

Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65769

Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
2014-03-07
http://www.securityfocus.com/bid/65773

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-03-07
http://www.securityfocus.com/bid/64618

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-03-07
http://www.securityfocus.com/bid/64691

Exploit

 

6.3.2014

Bugtraq

[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure 2014-03-05
Gustavo Speranza (gustavosj js gmail com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2014-03-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability 2014-03-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure 2014-03-05
Gustavo Speranza (gustavosj js gmail com)

ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities 2014-03-05
Security Alert (Security_Alert emc com)

Multiple Vulnerabilities in OpenDocMan 2014-03-05
High-Tech Bridge Security Research (advisory htbridge com)

Cross-Site Scripting (XSS) in Ilch CMS 2014-03-05
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-1599 - 39 Type-1 XSS in SFR DSL/Fiber Box 2014-03-05
alejandr0.w3b.p0wn3r (alejandr0 w3b p0wn3r gmail com)

[security bulletin] HPSBMU02933 rev.2 - HP SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS) 2014-03-05
security-alert hp com

[security bulletin] HPSBHF02965 rev.1 - HP Security Management System, Remote Execution of Arbitrary Code 2014-03-05
security-alert hp com

[security bulletin] HPSBUX02973 SSRT101455 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-03-04
security-alert hp com

Malware

RDN/Generic PUP.x!5DC170FEED4C

RDN/PWS-Banker!da!AB86731530E5

Generic PUP.x!51F7E26ADE67

RDN/Generic.dx!czh!CA818774E197

Generic PUP.x!542374E8A30D

RDN/Generic.bfr!44B28A39BA54

Generic PUP.x!F7A9C077286C

Generic PUP.x!F0E85CD851AF

Generic.bfr!110479B5BB83

Generic.dx!D1554E3DB835

Generic PUP.x!FED5C032565F

RDN/Generic PUP.x!btm!51164F304AD7

RDN/Generic.dx!czh!0E46630EDBBF

Generic PUP.x!4C9C9775755D

RDN/PWS-Zbot.rh!c!E58D6324A9FD

RDN/Generic.dx!czh!331AC5AD27F5

Generic PUP.x!72CDDB209C4A

Generic PUP.x!D3EBCE6BEE27

RDN/Generic PUP.x!btm!F1FDDB769E75

Generic PUP.z!2BCBB93DCD39

Generic PUP.x!32457F766702

Generic PUP.x!B876B33F8141

Generic PUP.x!E13C29BBE603

Generic PUP.x!70476C02A147

Generic PUP.x!4D76DDFF1CBE

Generic PUP.x!685C963813F0

RDN/Generic.bfr!gc!F977C9EA5FFF

RDN/Generic.bfr!gc!FC7CB7A70AC5

RDN/Generic.dx!czh!1764CABD8386

RDN/Generic PUP.x!btm!4FFEF3090FF2

Phishing

Barclays Bank Plc

6th March 2014

Online Account Has Flagged !

Google Secured Document

6th March 2014

VERY IMPORTANT DOCUMENTS

VISA

6th March 2014

Visa - Urgent Action Required
!

Yahoo!

6th March 2014

important update

BT

6th March 2014

Important Information About
Your Service-Mail Update

Barclays Bank Plc

6th March 2014

Account Suspended

Alert@AOL.com

6th March 2014

FINAL WARNING ; YOUR AMERICA
ONLINE IS DUE FOR SUSPENSION !

Barclays Bank Plc

5th March 2014

ACCOUNT SUSPENDED

Discover Customer Service

5th March 2014

IMPORTANT MESSAGE ABOUT YOUR
DISCOVERÂŽ

Vulnerebility

PostgreSQL CVE-2014-0060 Security Bypass Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65723

PostgreSQL CVE-2014-0066 Remote Denial Of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65728

PostgreSQL CVE-2014-0064 Multiple Remote Buffer Overflow Vulnerabilities
2014-03-06
http://www.securityfocus.com/bid/65725

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65727

PostgreSQL CVE-2014-0065 Remote Stack Buffer Overflow Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65731

Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
2014-03-06
http://www.securityfocus.com/bid/58073

Cordova and PhoneGap Multiple Security Bypass Vulnerabilities
2014-03-06
http://www.securityfocus.com/bid/65150

CMS Made Simple CVE-2014-0334 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
2014-03-06
http://www.securityfocus.com/bid/65898

MantisBT 'adm_config_report.php' SQL Injection Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65903

Askbot Multiple Cross Site Scripting Vulnerabilities
2014-03-06
http://www.securityfocus.com/bid/65885

SAS for Windows Client Application Local Buffer Overflow Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65853

FFmpeg and Libav 'libavformat/mpegtsenc.c' Buffer Overflow Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65560

VCDGear Cue File Handling Multiple Buffer Overflow Vulnerabilities
2014-03-06
http://www.securityfocus.com/bid/24003

Cisco Intrusion Prevention System CVE-2014-2103 Denial of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65864

Multiple IBM Products CVE-2013-6747 Denial of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65156

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-03-06
http://www.securityfocus.com/bid/64918

GnuTLS CVE-2013-2116 Out of Bounds Denial of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/60215

GnuTLS DTLS Information Disclosure Vulnerability
2014-03-06
http://www.securityfocus.com/bid/51322

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2014-03-06
http://www.securityfocus.com/bid/57778

OpenSSL Multiple Vulnerabilities
2014-03-06
http://www.securityfocus.com/bid/51281

GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
2014-03-06
http://www.securityfocus.com/bid/52668

GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
2014-03-06
http://www.securityfocus.com/bid/52667

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65919

GnuTLS Certificate Validation Security Bypass Weakness
2014-03-06
http://www.securityfocus.com/bid/65792

GnuTLS TLS And DTLS Information Disclosure Vulnerability
2014-03-06
http://www.securityfocus.com/bid/57736

Xen CVE-2013-4355 Information Disclosure Vulnerability
2014-03-06
http://www.securityfocus.com/bid/62708

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65434

Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/60264

Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
2014-03-06
http://www.securityfocus.com/bid/60267

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-03-06
http://www.securityfocus.com/bid/65596

Exploit

     OpenDocMan 1.2.7 - Multiple Vulnerabilities

  ALLPlayer M3U Buffer Overflow

  Ilch CMS 2.0 - Persistent XSS Vulnerability

5.3.2014

Bugtraq

JOIDS (Java OpenID Server) multiple vulnerabilities 2014-03-04
Bartlomiej Balcerek (Bartlomiej Balcerek pwr edu pl)

[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults 2014-03-04
iclelland chromium org

[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation 2014-03-04
iclelland chromium org

[slackware-security] gnutls (SSA:2014-062-01) 2014-03-04
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2869-1] gnutls26 security update 2014-03-03
Yves-Alexis Perez (corsac debian org)

CFP: Passwords^14, Las Vegas, August 5-6 2014-03-03
Per Thorsheim (per thorsheim net)

[SECURITY] [DSA 2868-1] php5 security update 2014-03-02
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!A5DC536C29F2

RDN/Generic PUP.x!bt3!AF7E957AC2C7

RDN/Generic Dropper!ty!A3156A47A89B

Generic PUP.x!7E2B36CD320D

Generic PUP.x!8298908E477F

Generic Downloader.x!39D53FFDC21D

RDN/Generic.dx!0511CA8C87A5

RDN/Generic PUP.x!bt3!46623B6E31CD

RDN/Generic.dx!czg!737E150CC626

Generic PUP.x!832C97FAD830

Generic PUP.x!832EA0862FC0

Generic PUP.x!84B5E466A624

RDN/Generic PUP.x!bt3!17C16CC5146E

Generic.dx!97A64C5B8849

RDN/Generic.bfr!gc!A19E3E0F8862

RDN/Generic PUP.x!bt3!38A9D671C0BB

Generic PUP.x!66E691097A91

RDN/Generic BackDoor!xg!9AB801CC2C64

RDN/Generic.dx!czg!732937945531

RDN/Generic.dx!czg!3A345C2084E4

Generic PUP.x!FF377844327F

Generic PUP.x!81E0F46FA569

Generic PUP.x!1540036A3A52

Generic PUP.x!2F3648E3AB22

Generic PUP.x!81BF5E6B8A67

Generic PUP.x!82ABF6B0C488

RDN/Spybot.bfr!98946288177E

Generic PUP.x!83A67ACE0576

Generic PUP.x!62FF718C1F73

RDN/Generic PUP.x!bt3!E618F9ECDF28

Phishing

NatWest

5th March 2014

Important information about
your account

ebilling@bt.com

4th March 2014

Important information about
your BT account (Cell 14)

Lloyds Bank UK

4th March 2014

IMPORTANT UPDATE !

bt.comteam@bt.com

4th March 2014

Important changes to your BT
email terms

Vulnerebility

GnuTLS Certificate Validation Security Bypass Weakness
2014-03-05
http://www.securityfocus.com/bid/65792

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65727

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65919

PostgreSQL CVE-2014-0063 Remote Stack Buffer Overflow Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65719

PostgreSQL CVE-2014-0064 Multiple Remote Buffer Overflow Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/65725

PostgreSQL CVE-2014-0066 Remote Denial Of Service Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65728

PostgreSQL CVE-2014-0061 Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65724

PostgreSQL CVE-2014-0065 Remote Stack Buffer Overflow Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65731

PostgreSQL CVE-2014-0060 Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65723

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-03-05
http://www.securityfocus.com/bid/64932

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-03-05
http://www.securityfocus.com/bid/64894

Synology DiskStation Manager VPN Module Hardcoded Password Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65879

ILIAS Multiple Input Validation Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/65753

ATutor Multiple Cross Site Scripting and HTML Injection Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/65744

CMS Made Simple Multiple Cross Site Scripting Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/65746

ALLPlayer Remote Buffer Overflow Vulnerability
2014-03-05
http://www.securityfocus.com/bid/63896

OpenStack Keystone Trustee Token Revocation Failure Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65895

Adobe Flash Player and AIR CVE-2014-0498 Remote Stack Overflow Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65704

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65596

Adobe Flash Player and AIR CVE-2014-0499 Information Disclosure Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65703

Adobe Flash Player and AIR CVE-2014-0502 Remote Code Execution Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65702

Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65902

Spring Framework CVE-2013-4152 Multiple XML External Entity Injection Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/61951

Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
2014-03-05
http://www.securityfocus.com/bid/62706

HawtJNI CVE-2013-2035 Local Privilege Escalation Vulnerability
2014-03-05
http://www.securityfocus.com/bid/59876

MediaWiki CVE-2014-2243 Information Disclosure Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65883

Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
2014-03-05
http://www.securityfocus.com/bid/58073

Cordova and PhoneGap Multiple Security Bypass Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/65150

CMS Made Simple CVE-2014-0334 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
2014-03-05
http://www.securityfocus.com/bid/65898

MantisBT 'adm_config_report.php' SQL Injection Vulnerability
2014-03-05
http://www.securityfocus.com/bid/65903

Exploit

Calavera UpLoader 3.5 - SEH Buffer Overflow

4.3.2014

Bugtraq

[SECURITY] [DSA 2869-1] gnutls26 security update 2014-03-03
Yves-Alexis Perez (corsac debian org)

CFP: Passwords^14, Las Vegas, August 5-6 2014-03-03
Per Thorsheim (per thorsheim net)

[SECURITY] [DSA 2868-1] php5 security update 2014-03-02
Salvatore Bonaccorso (carnil debian org)

[CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution 2014-03-02
Julien Ahrens (info rcesecurity com)

Malware

RDN/Generic PUP.x!btg!BC2340E90466

RDN/Generic PUP.x!btg!B7EC7EF22D07

RDN/Generic PUP.x!btg!B83786AE9B5F

RDN/Generic PUP.x!btg!C56C61D99D8E

RDN/Generic PUP.x!btg!BAE6F2B5019F

RDN/Generic.tfr!du!0F138B705F44

Generic.bfr!6AC916D1006F

RDN/Downloader.a!pi!FD2AC10B4D3E

RDN/Downloader.a!pi!FCB533BA1DFB

Generic PUP.x!F42E8D9724E4

Generic.bfr!A41B2B4F3EDD

Generic.bfr!5057F7452B58

Generic.bfr!9E7C6908EA53

Generic.bfr!86B4BA149EB9

Generic PUP.x!D5B644262435

Generic PUP.x!671C73DDF2C5

Generic PUP.x!4E99A6063A7D

Generic PUP.x!F1C847E17F04

Generic.bfr!7D0D30FAFB03

RDN/Generic BackDoor!xf!8AFCA25A3C63

Generic.bfr!2905B910A689

Generic PUP.x!4D0D612435BE

Generic PUP.x!873AEA57CB85

Generic PUP.x!2AAD2B6E29AD

Generic PUP.x!12DD6F0D8395

Generic Downloader.sd!B826AC70E93F

Generic PUP.x!410D1FF68808

Generic.bfr!1D972C4D9894

Generic.bfr!18F14667E198

Generic PUP.x!1D2D8908D7CC

Phishing

 

Vulnerebility

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2014-03-04
http://www.securityfocus.com/bid/57778

OpenSSL Multiple Vulnerabilities
2014-03-04
http://www.securityfocus.com/bid/51281

GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
2014-03-04
http://www.securityfocus.com/bid/52668

GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
2014-03-04
http://www.securityfocus.com/bid/52667

GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65919

GnuTLS Certificate Validation Security Bypass Weakness
2014-03-04
http://www.securityfocus.com/bid/65792

GnuTLS TLS And DTLS Information Disclosure Vulnerability
2014-03-04
http://www.securityfocus.com/bid/57736

Multiple IBM Products CVE-2013-6747 Denial of Service Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65156

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65330

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65326

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65320

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-03-04
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-03-04
http://www.securityfocus.com/bid/63135

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-03-04
http://www.securityfocus.com/bid/65317

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65334

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-03-04
http://www.securityfocus.com/bid/65324

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65332

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65328

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65335

IBM Global Security Kit CVE-2013-6329 Remote Denial of Service Vulnerability
2014-03-04
http://www.securityfocus.com/bid/64249

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65596

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2014-03-04
http://www.securityfocus.com/bid/60627

Drupal Chaos Tool Suite Module Access Bypass Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65532

Drupal FileField Module Access Bypass Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65534

Drupal Image Resize Filter Module Denial of Service Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65535

Linux Kernel CVE-2014-2039 Local Denial of Service Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65700

Collaborative Lifecycle Management Applications Unspecified Remote Code Execution Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65900

Cisco Unified Communications Domain Manager Multiple Cross Site Scripting Vulnerabilities
2014-03-04
http://www.securityfocus.com/bid/65869

Xen CVE-2013-2212 Local Denial of Service Vulnerability
2014-03-04
http://www.securityfocus.com/bid/61424

Xen 'xc_cpupool_getinfo()' Function Use After Free Memory Corruption Vulnerability
2014-03-04
http://www.securityfocus.com/bid/65529

Exploit

  ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)

  SpagoBI 4.0 - Persistent XSS Vulnerability

  SpagoBI 4.0 - Persistent HTML Script Insertion

  SpagoBI 4.0 - Arbitrary XSS File Upload

3.3.2014

Bugtraq

[CVE-2013-6234] XSS File Upload in SpagoBI v4.0 2014-03-01
Christian Catalano (ch catalano gmail com)

[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0 2014-03-01
Christian Catalano (ch catalano gmail com)

[CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0 2014-03-01
Christian Catalano (ch catalano gmail com)

WordPress thecotton Themes Remote File Upload Vulnerability 2014-03-01
iedb team gmail com

Malware

RDN/Generic PUP.x!849A7E8DE764

RDN/Generic Dropper!C249FA56D49A

RDN/Generic.dx!DD306E43F40B

RDN/Generic PUP.x!1EFC204DEF39

RDN/Generic PUP.x!687C3426EF17

RDN/Generic PUP.x!btf!8AB4EFC33F92

Generic PUP.x!C8A1A2124885

RDN/Generic PUP.x!FFFDA48865C1

RDN/Generic PUP.x!0D9DF47CA4C2

Generic PUP.x!74747F965B45

RDN/Generic.bfr!B683F9A822AB

RDN/Generic.dx!7539B94463C4

Generic PUP.x!8BD1CBE520B4

RDN/Generic.tfr!2FAF892ABE6B

RDN/Generic.dx!czf!07920555EC79

RDN/Generic.dx!czf!0486300BB033

Generic PUP.x!7D62ADE5C170

RDN/Generic.dx!36107B9789CA

Generic PUP.x!66515BD65C91

RDN/Generic.dx!06B0F906E47F

RDN/Generic PUP.x!93114C81D6E5

RDN/Generic.dx!066AA8F39786

Generic.dx!50B7F6667BE3

Generic PUP.x!3296EEE9AEE3

RDN/Generic.bfr!gc!35420596AD65

Generic PUP.x!290E6BF68915

RDN/Spybot.bfr!A031B1A14EB3

RDN/Generic.dx!06DF2FF638BD

RDN/Generic Dropper!29054F68249D

RDN/Generic PUP.x!E08C3859232E

Phishing

MBNA credit

3rd March 2014

YOUR MBNA CREDIT CARD
STATEMENT

NatWest

3rd March 2014

Access to Online Banking
Service !

Vulnerebility

Oracle Supply Chain Products Suite CVE-2013-5880 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64836

Oracle Supply Chain Products Suite CVE-2013-5877 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64831

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65596

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64926

Google Chrome CVE-2013-6643 Unspecified Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64981

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64907

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64930

Google Chrome CVE-2013-6650 Memory Corruption Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65172

Google Chrome CVE-2013-6649 Use After Free Remote Code Execution Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65168

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-03-03
http://www.securityfocus.com/bid/64801

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65727

Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
2014-03-03
http://www.securityfocus.com/bid/63966

Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
2014-03-03
http://www.securityfocus.com/bid/63981

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65434

Avaya Multiple IP Phones Multiple Command Injection and Stack Buffer Overflow Vulnerabilities
2014-03-03
http://www.securityfocus.com/bid/65842

Python logilab-common Package Insecure File Creation Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65253

SolidWorks Workgroup PDM Memory Corruption Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65691

Chrony CVE-2012-4502 Denial of Service Vulnerability
2014-03-03
http://www.securityfocus.com/bid/61700

Chrony CVE-2012-4503 Remote Denial of Service Vulnerability
2014-03-03
http://www.securityfocus.com/bid/61703

IcedTea-Web LiveConnect Implementation Insecure Temporary File Creation Vulnerability
2014-03-03
http://www.securityfocus.com/bid/65437

Exploit

  ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)

  couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection Vulnerabilities

2.3.2014

Bugtraq

 

Malware

RDN/Generic Dropper!EED00ABCEFAA

Generic PUP.x!8E7F26B3230A

RDN/Generic Dropper!A348A54DE86C

Generic PUP.x!DCDA81E67C5B

RDN/Generic.bfr!F87EBDA3792C

Generic PUP.x!9C03FF3B8D32

RDN/Generic Downloader.x!50F9BD055F62

RDN/Downloader.gen.a!1569C1282F98

Generic PUP.x!B9ECB99AD6EE

RDN/Generic.dx!09117D8ADC77

RDN/Ransom!6CBA5C6FFADB

Generic PUP.x!18955B1DF795

Generic PUP.x!DD655B7B2E2C

Generic PUP.x!92ACF6559A7C

Downloader.gen.a!E5B351A04B99

RDN/Generic Dropper!B502E1BDE0FD

RDN/Generic.bfr!98141220B830

RDN/Generic Dropper!704CDDE8A8FF

RDN/Generic Dropper!A7C937D73FB1

W32/Virus.gen!B7FA363DEA1B

Generic PUP.x!A3D71CB4B96A

RDN/Generic.dx!08A4676D3AE4

Generic PUP.x!1A7A586BC220

Generic PUP.x!1585ADC4FDF0

Generic Downloader.x!CC2CD31F3E93

W32/Virus.gen!2C7179A93D12

RDN/Generic Dropper!E760D67FA53F

RDN/Generic.dx!07F1DD4284C0

Downloader.gen.a!3CEB545509C2

RDN/Generic PUP.x!F72C6A0E6318

Phishing

Barclays Bank PLC

2nd March 2014

This is an important Barclays
bank security Message

Barclays

2nd March 2014

Your account has been placed
on restricted status

Barclays

2nd March 2014

Online Access Suspended

Verify Update!

2nd March 2014

Note Update!

