CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM) 2016-02-23
Alexandre Herzog (Alexandre Herzog csnc ch)

CSNC-2016-002 - Open Redirect in OpenAM 2016-02-23
Alexandre Herzog (Alexandre Herzog csnc ch)

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-23
Vulnerability Lab (research vulnerability-lab com)

Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability 2016-02-22
Vulnerability Lab (research vulnerability-lab com)

[SYSS-2015-063] OpenCms - Cross Site Scripting 2016-02-22
rainer boie syss de

Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities 2016-02-22
Vulnerability Lab (research vulnerability-lab com)

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-22
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] CVE-2015-5174 Apache Tomcat Limited Directory Traversal 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2016-0763 Apache Tomcat Security Manager Bypass 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2015-5345 Apache Tomcat Directory disclosure 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2015-5351 Apache Tomcat CSRF token leak 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2016-0714 Apache Tomcat Security Manager Bypass 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2016-0706 Apache Tomcat Security Manager bypass 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2015-5346 Apache Tomcat Session fixation 2016-02-22
Mark Thomas (markt apache org)

[SYSS-2015-063] OpenCms - Cross Site Scripting 2016-02-22
rainer boie syss de

Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities 2016-02-22
Vulnerability Lab (research vulnerability-lab com)

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-22
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] CVE-2015-5174 Apache Tomcat Limited Directory Traversal 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2016-0763 Apache Tomcat Security Manager Bypass 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2015-5345 Apache Tomcat Directory disclosure 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2015-5351 Apache Tomcat CSRF token leak 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2016-0714 Apache Tomcat Security Manager Bypass 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2016-0706 Apache Tomcat Security Manager bypass 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] CVE-2015-5346 Apache Tomcat Session fixation 2016-02-22
Mark Thomas (markt apache org)

[SECURITY] [DSA 3486-1] chromium-browser security update 2016-02-21
Michael Gilbert (mgilbert debian org)

[security bulletin] HPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware 7 and cURL, Remote Unauthorized Access 2016-02-20
security-alert hpe com

[SECURITY] [DSA 3485-1] didiwiki security update 2016-02-20
Sebastien Delafond (seb debian org)

Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 2016-02-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 2016-02-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBGN03547 rev.1 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution 2016-02-18
security-alert hpe com

[SECURITY] [DSA 3483-1] cpio security update 2016-02-19
Salvatore Bonaccorso (carnil debian org)

ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

Investors Application - Client Side Cross Site Scripting Vulnerability 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

Chamilo LMS - Persistent Cross Site Scripting Vulnerability 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability 2016-02-19
Vulnerability Lab (research vulnerability-lab com)

[SYSS-2015-056] Thru Managed File Transfer Portal 9.0.2 - SQL Injection 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-057] Thru Managed File Transfer Portal 9.0.2 - Cross-Site Scripting 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-059] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (CWE-932) 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-060] Thru Managed File Transfer Portal 9.0.2 - Improperly Implemented Security Check for Standard (CWE-358) 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-064] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (CWE-932) 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-062] ownCloud - Information Exposure Through Directory Listing (CWE-548) 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-055] Novell Filr - Cross-Site Scripting (CWE-79) 2016-02-19
erlijn vangenuchten syss de

[SYSS-2015-058] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (CWE-932) 2016-02-19
erlijn vangenuchten syss de

CVE-2015-7521: Apache Hive authorization bug disclosure (update) 2016-02-18
khorgath apache org (Sushanth Sowmyan)

[security bulletin] HPSBUX03437 SSRT110025 rev.1 - HP-UX IPFilter, Remote Denial of Service (DoS) 2016-02-17
security-alert hpe com

[SECURITY] [DSA 3482-1] libreoffice security update 2016-02-17
Sebastien Delafond (seb debian org)

SSO Authentication Bypass and Website Takeover in DOKEOS 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in webSPELL 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in TestLink 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in WeBid 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

RCE via CSRF in osCommerce 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in Osclass 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