Vulnerebility

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64926

Google Chrome CVE-2013-6643 Unspecified Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64981

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64907

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64930

Google Chrome CVE-2013-6650 Memory Corruption Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65172

Google Chrome CVE-2013-6649 Use After Free Remote Code Execution Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65168

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-03-02
http://www.securityfocus.com/bid/64801

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65727

Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
2014-03-02
http://www.securityfocus.com/bid/63966

Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
2014-03-02
http://www.securityfocus.com/bid/63981

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65434

Avaya Multiple IP Phones Multiple Command Injection and Stack Buffer Overflow Vulnerabilities
2014-03-02
http://www.securityfocus.com/bid/65842

Python logilab-common Package Insecure File Creation Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65253

SolidWorks Workgroup PDM Memory Corruption Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65691

Chrony CVE-2012-4502 Denial of Service Vulnerability
2014-03-02
http://www.securityfocus.com/bid/61700

Chrony CVE-2012-4503 Remote Denial of Service Vulnerability
2014-03-02
http://www.securityfocus.com/bid/61703

IcedTea-Web LiveConnect Implementation Insecure Temporary File Creation Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65437

ICCLIB CVE-2012-4405 Out-of-Bounds Memory Write Remote Code Execution Vulnerability
2014-03-02
http://www.securityfocus.com/bid/55494

Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65155

Cisco Unified Contact Center Express CVE-2014-0746 Information Disclosure Vulnerability
2014-03-02
http://www.securityfocus.com/bid/65802

Exploit

  Oracle Demantra 12.2.1 - Arbitrary File Disclosure

  Oracle Demantra 12.2.1 - SQL Injection Vulnerability

  Oracle Demantra 12.2.1 - Stored XSS Vulnerability

  Oracle Demantra 12.2.1 - Database Credentials Disclosure

1.3.2014

Bugtraq

SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server 2014-02-28
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch 2014-02-28
SEC Consult Vulnerability Lab (research sec-consult com)

[slackware-security] subversion (SSA:2014-058-01) 2014-02-27
Slackware Security Team (security slackware com)

SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System) 2014-02-27
SEC Consult Vulnerability Lab (research sec-consult com)

Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic.bfr!et!45AA5D2EFE68

RDN/Ransom!B9F16BAA4758

Generic PUP.x!D3DB4A35CE0C

Generic PUP.x!12BEAA832C47

Generic PUP.x!EBF039B48A5F

Generic PUP.x!CFDBD7BF826E

RDN/Generic.bfr!et!9DEB229580F3

RDN/Generic PUP.x!41592CA7835A

RDN/Generic BackDoor!xf!50F8AFA27030

Generic PUP.x!FA72FA91312E

Generic PUP.x!10B61C5EB1E8

Generic PUP.x!BAB53D30334A

Downloader.gen.a!58F650FFF2B2

RDN/Generic.bfr!et!9EFDA4BB513A

Generic PUP.x!1546E2E6B88C

RDN/Generic PUP.x!bt3!5EF96919A7F5

RDN/Generic.bfr!et!63BEE664D401

Generic PUP.x!082B75D71993

Generic PUP.x!C1C16E6C65A7

RDN/Generic.bfr!10EF4480F35C

RDN/Generic PUP.x!bt3!400833879821

Generic PUP.x!F81DE7E5E350

Generic PUP.x!8DEC8187D9B2

Generic PUP.x!CDCFB5465C55

Generic.bfr!CA8B00154960

Generic PUP.x!91262CA91EEA

Generic PUP.x!DF93C60AA975

RDN/Generic.bfr!et!0E68FDCEBBF8

Generic PUP.x!376F7ECC8BB1

Generic PUP.x!AB1BFC43BF44

Phishing

 

Vulnerebility

ICCLIB CVE-2012-4405 Out-of-Bounds Memory Write Remote Code Execution Vulnerability
2014-03-01
http://www.securityfocus.com/bid/55494

Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65155

Cisco Unified Contact Center Express CVE-2014-0746 Information Disclosure Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65802

Linux Kernel CVE-2013-7263 Multiple Information Disclosure Vulnerabilities
2014-03-01
http://www.securityfocus.com/bid/64686

Linux Kernel 'pn_recvmsg()' Function Local Information Disclosure Vulnerability
2014-03-01
http://www.securityfocus.com/bid/64677

Linux Kernel 'qeth_core_main.c' File Local Buffer Overflow Vulnerability
2014-03-01
http://www.securityfocus.com/bid/63890

Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2014-03-01
http://www.securityfocus.com/bid/64111

Cisco Unified Contact Center Express CVE-2014-2102 Information Disclosure Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65797

LibTIFF CVE-2013-1961 Stack Based Buffer Overflow Vulnerability
2014-03-01
http://www.securityfocus.com/bid/59607

Cisco Unified Contact Center Express CVE-2014-0745 Cross Site Request Forgery Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65798

InterWorx Web Control Panel Cross Site Scripting Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65734

OpenSAML-Java ParserPool and Decrypter XML External Entity Injection Vulnerability
2014-03-01
http://www.securityfocus.com/bid/64345

LibTIFF CVE-2013-4243 Heap Buffer Overflow Vulnerability
2014-03-01
http://www.securityfocus.com/bid/62082

LibTIFF CVE-2013-4244 Out of Bounds Memory Corruption Vulnerability
2014-03-01
http://www.securityfocus.com/bid/62019

LibTIFF 't2_process_jpeg_strip()' Function Heap-based Buffer Overflow Vulnerability
2014-03-01
http://www.securityfocus.com/bid/59609

LibTIFF Multiple Remote Denial of Service Vulnerabilities
2014-03-01
http://www.securityfocus.com/bid/41295

LibTIFF CVE-2013-4231 Multiple Buffer Overflow Vulnerabilities
2014-03-01
http://www.securityfocus.com/bid/61695

LibTIFF CVE-2013-4232 Memory Corruption Vulnerability
2014-03-01
http://www.securityfocus.com/bid/61849

Pivotal Grails 'grails-resources' Plugin Information Disclosure Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65678

Multiple Generel Electric Products 'gefebt.exe' Shell Upload Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65124

Gold Mp4 Player Buffer Overflow Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65855

Belkin Wemo Home Automation Devices CVE-2013-6951 Remote Code Execution Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65633

Belkin Wemo Home Automation Devices 'peerAddresses' API XML External Entity Injection Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65623

pidgin-knotify 'notify()' Remote Command Injection Vulnerability
2014-03-01
http://www.securityfocus.com/bid/43206

Linux Kernel CVE-2013-3224 Local Information Disclosure Vulnerability
2014-03-01
http://www.securityfocus.com/bid/59383

Atlassian Crucible Unauthorized Access Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65845

MODx 'header.tpl' Cross Site Scripting Vulnerability
2014-03-01
http://www.securityfocus.com/bid/65755

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-03-01
http://www.securityfocus.com/bid/64926

Google Chrome CVE-2013-6643 Unspecified Security Vulnerability
2014-03-01
http://www.securityfocus.com/bid/64981

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-03-01
http://www.securityfocus.com/bid/64921

Exploit

  GE Proficy CIMPLICITY gefebt.exe Remote Code Execution

  GoldMP4Player 3.3 - Buffer Overflow Exploit (SEH)

  Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow

  MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation

  PHP-CMDB 0.7.3 - Multiple Vulnerabilities

  Webuzo 2.1.3 - Multiple Vulnerabilities

  Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities

  Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities

  SpagoBI 4.0 - Privilege Escalation Vulnerability

28.2.2014

Bugtraq

SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System) 2014-02-27
SEC Consult Vulnerability Lab (research sec-consult com)

Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27
High-Tech Bridge Security Research (advisory htbridge com)

Update: CVE-2014-0053 Information Disclosure when using Grails 2014-02-27
Pivotal Security Team (security gopivotal com)

Office 365 - Account Hijacking Cookie Re-Use Flaw, extended 2014-02-27
"Oei, Géry" (geryoei oei-edv de)

Malware

Generic PUP.x!7BEEF5292F79

Generic PUP.x!74843BD687C4

Generic PUP.x!7E456FE0797D

Generic PUP.x!7494722C15FD

Generic PUP.x!D3776D10F430

Generic PUP.x!7ADC4418F309

Generic PUP.x!7E5713C476E5

Generic PUP.x!7CA0E67EFB7E

Generic PUP.x!BA0E034445ED

Generic PUP.x!7954D303D74C

Generic PUP.x!749E3DC9B0AC

Generic PUP.x!7C0DF6645967

Generic PUP.x!AFC30D7929F5

RDN/PWS-Mmorpg.gen!0635CC586ACD

RDN/Generic.bfr!D0FD70C64A16

RDN/Generic PUP.x!991661206DE9

Generic PUP.x!96F3C1BB875A

Generic PUP.x!7D6055220C67

Generic PUP.x!7D5F1BD2014A

RDN/Generic.bfr!7EA7439151A9

Generic PUP.x!79E3BB1BDE3C

Generic.dx!B2FEDD083267

Generic PUP.x!7DB211DFD6C7

RDN/Generic Dropper!AA31C16B3C52

Generic PUP.x!7AC34396D13E

Generic PUP.x!7C0527E5CC8E

RDN/PWS-Mmorpg.gen!21BEB1C68F20

Generic PUP.x!7DEDAE85BAAD

Generic PUP.x!7D69FA8BD4B6

Generic PUP.x!7D6D21851496

Phishing

Google Doc no-reply@googlemail

27th February 2014

RE: ORIGINAL
DOCUMENTS.........

NatWest

27th February 2014

Access to Online Banking
Service

NatWest Card

27th February 2014

NatWest Secure Password Reset
Confirmation

Vulnerebility

LibTIFF CVE-2013-1961 Stack Based Buffer Overflow Vulnerability
2014-02-28
http://www.securityfocus.com/bid/59607

LibTIFF 't2_process_jpeg_strip()' Function Heap-based Buffer Overflow Vulnerability
2014-02-28
http://www.securityfocus.com/bid/59609

LibTIFF CVE-2013-4231 Multiple Buffer Overflow Vulnerabilities
2014-02-28
http://www.securityfocus.com/bid/61695

LibTIFF Multiple Remote Denial of Service Vulnerabilities
2014-02-28
http://www.securityfocus.com/bid/41295

LibTIFF CVE-2013-4244 Out of Bounds Memory Corruption Vulnerability
2014-02-28
http://www.securityfocus.com/bid/62019

LibTIFF CVE-2013-4243 Heap Buffer Overflow Vulnerability
2014-02-28
http://www.securityfocus.com/bid/62082

LibTIFF CVE-2013-4232 Memory Corruption Vulnerability
2014-02-28
http://www.securityfocus.com/bid/61849

Belkin Wemo Home Automation Devices CVE-2013-6951 Remote Code Execution Vulnerability
2014-02-28
http://www.securityfocus.com/bid/65633

Belkin Wemo Home Automation Devices 'peerAddresses' API XML External Entity Injection Vulnerability
2014-02-28
http://www.securityfocus.com/bid/65623

pidgin-knotify 'notify()' Remote Command Injection Vulnerability
2014-02-28
http://www.securityfocus.com/bid/43206

Linux Kernel CVE-2013-3224 Local Information Disclosure Vulnerability
2014-02-28
http://www.securityfocus.com/bid/59383

Atlassian Crucible Unauthorized Access Vulnerability
2014-02-28
http://www.securityfocus.com/bid/65845

MODx 'header.tpl' Cross Site Scripting Vulnerability
2014-02-28
http://www.securityfocus.com/bid/65755

phpThumb() 'fltr[]' Parameter Command Injection Vulnerability
2014-02-27
http://www.securityfocus.com/bid/39605

McAfee ePolicy Orchestrator XML External Entity Information Disclosure Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65771

Microsoft XMLDOM ActiveX Control Multiple Information Disclosure Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/65601

Network Security Services Uninitialized Data Read Security Vulnerability
2014-02-27
http://www.securityfocus.com/bid/62966

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2014-02-27
http://www.securityfocus.com/bid/63802

file Composite Document File Format Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/52225

Oracle Outside In Technology CVE-2013-5879 Local Security Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64825

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65596

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/60254

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/60280

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64270

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64954

Linux Kernel CVE-2012-6548 Local Information Disclosure Vulnerability
2014-02-27
http://www.securityfocus.com/bid/58994

Linux Kernel NULL Pointer Dereference Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/58202

Linux Kernel AACRAID Driver Compat IOCTL Local Security Bypass Vulnerability
2014-02-27
http://www.securityfocus.com/bid/63888

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64291

Linux Kernel 'wanxl.c' Local Information Disclosure Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64953

Exploit

  GDL 4.2 - Multiple Vulnerabilities

  Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities

27.2.2014

Bugtraq

Cisco Security Advisory: Cisco Prime Infrastructure Command Execution Vulnerability 2014-02-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability 2014-02-26
Vulnerability Lab (research vulnerability-lab com)

Persistent XSS in Media File Renamer V1.7.0 wordpress plugin 2014-02-26
Larry W. Cashdollar (larry0 me com)

Authentication-Bypass in CosmoShop ePRO V10.17.00 (and lower, maybe higher) 2014-02-26
innate gmx de

Malware

Generic PUP.x!D676CDD82078

Generic Downloader.x!43788502F82D

Generic PUP.x!D7A749758FE7

RDN/Generic.dx!D0D973AFB17F

Generic PUP.x!0661CF753A7D

Generic PUP.x!3CFD3743B84F

Downloader.gen.a!F875DB96806E

Generic PUP.x!53DD01A2C97D

Downloader.gen.a!698391284F40

Generic PUP.x!44E0F8A6411F

Generic.bfr!F94877DDFD8F

Generic.bfr!FC42E1BED83B

Generic PUP.x!8C71EE43FBA2

Generic PUP.x!A90975D8C3C1

RDN/Generic.dx!B0797BE40B5E

Generic.bfr!AE228FC36D43

Generic Downloader.x!DCE9297D81D1

Generic PUP.x!536844B2631A

Generic PUP.x!5F0A16C81A7F

Generic BackDoor!81AD83623BE8

Generic PUP.x!A6D61564B53B

RDN/Generic.bfr!3DDF02D3C578

Generic.bfr!1644A34E8F7D

W32/Relnek!CFF58DE60634

Generic PUP.x!0B384FBFC679

Generic PUP.x!BA5A53622070

RDN/Generic PUP.x!bt3!3A3F88C78051

Generic PUP.x!472294837EE8

Generic.bfr!103BC1E0098F

Generic PUP.x!C9EE5CB00849

Phishing

 

Vulnerebility

Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
2014-02-27
http://www.securityfocus.com/bid/59798

Qt PostgreSQL Driver SQL Injection Vulnerability
2014-02-27
http://www.securityfocus.com/bid/62923

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65326

Cisco Unified Communications Manager CVE-2014-0741 Local Privilege Escalation Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65796

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65330

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65334

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/65317

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65328

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65320

Ruby on Rails CVE-2014-0082 Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/65604

Ruby on Rails 'NumberHelper' Module Multiple Cross Site Scripting Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/65647

X.Org libXfont BDF Font File Handling Stack Buffer Overflow Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64694

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64801

GNOME Vino VNC Server CVE-2013-5745 Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/62443

International Components for Unicode CVE-2013-0900 Unspecified Race Condition Vulnerability
2014-02-27
http://www.securityfocus.com/bid/58318

OpenFabrics ibutils Insecure Temporary File Creation Vulnerability
2014-02-27
http://www.securityfocus.com/bid/58335

OpenLDAP 'rwm_conn_destroy' Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/63190

Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
2014-02-27
http://www.securityfocus.com/bid/60846

Spring Framework CVE-2013-4152 Multiple XML External Entity Injection Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/61951

Wireshark NTLMSSP v2 Dissector Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64412

Wireshark SIP Dissector 'packet-sip.c' Denial of Service Vulnerability
2014-02-27
http://www.securityfocus.com/bid/64411

Embedthis Goahead Webserver Multiple Denial of Service Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/65747

xdg-utils 'xdg-open' and 'xdg-email' Multiple Remote Command Execution Vulnerabilities
2014-02-27
http://www.securityfocus.com/bid/27528

Symantec Endpoint Protection Manager CVE-2013-5014 XML External Entity Injection Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65466

Symantec Endpoint Protection Manager CVE-2013-5015 Local SQL Injection Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65467

Multiple Schneider Electric Products Remote Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65635

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/64618

OpenSSL 'ssl_get_algorithm2()' Function Remote Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64530

Palo Alto Networks PAN-OS Cross Site Scripting Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65429

Google Chrome CVE-2013-6643 Unspecified Security Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64981

Exploit

 

26.2.2014

Bugtraq

[RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard 2014-02-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities 2014-02-25
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure) 2014-02-25
Mark Thomas (markt apache org)

[SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications 2014-02-25
Mark Thomas (markt apache org)

[SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service) 2014-02-25
Mark Thomas (markt apache org)

[SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled 2014-02-25
Mark Thomas (markt apache org)

Malware

Generic PUP.x!211EEEFFD40E

Generic PUP.x!28A8E29D73AA

Generic PUP.x!74A1D774504F

Generic PUP.x!051A6F35BAD7

Generic PUP.x!8567D505BAC5

Generic PUP.x!28D159EAA41C

Generic PUP.x!28F38656039B

Generic PUP.x!19FB4176E17B

RDN/Generic Dropper!A4DDF52D4C4C

Generic PUP.x!7B1E03823DDC

Generic Downloader.x!279692C2F401

RDN/Generic PUP.x!28FA720C98AB

Generic Downloader.x!AD9A58094C67

Generic Downloader.x!2981ACC950C7

Generic-FAOD!4F631CD66E41!4F631CD66E41

RDN/Generic Dropper!78DB0F0675BF

Generic PUP.x!294336225DF1

Generic PUP.x!35A087773091

Generic PUP.x!4A16669C5BEB

Generic PUP.x!2674647FCF39

Generic PUP.x!F88DEE858432

Generic PUP.x!26A5F02A6FF4

Generic PUP.x!2736A9D1CFDB

Generic Downloader.x!26AD1F97E901

Generic PUP.x!A0DC3FDB47E3

Generic PUP.x!268FACCA86B7

Generic PUP.x!90F8B3EC663E

Generic PUP.x!7ECCB6021E30

Generic PUP.x!09B5C4BDDD3C

Generic PUP.x!25F6AF3A1147

Phishing

ebilling@bt.com

26th February 2014

Important Information About
Your Service-Mail Update

alerts

26th February 2014

Regions Bank Alert: Account
Activities Alert

Vulnerebility

Wireshark NTLMSSP v2 Dissector Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64412

Wireshark SIP Dissector 'packet-sip.c' Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64411

Embedthis Goahead Webserver Multiple Denial of Service Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/65747

xdg-utils 'xdg-open' and 'xdg-email' Multiple Remote Command Execution Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/27528

Symantec Endpoint Protection Manager CVE-2013-5014 XML External Entity Injection Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65466

Symantec Endpoint Protection Manager CVE-2013-5015 Local SQL Injection Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65467

Multiple Schneider Electric Products Remote Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65635

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/64618

OpenSSL 'ssl_get_algorithm2()' Function Remote Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64530

Palo Alto Networks PAN-OS Cross Site Scripting Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65429

Google Chrome CVE-2013-6643 Unspecified Security Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64981

Google Chrome CVE-2013-6649 Use After Free Remote Code Execution Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65168

Linux Kernel 'tcp_rcv_state_process()' Function Denial of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65654

Google Chrome CVE-2013-6650 Memory Corruption Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65172

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/64691

Catfish '/usr/bin/catfish' Local Privilege Escalation Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65761

PostgreSQL CVE-2014-0065 Remote Stack Buffer Overflow Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65731

PostgreSQL CVE-2014-0066 Remote Denial Of Service Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65728

PostgreSQL CVE-2014-0064 Multiple Remote Buffer Overflow Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/65725

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65727

PostgreSQL CVE-2014-0061 Security Bypass Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65724

PostgreSQL CVE-2014-0060 Security Bypass Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65723

PostgreSQL CVE-2014-0063 Remote Stack Buffer Overflow Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65719

Joomla! Googlemaps Plugin Multiple Remote Security Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/61203

Apple Mac OS X APPLE-SA-2014-02-25-1 Multiple Security Vulnerabilities
2014-02-26
http://www.securityfocus.com/bid/65777

Apple Mac OS X CVE-2013-1032 Memory Corruption Vulnerability
2014-02-26
http://www.securityfocus.com/bid/62375

Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2013-5139 Remote Code Exexution Vulnerability
2014-02-26
http://www.securityfocus.com/bid/62536

Apple Mac OS X LaunchServices CVE-2013-5178 Remote Security Vulnerability
2014-02-26
http://www.securityfocus.com/bid/63343

NVIDIA Graphics Driver GPU Access CVE-2013-5986 Local Privilege Escalation Vulnerability
2014-02-26
http://www.securityfocus.com/bid/65208

Apple Mac OS X CVE-2013-5179 Remote Security Bypass Weakness
2014-02-26
http://www.securityfocus.com/bid/63311

Exploit

  Symantec Endpoint Protection Manager Remote Command Execution

  Private Camera Pro 5.0 iOS - Multiple Vulnerabilities

  Piwigo 2.6.1 - CSRF Vulnerability

  GoAhead Web Server 3.1.x - Denial of Service

25.2.2014

Bugtraq

[security bulletin] HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure 2014-02-24
security-alert hp com

[security bulletin] HPSBST02937 rev.1 - HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager, Remote Execution of Arbitrary Code 2014-02-24
security-alert hp com

Malware

Generic PUP.x!B16C243FECE8

RDN/Generic PUP.z!du!A38DFB896445

Generic PUP.x!B547E022C923

Generic PUP.x!09FB44077B38

Generic PUP.x!3A05DCC164A4

Generic PUP.x!A0BC4EB85E67

Generic PUP.x!F36DE6D99AAD

RDN/Generic PUP.x!A53C643FE90C

Generic Downloader.x!A4548C3901E9

Generic PUP.x!427AC751431B

Generic PUP.x!E6479C2D5167

RDN/Generic PUP.x!btd!27C759C7988C

RDN/Generic PUP.x!btd!1E59EBDBB46B

Generic PUP.x!224F33027A38

Generic.bfr!5E6413ADE773

RDN/Generic PUP.x!btd!84E5E38D4ACE

Generic PUP.x!C925E0DC02DD

Generic PUP.x!3003B9FF33E0

Generic PUP.x!A6A5125F6F1C

RDN/Generic.bfr!gc!6C7C1C45FB79

RDN/Generic PUP.x!79993B81ED8C

RDN/Generic.dx!czc!EA4E45DECE9B

Generic PUP.x!32943206AC83

RDN/Generic PUP.x!btd!AEC83FAD1707

Generic PUP.x!AC4518823681

Generic PUP.x!0720219AD385

Generic PUP.x!9D750C34E6C3

Generic PUP.x!21CB0DA32C9B

RDN/Generic PUP.x!btd!0F0B41A855DB

Generic PUP.x!09CDF1C0C03C

Phishing

ebilling@bt.com

24th February 2014

We Are Switching BT BROADBAND
2014

alerts

24th February 2014

Regions Bank Alert: Contact
Details Changed

Natwest Bank Plc

23rd February 2014

SECURITY ALERT (SECURE YOUR
ONLINE CREDIT CARD ACCESS)

Western Union

23rd February 2014

PLEASE UPDATE YOUR INFORMATION

Vulnerebility

OpenLDAP 'rwm_conn_destroy' Denial of Service Vulnerability
2014-02-25
http://www.securityfocus.com/bid/63190

Puppet Security Bypass Vulnerability
2014-02-25
http://www.securityfocus.com/bid/46050

Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
2014-02-25
http://www.securityfocus.com/bid/58238

Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
2014-02-25
http://www.securityfocus.com/bid/59799

Google Chrome Prior to 33.0.1750.117 Multiple Security Vulnerabilities
2014-02-25
http://www.securityfocus.com/bid/65699

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65258

PostgreSQL CVE-2014-0061 Security Bypass Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65724

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65727

Adobe Flash Player and AIR CVE-2014-0502 Remote Code Execution Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65702

Adobe Flash Player and AIR CVE-2014-0498 Remote Stack Overflow Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65704

Adobe Flash Player and AIR CVE-2014-0499 Information Disclosure Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65703

Icinga CVE-2013-7107 Cross Site Request Forgery Vulnerability
2014-02-25
http://www.securityfocus.com/bid/64370

Samba 'pam_winbind' Configuration File Security Bypass Vulnerability
2014-02-25
http://www.securityfocus.com/bid/64101

Texinfo File Handling Buffer Overflow Vulnerability
2014-02-25
http://www.securityfocus.com/bid/20959

Samba 'dcerpc_read_ncacn_packet_done()' Function Heap Buffer Overflow Vulnerability
2014-02-25
http://www.securityfocus.com/bid/64191

libvirt 'virDomainBlockStats()' Denial of Service Vulnerability
2014-02-25
http://www.securityfocus.com/bid/64723

X File Explorer 'FilePanel::onCmdNewFile' Function Access Bypass Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65748

IBM Java CVE-2013-5458 Unspecified Arbitrary Code Execution Vulnerability
2014-02-25
http://www.securityfocus.com/bid/63620

PostgreSQL 'make check' Local Privilege Escalation Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65721

IBM Java CVE-2013-5457 Unspecified Arbitrary Code Execution Vulnerability
2014-02-25
http://www.securityfocus.com/bid/63622

libvirt CVE-2014-1447 Denial of Service Vulnerability
2014-02-25
http://www.securityfocus.com/bid/64945

RETIRED: IBM Java Multiple Unspecified Security Bypass Vulnerabilities
2014-02-25
http://www.securityfocus.com/bid/63169

PostgreSQL CVE-2014-0064 Multiple Remote Buffer Overflow Vulnerabilities
2014-02-25
http://www.securityfocus.com/bid/65725

PostgreSQL CVE-2014-0065 Remote Stack Buffer Overflow Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65731

PostgreSQL CVE-2014-0060 Security Bypass Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65723

PostgreSQL CVE-2014-0063 Remote Stack Buffer Overflow Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65719

PostgreSQL CVE-2014-0066 Remote Denial Of Service Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65728

Mozilla Firefox/SeaMonkey CVE-2014-1480 Security Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65331

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65334

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-02-25
http://www.securityfocus.com/bid/65335

Exploit

Python socket.recvfrom_into() - Remote Buffer Overflow

 Technicolor TC7200 - Credentials Disclosure

WiFiles HD 1.3 iOS - File Inclusion Vulnerability

Sendy 1.1.8.4 - SQL Injection Vulnerability

24.2.2014

Bugtraq

 

Malware

Generic PUP.x!7045B147DFB9

Generic PUP.x!2ECE454F42B9

Generic PUP.x!0316144CECE8

Generic PUP.x!FD19FF7E4E80

Generic.bfr!11ACDF947094

Generic PUP.x!9C7CCC43F4FA

Generic PUP.x!232C51E930C7

Generic PUP.x!B604C0CFFAF9

Generic PUP.x!214926AEC244

Generic PUP.z!24CA01ECEB12

Generic PUP.x!59D35D72F59B

Generic PUP.x!93DF05246C51

Generic PUP.x!6913CC850116

Generic PUP.x!00B356D66576

Generic PUP.x!AE2CDE4C2043

Generic PUP.x!9FF6D35FD51A

Generic PUP.x!61E035A69DEE

Generic PUP.x!6102724B50B9

Generic PUP.x!6EACF224CCBF

Generic PUP.x!AB4832535479

Generic PUP.x!80997C2F21A3

Generic PUP.x!B99A537FD007

Generic PUP.x!0670FE123503

Generic PUP.x!922F322655C4

Generic PUP.x!37E7A7F47998

Generic PUP.x!12E777E4FAD8

Generic PUP.x!EF93D8649CEB

Generic PUP.x!EDF29CD2F4F4

Generic PUP.x!5579B688688E

Generic PUP.x!695D73A682D8

Phishing

Natwest Bank Plc

23rd February 2014

SECURITY ALERT (SECURE YOUR
ONLINE CREDIT CARD ACCESS)

Western Union

23rd February 2014

PLEASE UPDATE YOUR INFORMATION

eBay Collections

22nd February 2014

FRIENDLY REMINDER: PAYMENT AND
UPDATED INFO NEEDED

Vulnerebility

Cisco Unified Communications Manager CVE-2014-0736 Cross Site Request Forgery Vulnerability
2014-02-24
http://www.securityfocus.com/bid/65640

NTP 'ntp_request.c' Remote Denial of Service Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64692

libssh Multiple Buffer Overflow and Denial of Service Vulnerabilities
2014-02-24
http://www.securityfocus.com/bid/56604

libssh CVE-2012-6063 Denial of Service Vulnerability
2014-02-24
http://www.securityfocus.com/bid/56848

Cisco Adaptive Security Appliance Phone Proxy sec_db Security Bypass Vulnerability
2014-02-24
http://www.securityfocus.com/bid/65707

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64691

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2014-02-24
http://www.securityfocus.com/bid/62857

GnuPG Key Flags Subpacket Security Bypass Vulnerability
2014-02-24
http://www.securityfocus.com/bid/62921

GnuPG CVE-2012-6085 Multiple Remote Memory Corruption Vulnerabilities
2014-02-24
http://www.securityfocus.com/bid/57102

libgcrypt RSA Secret Keys Information Disclosure Vulnerability
2014-02-24
http://www.securityfocus.com/bid/61464

phpMyAdmin 'import.php' Cross Site Scripting Vulnerability
2014-02-24
http://www.securityfocus.com/bid/65717

Cisco Adaptive Security Appliance Phone Proxy CTL Security Bypass Vulnerability
2014-02-24
http://www.securityfocus.com/bid/65708

tcptrack Command Line Parsing Heap Based Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/49352

X.Org libXfont BDF Font File Handling Stack Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64694

X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2014-02-24
http://www.securityfocus.com/bid/49124

Ruby Floating Point Parsing Heap Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/63873

RubyGems i18n Cross Site Scripting Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64076

LibTIFF CVE-2013-4244 Out of Bounds Memory Corruption Vulnerability
2014-02-24
http://www.securityfocus.com/bid/62019

LibTIFF CVE-2013-4232 Memory Corruption Vulnerability
2014-02-24
http://www.securityfocus.com/bid/61849

LibTIFF TIFF Image Heap Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/55673

LibTIFF CVE-2013-1961 Stack Based Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/59607

Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/65298

Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64891

LibTIFF 'TIFFScanlineSize()' Function Heap-based Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/56372

LibTIFF 't2_process_jpeg_strip()' Function Heap-based Buffer Overflow Vulnerability
2014-02-24
http://www.securityfocus.com/bid/59609

LibTIFF CVE-2013-4231 Multiple Buffer Overflow Vulnerabilities
2014-02-24
http://www.securityfocus.com/bid/61695

Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
2014-02-24
http://www.securityfocus.com/bid/63109

Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64880

Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64908

Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
2014-02-24
http://www.securityfocus.com/bid/64904

Exploit

Symantec Endpoint Protection Manager Remote Command Execution Exploit

22.2.2014

Bugtraq

CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability 2014-02-21
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:046 ] phpmyadmin 2014-02-21
security mandriva com

Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability 2014-02-21
Vulnerability Lab (research vulnerability-lab com)

ASUS router drive-by code execution via XSS and authentication bypass 2014-02-21
buqtraq kyber fi

Malware

Generic PUP.x!918DB3E64C28

Generic PUP.x!48D996DC13DF

Generic PUP.x!3E879961DF6C

DirectDownminer!A9E36AA6F7C0

RDN/Downloader.gen.a!B85C23AEB0AE

Generic PUP.x!1127173922FA

RDN/Generic PUP.x!46497CFB1F34

Generic PUP.x!05FEFC179278

Generic PUP.x!9AA31FA8D44A

Generic PUP.x!280A50AEB431

Generic PUP.x!0F8905A3E70E

Generic.bfr!CA64C34603B7

RDN/Generic Dropper!4A3097A6151C

DirectDownminer!66AA51834D1A

RDN/Generic.bfr!gd!96AD5C930E20

Generic PUP.x!747E894FC4C5

Generic PUP.x!A4251266735A

Generic PUP.x!080A17D7F02E

Generic PUP.x!1E23AB6A084B

Generic PUP.x!AA4A14F3B326

Generic PUP.x!34401878122F

Generic PUP.x!5691473E7192

Generic PUP.x!F124319D2E1A

Generic PUP.x!623E7CFCC831

Generic PUP.x!643009AAB5C0

Generic.bfr!F17F924BDBD6

Generic PUP.x!AE859727903D

DirectDownminer!C3AF09F7CFE1

Generic PUP.x!AA4236DE0D8D

RDN/Generic.bfr!gd!CDAA2F7BDFB7

Phishing

eBay Collections

22nd February 2014

FRIENDLY REMINDER: PAYMENT AND
UPDATED INFO NEEDED

Barclays Bank Plc

22nd February 2014

Account Suspended

CreditCardOnlineServices

21st February 2014

ONLINE STATEMENTS - RBS

PayPal

21st February 2014

ťCustomer Supportť

Vulnerebility

libssh Multiple Buffer Overflow and Denial of Service Vulnerabilities
2014-02-22
http://www.securityfocus.com/bid/56604

libssh CVE-2012-6063 Denial of Service Vulnerability
2014-02-22
http://www.securityfocus.com/bid/56848

Cisco Adaptive Security Appliance Phone Proxy sec_db Security Bypass Vulnerability
2014-02-22
http://www.securityfocus.com/bid/65707

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64691

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2014-02-22
http://www.securityfocus.com/bid/62857

GnuPG Key Flags Subpacket Security Bypass Vulnerability
2014-02-22
http://www.securityfocus.com/bid/62921

GnuPG CVE-2012-6085 Multiple Remote Memory Corruption Vulnerabilities
2014-02-22
http://www.securityfocus.com/bid/57102

libgcrypt RSA Secret Keys Information Disclosure Vulnerability
2014-02-22
http://www.securityfocus.com/bid/61464

phpMyAdmin 'import.php' Cross Site Scripting Vulnerability
2014-02-22
http://www.securityfocus.com/bid/65717

Cisco Adaptive Security Appliance Phone Proxy CTL Security Bypass Vulnerability
2014-02-22
http://www.securityfocus.com/bid/65708

tcptrack Command Line Parsing Heap Based Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/49352

X.Org libXfont BDF Font File Handling Stack Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64694

X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2014-02-22
http://www.securityfocus.com/bid/49124

Ruby Floating Point Parsing Heap Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/63873

RubyGems i18n Cross Site Scripting Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64076

LibTIFF CVE-2013-4244 Out of Bounds Memory Corruption Vulnerability
2014-02-22
http://www.securityfocus.com/bid/62019

LibTIFF CVE-2013-4232 Memory Corruption Vulnerability
2014-02-22
http://www.securityfocus.com/bid/61849

LibTIFF TIFF Image Heap Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/55673

LibTIFF CVE-2013-1961 Stack Based Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/59607

Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/65298

Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64891

LibTIFF 'TIFFScanlineSize()' Function Heap-based Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/56372

LibTIFF 't2_process_jpeg_strip()' Function Heap-based Buffer Overflow Vulnerability
2014-02-22
http://www.securityfocus.com/bid/59609

LibTIFF CVE-2013-4231 Multiple Buffer Overflow Vulnerabilities
2014-02-22
http://www.securityfocus.com/bid/61695

Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/63109

Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64880

Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64908

Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64904

Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64898

Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
2014-02-22
http://www.securityfocus.com/bid/64896

Exploit

 

21.2.2014

Bugtraq

Android & iOS Hands-on Exploitation at SyScan 2014 2014-02-20
xys3c team (security xysec com)

[ MDVSA-2014:045 ] libtar 2014-02-20
security mandriva com

SQL Injection in AdRotate 2014-02-20
High-Tech Bridge Security Research (advisory htbridge com)

[slackware-security] mariadb, mysql (SSA:2014-050-02) 2014-02-20
Slackware Security Team (security slackware com)

[slackware-security] kernel (SSA:2014-050-03) 2014-02-20
Slackware Security Team (security slackware com)

[HITB-Announce] Haxpo CFP 2014-02-20
Hafez Kamal (aphesz hackinthebox org)

VideoCharge Studio v2.12.3.685 cc.dll CHTTPResponse::GetHttpResponse() Buffer Overflow Remote Code Execution 2014-02-19
Julien Ahrens (info rcesecurity com)

Malware

Generic PUP.x!6527C3E9EA44

RDN/Generic.bfr!gd!5D735CC3D7DB

Generic PUP.x!FEF6C7BB7D3B

Generic PUP.x!3EA58306CE8C

Generic PUP.x!D50C027C0C7D

RDN/Spybot.worm!l!815DCFA3ACD3

RDN/Generic.bfr!gd!6C4615643479

Generic.bfr!19D127CAE839

Generic PUP.x!5F0854DD77C0

Generic PUP.x!9504B093CDBC

Generic PUP.x!9608EFFF53DC

Generic PUP.x!79AB9270C758

Generic PUP.x!2272DAF1D67F

Generic PUP.x!A4F1D6321725

Generic.bfr!609F56796ECB

Generic PUP.x!FE54A77A50D3

Generic PUP.x!83F0F7388500

Generic PUP.x!AEA396BF8888

Generic PUP.x!92FAF5A28909

RDN/Generic.bfr!gd!877D10157B85

Generic PUP.x!BE4570D1436E

Generic PUP.x!ED943F186476

Generic.bfr!A7ABCF03E6C2

Generic PUP.x!C1E3FB61F7AE

Generic.dx!A34C5693E49D

Downloader.gen.a!8030F7FFE7DB

RDN/Generic.bfr!gc!7CCD0FF941FA

RDN/Generic.bfr!gd!1E8B2CEB0FF5

Generic PUP.x!7CB5BB7798C1

Generic PUP.x!BCA9C2DEA423

Phishing

Skype

21st February 2014

New Payment To Skype !

Paypal

21st February 2014

Your PayPal account has been
temporarily limited

ebilling@bt.com

20th February 2014

Account Update

Vulnerebility

OpenSAML-Java ParserPool and Decrypter XML External Entity Injection Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64345

Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64437

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/63101

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64493

Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
2014-02-21
http://www.securityfocus.com/bid/65298

Linux Kernel 'compat_sys_recvmmsg()' Function Remote Memory Corruption Vulnerability
2014-02-21
http://www.securityfocus.com/bid/65255

libtar 'th_read()' Function Multiple Heap Buffer Overflow Vulnerabilities
2014-02-21
http://www.securityfocus.com/bid/62922

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64912

Mitsubishi MC-WorX 'IcoLaunch.dll'' ActiveX Control Remote Code Execution Vulnerability
2014-02-21
http://www.securityfocus.com/bid/62414

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2013-5889 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64931

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64932

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64928

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64919

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64920

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64916

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2013-5888 Local Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64925

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-21
http://www.securityfocus.com/bid/64914

Exploit

  VideoCharge Studio 2.12.3.685 GetHttpResponse() - MITM Remote Code Execution Exploit

  Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities

  Stark CRM 1.0 - Multiple Vulnerabilities

  Catia V5-6R2013 "CATV5_Backbone_Bus" - Stack Buffer Overflow

20.2.2014

Bugtraq

CA20140218-01: Security Notice for CA 2E Web Option 2014-02-19
Williams, James K (Ken Williams ca com)

[ MDVSA-2014:039 ] libgadu 2014-02-18
security mandriva com

Malware

Generic PUP.x!EC2C63088FB4

RDN/Generic PUP.x!1F87FBD740C3

RDN/Generic PUP.x!DD656B80E57F

RDN/Generic PUP.x!0A22584033D1

RDN/Generic PUP.x!8A11AC1FF9FA

Generic PUP.x!72A4FACF87CB

RDN/Generic PUP.x!4DDA4D44AD80

RDN/Generic PUP.x!bs3!CE38F6BD8CBE

Adware-SweetIM!14DB2AA0B37C

RDN/Autorun.worm.gen!0442E8FE39A7

Generic PUP.x!8F342DC84700

Generic PUP.x!19F3EB806002

Generic PUP.x!B4C8A76D7840

RDN/Generic PUP.x!8F62DF654129

Generic PUP.x!2D94B70C9EA2

Generic PUP.x!87B5CCD64863

Generic.bfr!8BEBC44CF377

Generic.bfr!8C19B842E888

RDN/Generic StartPage!605B47FF6A71

RDN/Generic BackDoor!E6E38AB466FA

Generic PUP.x!75985210F43A

Generic PUP.x!0C6353DF19E9

Generic PUP.x!599DE26AEB2D

Generic PUP.x!3C1F0DE685B4

Generic PUP.x!D7C538513C05

Generic PUP.x!B6005E0B3CCF

Generic PUP.x!BB33859E6CCD

Generic PUP.x!02632639377D

Generic PUP.x!B13C894EBDD9

RDN/Generic PUP.x!8ABF35BD3F5D

Phishing

alerts

20th February 2014

Regions Bank Alert: Contact
Details Changed

Halifax

19th February 2014

Online Banking Suspention

Vulnerebility

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63983

Xen CVE-2013-2212 Local Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/61424

Zarafa Collaboration Platform CVE-2014-0079 Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/65531

Zarafa Collaboration Platform CVE-2014-0037 Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/65280

Linux Kernel CVE-2013-6763 Integer Overflow Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63707

Linux Kernel CVE-2013-4470 Multiple Local Memory Corruption Vulnerabilities
2014-02-20
http://www.securityfocus.com/bid/63359

Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64013

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63887

Linux Kernel 'mp_get_count()' Function CVE-2013-4516 Local Information Disclosure Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63519

Android For MSM Goodix GT915 Touchscreen Driver Multiple Local Memory Corruption Vulnerabilities
2014-02-20
http://www.securityfocus.com/bid/63661

Android For MSM Project CVE-2013-6122 Local Security Bypass Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63655

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64270

Linux Kernel 'host.c' Multiple Denial of Service Vulnerabilities
2014-02-20
http://www.securityfocus.com/bid/59638

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63886

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64291

Linux Kernel 'kvm_main.c' Local Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63790

Linux Kernel 'drivers/staging/wlags49_h2/wl_priv.c' Local Buffer Overflow Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63509

Linux Kernel 'ipc_rcu_putref()' Function Local Denial of Service Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63445

Linux Kernel CVE-2013-4511 Multiple Integer Overflow Vulnerabilities
2014-02-20
http://www.securityfocus.com/bid/63512

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64328

Linux Kernel '/bcm/Bcmchar.c' CVE-2013-4515 Local Information Disclosure Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63518

eGroupware Unspecified HTML Injection Vulnerability
2014-02-20
http://www.securityfocus.com/bid/63711

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64919

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64932

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-02-20
http://www.securityfocus.com/bid/64930

Exploit

 

19.2.2014

Bugtraq

CA20140218-01: Security Notice for CA 2E Web Option 2014-02-19
Williams, James K (Ken Williams ca com)

[ MDVSA-2014:039 ] libgadu 2014-02-18
security mandriva com

[SECURITY] [DSA 2863-1] libtar security update 2014-02-18
Luciano Bello (luciano debian org)

CVE-2014-1215 - Local Code Execution in CoreFTP Core FTP Server 2014-02-18
Portcullis Advisories (advisories portcullis-security com)

[ MDVSA-2014:040 ] puppet 2014-02-18
security mandriva com

SEC Consult SA-20140218-0 :: Multiple critical vulnerabilities in Symantec Endpoint Protection 2014-02-18
SEC Consult Vulnerability Lab (research sec-consult com)

Re: [Full-disclosure] CVE-2013-1643 - Unauthorised Access To Other Users Email Messages in Symantec PGP Universal Web Messenger 2014-02-18
Tim Brown (tmb 65535 com)

Malware

Generic BackDoor!F7E4A2585172

RDN/Generic BackDoor!xd!55F54FB0DEC1

Generic BackDoor!A518956E4BBB

RDN/Generic.bfr!gb!B8D273711A4C

RDN/Generic.dx!c2y!C8F295A3337B

RDN/Generic.dx!c2y!847EBF9246D6

Generic.dx!D3523465760B

RDN/Generic PWS.y!yr!FF012BDDAD2F

RDN/Generic.dx!c2y!0B565C82C21B

RDN/Generic.tfr!du!135938230D4F

Qhost-Gen!A4D42AD2C23D

Generic Downloader.x!CC735773F021

DNSChanger.bfr!1431EBC7FE6E

Generic PUP.x!486DE03E83C8

RDN/Generic.tfr!00B268A7B20F

RDN/Generic BackDoor!BF51565D860B

Backdoor-FBSO!A727E4405A36

RDN/Qhost-Gen!be!C46AA8BAE3CF

RDN/Generic PUP.x!7AA461AD73F1

RDN/Generic.dx!BE2AAF72D9FE

Generic.bfr!E3BEFC028654

RDN/Generic.dx!D2BDEB0AF62C

Generic PUP.x!C8065F23A08D

RDN/Qhost-Gen!be!F15F23D2DA36

RDN/Spybot.bfr!0A04B49E6A00

Generic PUP.x!7A8FC79539DA

RDN/Generic.bfr!71CE3042A26F

RDN/Generic PUP.x!A4C97A4A1CC0

Generic PUP.x!6B1A44C4CAE6

RDN/Generic PUP.x!428E35E70A93

Phishing

Discover Card

19th February 2014

IMPORTANT MESSAGE ABOUT YOUR
DISCOVER CARDÂŽ

National Westminster Bank

19th February 2014

YOUR NATWEST CREDIT CARD
ONLINE SERVICES IS LOCKED OUT

ebilling@bt.com

19th February 2014

Account Update

Maria Ellis

19th February 2014

TESCO PRIZE INFORMATION - JOHN
PLATTS

Barclays PLC

19th February 2014

Review Your Account For
Payment Notification

Mail Team

19th February 2014

Upgrade Your E-mail!