RCE via CSRF in osCmax 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

Redaxo CMS contains multiple vulnerabilities 2016-02-16
LSE-Advisories (advisories lsexperts de)

CVE-2015-7521: Apache Hive authorization bug disclosure (update) 2016-02-18
khorgath apaAche org (Sushanth Sowmyan)

[security bulletin] HPSBUX03437 SSRT110025 rev.1 - HP-UX IPFilter, Remote Denial of Service (DoS) 2016-02-17
security-alert hpe com

[SECURITY] [DSA 3482-1] libreoffice security update 2016-02-17
Sebastien Delafond (seb debian org)

SSO Authentication Bypass and Website Takeover in DOKEOS 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in webSPELL 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in TestLink 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in WeBid 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

RCE via CSRF in osCommerce 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

SQL Injection in Osclass 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

RCE via CSRF in osCmax 2016-02-17
High-Tech Bridge Security Research (advisory htbridge ch)

Redaxo CMS contains multiple vulnerabilities 2016-02-16
LSE-Advisories (advisories lsexperts de)

[SECURITY] [DSA 3481-1] glibc security update 2016-02-16
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3480-1] eglibc security update 2016-02-16
Salvatore Bonaccorso (carnil debian org)

Redaxo CMS contains multiple vulnerabilities 2016-02-16
LSE-Advisories (advisories lsexperts de)

[SECURITY] [DSA 3481-1] glibc security update 2016-02-16
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3480-1] eglibc security update 2016-02-16
Salvatore Bonaccorso (carnil debian org)

Redaxo CMS contains multiple vulnerabilities 2016-02-16
LSE-Advisories (advisories lsexperts de)

[SECURITY] [DSA 3481-1] glibc security update 2016-02-16
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3480-1] eglibc security update 2016-02-16
Salvatore Bonaccorso (carnil debian org)

CSRF and XsS In Manage Engine oputils 2016-02-15
kingkaustubh me com

Privilege escalation Vulnerability in ManageEngine oputils 2016-02-15
kingkaustubh me com

Missing Function Level Access control Vulnerability in OPutils 2016-02-15
kingkaustubh me com

[SECURITY] [DSA 3478-1] libgcrypt11 security update 2016-02-15
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3479-1] graphite2 security update 2016-02-15
Moritz Muehlenhoff (jmm debian org)

CyberCop Scanner Smbgrind v5.5 Buffer Overflow 2016-02-16
hyp3rlinx lycos com

phpMyBackupPro v.2.5 Remote Command Execution / CSRF 2016-02-16
hyp3rlinx lycos com

phpMyBackupPro v.2.5 Arbitrary File Upload 2016-02-16
hyp3rlinx lycos com

phpMyBackupPro v.2.5 XSS 2016-02-16
hyp3rlinx lycos com

BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware 2016-02-15
Blue Frost Security Research Lab (research bluefrostsecurity de)

Xymon: Critical security issues in all versions prior to 4.3.25 2016-02-14
Xymon Software (henrik xymon com)

BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware 2016-02-15
Blue Frost Security Research Lab (research bluefrostsecurity de)

Xymon: Critical security issues in all versions prior to 4.3.25 2016-02-14
Xymon Software (henrik xymon com)

[SECURITY] [DSA 3477-1] iceweasel security update 2016-02-14
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3475-1] postgresql-9.1 security update 2016-02-13
Salvatore Bonaccorso (carnil debian org)

KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution 2016-02-12
KoreLogic Disclosures (disclosures korelogic com)

[SECURITY] [DSA 3476-1] postgresql-9.4 security update 2016-02-13
Salvatore Bonaccorso (carnil debian org)

[ERPSCAN-15-032] SAP PCo agent â?? DoS vulnerability 2016-02-12
ERPScan inc (erpscan online gmail com)

Xymon: Critical security issues in all versions prior to 4.3.25 2016-02-14
Xymon Software (henrik xymon com)