Natwest

18th February 2014

NatWest Bank Notice.

Vulnerebility

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64916

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64935

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64928

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64912

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2013-5888 Local Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64925

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2013-5889 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64931

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64927

Linux Kernel CVE-2013-4345 Off-By-One Buffer Overflow Vulnerability
2014-02-19
http://www.securityfocus.com/bid/62740

Linux Kernel KVM 'recalculate_apic_map()' Function Denial of Service Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64319

Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64898

Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64904

Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64908

Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
2014-02-19
http://www.securityfocus.com/bid/65298

Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64880

Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64849

Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64891

Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64888

Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/63105

Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64896

Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64877

Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
2014-02-19
http://www.securityfocus.com/bid/63109

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64291

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64781

Linux Kernel CVE-2013-6432 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64135

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64954

Linux Kernel 'net/x25/af_x25.c' Local Information Disclosure Vulnerability
2014-02-19
http://www.securityfocus.com/bid/64746

Exploit

  WRT120N 1.0.0.7 Stack Overflow

  MediaWiki Thumb.php Remote Command Execution

  Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow

  Oracle Forms and Reports Remote Code Execution

  Audiotran PLS File Stack Buffer Overflow

  Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF Vulnerability

  Barracuda Message Archiver 650 - Persistent XSS Vulnerability

  Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

  My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities

  Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection

  Open Web Analytics 1.5.4 (owa_email_address param) - SQL Injection Vulnerability

  Catia V5-6R2013 "CATV5_AllApplications" - Stack Buffer Overflow

  SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service

18.2.2014

Bugtraq

 

Malware

Generic.tfr!07EC7F41EE59

Generic PUP.x!3DFA77C9085C

RDN/Generic PWS.y!yq!B23C2925EE2D

RDN/Generic.dx!C6794E6B2FD9

Generic PUP.x!FCA495EC69D7

Generic.bfr!DEDD160C2068

Generic.bfr!335DBF59314D

Generic.bfr!5ABD565B38FD

Generic PUP.x!B593693DCF9D

Generic.bfr!41B61BE8E3E5

Generic PUP.x!0AE0DB2DE7DC

Generic PUP.x!2A7119E4B747

Generic PUP.x!8CDEE2A986D8

Generic PUP.x!2255352F15B1

Generic PUP.x!1BF63394C47F

Generic.bfr!33C1329F75F6

Generic.bfr!3C60D084CD8A

Generic PUP.x!76973511D7A5

Generic PUP.x!FB46700C54A1

Generic PUP.x!37BB9B20A0A1

RDN/Generic.bfr!DD0D1BD9BDDC

Generic.bfr!37E0F302EE36

Generic.bfr!37D17CEC9675

Generic PUP.x!6929E54C6B8B

Generic.bfr!4B3B7C8ED2AB

Generic.bfr!6AAC2F1932F7

RDN/Generic PUP.x!C3A876EAECBB

Generic PUP.x!689CC3724B46

Generic PUP.x!BB6634BD651F

Generic PUP.x!54FE6D5E4309

Phishing

 

Vulnerebility

MaraDNS Remote Denial of Service Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65595

Oracle Fusion Middleware CVE-2012-3153 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/55961

Oracle Fusion Middleware CVE-2012-3152 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/55955

Cisco Content Security Management Appliance CVE-2013-3396 Cross Site Scripting Vulnerability
2014-02-18
http://www.securityfocus.com/bid/60829

Poppler Multiple Denial of Service and Memory Corruption Vulnerabilities
2014-02-18
http://www.securityfocus.com/bid/43594

Xpdf 'FoFiType1::parse()' Array Indexing Error Vulnerability
2014-02-18
http://www.securityfocus.com/bid/43841

XPDF 'Gfx::getPos()' (CVE-2010-3702) Unitialized Pointer Dereference Vulnerability
2014-02-18
http://www.securityfocus.com/bid/43845

Xpdf 'FoFiType1::parse' Buffer Overflow Vulnerability
2014-02-18
http://www.securityfocus.com/bid/37350

Linux Kernel 'compat_sys_recvmmsg()' Function Remote Memory Corruption Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65255

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64954

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64781

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65334

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65330

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65326

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65328

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65320

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-18
http://www.securityfocus.com/bid/65317

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64919

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65243

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
2014-02-18
http://www.securityfocus.com/bid/65492

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65188

Pidgin 'sipmsg_parse_header()' Function Buffer Overflow Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65195

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-02-18
http://www.securityfocus.com/bid/65192

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-02-18
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64920

Exploit

 

17.2.2014

Bugtraq

[ MDVSA-2014:038 ] kernel 2014-02-17
security mandriva com

Recon 2014 Call For Papers - June 27-29, 2014 - Montreal, Quebec 2014-02-17
cfp2014 recon cx

[ MDVSA-2014:036 ] varnish 2014-02-17
security mandriva com

[ MDVSA-2014:035 ] libpng 2014-02-17
security mandriva com

My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities 2014-02-17
Vulnerability Lab (research vulnerability-lab com)

Jetro Cockpit Secure Browsing vulnerability - Client missing input validation allowing RCE 2014-02-17
Ronen Z (ronen quaji com)

[SECURITY] [DSA 2862-1] chromium-browser security update 2014-02-16
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2861-1] file security update 2014-02-16
Salvatore Bonaccorso (carnil debian org)

File Hub v1.9.1 iOS - Multiple Web Vulnerabilities 2014-02-15
Vulnerability Lab (research vulnerability-lab com)

mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities 2014-02-15
Vulnerability Lab (research vulnerability-lab com)

Malware

DNSChanger.bfr!D6D7FFF0C4E0

Generic PUP.x!C5418A37E0C0

Generic PUP.x!773748404D04

Generic.bfr!E345D42F5DA2

DNSChanger.bfr!D4F09B5C20C0

Generic PUP.x!9065551320DD

Generic PUP.x!DBA3691C9A85

Generic PUP.x!7C52E14F2773

Generic PUP.x!ED7D5EC0779A

Generic PUP.x!9735CB2A5223

Generic PUP.x!894BC0214D98

Generic PUP.x!960937B74DEC

Generic PUP.x!ACA42B26934A

RDN/Generic PUP.x!6F1E23838748

RDN/Generic.bfr!555148E82B5A

Downloader-FLN!68542708B4E8!68542708B4E8

Generic PUP.x!19BD5A833071

Downloader.gen.a!0BC50BC00F68

Generic PUP.x!BE413BDE1662

Obfuscated-FBU!hb!E4997B15061E

RDN/Generic.bfr!6EC0F1C5D8E6

Generic PUP.x!2CAF348FC90B

Generic PUP.x!9CF02A0359AB

Generic PUP.x!95A908EDC05A

Generic PUP.x!262B794586BB

Generic.bfr!0D8D14A50134

Generic PUP.x!18BE9FCF90F4

Generic PUP.x!71B1A9C7F68B

Generic PUP.x!08E8CD1C35D1

Generic PUP.x!95BF5FBAE06A

Phishing

Skype

17th February 2014

New Payment To Skype !

Barclays Bank Plc

17th February 2014

ACCOUNT SUSPENDED.

Virgin Media

17th February 2014

VIRGIN PROFILE UPDATE

Barclays Bank

17th February 2014

BARCLAYS - NEW E-STATEMENT
NOTIFICATION!

Barclays Online Banking

16th February 2014

Barclays - You Have An
Important Account Message!

Natwest

16th February 2014

Natwest Account Warning Alert

Vulnerebility

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64919

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-02-17
http://www.securityfocus.com/bid/65243

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
2014-02-17
http://www.securityfocus.com/bid/65492

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-02-17
http://www.securityfocus.com/bid/65188

Pidgin 'sipmsg_parse_header()' Function Buffer Overflow Vulnerability
2014-02-17
http://www.securityfocus.com/bid/65195

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-02-17
http://www.securityfocus.com/bid/65192

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64920

Multiple Vendor SSL/TLS Renegotiation Denial Of Service Vulnerability
2014-02-17
http://www.securityfocus.com/bid/48626

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64928

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64912

Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64882

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64907

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64932

Oracle Java SE CVE-2013-5888 Local Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64925

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64916

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-02-17
http://www.securityfocus.com/bid/64894

Exploit

  Linksys E-series Unauthenticated Remote Code Execution Exploit

  HP Data Protector EXEC_BAR Remote Command Execution

  Dexter (CasinoLoader) SQL Injection

  ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)

  Dexter (CasinoLoader) Panel - SQL Injection

  Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability

  Office Assistant Pro 2.2.2 iOS - File Include Vulnerability

  mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities

  File Hub 1.9.1 iOS - Multiple Vulnerabilities

14.2.2014

Bugtraq

[ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com) 2014-02-13
ISecAuditors Security Advisories (advisories isecauditors com)

Wordpress plugin Buddypress <= 1.9.1 privilege escalation vulnerability 2014-02-13
Pietro Oliva (pietroliva gmail com)

Wordpress plugin Buddypress <= 1.9.1 stored xss vulnerability 2014-02-13
Pietro Oliva (pietroliva gmail com)

Malware

Generic PUP.x!90B2D665A0F2

Adware-FFN!A32167A96CC9!A32167A96CC9

RDN/Downloader.a!pf!C70B46EBBE51

Generic PUP.x!AD67B6CF54A0

Generic PUP.x!88EA0D7CFDAB

Generic PUP.x!E4D67963ABEF

Generic PUP.x!B9EBA116675A

Generic PUP.x!4BDC428DA0CA

Generic PUP.x!981476C97A60

Adware-FFN!F6290526CADD!F6290526CADD

Generic PUP.x!945DD0108032

Generic PUP.x!05A341AACF3C

Generic PUP.x!E9F94C5BD494

Generic PUP.x!82F2A5874FB9

Generic PUP.x!EB3A9FF9C52B

Generic PUP.x!9A24AEB8709C

Generic PUP.x!B2101E45F06B

Generic PUP.x!9EE3A6A6DB3E

Generic PUP.x!BB24EF80AE8B

Generic PUP.x!EB4A82F55C23

Generic PUP.x!AFBF569361BE

Generic PUP.x!8484262D7C65

Generic PUP.x!3F07829D27BE

Generic.bfr!A1384C8CA6A7

W32/Relnek!ACD4A259A8E9

RDN/Generic PUP.x!41001E72B74A

Generic PUP.x!51551E907802

Generic.bfr!D9F2F66537A0

Generic PUP.x!2E48626DB59D

Generic PUP.x!DE13FCE2C7CE

Phishing

PayPal

14th February 2014

WARNING ! YOUR ACCOUNT HAS
BEEN LIMITED

Tesco

13th February 2014

SPECIAL REWARD FOR TESCO
CUSTOMERS

Barclays Bank UK

13th February 2014

WE NEED TO UPDATE SOME
IMPORTANT INFORMATION

Vulnerebility

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65332

Microsoft Internet Explorer CVE-2014-0281 Memory Corruption Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65381

Mozilla Firefox/SeaMonkey CVE-2014-1483 Multiple Information Disclosure Vulnerabilities
2014-02-14
http://www.securityfocus.com/bid/65316

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-02-14
http://www.securityfocus.com/bid/65324

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-14
http://www.securityfocus.com/bid/65317

Microsoft Internet Explorer CVE-2014-0289 Memory Corruption Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65389

EMC AlphaStor Library Control Program CVE-2013-0946 Buffer Overflow Vulnerability
2014-02-14
http://www.securityfocus.com/bid/59794

IBM QRadar Security Information and Event Manager Multiple Security Vulnerabilities
2014-02-14
http://www.securityfocus.com/bid/65127

IBM QRadar Security Information and Event Manager CVE-2013-5448 Cross Site Scripting Vulnerability
2014-02-14
http://www.securityfocus.com/bid/63938

IBM QRadar Security Information and Event Manager CVE-2013-6307 Cross Site Scripting Vulnerability
2014-02-14
http://www.securityfocus.com/bid/63939

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65335

Mozilla Firefox/SeaMonkey CVE-2014-1480 Security Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65331

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65334

Mozilla Firefox/SeaMonkey CVE-2014-1489 Security Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65329

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65330

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65328

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65320

Mozilla Firefox/SeaMonkey CVE-2014-1485 Cross Site Scripting Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65322

Mozilla Firefox for Android Profile Paths Leak Information Disclosure Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65323

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65326

Mozilla Firefox/SeaMonkey CVE-2014-1488 Remote Code Execution Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65321

Microsoft Internet Explorer CVE-2014-0288 Memory Corruption Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65388

Microsoft Internet Explorer CVE-2014-0269 Memory Corruption Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65363

IBM Lotus Quickr for Domino ActiveX Control CVE-2013-6749 Buffer Overflow Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65193

Microsoft Internet Explorer CVE-2014-0270 Memory Corruption Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65367

IBM Platform Symphony SOAP Request CVE-2013-5387 Remote Buffer Overflow Vulnerability
2014-02-14
http://www.securityfocus.com/bid/63517

Microsoft Windows Graphics Component CVE-2014-0263 Remote Code Execution Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65393

Multiple Generel Electric Products Shell Upload Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65117

Multiple Generel Electric Products 'gefebt.exe' Shell Upload Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65124

fwsnort 'fwsnort.conf' Local Privilege Escalation Vulnerability
2014-02-14
http://www.securityfocus.com/bid/65341

Exploit

 

13.2.2014

Bugtraq

 

Malware

RDN/Spybot.bfr!2F45E74088D6

RDN/Generic.bfr!fy!9CE787D29873

RDN/Generic PUP.x!bsj!B1F1CD68B610

RDN/Spybot.bfr!BF55FDA2D98B

RDN/Generic.bfr!fy!43EA03E6D29F

Generic PUP.x!31B1DE6A6684

RDN/Spybot.bfr!6D86F521CF90

RDN/Spybot.bfr!l!C716003F60D0

Generic PUP.x!E5E0E2D0F132

Generic PUP.x!F99F904A07ED

Generic PUP.x!4A1872E45C72

Generic PUP.x!E52FD65FC2D5

Generic PUP.x!357FD1A9D2FD

Generic PUP.x!594F081F5B60

Generic PUP.x!22687B17A46D

RDN/Generic.dx!AB1F69E43A6A

Generic PUP.x!A59240F45D23

Generic PUP.x!FA15C06D9704

Generic PUP.x!EC5DD3CDB5F1

Generic PUP.x!2E8A715C97BA

RDN/PWS-Zbot.agg!c!DF6B0D82EBAB

Generic PUP.x!2EE7EF151323

Generic PUP.x!36307428256C

Generic PUP.x!BCFEE7F8D422

Generic PUP.x!CEE18FF92219

Generic PUP.x!F32C506FD294

Generic PUP.x!E534C07AA94A

RDN/Spybot.bfr!7CA8657F3C3B

Generic PUP.x!9B99F7320796

RDN/Generic.bfr!D22A0A6FA421

Phishing

NatWest PLC

12th February 2014

You have 1 new message

Barclays Bank

12th February 2014

ACCOUNT SUSPENDED BY
ERRORS....... YUGZPTPONF

Natwest

12th February 2014

Account Suspenstion
Notification

Apple

12th February 2014

YOUR APPLE ID WAS USED TO SIGN
IN TO ICLOUD ON AN IPHONE 5

Vulnerebility

Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64908

Cisco Unified Communications Manager Java Database Interface SQL Injection Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65499

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64291

Linux Kernel KVM CVE-2013-1798 Denial of Service Vulnerability
2014-02-13
http://www.securityfocus.com/bid/58604

Linux Kernel KVM 'MSR_KVM_SYSTEM_TIME' Use After Free Memory Corruption Vulnerability
2014-02-13
http://www.securityfocus.com/bid/58605

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64270

QEMU CVE-2012-6075 Buffer Overflow Vulnerability
2014-02-13
http://www.securityfocus.com/bid/57420

Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64898

Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64904

Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64896

Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65298

Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64880

Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64877

Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/64849

D.R. Software Audio Converter '.pls' File Remote Buffer Overflow Vulnerability
2014-02-13
http://www.securityfocus.com/bid/40618

Sitecore CMS 'xmlcontrol' Parameter Cross-Site Scripting Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65254

ImageMagick PSD Image File Handling Remote Buffer Overflow Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65478

Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65379

OpenStack Glance Information Disclosure Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65507

Zavio IP Cameras CVE-2013-2569 Security Bypass Vulnerability
2014-02-13
http://www.securityfocus.com/bid/60191

Novell iPrint Client CVE-2013-1091 Buffer Overflow Vulnerability
2014-02-13
http://www.securityfocus.com/bid/59612

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-02-13
http://www.securityfocus.com/bid/65324

Boehm GC malloc()' and 'calloc()' Multiple Buffer Overflow Vulnerabilities
2014-02-13
http://www.securityfocus.com/bid/54227

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65326

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65320

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65330

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65334

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-13
http://www.securityfocus.com/bid/65317

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65335

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-02-13
http://www.securityfocus.com/bid/65332

Exploit

 

12.2.2014

Bugtraq

 

Malware

Generic PUP.x!62EDA83E116B

Generic PUP.x!2A89D7054CDF

Generic PUP.x!1AD24DA7CA3A

RDN/Generic.bfr!fz!CE239D77E1E9

Generic PUP.x!DFF0546A381D

Generic PUP.x!2D68C2377AF7

Generic PUP.x!EF35B32A86AF

Generic.bfr!1F6AD4D872CA

Generic PUP.x!C7B20062626B

Generic PUP.x!4B1A62776CDA

Generic.bfr!A972E22AF1A7

RDN/Generic PUP.x!bsh!B5307C301B0A

Generic PUP.x!8816F5259ED5

RDN/Generic PUP.x!bsh!00B45CA0B583

Generic PUP.x!04E7F6A8361D

Generic PUP.x!228C284E5D8F

Generic PUP.x!9B60BF120716

Generic PUP.x!59B670E66FA9

Generic PUP.x!4D983943C4F3

Generic PUP.x!C4AF3FB46D5A

Generic PUP.x!E70C7773BFAC

Generic PUP.x!CC1992898715

Generic.bfr!92943D2E4085

RDN/Generic Dropper!D26DA2C617D3

Generic PUP.x!69D546E4FCEC

Generic PUP.x!5CD52A4AE9C7

RDN/Spybot.bfr!507272B43A65

Generic PUP.x!A19F97BC457B

RDN/Generic Downloader.x!js!B1C468E865F8

RDN/Spybot.bfr!8D57FCB7BE1C

Phishing

Apple

12th February 2014

YOUR APPLE ID WAS USED TO SIGN
IN TO ICLOUD ON AN IPHONE 5

BARCLAYS

11th February 2014

BARCLAYS - New Payment
Notification!

USAA

10th February 2014

USAA: Validate Your Online
Account

Natwest Bank Plc

10th February 2014

SECURITY ALERT (SECURE YOUR
ONLINE CREDIT CARD ACCESS)

Vulnerebility

Samba ACL Check Security Bypass Vulnerability
2014-02-12
http://www.securityfocus.com/bid/63646

Samba 'dcerpc_read_ncacn_packet_done()' Function Heap Buffer Overflow Vulnerability
2014-02-12
http://www.securityfocus.com/bid/64191

Perl 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service Vulnerability
2014-02-12
http://www.securityfocus.com/bid/47006

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2014-02-12
http://www.securityfocus.com/bid/62857

GnuPG CVE-2012-6085 Multiple Remote Memory Corruption Vulnerabilities
2014-02-12
http://www.securityfocus.com/bid/57102

GnuPG Key Flags Subpacket Security Bypass Vulnerability
2014-02-12
http://www.securityfocus.com/bid/62921

Adobe Shockwave Player CVE-2014-0500 Memory Corruption Vulnerability
2014-02-12
http://www.securityfocus.com/bid/65490

Adobe Flash Player and AIR CVE-2013-5330 Remote Memory Corruption Vulnerability
2014-02-12
http://www.securityfocus.com/bid/63680

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-02-12
http://www.securityfocus.com/bid/64328

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-02-12
http://www.securityfocus.com/bid/65192

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-02-12
http://www.securityfocus.com/bid/65243

Pidgin 'sipmsg_parse_header()' Function Buffer Overflow Vulnerability
2014-02-12
http://www.securityfocus.com/bid/65195

Pidgin CVE-2013-6486 Incomplete Fix Remote Code Execution Vulnerability
2014-02-12
http://www.securityfocus.com/bid/65189

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-02-12
http://www.securityfocus.com/bid/65188

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64918

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64914

Pacemaker Insecure Temporary File Creation Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65472

IBM Eclipse Help System CVE-2013-5449 Cross Site Scripting Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64058

Linux Kernel 'net/x25/af_x25.c' Local Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64746

Linux Kernel 'net/netrom/af_netrom.c' Local Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64742

Linux Kernel 'net/ipx/af_ipx.c' Local Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64741

Linux Kernel 'net/packet/af_packet.c' Local Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64744

Linux Kernel 'net/appletalk/ddp.c' Local Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64739

Linux Kernel AACRAID Driver Compat IOCTL Local Security Bypass Vulnerability
2014-02-11
http://www.securityfocus.com/bid/63888

Linux Kernel 'drivers/isdn/mISDN/socket.c' Local Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64743

Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64013

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-02-11
http://www.securityfocus.com/bid/63887

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-02-11
http://www.securityfocus.com/bid/63886

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64291

Exploit

jDisk (stickto) v2.0.3 iOS - Multiple Vulnerabilities

NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities

Apache Commons FileUpload and Apache Tomcat Denial-of-Service

11.2.2014

Bugtraq

 

Malware

Generic PUP.x!FA74FC0E6033

Generic.bfr!4593E006D508

RDN/Generic Downloader.x!js!8A53F59A07D6

Generic PUP.x!BE133F079524

Generic PUP.x!1BB1685351B4

Generic BackDoor!C7B49A622711

Generic.bfr!655F6BC7F534

Generic PUP.x!E47F57BB260F

Generic PUP.x!29FEC593A7EF

Generic PUP.x!23B63E37C4DF

Generic PUP.x!E3566A24D9D5

Generic PUP.x!8F71DDA7DBFF

Generic.bfr!293DA473698C

RDN/Generic Dropper!FB220D2D3A82

Generic PUP.z!3B6D78F39501

Generic.bfr!930580A3A1CF

RDN/Spybot.bfr!B74C62B903D6

Generic PUP.x!C9F3586B86B1

Generic PUP.x!03C4A271A68F

Generic.bfr!4FE223BA47FA

Generic.bfr!98231E49725C

Generic.bfr!AA478346B536

Generic PUP.x!15C1218DE5B7

Generic.bfr!F7ABF5061A86

Generic PUP.x!C9279C4F50F4

PWS-FBPC!E8297E038D9F

Generic.bfr!11558D7D6EF9

RDN/Generic.bfr!fz!53E4184503AD

RDN/Generic.bfr!fz!05892C24389E

RDN/Generic.bfr!fz!982D58676A42

Phishing

USAA

10th February 2014

USAA: Validate Your Online
Account

Natwest Bank Plc

10th February 2014

SECURITY ALERT (SECURE YOUR
ONLINE CREDIT CARD ACCESS)

Natwest

9th February 2014

Natwest Credit Card Security
Alert

Lloyds Bank

9th February 2014

ONLINE SECURITY - RECOGNISING
charset=utf-8"> New Page 2

Discover.com

9th February 2014

Please Update your
Discover.com Account

Vulnerebility

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65270

Tableau Server Multiple SQL Injection Vulnerabilities
2014-02-11
http://www.securityfocus.com/bid/65171

Multiple WellinTech Products ActiveX Remote Code Execution Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64941

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3881 Local Privilege Escalation Vulnerability
2014-02-11
http://www.securityfocus.com/bid/62830

Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65327

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65332

VxWorks Debugging Service Security-Bypass Vulnerability
2014-02-11
http://www.securityfocus.com/bid/42158

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65188

Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
2014-02-11
http://www.securityfocus.com/bid/26663

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65243

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65192

Pidgin 'sipmsg_parse_header()' Function Buffer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65195

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-02-11
http://www.securityfocus.com/bid/65324

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65335

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65328

Xen libvchan Xenstore Ring Indexes Local Privilege Escalation Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65424

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65334

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65326

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65320

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65330

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-11
http://www.securityfocus.com/bid/65317

CHICKEN 'read-string!' Procedure Remote Buffer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/62690

GNU libiberty '_objalloc_alloc()' Function CVE-2012-3509 Remote Integer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/55281

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65258

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-02-11
http://www.securityfocus.com/bid/64493

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-02-11
http://www.securityfocus.com/bid/65223

Contao CMS Multiple PHP Object Injection Vulnerabilities
2014-02-11
http://www.securityfocus.com/bid/65293

IcedTea-Web LiveConnect Implementation Insecure Temporary File Creation Vulnerability
2014-02-11
http://www.securityfocus.com/bid/65437

PHP NULL Character Security Bypass Vulnerability
2014-02-11
http://www.securityfocus.com/bid/44951

International Components for Unicode Use After Free Remote Code Execution Vulnerability
2014-02-11
http://www.securityfocus.com/bid/62968

Exploit

  KingScada kxClientDownload.ocx ActiveX Remote Code Execution

  Kloxo SQL Injection and Remote Code Execution

  Windows TrackPopupMenuEx Win32k NULL Page

  D-Link DSL-2750B ADSL Router - CSRF Vulnerability

  Wordpress Frontend Upload Plugin - Arbitrary File Upload

  WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities

  Tableau Server - Blind SQL Injection Vulnerability

  Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability

10.2.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-039-02) 2014-02-08
Slackware Security Team (security slackware com)

ASUS AiCloud Enabled Routers 12 Models - Authentication bypass and Sensitive file/path disclosure 2014-02-08
kyle Lovett (krlovett gmail com)

[slackware-security] seamonkey (SSA:2014-039-03) 2014-02-08
Slackware Security Team (security slackware com)

#CONFidence 2014- Call for Papers, only 0111 days left to become CONFidence ninja 2014-02-08
Andrzej Targosz (andrzej targosz proidea org pl)

[slackware-security] mozilla-firefox (SSA:2014-039-01) 2014-02-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2857-1] libspring-java security update 2014-02-08
Moritz Muehlenhoff (jmm debian org)

[oCERT-2014-001] MantisBT input sanitization errors 2014-02-08
Andrea Barisani (lcars ocert org)

Malware

RDN/Downloader.a!pd!A4E26BE78666

Generic PUP.x!F5C2FD75AF66

Generic PUP.x!D727DEF39B0F

Generic PUP.x!60B939897DDA

Generic PUP.x!750691431D17

Generic.bfr!0288D5C42736

Generic PUP.x!B1364BA4237B

Generic PUP.x!AC62EC4694DB

Generic PUP.x!FC581FC7B498

Generic PUP.x!4FFCDC5FC3B6

Generic PUP.x!9A9B38D1824F

Generic PUP.x!707BD1F66C35

Generic PUP.x!111BE75E12E8

RDN/Generic.dx!A12B21E01E97

Generic PUP.x!6A07A05457A5

Generic PUP.x!47B984F561BC

Generic PUP.x!E217D36BDCAE

Generic PUP.x!1D1D5B376653

RDN/Generic PUP.x!27F6143589CE

Generic PUP.x!99A46C6C7D19

Generic PUP.x!E1DFA29B170A

RDN/Spybot.bfr!A35F9A7504F1

Generic PUP.x!880AFE6CFD37

Generic PUP.x!861B05922153

Generic PUP.x!6213C7B09F93

Generic PUP.x!8199FEF50A9E

Generic PUP.x!0F754D46C88A

RDN/Generic PUP.x!1229061EAB56

Generic PUP.x!3E3993DCB770

Generic PUP.x!D1EE0F6E61AA

Phishing

Natwest

9th February 2014

Natwest Credit Card Security
Alert

Lloyds Bank

9th February 2014

ONLINE SECURITY - RECOGNISING
charset=utf-8"> New Page 2

Discover.com

9th February 2014

Please Update your
Discover.com Account

Lloyds Internet Banking

8th February 2014

YOUR ONLINE BANKING ACCESS HAS
BEEN SUSPENDED

Barclays Bank Plc

8th February 2014

Account Suspended.

Google Inc.

8th February 2014

GOOGLE PRIVACY POLICY TERMS OF
SERVICE

Discover.com

8th February 2014

Please Update your
Discover.com Account

Vulnerebility

Spring Framework 'JavaScriptUtils.javaScriptEscape()' Method Cross Site Scripting Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64948

Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities
2014-02-10
http://www.securityfocus.com/bid/64947

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65400

DjVuLibre '.djv' File CVE-2012-6535 Remote Memory Corruption Vulnerability
2014-02-10
http://www.securityfocus.com/bid/58610

Twibright Labs links2 CVE-2013-6050 Integer Overflow Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64056

PulseAudio Insecure Temporary File Creation Vulnerability
2014-02-10
http://www.securityfocus.com/bid/38768

Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
2014-02-10
http://www.securityfocus.com/bid/62939

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65335

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65330

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65334

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65328

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-10
http://www.securityfocus.com/bid/65317

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64944

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65332

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65320

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-02-10
http://www.securityfocus.com/bid/65324

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65326

Xen libvchan Xenstore Ring Indexes Local Privilege Escalation Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65424

Zabbix User Spoofing Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65402

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2014-02-10
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-4511 Multiple Integer Overflow Vulnerabilities
2014-02-10
http://www.securityfocus.com/bid/63512

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64270

Linux Kernel 'oz_cdev_write()' Function Local Buffer Overflow Vulnerability
2014-02-10
http://www.securityfocus.com/bid/63508

Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65327

Mozilla Thunderbird/Seamonkey CVE-2013-6674 HTML Injection Vulnerability
2014-02-10
http://www.securityfocus.com/bid/65158

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64291

Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64013

Linux Kernel CVE-2013-6431 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64137

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-02-10
http://www.securityfocus.com/bid/63887

Linux Kernel KVM 'recalculate_apic_map()' Function Denial of Service Vulnerability
2014-02-10
http://www.securityfocus.com/bid/64319

Exploit

ZTE ZXV10 W300 Router - Hardcoded Credentials

8.2.2014

Bugtraq

 

Malware

Generic PUP.x!EB18DD64286E

RDN/Generic BackDoor!wz!B1D666B17B7C

Generic PUP.x!A3319E0DA236

Generic.bfr!5F046B2022EF

Generic PUP.x!319C6306DCEE

Generic PUP.x!22FCC93FBD23

Generic PUP.x!C200A6682C8A

Generic PUP.x!4A183BC84664

Generic PUP.x!2F2965A26024

Generic.dx!B01FE5CA1A77

Generic PUP.x!83D86F4D7F11

Generic PUP.x!8BA44FADF429

Adware-OpenCandy!3A5F36CCD3B4!3A5F36CCD3B4

Adware-OpenCandy!60A7EB857FB0!60A7EB857FB0

Generic PUP.x!19C7E40FC52F

Generic.bfr!6040F8325E61

BackDoor-CEP.gen.cn!ACF3CB90EC4F

Generic PUP.x!649E151AA743

RDN/Generic.bfr!4B3A0892BCE8

RDN/Generic.bfr!EFFBD34C39B0

Generic PUP.x!58FCE07537DE

Generic PUP.x!D7C029035793

Generic PUP.x!CDC7AED8A916

Generic PUP.x!E932293C96E9

Generic PUP.x!4E89AA41CFEA

Generic PUP.x!305A7DCA5CCE

Generic PUP.x!7B3FB6674817

Generic PUP.x!8D76B57AF6AF

Generic PUP.x!CF06DD69EAF6

Generic PUP.x!370F982D3808

Phishing

Barclays Bank Plc

8th February 2014

ACCOUNT SUSPENDED !

Barclays

7th February 2014

Alert - Service(s) listed
suspended!

Vulnerebility

Xen libvchan Xenstore Ring Indexes Local Privilege Escalation Vulnerability
2014-02-08
http://www.securityfocus.com/bid/65424

Zabbix User Spoofing Vulnerability
2014-02-08
http://www.securityfocus.com/bid/65402

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2014-02-08
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-4511 Multiple Integer Overflow Vulnerabilities
2014-02-08
http://www.securityfocus.com/bid/63512

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64270

Linux Kernel 'oz_cdev_write()' Function Local Buffer Overflow Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63508

Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
2014-02-08
http://www.securityfocus.com/bid/65327

Mozilla Thunderbird/Seamonkey CVE-2013-6674 HTML Injection Vulnerability
2014-02-08
http://www.securityfocus.com/bid/65158

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64291

Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64013

Linux Kernel CVE-2013-6431 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64137

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63887

Linux Kernel KVM 'recalculate_apic_map()' Function Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64319

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63886

Linux Kernel 'drivers/staging/wlags49_h2/wl_priv.c' Local Buffer Overflow Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63509

Linux Kernel 'skb_flow_dissect()' Function CVE-2013-4348 Remote Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63536

Linux Kernel '/bcm/Bcmchar.c' CVE-2013-4515 Local Information Disclosure Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63518

Linux Kernel 'compat_sys_recvmmsg()' Function Remote Memory Corruption Vulnerability
2014-02-08
http://www.securityfocus.com/bid/65255

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64328

Linux Kernel CVE-2013-1792 Local Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/58368

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-02-08
http://www.securityfocus.com/bid/65188

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63102

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-02-08
http://www.securityfocus.com/bid/64781

IBM Java CVE-2013-4041 Unspecified Security Bypass Vulnerability
2014-02-08
http://www.securityfocus.com/bid/63619

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/65434

Hitachi Multiple Cosminexus Products JAXP XML Processing Remote Code Execution Vulnerability
2014-02-07
http://www.securityfocus.com/bid/65433

Palo Alto Networks PAN-OS Certificate Invalidation Security Bypass Vulnerability
2014-02-07
http://www.securityfocus.com/bid/65423

Exploit

  Pandora FMS Remote Code Execution

  Android Browser and WebView addJavascriptInterface Code Execution

  Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities

  CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

  AuraCMS 2.3 - Multiple Vulnerabilities

  doorGets CMS 5.2 - SQL Injection Vulnerability

7.2.2014

Bugtraq

Information on recently-fixed Oracle VM VirtualBox vulnerabilities 2014-02-07
Matthew Daley (mattd bugfuzz com)

[SECURITY] [DSA 2852-1] libgadu security update 2014-02-06
Florian Weimer (fw deneb enyo de)

Malware

Generic PUP.x!7C81EC28E23D

Generic PUP.x!B6E1E46D6E77

Generic PUP.x!AABDC10D7A74

Generic PUP.x!D35102C73E58

W32/Expiro.gen.p!62827F36DE95

Generic PUP.x!CC402283B599

Generic PUP.x!57C2C2D8A183

Generic PUP.x!A56D845E944A

Generic.bfr!C24AF1032EF2

Generic PUP.x!52DB55219AD8

Generic PUP.x!96934F399C5C

Generic.bfr!00CFB4727B29

Generic.bfr!676EFCEB6345

Generic PUP.x!3E278A30FA5A

Generic PUP.x!60EC6CA17C25

Downloader.gen.a!14051428EE36

Generic.bfr!278FDC1B73E2

Generic PUP.x!98EAADE69FB5

Generic PUP.x!D65FB8C4BB89

Generic.bfr!FDBF7FD0FC8B

Generic PUP.x!AE9C6625CC40

Generic PUP.x!BD6E6DDCCC9A

Generic PUP.x!72E95C59BFF2

Generic.bfr!7DC1E5555C7B

Generic.bfr!B84A2E37C4E7

RDN/Generic.dx!c2o!87C524A3BA5E

Generic.bfr!031E09513247

Generic.bfr!576D9F1102B5

Generic PUP.x!F63A785FF9AE

Generic.bfr!2B67C434A684

Phishing

Apple

6th February 2014

YOUR APPLE ID WAS USED TO SIGN
IN TO ICLOUD ON AN IPHONE 5

Vulnerebility

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63886

Linux Kernel 'compat_sys_recvmmsg()' Function Remote Memory Corruption Vulnerability
2014-02-07
http://www.securityfocus.com/bid/65255

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64270

Linux Kernel KVM 'recalculate_apic_map()' Function Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64319

Linux Kernel 'kvm_vm_ioctl_create_vcpu()' Function Local Privilege Escalation Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64328

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64291

Linux Kernel CVE-2013-6431 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64137

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63887

Linux Kernel CVE-2013-1792 Local Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/58368

Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64013

Linux Kernel 'skb_flow_dissect()' Function CVE-2013-4348 Remote Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63536

Linux Kernel 'oz_cdev_write()' Function Local Buffer Overflow Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63508

Linux Kernel '/bcm/Bcmchar.c' CVE-2013-4515 Local Information Disclosure Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63518

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2014-02-07
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-4511 Multiple Integer Overflow Vulnerabilities
2014-02-07
http://www.securityfocus.com/bid/63512

Linux Kernel 'drivers/staging/wlags49_h2/wl_priv.c' Local Buffer Overflow Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63509

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63102

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-02-07
http://www.securityfocus.com/bid/64781

IBM Java CVE-2013-4041 Unspecified Security Bypass Vulnerability
2014-02-07
http://www.securityfocus.com/bid/63619

Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65327

Linux Kernel 'nf_nat_irc.c' Local Information Disclosure Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65180

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/60641

Oracle Java SE CVE-2013-2460 Remote Java Runtime Environment Vulnerability
2014-02-06
http://www.securityfocus.com/bid/60635

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2013-5820 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/63133

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-2458 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/60652

Oracle Java SE CVE-2013-5819 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/63141

Exploit

  Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation Vulnerability

  PHP Webcam Video Conference - Multiple Vulnerabilities

  Joomla 3.2.1 - SQL Injection Vulnerability

  Publish-It 3.6d - Buffer Overflow Vulnerability

6.2.2014

Bugtraq

ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability 2014-02-05
Security Alert (Security_Alert emc com)

Security Advisory: NETGEAR Router D6300B Firmware: V1.0.0.14_1.0.14 2014-02-05
marcel mangold syss de

Malware

Generic PUP.x!2FE6E138E8E3

Generic PUP.x!0DCDA4206CEA

Generic PUP.x!B7E0B0C088FD

Generic PUP.x!741A18F99B8E

Generic.dx!07F8BAD3AB0D

Generic PUP.x!41A23BC4699F

RDN/Generic PUP.x!43A69ECE2F2A

Generic.bfr!0BAE712925D1

Generic.bfr!589C2FC40C40

Generic PUP.x!4E2680E323C5

Generic PUP.x!1B9E0146B418

Generic PUP.x!3AAC827224EE

Generic.bfr!30A9EA17FC27

Generic PUP.x!25E27B8D4073

Generic PUP.x!EC62F01A1F61

Generic PUP.x!1D4E16DCAD50

Generic PUP.x!F63A16AAFD9D

Downloader.gen.a!84CB36C44CE5

Generic PUP.x!292DD85DA792

Generic PUP.x!701C69E22E6A

Generic PUP.x!2EF2BAC4405C

RDN/Spybot.bfr!9C22A84E3325

RDN/Generic PUP.x!brv!464BBEED1735

Generic PUP.x!FDEEEA9667A8

Generic PUP.x!360E52E176D2

Generic PUP.x!F419CBE9F662

Generic PUP.x!8EB5CD4110A5

Generic PUP.x!9238A395DA75

Generic Downloader.x!1935632AFA29

Generic PUP.x!2661C0C0667A

Phishing

Digital Banking Service

5th February 2014

YOU HAVE 1 NEW SECURITY
MESSAGE FROM RBS CREDITCARD.

Vulnerebility

FFmpeg and Libav Multiple Remote Security Vulnerabilities
2014-02-06
http://www.securityfocus.com/bid/63796

FFmpeg Prior to 2.1 Multiple Remote Vulnerabilities
2014-02-06
http://www.securityfocus.com/bid/63936

FFmpeg Multiple Remote Vulnerabilities
2014-02-06
http://www.securityfocus.com/bid/51720

FFmpeg Prior to 1.1.2 Multiple Remote Security Vulnerabilities
2014-02-06
http://www.securityfocus.com/bid/57868

Tntnet CVE-2013-7299 Information Disclosure Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65025

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1481 Security Bypass Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65326

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64937

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2014-1487 Information Disclosure Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65330

Mozilla Firefox/SeaMonkey/Thunderbird Use-After-Free Remote Code Execution Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65334

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1482 Remote Code Execution Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65328

OpenStack Compute (Nova) CVE-2013-7130 Information Disclosure Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65106

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1479 Security Bypass Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65320

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-06
http://www.securityfocus.com/bid/65317

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64932

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64921

Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64907

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2013-5824 Remote Security Vulnerability
2014-02-06
http://www.securityfocus.com/bid/63139

TWiki and Foswiki 'MAKETEXT' Variable Multiple Security Vulnerabilities
2014-02-06
http://www.securityfocus.com/bid/56950

Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65188

Pidgin 'asn_getUtf8()' Function Buffer Overflow Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65192

Pidgin 'process_chunked_data()' Function Heap Buffer Overflow Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65243

Mozilla Firefox/SeaMonkey CVE-2014-1488 Remote Code Execution Vulnerability
2014-02-06
http://www.securityfocus.com/bid/65321

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/63137

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/63101

Exploit

 

5.2.2014

Bugtraq

 

Malware

Generic PUP.x!973ACFE031E7

RDN/Generic PUP.x!br3!49FAA2AAF4F2

RDN/Generic PUP.x!br3!43E724E3BE1B

Generic PUP.x!CDAECF7B37D3

RDN/Generic.bfr!855E323E8ABE

Downloader.gen.a!4416CE93C50E

RDN/Generic PUP.x!br3!D70DC41C685E

Generic PUP.x!9FF03194A815

Generic PUP.x!F5670026AB3F

RDN/Generic.dx!C2984B8C3EFE

Generic PUP.x!3D539FAE85B1

Generic PUP.x!A48C76007E63

Generic PUP.x!3D3E19C74F89

Generic PUP.x!4B1622A6853C

Generic PUP.x!B1E3C1FE05EB

Generic PUP.x!C8A4B687B514

RDN/Generic PUP.x!br3!46CEA7883887

Generic PUP.x!3D78D1759EB1

Generic PUP.x!1BA8A6075CA7

Generic PUP.x!013EB8BC746D

Generic PUP.x!BCAA8FA75150

RDN/Generic.dx!c2m!4CA2A200F976

Generic PUP.x!B0E7A8B3107C

Generic BackDoor!5F9E787E495B

Generic.dx!F8CF942C9EF4

Generic PUP.x!3DF1120EBF04

RDN/Generic PUP.x!br3!A4BE7A8384FD

RDN/Generic PUP.x!F179875EE41E

RDN/Generic PUP.x!br3!058490EE593D

RDN/Generic PUP.x!br3!264DCB3925BB

Phishing

 

Vulnerebility

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64920

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64919

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64907

Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64915

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2013-5907 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64894

Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64912

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64899

Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64875

Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64882

Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
2014-02-05
http://www.securityfocus.com/bid/65327

OpenLDAP 'rwm_conn_destroy' Denial of Service Vulnerability
2014-02-05
http://www.securityfocus.com/bid/63190

librsvg XML External Entities CVE-2013-1881 Information Disclosure Vulnerability
2014-02-05
http://www.securityfocus.com/bid/62714

Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64897

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1478 Multiple Memory Corruption Vulnerabilities
2014-02-05
http://www.securityfocus.com/bid/65324

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1477 Multiple Memory Corruption Vulnerabilities
2014-02-05
http://www.securityfocus.com/bid/65317

ImpressCMS Arbitrary File Access And Multiple Cross Site Scripting Vulnerabilities
2014-02-05
http://www.securityfocus.com/bid/65279

Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64873

Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64868

Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64885

Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64904

Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64895

Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64908

Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64864

Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64849

Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64893

Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
2014-02-05
http://www.securityfocus.com/bid/64888

Exploit

XnView 1.92.1 Command-Line Arguments Buffer Overflow Vulnerability

4.2.2014

Bugtraq

Security advisory, LedgerSMB 1.3.0-1.3.36 2014-02-03
Chris Travers (chris metatrontech com)

[SECURITY] [DSA 2851-1] drupal6 security update 2014-02-02
Salvatore Bonaccorso (carnil debian org)

Malware

Generic.bfr!90E58D92341B

W32/Expiro!B6289BE777E1

Generic PUP.x!B9563F4CA835

Generic PUP.x!F0EE6C6A43A6

Generic.bfr!E961C6A36ACE

Generic PUP.x!96A7A263161F

Generic PUP.x!B7183D448DDB

RDN/Spybot.bfr!EAF542C07A83

Generic.dx!2579FFEFC43A

RDN/Spybot.bfr!919E757CE3BD

Generic.bfr!4FCF516CC401

Generic PUP.x!3082F0B795EA

Generic.bfr!F795F6AD468A

Generic PUP.x!FDEA95E76230

Generic PUP.x!8D7F3B3056D3

Generic PUP.x!874FCAB3951A

Generic PUP.x!4CD72AEBCF62

Generic PUP.x!F74DE2665A8B

Generic PUP.x!7996DC8EEECD

Generic PUP.x!A61BF8ABC369

Generic PUP.x!674381C21C14

Generic PUP.x!091AD20AB7FD

Generic PUP.x!B7D5FF7631DA

Generic.bfr!ECDE07ED92BA

Generic PUP.x!08C91B555974

Generic PUP.x!ED1B2B97B2AB

Generic PUP.x!36980223966A

RDN/Generic.bfr!fv!768BFF70B00C

RDN/Generic.bfr!fv!18F60A2FDDE6

Generic PUP.x!1AFA92AA163A

Phishing

Halifax

3rd February 2014

SECURITY MESSAGE: READ
CAREFULLY

BARCLAYS

3rd February 2014

BARCLAYS - Processing your
billing information!

Amazon.com

2nd February 2014

Please Update your Amazon.com
Account

Vulnerebility

librsvg SVG Images Remote Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/49550

librsvg XML External Entities CVE-2013-1881 Information Disclosure Vulnerability
2014-02-04
http://www.securityfocus.com/bid/62714

OpenLDAP 'rwm_conn_destroy' Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/63190

Memcached verbose mode CVE-2013-7291 Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64989

Memcached 'items.c' Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64988

memcached Remote Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/59567

memcached Verbose Mode Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64978

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2014-02-04
http://www.securityfocus.com/bid/60634

Xen Use After Free Memory Corruption Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65097

Xen 'PHYSDEVOP_{prepare,release}_msix' Operations Local Privilege Escalation Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65125

Chrony cmdmon Protocol Amplification Remote Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65035

Multiple VMware Products CVE-2013-1406 Local Privilege Escalation Vulnerability
2014-02-04
http://www.securityfocus.com/bid/57867

Microsoft Windows Hyper-V CVE-2013-3898 Local Privilege Escalation Vulnerability
2014-02-04
http://www.securityfocus.com/bid/63562

Ruby Phusion Passenger 'server instance directory' Insecure Temporary File Creation Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65207

IBM SmartCloud Provisioning CVE-2013-5455 Security Bypass Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64143

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65270

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/61310

Libmicrohttpd Multiple Remote Security Vulnerabilities
2014-02-04
http://www.securityfocus.com/bid/64138

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-02-04
http://www.securityfocus.com/bid/65223

NVIDIA Graphics Driver GPU Access CVE-2013-5986 Local Privilege Escalation Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65208

NVIDIA Graphics Driver GPU Access Local Privilege Escalation Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64525

Pixman CVE-2013-6425 Remote Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64122

Xen CVE-2013-4494 Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/63494

Drupal Core Multiple Security Vulnerabilities
2014-02-04
http://www.securityfocus.com/bid/64973

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65258

NTP 'ntp_request.c' Remote Denial of Service Vulnerability
2014-02-04
http://www.securityfocus.com/bid/64692

Linux Kernel 'compat_sys_recvmmsg()' Function Remote Memory Corruption Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65255

Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
2014-02-04
http://www.securityfocus.com/bid/62706

Simple E-Document 'upload.php' Arbitrary File Upload Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65175

Joomla! Komento Unspecified Cross-Site Scripting Vulnerability
2014-02-04
http://www.securityfocus.com/bid/65173

Exploit

 

3.2.2014

Bugtraq

 

Malware

Generic PUP.x!AC58CB877C13

Generic PUP.x!158EA6028242

Generic PUP.x!7CB4362C821C

Generic PUP.x!D4FCCB823148

W32/Expiro!9BB6F99AF291

RDN/Generic PUP.x!47164F09FDDA

RDN/Spybot.bfr!DC67143A8FB4

Generic PUP.x!C2C39BAAC5E5

Generic.bfr!B499FA83368D

RDN/Spybot.bfr!74DFABE96F93

RDN/Generic PUP.x!brr!95BF9890B9E3

RDN/Spybot.bfr!B661281577C8

RDN/Generic PUP.x!brr!40DCD0E8A247

Generic PUP.x!F211B0C28CE9

Generic PUP.x!0802A2020AA6

Generic PUP.x!44A54D28BC60

Generic PUP.x!94B8E26ED931

RDN/Downloader.gen.a!C3DDF9C185BA

RDN/Spybot.bfr!AA3824DB3A2D

Generic PUP.x!BF1B93C8398B

Generic PUP.x!97894B7C15DA

Generic PUP.x!6362C3C0E597

Generic PUP.x!BF2794157D75

RDN/Generic.bfr!fu!DCAE0D7C51B2

Generic PUP.x!6F1B94CEEAE9

RDN/Generic PUP.x!brr!EDB81A90FFB7

Downloader.gen.a!C37FF467DC9F

Generic PUP.x!477731A9B3B5

Generic PUP.x!04DAE92DF0BC

Generic PUP.x!69E7F2C188A8

Phishing

Amazon.com

2nd February 2014

Please Update your Amazon.com
Account

RBS Bank

2nd February 2014

YOU HAVE 1 NEW SECURITY
MESSAGE FROM RBS CREDITCARD

Natwest

1st February 2014

Account will be closed in the
next 24 hours

NatWest

1st February 2014

YOU HAVE 1 NEW SECURITY
MESSAGE FROM NATWEST
CREDITCARD

Vulnerebility

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63147

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-3829 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63120

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63089

IBM Java CVE-2013-5457 Unspecified Arbitrary Code Execution Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63622

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63224

IBM Java CVE-2013-5375 Unspecified Security Bypass Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63621

IBM Java CVE-2013-4041 Unspecified Security Bypass Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63619

Linux Kernel 'compat_sys_recvmmsg()' Function Remote Memory Corruption Vulnerability
2014-02-03
http://www.securityfocus.com/bid/65255

Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
2014-02-03
http://www.securityfocus.com/bid/62706

Simple E-Document 'upload.php' Arbitrary File Upload Vulnerability
2014-02-03
http://www.securityfocus.com/bid/65175

Joomla! Komento Unspecified Cross-Site Scripting Vulnerability
2014-02-03
http://www.securityfocus.com/bid/65173

OpenStack Keystone LDAP Assignment Security Bypass Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63395

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63150

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63137

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63095

OpenStack Compute (Nova) Compressed 'qcow2' Disk Images Denial of Service Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63467

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63153

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63143

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2014-02-03
http://www.securityfocus.com/bid/63148

Exploit

  Linux 3.4+ Arbitrary write with CONFIG_X86_X32

  linux 3.4+ local root (CONFIG_X86_X32=y)

31.1.2014

Bugtraq

Ektron CMS Take Over - Hijacking Accounts 2014-01-30
Mark Litchfield (mark securatary com)

SimplyShare v1.4 iOS - Multiple Web Vulnerabilities 2014-01-29
Vulnerability Lab (research vulnerability-lab com)

Malware

W32/Relnek!AD7F51EB2C06

Generic.bfr!6CCEA8D78529

Generic PUP.x!186E1B88992E

Generic PUP.x!E7876A3EB817

Generic PUP.x!181AFE6957C5

Generic PUP.x!5BE2D3B4DB9E

Generic PUP.x!7423FB5121BE

Generic PUP.x!E52EC1C068C1

Generic.bfr!A749685028F3

W32/Expiro!ADE83FDD8A85

RDN/Generic PUP.x!br3!0335700E8271

Generic PUP.x!F440A722CB7C

Generic PUP.x!182B14ACC468

Generic.bfr!F439F6C36000

Generic PUP.x!17EBF4E57525

Generic PUP.x!73DCB99AEF38

Generic PUP.x!1F96D2CD89A2

Generic.bfr!17BAA166B355

Generic.bfr!5665C184D838

Dowloader-FEX!09ACB5D12BA5

Generic PUP.x!A054DDFA5014

Generic.bfr!676A6B2980EF

W32/Expiro!B07224AE1B87

Generic PUP.x!379B097BF495

Generic.bfr!D96F35CCD103

Generic PUP.x!475CA9B16C58

Generic.bfr!848E75C2553B

Generic PUP.x!71A538CE6949

Generic PUP.x!F543945817C4

Generic PUP.x!E4D6E58E2D9E

Phishing

MINT

30th January 2014

MINT ACCOUNT REVIEW
NOTIFICATION.

Lloyds Group

30th January 2014

LLOYDS BANK - ACCOUNT
REINSTATEMENT

Halifax

30th January 2014

Update and verify your online
Billing

NatWest Credit Card Online

30th January 2014

LATEST NATWEST CREDIT CARD
ACCOUNT STATEMEN

NatWest Credit Card Online

30th January 2014

LATEST NATWEST CREDIT CARD
ACCOUNT STATEMENT

Barclays

30th January 2014

Important Update

Vulnerebility

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64225

Pidgin CVE-2013-6486 Incomplete Fix Remote Code Execution Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65189

Cisco Identity Services Engine HTTP Control Interface for NAC Web Cross Site Scripting Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65227

Cisco Identity Services Engine Report Page HTML Injection Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65183

OTRS Customer Web Interface Cross Site Request Forgery Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65217

Oracle Multiple SPARC Products CVE-2012-3206 Local Security Vulnerability
2014-01-31
http://www.securityfocus.com/bid/56023

Ruby Phusion Passenger 'server instance directory' Insecure Temporary File Creation Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65207

ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/56817

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64801

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/61479

ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/57556

ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/58736

ISC BIND CVE-2013-3919 Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/60338

ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/55852

Simple E-Document 'upload.php' Arbitrary File Upload Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65175

Xen CVE-2013-4494 Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/63494

Cisco WebEx Meetings Server CVE-2014-0682 Security Bypass Vulnerability
2014-01-31
http://www.securityfocus.com/bid/65198

libvirt CVE-2014-1447 Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64945

libvirt 'virDomainBlockStats()' Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64723

HPLIP 'pkit.py' Insecure Temporary File Creation Vulnerability
2014-01-31
http://www.securityfocus.com/bid/63959

NVIDIA Graphics Driver GPU Access Local Privilege Escalation Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64525

HP Application Information Optimizer 'oasoa.exe' Remote Code Execution Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64557

WordPress 'press-this.php' Remote Security Bypass Vulnerability
2014-01-31
http://www.securityfocus.com/bid/47598

NTP 'ntp_request.c' Remote Denial of Service Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64692

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64922

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64944

Cisco RVS4000/WRVS4400N/WAP4410N Devices Test Interface Remote Privilege Escalation Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64776

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-01-31
http://www.securityfocus.com/bid/64937

Exploit

Linux 3.4+ recvmmsg x32 compat Proof of Concept

30.1.2014

Bugtraq

SiteCore XML Control Script Insertion 2014-01-29
Mark Litchfield (mark securatary com)

[slackware-security] mozilla-nss (SSA:2014-028-02) 2014-01-28
Slackware Security Team (security slackware com)

Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail 2014-01-28
Mark Litchfield (mark securatary com)

Malware

Generic PUP.x!6D0409CB0FD3

Generic PUP.x!77BAD7BC4570

Generic PUP.x!29335C111F2D

Generic PUP.x!044D6B5A0252

Generic PUP.x!D7BE021EC25F

Generic PUP.x!F61238EC7128

Generic PUP.x!74E3C9F04BD5

Generic PUP.x!65F3B5F0C92D

Generic PUP.x!2AF227E63E65

Generic PUP.x!2A0195267960

Generic PUP.x!150E8FFEE83B

Generic PUP.x!D6BA17170D63

Generic PUP.x!C59115D3693E

Generic PUP.x!952878653E9D

Generic PUP.x!FD3E45BB3D3D

Generic PUP.x!5207F2842F14

Generic PUP.x!9497EB4F012F

Generic PUP.x!53729D638488

Generic PUP.x!0E45A8C96D7F

Generic PUP.x!8FADA4685985

Generic PUP.x!36BF7AD8D48E

Generic PUP.x!8A14C413B2A5

Generic PUP.x!04707068422D

Generic PUP.x!8C0E149F881C

Generic PUP.x!8620497265C4

Generic PUP.x!F6779CCC9846

Generic PUP.x!41AACDB43DF2

Generic PUP.x!047A82ECF667

Generic PUP.x!297D00A85D3F

Generic PUP.x!25B93F0719AA

Phishing

American Express

29th January 2014

AMERICAN EXPRESS SECURITY
NOTIFICATION

Chase

29th January 2014

Chase Online Banking
Notification

PayPal

29th January 2014

Important Information about
your PayPal account

Barclays Bank

29th January 2014

Your Barclays Account is
Suspended

Vulnerebility

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64801

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/61479

ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/57556

ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/58736

ISC BIND CVE-2013-3919 Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/60338

ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/55852

Simple E-Document 'upload.php' Arbitrary File Upload Vulnerability
2014-01-30
http://www.securityfocus.com/bid/65175

Xen CVE-2013-4494 Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/63494

Cisco WebEx Meetings Server CVE-2014-0682 Security Bypass Vulnerability
2014-01-30
http://www.securityfocus.com/bid/65198

libvirt CVE-2014-1447 Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64945

libvirt 'virDomainBlockStats()' Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64723

HPLIP 'pkit.py' Insecure Temporary File Creation Vulnerability
2014-01-30
http://www.securityfocus.com/bid/63959

NVIDIA Graphics Driver GPU Access Local Privilege Escalation Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64525

HP Application Information Optimizer 'oasoa.exe' Remote Code Execution Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64557

WordPress 'press-this.php' Remote Security Bypass Vulnerability
2014-01-30
http://www.securityfocus.com/bid/47598

NTP 'ntp_request.c' Remote Denial of Service Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64692

Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64924

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64922

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64944

Cisco RVS4000/WRVS4400N/WAP4410N Devices Test Interface Remote Privilege Escalation Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64776

Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64935

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64933

Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64927

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64921

Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64930

Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64914

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64926

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64918

Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
2014-01-30
http://www.securityfocus.com/bid/64907

Exploit

  Oracle Forms and Reports 11.1 - Remote Exploit

  Simple E-Document Arbitrary File Upload

  SimplyShare 1.4 iOS - Multiple Vulnerabilities

  A10 Networks Loadbalancer - Directory Traversal

  ManageEngine Support Center Plus 7916 - Directory Traversal

   pfSense 2.1 build 20130911-1816 - Directory Traversal

29.1.2014

Bugtraq

Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability 2014-01-27
Vulnerability Lab (research vulnerability-lab com)

DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 2014-01-27
Major Malfunction (majormal pirate-radio org)

Multiple Vulnerabilities in Eventum 2014-01-27
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic.bfr!344E80BF1B50

RDN/Generic PUP.x!brm!AD5398408013

Generic PUP.x!4C66AAB80C9F

W32/Expiro!20E458313ED4

Generic.bfr!11A530D8AB38

Generic PUP.x!38C14DE2C403

W32/Expiro!0B632754088A

Generic.bfr!BECEE78D4777

W32/Expiro!FADFC1410EFC

Generic PUP.x!8BF133BF8755

Generic.bfr!FDCED4A13A64

Generic PUP.x!2EFFD8E93004

Generic PUP.x!8990AEF55740

Generic PUP.x!8A19C8675CA8

Generic PUP.x!AB2C3C85BF81

Generic PUP.x!CE91909F3010

Generic PUP.x!AD706008CAD2

Generic PUP.x!5070F15E0A82

Generic PUP.x!1BEAA7F01AE6

RDN/Downloader.a!oy!5EDBCE39BAF0

Generic PUP.x!F3C7F1ADA158

RDN/Generic PUP.x!brm!5A3C6351204E

Generic PUP.x!DF0CFBBAC5E0

Generic PUP.x!BA2CF4F2478F

Generic PUP.x!A8FB2C29F0EC

Generic PUP.x!6FA19C9D322E

Generic PUP.x!20BC0519D4AB

Generic PUP.x!3F15A0CA7796

Generic.bfr!A50E693128F7

Generic PUP.x!189D2969E129

Phishing

Chase

28th January 2014

New Message From Chase Online
(SM)

RBS

28th January 2014

YOUR RBS CARD IMPORTANT
NOTIFICATION.

NATWEST

28th January 2014

NATWEST CREDIT CARD ONLINE
SERVICES

RBS

28th January 2014

YOUR LATEST STATEMENT FOR
ACCOUNT ENDING 952 IS READY
FOR YOU ONLINE NOW

PayPal

28th January 2014

Account Notification

Vulnerebility

libvirt CVE-2014-1447 Denial of Service Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64945

libvirt 'virDomainBlockStats()' Denial of Service Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64723

Linux Kernel 'net_ctl_permissions()' Function Local Security Bypass Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64471

Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64111

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2014-01-29
http://www.securityfocus.com/bid/63886

Linux Kernel 'perf_trace_event_perm()' Function Local Security Bypass Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64318

Linux Kernel CVE-2013-4470 Multiple Local Memory Corruption Vulnerabilities
2014-01-29
http://www.securityfocus.com/bid/63359

Linux Kernel CVE-2013-6431 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64137

Linux Kernel AACRAID Driver Compat IOCTL Local Security Bypass Vulnerability
2014-01-29
http://www.securityfocus.com/bid/63888

Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59165

Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/64922

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/63153

Oracle Java SE CVE-2013-5789 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/63156

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-2400 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/60621

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2430 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59243

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2422 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59228

Oracle Java SE CVE-2013-2414 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59234

Oracle Java SE CVE-2013-2433 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59220

Oracle Java SE CVE-2013-2415 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59212

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2014-01-29
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/56081

Oracle Java SE CVE-2013-2426 Multiple Remote Code Execution Vulnerabilities
2014-01-29
http://www.securityfocus.com/bid/59206

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59187

Oracle Java SE CVE-2013-2425 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59191

Oracle Java SE CVE-2013-2429 Remote Java Runtime Environment Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59184

Oracle Java SE CVE-2013-2428 Remote Code Execution Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59175

Oracle Java SE CVE-2013-2420 Integer Overflow Vulnerability
2014-01-29
http://www.securityfocus.com/bid/59167

Exploit

 

28.1.2014

Bugtraq

 

Malware

RDN/Downloader.a!oy!AC08A9F4C29E

Generic PUP.x!1E3D0DA0E39A

Generic.bfr!045F826DACAB

Generic.bfr!0A8249690995

Generic.bfr!1599AFD60537

RDN/Generic BackDoor!A95389472155

Generic PUP.x!F8F657F2BF6D

Generic PUP.x!C1A2E45D4276

Generic PUP.x!CC862D3B8521

W32/Expiro!27CEE36B8457

Generic PUP.x!BD2F8B363A61

RDN/Downloader.a!oy!49BC767AED90

RDN/Generic.dx!c2d!D1C874703CED

W32/Sdbot.worm!A791ABA045DF

Generic.bfr!4B02F8FA4646

Generic PUP.x!8AE4D2780616

Generic.bfr!623E945441EA

RDN/Generic PUP.x!brk!54F393CA274B

Generic PUP.x!1606B7EB88C3

Generic PUP.x!9001D9284D1B

RDN/Generic PUP.x!brk!E2DD8ACF01D1

Adware-FDI!B7BD8FCD0265!B7BD8FCD0265

RDN/Generic PUP.x!8A7CA4C7372E

Generic PUP.x!415FD088C9C6

Generic.bfr!8F1C8E778185

Generic.bfr!D8DE28BFB8ED

Generic.bfr!95B6D166EFD6

Generic PUP.x!54CF97A0B720

Generic PUP.x!56F9E1AC6788

Generic PUP.x!5AFF340B19BC

Phishing

PayPal

28th January 2014

Account Notification

PayPal

27th January 2014

*** CACTUS *** Your account
status has changed!

Natwest Bank Plc

27th January 2014

SECURITY ALERT (SECURE YOUR
ONLINE CREDIT CARD ACCESS)

service@paypal.co.uk

27th January 2014

Your Account PayPal Has Been
Limited !

Vulnerebility

WordPress Pretty Photo Plugin 'hashrel' Paramater Cross Site Scripting Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63839

Augeas Multiple Insecure Temporary File Creation Vulnerabilities
2014-01-28
http://www.securityfocus.com/bid/63861

HPLIP 'pkit.py' Insecure Temporary File Creation Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63959

HPLIP CVE-2013-6427 Insecure Auto Update Feature Man in The Middle Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64131

Oracle Outside In Technology CVE-2013-5791 Stack Buffer Overflow Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63076

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63101

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63224

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63118

Microsoft Bing for Android Unspecified Arbitrary Code Execution Vulnerability
2014-01-28
http://www.securityfocus.com/bid/65128

Dell Kace 1000 Systems Management Appliance DS-2014-001 Multiple SQL Injection Vulnerabilities
2014-01-28
http://www.securityfocus.com/bid/65029

Multiple Generel Electric Products 'gefebt.exe' Shell Upload Vulnerability
2014-01-28
http://www.securityfocus.com/bid/65124

CS-Cart Multiple Cross Site Scripting Vulnerabilities
2014-01-28
http://www.securityfocus.com/bid/65115

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-01-28
http://www.securityfocus.com/bid/61310

GitLab HTML Injection Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64490

IBM Sterling B2B Integrator and IBM Sterling File Gateway CVE-2013-5409 SQL-Injection Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64442

IBM Sterling B2B Integrator and Sterling File Gateway Unspecified Cross Site Scripting Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64443

IBM Sterling B2B Integrator and Sterling File Gateway CVE-2013-5413 Security Bypass Vulnerabilty
2014-01-28
http://www.securityfocus.com/bid/64448

IBM Sterling B2B Integrator and Sterling File Gateway Unspecified Frame Injection Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64449

IBM Sterling B2B Integrator and Sterling File Gateway CVE-2013-5411 Link Injection Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64447

IBM Sterling B2B Integrator and Sterling File Gateway Cross Site Scripting Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64446

Oracle Outside In Technology CVE-2013-5763 Stack Buffer Overflow Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63741

WordPress Newsletter Manager Plugin Multiple Cross Site Scripting Vulnerabilities
2014-01-28
http://www.securityfocus.com/bid/53523

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2014-01-28
http://www.securityfocus.com/bid/63115

Media Library Categories Multiple Cross Site Scripting Vulnerabilities
2014-01-28
http://www.securityfocus.com/bid/53524

WordPress Soundcloud Is Gold 'width' Parameter Cross Site Scripting Vulnerability
2014-01-28
http://www.securityfocus.com/bid/53537

Emerson Network Power Avocent MergePoint Unity 2016 KVM Directory Traversal Vulnerability
2014-01-28
http://www.securityfocus.com/bid/65105

Cisco TelePresence System Arbitrary Command Execution Vulnerability
2014-01-28
http://www.securityfocus.com/bid/65071

CPAN 'Proc::Daemon' Module Insecure File Permissions Vulnerability
2014-01-28
http://www.securityfocus.com/bid/64372

Exploit

 

27.1.2014

Bugtraq

 

Malware

Generic PUP.x!6AE4423081B1

Generic PUP.x!85E911031511

RDN/Spybot.bfr!l!BD7D4E092BB0

Generic.bfr!627057A6267F

Generic PUP.x!BDACB46BC263

RDN/Generic PUP.x!2DFA591E16C1

Adware-DomaIQ!7DC6AC9A22CF!7DC6AC9A22CF

RDN/Generic.dx!2B07199D0153

Generic PUP.x!76414AE6C97D

Generic PUP.x!C83600C82870

Generic PUP.x!2D33BC265D1A

Adware-DomaIQ!F287AC4D253B!F287AC4D253B

RDN/Ransom!ea!B1E7ABA36A01

Generic PUP.x!3E5C3A47D034

Generic.bfr!B25DDFD38762

Generic PUP.x!B2A29854239F

Generic PUP.x!09EA90A70171

RDN/Generic PUP.x!1E73BAA774C0

Generic PUP.x!BBB97AF8D165

Adware-DomaIQ!5CDFD0D91100!5CDFD0D91100

Generic.bfr!354B7DA27B5E

Generic PUP.x!7393AE297ECE

Adware-DomaIQ!8F21208F4DFE!8F21208F4DFE

Generic PUP.x!4FC1B186BC4B

Adware-DomaIQ!BADBAB0C488D!BADBAB0C488D

Generic PUP.x!80B59DC20BCD

Generic PUP.x!B011DABAF433

Generic PUP.x!FD72D12C8679

Generic PUP.x!97697AEFF25F

Generic.bfr!D87EFCF365A3

Phishing

service@paypal.co.uk

26th January 2014

YOU HAVE CHANGED YOUR PAYPAL
EMAIL ADDRESS

PayPal

26th January 2014

WE NOTICED AN ISSUE WITH YOUR
ACCOUNT

NATWEST PLC

26th January 2014

Important information
regarding internet banking

NatWest Bank

26th January 2014

NatWest Account Notice!

RBS

26th January 2014

Your RBS Card Important
Notification.

Natwest

26th January 2014

SECURITY MESSAGE: READ
CAREFULLY.

RBS

26th January 2014

RE-CONFIRM YOUR RBS CARD
MEMBERSHIP

NatWest Bank

25th January 2014

Your NatWest account will be
suspended

Bank of America

25th January 2014

Bank of America Alert: Sign-in
to Online Banking Locked

Vulnerebility

Linux Kernel 'x25_parse_facilities()' Remote Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/44642

Linux Kernel 'IFF_TX_SKB_SHARING' Local Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/50756

Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/49303

Linux Kernel 'net/ieee802154/dgram.c' Local Information Disclosure Vulnerability
2014-01-27
http://www.securityfocus.com/bid/64747

Linux Kernel iptables '--syn' Rules Security Bypass Vulnerability
2014-01-27
http://www.securityfocus.com/bid/53733

Linux Kernel '/proc/interrupts' Password Length Local Information Disclosure Weakness
2014-01-27
http://www.securityfocus.com/bid/50573

Oracle Java SE CVE-2013-5848 Remote Security Vulnerability
2014-01-27
http://www.securityfocus.com/bid/63124

Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
2014-01-27
http://www.securityfocus.com/bid/45058

Oracle Java SE CVE-2013-5812 Remote Security Vulnerability
2014-01-27
http://www.securityfocus.com/bid/63126

HP Performance Insight Multiple Unspecified Security Vulnerabilities
2014-01-27
http://www.securityfocus.com/bid/53415

Linux Kernel CIFS NULL Pointer Dereference Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/59064

Oracle Java SE CVE-2013-2439 Remote Java Runtime Environment Vulnerability
2014-01-27
http://www.securityfocus.com/bid/59178

QEMU KVM 'virtio-blk' Driver Local Privilege Escalation Vulnerability
2014-01-27
http://www.securityfocus.com/bid/47546

Oracle Java SE CVE-2013-5818 Remote Security Vulnerability
2014-01-27
http://www.securityfocus.com/bid/63157

Linux Kernel 'apparmor_setprocattr()' Local Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/50172

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2014-01-27
http://www.securityfocus.com/bid/60619

Linux Kernel CVE-2013-4470 Multiple Local Memory Corruption Vulnerabilities
2014-01-27
http://www.securityfocus.com/bid/63359

Oracle Java SE and Java for Business CVE-2010-3570 Remote Deployment Toolkit Vulnerability
2014-01-27
http://www.securityfocus.com/bid/44020

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2014-01-27
http://www.securityfocus.com/bid/60650

Linux Kernel 'SG_IO IOCTL' SCSI Request Local Privilege Escalation Vulnerability
2014-01-27
http://www.securityfocus.com/bid/51176

HP Network Node Manager i CVE-2012-3275 Remote Unspecified Unauthorized Access Vulnerability
2014-01-27
http://www.securityfocus.com/bid/56822

Oracle Java SE and Java for Business CVE-2010-3556 Remote 2D Vulnerability
2014-01-27
http://www.securityfocus.com/bid/43971

RETIRED: HP Printers and HP Digital Sender Firmware Update Remote Code Execution Vulnerability
2014-01-27
http://www.securityfocus.com/bid/51324

Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/50322

ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/50690

Linux Kernel 'irda_bind()' Null Pointer Dereference Vulnerability
2014-01-27
http://www.securityfocus.com/bid/42900

Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability
2014-01-27
http://www.securityfocus.com/bid/58311

Linux Kernel Rose Protocol 'srose_ndigis' Heap Memory Corruption Vulnerability
2014-01-27
http://www.securityfocus.com/bid/43368

Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
2014-01-27
http://www.securityfocus.com/bid/46630

Oracle Java SE CVE-2013-5777 Remote Security Vulnerability
2014-01-27
http://www.securityfocus.com/bid/63140

Exploit

  Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)

  Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC

  Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass

25.1.2014

Bugtraq

Security Vulnerabilities in Apache Cordova / PhoneGap 2014-01-24
mgeorgiev utexas edu

[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) 2014-01-24
nullcon (nullcon nullcon net)

[CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android) 2014-01-24
cjlacayo gmail com

Malware

RDN/Generic PWS.y!BA8B495DA9F8

Generic.bfr!9E1764E7D22C

Generic PUP.x!36649F93DABA

Generic PUP.x!50419017E7B6

Generic PUP.x!FE238B7C19AA

Generic PUP.x!B34E098A17AA

Generic BackDoor!AB6139FA6523

Generic PUP.x!168F78F0178D

Generic.bfr!DF776E9DFAA0

Generic PUP.x!BE00272BD4AD

Generic PUP.x!257A23600F61

Generic PUP.x!4677D81A38D5

Generic PUP.x!895E707AC080

Generic PUP.x!82241E34E53B

Generic PUP.x!F880BE71BEFB

Adware-FFN!6A0003461B4B!6A0003461B4B

Generic.bfr!6C77E1806D9A

RDN/Generic.bfr!fs!AE054DC761F0

RDN/Generic Dropper!tn!43962F8DEA71

Generic.bfr!00F1B9312028

Generic PUP.x!BF0DBF080D74

RDN/Generic PUP.x!br3!8FF51606EC9A

Generic.bfr!8A476C0A8EF7

Generic PUP.x!6CC44EC0729F

Generic Downloader.x!6C0328DC3C32

Generic.bfr!F9123C673DF5

Generic PUP.x!781CED597B5F

Generic.bfr!CA6B76D9FD7A

Generic PUP.x!119A689EA497

Generic.bfr!2DC58CB145C3

Phishing

Bank of America

25th January 2014

Bank of America Alert: Sign-in
to Online Banking Locked

Natwest

24th January 2014

Message From NatWest Credit
Card Secuity System

NatWest

24th January 2014

WE DETECT AN ERROR WITH YOUR
ACCOUNT.

Vulnerebility

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2014-01-25
http://www.securityfocus.com/bid/60631

Linux Kernel 'agp_ioctl()' Local Privilege Escalation Vulnerability
2014-01-25
http://www.securityfocus.com/bid/47843

Linux Kernel DRM 'drivers/gpu/drm/crm_crtc.c' IOCTL Local Privilege Escalation Vulnerability
2014-01-25
http://www.securityfocus.com/bid/51371

Oracle Java SE CVE-2013-2461 Remote Security Vulnerability
2014-01-25
http://www.securityfocus.com/bid/60645

Linux Kernel 'nfs-utils' Remote Unauthorized Access Vulnerability
2014-01-25
http://www.securityfocus.com/bid/48465

Oracle Java SE and Java for Business CVE-2010-3567 Remote 2D Vulnerability
2014-01-25
http://www.securityfocus.com/bid/43992

Oracle Java SE CVE-2013-1569 Stack Buffer Overflow Vulnerability
2014-01-25
http://www.securityfocus.com/bid/59166

Linux Kernel 'drivers/scsi/bfa/bfa_core.c' Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/45262

Linux Kernel Headroom Check 'udp6_ufo_fragment()' Remote Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/50751

Linux Kernel 'agp_ioctl()' Local Privilege Escalation Vulnerability
2014-01-25
http://www.securityfocus.com/bid/47534

Linux Kernel 'drivers/media/radio/si4713-i2c.c' Remote Buffer Overflow Vulnerability
2014-01-25
http://www.securityfocus.com/bid/48804

Linux Kernel CVE-2013-3236 Local Information Disclosure Vulnerability
2014-01-25
http://www.securityfocus.com/bid/59391

Oracle Java SE and Java for Business CVE-2010-3565 JPEGImageWriter.writeImage Vulnerability
2014-01-25
http://www.securityfocus.com/bid/43985

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2014-01-25
http://www.securityfocus.com/bid/63121

Linux Kernel 'PKT_CTRL_CMD_STATUS' Invalid Pointer Dereference Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/43551

Linux Kernel 'net/ipx/af_ipx.c' Local Information Disclosure Vulnerability
2014-01-25
http://www.securityfocus.com/bid/64741

Linux Kernel '/proc/PID/io' Local Information Disclosure Vulnerability
2014-01-25
http://www.securityfocus.com/bid/49408

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-01-25
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2014-01-25
http://www.securityfocus.com/bid/60640

Linux Kernel CVE-2013-0313 NULL Pointer Dereference Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/58071

Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/44301

Linux Kernel 'drivers/isdn/mISDN/socket.c' Local Information Disclosure Vulnerability
2014-01-25
http://www.securityfocus.com/bid/64743

Linux Kernel Alpha Specific Commands Memory Corruption and Information Disclosure Vulnerabilities
2014-01-25
http://www.securityfocus.com/bid/48254

Oracle Java SE and Java for Business CVE-2010-3553 Remote Swing Vulnerability
2014-01-25
http://www.securityfocus.com/bid/44035

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2014-01-25
http://www.securityfocus.com/bid/63128

Linux Kernel 'dns_key.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/46732

Linux Kernel Network Bridge NULL Pointer Dereference Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/50417

Linux Kernel 'i.MX' Clock Infrastructure Remote Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/55258

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2014-01-25
http://www.securityfocus.com/bid/60647

Linux Kernel 'l2tp_ip_sendmsg()' and 'pppol2tp_sendmsg()' Denial of Service Vulnerability
2014-01-25
http://www.securityfocus.com/bid/44762

Exploit

 

24.1.2014

Bugtraq

Cross-Site Scripting (XSS) in Komento Joomla Extension 2014-01-23
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in JV Comment Joomla Extension 2014-01-23
High-Tech Bridge Security Research (advisory htbridge com)

Reflected cross-site scripting (XSS) vulnerability in Mediatrix Web Management Interface login page 2014-01-23
tudor enache helpag com

Malware

Generic PUP.x!FB1F5220F4C7

Generic PUP.x!AD88769E6CE7

Generic PUP.x!21E103B290C5

Generic PUP.x!975DEEBDF44B

Generic PUP.x!F269AA2FEA04

Generic PUP.x!95D500798758

Generic PUP.x!43C4FAB152A8

W32/Sdbot.worm!B8A5EC6329AA

Generic PUP.x!2C114D64DFB9

W32/Expiro!090B3B70E41B

Generic.bfr!7D629D8EF7E3

Generic PUP.x!80ACFEB29F44

Generic PUP.x!C576750AAB1B

Generic PUP.x!5A201BB4A327

Generic PUP.x!98542A0D01A0

Generic PUP.x!952DD5E71F5A

Generic PUP.x!E3731E5A05DF

Generic PUP.x!B57D9FBC11D7

Generic PUP.x!593AA8225B27

Generic PUP.x!D24C31DA58C9

Generic PUP.x!58A876CB7D6A

Generic PUP.x!92AFDECE8AC7

Generic PUP.x!4FFDB093E5AA

Generic PUP.x!A63EEEF9352A

Generic PUP.x!EBE47AFD8155

Generic.bfr!9481CCF0A6A0

Generic.bfr!E01B63D7CA76

RDN/Generic BackDoor!ws!E0580DD8BB98

Generic.bfr!B87F1FB2762D

Generic PUP.x!609CDA89DA8F

Phishing

NatWest Card

23rd January 2014

Account Schedule Maintenance !

NatWest

23rd January 2014

We Detect An Error With Your
Account.

Vulnerebility

DenyHosts 'regex.py' Remote Denial of Service Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64478

Cubic CMS Multiple Security Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/64660

WordPress WP Forum Server Plugin SQL Injection and Cross Site Scripting Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/53530

Hiox Guest Book 'add.php' Multiple Cross Site Scripting Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/64683

Cisco NX-OS Software TACACS+ Server Local Privilege Escalation Vulnerability
2014-01-24
http://www.securityfocus.com/bid/65083

OpenStack Heat ReST API Validation Privilage Escalation Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64257

OpenStack Heat CFN Policy CVE-2013-6426 Security Bypass Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64243

Command School Student Management System Multiple Security Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/64707

UAEPD Shopping Cart Script Multiple SQL Injection Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/64734

Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/61189

b2ePMS 'verify_user.php' SQL Injection and Authentication Bypass Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/53505

Horde Kronolith Multiple Cross Site Scripting Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/53731

GetSimple CMS Multiple HTML Injection and Cross Site Scripting Vulnerabilities
2014-01-24
http://www.securityfocus.com/bid/53501

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/63151

Oracle Outside In Technology CVE-2013-5791 Stack Buffer Overflow Vulnerability
2014-01-24
http://www.securityfocus.com/bid/63076

Joomla! JV Comment Extension 'id' Parameter SQL Injection Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64661

OpenStack Neutron and Nova CVE-2013-6419 Information Disclosure Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64250

XWork 'ParameterInterceptor' Class OGNL (CVE-2010-1870) Security Bypass Vulnerability
2014-01-24
http://www.securityfocus.com/bid/41592

OpenStack Keystone EC2-style Tokens Validation Privilage Escalation Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64253

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64944

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2014-01-24
http://www.securityfocus.com/bid/63802

Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64904

Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64896

Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64908

Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64898

Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64891

Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64888

Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64880

Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64877

Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
2014-01-24
http://www.securityfocus.com/bid/64849

Exploit

  NCH Software Express Burn Plus 4.68 (.EBP) Project File Buffer Overflow

  Daum Game 1.1.0.5 ActiveX (IconCreate Method) - Stack Buffer Overflow

  HP Data Protector Backup Client Service Directory Traversal

  Ammyy Admin 3.2 - Authentication Bypass

  MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow

  MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

  MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow

23.1.2014

Bugtraq

[ MDVSA-2014:020 ] x11-server 2014-01-22
security mandriva com

Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Generic PUP.x!7DCC5A5683AF

Generic PUP.x!3E5BD9B7B65A

RDN/Generic PUP.x!brh!3452C439CAAE

Generic PUP.x!334716DAE2C4

RDN/Generic PUP.x!3377C4FCFD19

Generic.bfr!C350BA135F8D

Generic.bfr!E481AD73D3D2

Generic.bfr!9124533533D1

Generic.bfr!06E61C34F2B0

Generic PUP.x!931B69DB713E

Generic PUP.x!3B37D28DC1FE

Generic PUP.x!C047EFE8D69A

Generic PUP.x!A127D9D3E19D

Generic PUP.x!82D1B32D7859

Generic.bfr!BDF5BCC1C644

Generic.bfr!332C7DD20CEA

RDN/Downloader.a!ox!204AA3243D16

Generic PUP.x!34620204317D

Generic PUP.x!BE85B509057C

Generic PUP.x!8344D925DA50

Generic PUP.x!DCF09820AD6F

Generic PUP.x!15D89C0172B0

Generic PUP.x!53B8161A2F86

Generic.bfr!BE416AAFC707

Generic PUP.x!7EE05A33D866

Generic PUP.x!F60BB2A632B3

Generic PUP.x!00F4DEC3433A

Generic PUP.x!36ECD6EDA172

Generic PUP.x!B6FA48188FBE

Generic.bfr!BEAC62E01B12

Phishing

 

Vulnerebility

VMware vCloud Director Cross Site Request Forgery Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/64993

Multiple VMWare Products Local Denial Of Service Vulnerability
2014-01-23
http://www.securityfocus.com/bid/64994

VMware ESXi and ESX NFC NULL Pointer Dereference Denial of Service Vulnerability
2014-01-23
http://www.securityfocus.com/bid/64995

Apple Mac OS X Text Tracks CVE-2013-1024 Remote Code Execution Vulnerability
2014-01-23
http://www.securityfocus.com/bid/60368

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/60254

Linux Kernel KVM 'apic_get_tmcct()' Function Denial of Service Vulnerability
2014-01-23
http://www.securityfocus.com/bid/64270

Linux Kernel CVE-2013-6368 Local Privilege Escalation Vulnerability
2014-01-23
http://www.securityfocus.com/bid/64291

Linux Kernel CVE-2013-4470 Multiple Local Memory Corruption Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/63359

Zabbix CVE-2013-6824 Remote Command Execution Vulnerability
2014-01-23
http://www.securityfocus.com/bid/64311

Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/55331

Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/54203

Google Chrome Prior to 23.0.1271.91 Multiple Security Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/56684

libxml2 CVE-2012-2807 Multiple Integer Overflow Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/54718

libxml2 Hash Collision Denial Of Service Vulnerability
2014-01-23
http://www.securityfocus.com/bid/52107

Google Chrome Prior to 19 Multiple Security Vulnerabilities
2014-01-23
http://www.securityfocus.com/bid/53540

WebKit CVE-2013-5128 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62569

WebKit CVE-2013-5127 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62568

Google Chrome Prior to 27.0.1453.93 CVE-2013-2842 Use-After-Free Remote Code Execution Vulnerability
2014-01-23
http://www.securityfocus.com/bid/60067

WebKit CVE-2013-5125 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62560

WebKit CVE-2013-5126 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62567

WebKit CVE-2013-1047 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62563

WebKit CVE-2013-1045 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62558

WebKit CVE-2013-1046 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62559

WebKit CVE-2013-1044 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62571

WebKit CVE-2013-1041 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62556

WebKit CVE-2013-1038 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62565

WebKit CVE-2013-1042 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62557

WebKit CVE-2013-1043 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62570

WebKit CVE-2013-1037 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62551

WebKit CVE-2013-1040 Unspecified Memory Corruption Vulnerability
2014-01-23
http://www.securityfocus.com/bid/62554

Exploit

  iTechClassifieds 3.03.057 - SQL Injection

  godontologico 5 - SQL Injection (0day)

  Simple e-document 1.31 - Login bypass

  PizzaInn_Project - SQL Injection

  mySeatXT 0.2134 - SQL Injection

  Easy POS System - SQL Injection (login.php)

  Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection

  Adult Webmaster PHP - Password Disclosure

22.1.2014

Bugtraq

[ MDVSA-2014:017 ] net-snmp 2014-01-22
security mandriva com

[ MDVSA-2014:016 ] spice 2014-01-22
security mandriva com

[ MDVSA-2014:015 ] cups 2014-01-22
security mandriva com

SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) 2014-01-22
SEC Consult Vulnerability Lab (research sec-consult com)

[FFRRA-20131213] Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 2014-01-22
research-feedback ffri jp

[ MDVSA-2014:014 ] php 2014-01-21
security mandriva com

[ MDVSA-2014:013 ] libxfont 2014-01-21
security mandriva com

[SECURITY] [DSA 2847-1] drupal7 security update 2014-01-20
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2014:012 ] nss 2014-01-20
security mandriva com

[ MDVSA-2014:011 ] java-1.7.0-openjdk 2014-01-20
security mandriva com

Secunia Research: OpenPNE PHP Object Injection Vulnerability 2014-01-20
Secunia Research (remove-vuln secunia com)

Malware

Generic PUP.x!B463B172F182

Generic PUP.x!B3F990F20234

RDN/Generic.bfr!fq!FF7991869860

Generic PUP.x!0C9261676A40

Generic PUP.x!A9A40EF593BC

Generic PUP.x!B023BAE9797C

Generic PUP.x!133D8BC96C17

Generic PUP.x!FD0A06D6BE4D

Generic PUP.x!558AA708B6FB

Generic PUP.x!B899CADB2455

Generic PUP.x!CAF0A68E9C57

Generic PUP.x!AF238503D913

Generic PUP.x!2AC9ABB8860C

Generic PUP.x!2DCB6FE1694D

Generic PUP.x!B471F916408E

Generic.bfr!92A6AE6A3EBA

Generic PUP.x!982E8C1E53A0

Generic PUP.x!9CA007295A67

Generic PUP.x!9D74EA03FA23

Generic PUP.x!7B2E86FBC055

Generic PUP.x!983BA72D7AD2

Generic.bfr!01B72F872C74

Generic.bfr!60297A90BB4A

Generic PUP.x!B048AF932CBA

Generic PUP.x!0C6807A1AD7D

Generic PUP.x!51C3334073FC

Generic PUP.x!873E19782A7F

Generic.bfr!AF85D05BF519

Generic PUP.x!65F9BFD8A05C

Generic PUP.x!B29208BCE2BA

Phishing

service@paypal.co.uk

21st January 2014

ONLINE ACCESS HAS BEEN
SUSPENDED

Barclays Bank

21st January 2014

You Have One Unread Message

Google Docs noreply@google.com

21st January 2014

ORIGINAL DOCUMENTS!!.....

 

Vulnerebility

Oracle Java SE CVE-2013-5789 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63156

Oracle Java SE CVE-2014-0418 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64917

Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64916

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63135

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2014-01-22
http://www.securityfocus.com/bid/62892

X.Org X Server CVE-2013-6424 Local Denial of Service Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64127

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63102

Juniper Networks ScreenOS CVE-2013-6958 Unspecified Denial of Service Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64260

Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64891

Oracle Java SE CVE-2013-5831 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63129

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-5832 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63158

IBM Java CVE-2013-5458 Unspecified Arbitrary Code Execution Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63620

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5818 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63157

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64921

Oracle Java SE and JavaFX CVE-2013-5870 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64929

HPLIP CVE-2013-6427 Insecure Auto Update Feature Man in The Middle Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64131

Net-SNMP SNMPD AgentX Subagent Timeout Denial of Service Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64048

Gnome GMIME_UUENCODE_LEN() Macro Buffer Overflow Vulnerability
2014-01-22
http://www.securityfocus.com/bid/38078

HPLIP 'pkit.py' Insecure Temporary File Creation Vulnerability
2014-01-22
http://www.securityfocus.com/bid/63959

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64919

Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64937

Oracle Java SE CVE-2014-0408 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64910

Oracle Java SE CVE-2013-5904 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64890

Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
2014-01-22
http://www.securityfocus.com/bid/64926

Exploit

 

21.1.2014

Bugtraq

 

Malware

RDN/Spybot.bfr!01845607536E

Generic PUP.x!755E0C8F87B5

Generic.bfr!4E68E2C90340

Generic.bfr!41740D36713E

Generic.bfr!C24795FC534D

Generic PUP.x!3C73BFAB70AD

Generic PUP.x!A292D658637E

Generic.bfr!7D3884CBEAC5

Generic.bfr!C7F8202D631B

RDN/Generic PUP.x!F6A3A4E0BBD7

Generic PUP.x!1865A2D81372

Generic PUP.x!5A7377252A5C

Generic PUP.x!D11CB2C12110

Generic PUP.x!8E05B2F74EFE

Generic.bfr!48F67FEADAA6

Generic.bfr!BEA2FB22065E

Generic PUP.x!5A60D62FF2D9

Generic PUP.x!7C189E51FB45

Generic PUP.x!164C52FDD6CF

Generic.bfr!9D849AD00DC5

Generic.bfr!70A4E884D945

Generic.bfr!B4F16DBDB39C

Generic PUP.x!D15ABA7360BB

Generic PUP.x!E9BA9409E615

Generic.bfr!B474AD1DEBEE

Generic.bfr!A5F4083B045A

Generic.bfr!AE884668A52D

Generic PUP.x!2020FE8323E7

Generic PUP.x!CDB5A6CF8411

Generic.bfr!F6EABA5F08B0

Phishing

 

Vulnerebility

HP Storage Data Protector Multiple Remote Code Execution Vulnerabilities
2014-01-21
http://www.securityfocus.com/bid/64647

RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities
2014-01-21
http://www.securityfocus.com/bid/64758

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-01-21
http://www.securityfocus.com/bid/64944

Moodle 'profile' Fields Multiple Cross Site Request Forgery Vulnerabilities
2014-01-21
http://www.securityfocus.com/bid/65021

Starbucks CVE-2014-0647 Information Disclosure Vulnerability
2014-01-21
http://www.securityfocus.com/bid/64942

IBM Tivoli Federated Identity Manager Business Gateway Security Bypass Vulnerability
2014-01-21
http://www.securityfocus.com/bid/64999

OpenSSL TLS Handshake Null Pointer Dereference Denial Of Service Vulnerability
2014-01-21
http://www.securityfocus.com/bid/64691

Cxxtools CVE-2013-7298 Infinite Loop Denial of Service Vulnerability
2014-01-21
http://www.securityfocus.com/bid/65020

Drupal Ubercart Module Session Fixation Vulnerability
2014-01-21
http://www.securityfocus.com/bid/64436

Drupal Anonymous Posting Module HTML Injection Vulnerability
2014-01-21
http://www.securityfocus.com/bid/64969

cURL/libcURL 'Curl_sasl_create_digest_md5_message()' Stack Buffer Overflow Vulnerability
2014-01-20
http://www.securityfocus.com/bid/57842

cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
2014-01-20
http://www.securityfocus.com/bid/59058

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64431

cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
2014-01-20
http://www.securityfocus.com/bid/60737

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64954

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64781

Drupal Entity API Module Multiple Access Bypass Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64729

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64801

RETIRED: Microsoft November 2013 Advance Notification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/63604

RETIRED: Microsoft December 2013 Advance Notification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64083

RETIRED: Adobe Reader and Acrobat APSB14-01 Prenotification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64763

RETIRED: Microsoft January 2014 Advance Notification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64757

Oracle VM VirtualBox CVE-2014-0407 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64913

Oracle VM VirtualBox CVE-2014-0405 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64900

Oracle VM VirtualBox CVE-2014-0406 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64905

Oracle VM VirtualBox CVE-2014-0404 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64911

Oracle VM VirtualBox CVE-2013-5892 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64909

Oracle Oracle VM Virtual Box CVE-2012-3221 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/56045

Plone 'in_portal.py' CVE-2013-4200 Session Hijacking Vulnerability
2014-01-20
http://www.securityfocus.com/bid/61964

Poppler 'JBIG2Stream::readSegments()' Method Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64636

Exploit

  MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()

  Doodle4Gift - Multiple Vulnerabilities

  AfterLogic Pro and Lite 7.1.1.1 - Stored XSS

  Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability

  BLUE COM Router 5360/52018 - Password Reset Exploit

20.1.2014

Bugtraq

 

Malware

Generic PUP.x!8509B16AC4DA

Generic PUP.x!886D34CF019E

ObfuscatedASX!hb!0F8C66629D8D!0F8C66629D8D

Generic PUP.x!01FA35524D3E

Adware-FFN!5347A9F3D929!5347A9F3D929

Generic.bfr!093F94A72FE0

RDN/Generic PUP.x!83AAF4C2F6D4

Generic PUP.x!5131F5306D92

Generic PUP.x!89941A66E3B4

Generic PUP.x!86614121DBD8

Generic PUP.x!67BA1C34CC88

RDN/Generic.dx!cxv!4BFD6DDB0F67

Generic PUP.x!2618C770AF33

Generic PUP.x!88EC6F996519

Generic PUP.x!E7C0C125F6A8

RDN/DNSChanger.bfr!1EA30796BD9A

Generic PUP.x!87FBBAF67D80

Generic PUP.x!6C5313536266

Generic PUP.x!E61A2ECFB2AF

Generic PUP.x!9EB2787C196F

Generic.bfr!26AFDEE6EDE7

RDN/Generic Downloader.x!17D96FC2B4AF

Generic PUP.x!1B76546139E4

RDN/Generic BackDoor!wq!D7DAACD9C373

Generic PUP.x!87EF2405D18C

Generic PUP.x!87A4FA471587

ObfuscatedASX!hb!0FF85F2C41B8!0FF85F2C41B8

Generic PUP.x!89FEB748AF86

PWSZbot-FON!0F76EC2115A5!0F76EC2115A5

Generic PUP.x!25722B752690

Phishing

ebilling@bt.com

20th January 2014

Important Information About
Your BT account (cell 13)

PayPal.com

20th January 2014

ACCOUNT VALIDATION

Bank of America Alert

20th January 2014

Bank of America Alert: Thats
New Required Verification
Process From Bank of America
Alert

Mint Credit card

19th January 2014

MINT.CO.UK - MINIMUM PAYMENT
DUE

Natwest

19th January 2014

Your NatWest Card Importante
Notification !

Tesco

19th January 2014

Tesco Credit Card

Google Drive

18th January 2014

IMPORTANT DOCUMENTS

Vulnerebility

cURL/libcURL 'Curl_sasl_create_digest_md5_message()' Stack Buffer Overflow Vulnerability
2014-01-20
http://www.securityfocus.com/bid/57842

cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
2014-01-20
http://www.securityfocus.com/bid/59058

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64431

cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
2014-01-20
http://www.securityfocus.com/bid/60737

Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64954

Linux Kernel 'fpu-internal.h' Local Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64781

Drupal Entity API Module Multiple Access Bypass Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64729

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64801

RETIRED: Microsoft November 2013 Advance Notification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/63604

RETIRED: Microsoft December 2013 Advance Notification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64083

RETIRED: Adobe Reader and Acrobat APSB14-01 Prenotification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64763

RETIRED: Microsoft January 2014 Advance Notification Multiple Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/64757

Oracle VM VirtualBox CVE-2014-0407 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64913

Oracle VM VirtualBox CVE-2014-0405 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64900

Oracle VM VirtualBox CVE-2014-0406 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64905

Oracle VM VirtualBox CVE-2014-0404 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64911

Oracle VM VirtualBox CVE-2013-5892 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64909

Oracle Oracle VM Virtual Box CVE-2012-3221 Local Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/56045

Plone 'in_portal.py' CVE-2013-4200 Session Hijacking Vulnerability
2014-01-20
http://www.securityfocus.com/bid/61964

Poppler 'JBIG2Stream::readSegments()' Method Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64636

gdomap Multiple Local Information Disclosure Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/40005

gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
2014-01-20
http://www.securityfocus.com/bid/40062

libexif Multiple Remote Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/54437

Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability
2014-01-20
http://www.securityfocus.com/bid/58311

Perl CVE-2012-5195 Heap-Based Memory Corruption Vulnerability
2014-01-20
http://www.securityfocus.com/bid/56287

Perl 'decode_xs()' and 'File::Glob::bsd_glob()' Remote Code Execution Vulnerabilities
2014-01-20
http://www.securityfocus.com/bid/49858

Openswan CVE-2013-2053 DNS TXT Record Buffer Overflow Vulnerability
2014-01-20
http://www.securityfocus.com/bid/59838

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64918

Cisco Secure Access Control System RMI Interface Authorization Bypass Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64983

Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
2014-01-20
http://www.securityfocus.com/bid/64932

Exploit

 

17.1.2014

Bugtraq

Open-Xchange Security Advisory 2014-01-17 2014-01-17
Martin Braun (martin braun open-xchange com)

[security bulletin] HPSBUX02961 SSRT101420 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2014-01-17
security-alert hp com

[ MDVSA-2014:004 ] nagios 2014-01-16
security mandriva com

[ MDVSA-2014:006 ] libxslt 2014-01-16
security mandriva com

[ MDVSA-2014:005 ] ejabberd 2014-01-16
security mandriva com

[ MDVSA-2014:003 ] nrpe 2014-01-16
security mandriva com

[ MDVSA-2014:002 ] bind 2014-01-16
security mandriva com

SQL Injection in Sexy Polling Joomla Extension 2014-01-16
High-Tech Bridge Security Research (advisory htbridge com)

[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL 2014-01-16
Hafez Kamal (aphesz hackinthebox org)

CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers 2014-01-16
Alexandre Herzog (alexandre herzog csnc ch)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System 2014-01-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] openssl (SSA:2014-013-02) 2014-01-14
Slackware Security Team (security slackware com)

Online OWASP Security Challenges 2014-01-15
Ivan Buetler (ivan buetler csnc ch)

[SECURITY] [DSA 2844-1] djvulibre security update 2014-01-15
Raphael Geissert (geissert debian org)

FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete 2014-01-14
Pivotal Security Team (security gopivotal com)

[CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application 2014-01-14
ali hussein helpag com

FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:04.bind 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:03.openssl 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2013-6430 Possible XSS when using Spring MVC 2014-01-14
Pivotal Security Team (security gopivotal com)

[slackware-security] libXfont (SSA:2014-013-01) 2014-01-14
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-013-04) 2014-01-14
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2014-013-03) 2014-01-14
Slackware Security Team (security slackware com)

[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application 2014-01-14
Daniel Wood (daniel wood owasp org)

[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-01-13
security-alert hp com

[SECURITY] [DSA 2843-1] graphviz security update 2014-01-13
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2842-1] libspring-java security update 2014-01-13
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:001 ] kernel 2014-01-13
security mandriva com

NETGEAR WNR1000v3 Password Recovery Vulnerability 2014-01-12
c1ph04mail gmail com

Malware

Generic PUP.x!2A33D3EB453C

Generic PUP.x!4BE668A899F3

Generic PUP.x!52D85A1A04C9

RDN/Generic.dx!cx3!D105C840469B

Generic.bfr!F01BD1D3CDEA

Generic.bfr!1C143D846EE7

Generic PUP.x!609AD050C20E

Generic.bfr!93568AD0DCAD

Generic PUP.x!24980CA029C6

Generic PUP.x!6BAD5DC85B03

Generic PUP.x!1E41299BF6C2

Generic PUP.x!378C14E44945

Generic PUP.x!C03843372EB8

Generic.dx!0ACB289832A8

Generic.bfr!15DC5F96AD53

Generic PWS.y!F81ECD6EDFA2

Generic PUP.x!69FB0C5E2576

RDN/Generic PUP.x!brd!AADC62FF9B93

RDN/Generic Dropper!tl!E3FD6EEA2646

Generic PUP.x!29799CD10DFD

Generic PUP.x!C6D8B34778AD

Generic PUP.x!F53437834FF7

Generic PUP.x!CABAB29710AE

Generic PUP.x!F6B486585543

Generic PUP.x!D3C407B21048

Generic PUP.x!6376D3A9D760

RDN/Generic Qhost!l!007C93968434

RDN/Generic.dx!cx3!38AD97469A9A

RDN/Generic PUP.x!brd!171A035EA516

Generic PUP.x!A5354B6452B1

Phishing

Citi Cards

17th January 2014

YOUR CITI CREDIT CARD
STATEMENT

Natwest

16th January 2014

NatWest Card Online Membership
Identification

NatWest ;

16th January 2014

NatWest Card Important
Maintenance.

Natwest

16th January 2014

Account Schedule Maintenance

Pay Pal

15th January 2014

NEW PAYMENT TO SKYPE !

Paypal

15th January 2014

Your Account Has Been Limited

eBilling@bt.com

15th January 2014

Important Information About
Your Service-Mail Update

Vodafone

15th January 2014

HMRC Notification - Tax refund
(HM Revenue FONT-SIZE:
10pt">After the last annual
calculations of your fiscal

Royal Bank of Scotland

15th January 2014

Account Schedule Maintenance

Apple

14th January 2014

ACCOUNT INFO CHANGES

Barclays Internet Banking

14th January 2014

BARCLAYS BANK - THIS MONTH'S
E-STATEMENT IS NOW AVAILABLE
TO VIEW ONLINE

Career

14th January 2014

Job Post: Customer Service
Representatives

Lloyds

14th January 2014

Important Update !

Vulnerebility

Oracle Siebel Core CVE-2014-0369 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64832

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0381 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64892

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0439 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64884

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0440 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64881

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0438 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64887

librsvg XML External Entities CVE-2013-1881 Information Disclosure Vulnerability
2014-01-17
http://www.securityfocus.com/bid/62714

Oracle Java SE CVE-2013-5895 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64906

Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64920

Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64919

Oracle PeopleSoft Enterprise SCM Services Procurement CVE-2014-0425 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64889

Oracle PeopleSoft Enterprise HRMS Human Resources CVE-2014-0388 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64878

MongoDB 'conn' Mongo Object Remote Code Execution Vulnerability
2014-01-17
http://www.securityfocus.com/bid/61309

OpenSSL DTLS Implementations Man in the Middle Multiple Security Bypass Vulnerabilities
2014-01-17
http://www.securityfocus.com/bid/64618

OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-01-17
http://www.securityfocus.com/bid/64118

OpenJPEG CVE-2013-1447 Multiple Denial Of Service Vulnerabilities
2014-01-17
http://www.securityfocus.com/bid/64142

OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities
2014-01-17
http://www.securityfocus.com/bid/64140

OpenJPEG CVE-2013-6045 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2014-01-17
http://www.securityfocus.com/bid/64109

OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities
2014-01-17
http://www.securityfocus.com/bid/64121

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0445 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64867

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0380 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64865

Oracle PeopleSoft Enterprise HRMS CVE-2014-0392 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64874

Oracle PeopleSoft Enterprise HRMS CVE-2013-5909 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64855

Oracle PeopleSoft Enterprise HRMS CVE-2013-5886 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64858

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0394 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64848

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0395 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64852

Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/56036

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0396 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64841

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0441 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64839

Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64899

Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0443 Remote Security Vulnerability
2014-01-17
http://www.securityfocus.com/bid/64844

Exploit

SoapUI 4.6.3 - Remote Code Execution

SerComm Device Remote Code Execution

vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

CCProxy 7.3 - Integer Overflow Exploit

haneWIN DNS Server 1.5.3 - Denial of Service