[SECURITY] [DSA 3477-1] iceweasel security update 2016-02-14
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3475-1] postgresql-9.1 security update 2016-02-13
Salvatore Bonaccorso (carnil debian org)

KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution 2016-02-12
KoreLogic Disclosures (disclosures korelogic com)

[SECURITY] [DSA 3476-1] postgresql-9.4 security update 2016-02-13
Salvatore Bonaccorso (carnil debian org)

[ERPSCAN-15-032] SAP PCo agent â?? DoS vulnerability 2016-02-12
ERPScan inc (erpscan online gmail com)

[ERPSCAN-15-031] SAP MII â?? Encryption Downgrade vulnerability 2016-02-12
ERPScan inc (erpscan online gmail com)

[SECURITY] [DSA 3474-1] libgcrypt20 security update 2016-02-12
Salvatore Bonaccorso (carnil debian org)

HD Video Player v2.5 iOS - Multiple Web Vulnerabilities 2016-02-12
Vulnerability Lab (research vulnerability-lab com)

HD Video Player v2.5 iOS - Multiple Web Vulnerabilities 2016-02-12
Vulnerability Lab (research vulnerability-lab com)

CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011) 2016-02-12
Berend-Jan Wever (berendjanwever gmail com)

[slackware-security] mozilla-firefox (SSA:2016-042-01) 2016-02-11
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3473-1] nginx security update 2016-02-11
Salvatore Bonaccorso (carnil debian org)

Re: [oss-security] HTTPS Only (Open Source, Python) 2016-02-11
P J P (ppandit redhat com)

Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities 2016-02-11
Securify B.V. (lists securify nl)

Duplicator Wordpress Plugin - Source Code And Database Dump Via CSRF Vulnerability 2016-02-10
Ratio Sec (ratiosec gmail com)

Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities 2016-02-10
Securify B.V. (lists securify nl)

MapsUpdateTask Task DLL side loading vulnerability 2016-02-10
Securify B.V. (lists securify nl)

BDA MPEG2 Transport Information Filter DLL side loading vulnerability 2016-02-10
Securify B.V. (lists securify nl)

NPS Datastore server DLL side loading vulnerability 2016-02-10
Securify B.V. (lists securify nl)

Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability 2016-02-10
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Remote Code Execution in Exponent 2016-02-10
High-Tech Bridge Security Research (advisory htbridge ch)

Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

Duplicator Wordpress Plugin - Source Code And Database Dump Via CSRF Vulnerability 2016-02-10
Ratio Sec (ratiosec gmail com)

Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities 2016-02-10
Securify B.V. (lists securify nl)

MapsUpdateTask Task DLL side loading vulnerability 2016-02-10
Securify B.V. (lists securify nl)

BDA MPEG2 Transport Information Filter DLL side loading vulnerability 2016-02-10
Securify B.V. (lists securify nl)

NPS Datastore server DLL side loading vulnerability 2016-02-10
Securify B.V. (lists securify nl)

Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability 2016-02-10
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Remote Code Execution in Exponent 2016-02-10
High-Tech Bridge Security Research (advisory htbridge ch)

Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

VP2016-001: Remote Command Execution in File Replication Pro 2016-02-10
Vantage Point Security (lists vantagepoint sg)

SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities 2016-02-10
SEC Consult Vulnerability Lab (research sec-consult com)

ManageEngine Eventlog Analyzer Privilege Escalation v10.8 2016-02-10
graphx sigaint org

dotDefender Firewall CSRF 2016-02-10
hyp3rlinx lycos com

Safebreach adsivory: Node.js HTTP Response Splitting (CVE-2016-2216) 2016-02-09
Amit Klein (aksecurity gmail com)

ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities 2016-02-09
Security Alert (Security_Alert emc com)

Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability 2016-02-10
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Remote Code Execution in Exponent 2016-02-10
High-Tech Bridge Security Research (advisory htbridge ch)

Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability 2016-02-10
Vulnerability Lab (research vulnerability-lab com)

VP2016-001: Remote Command Execution in File Replication Pro 2016-02-10
Vantage Point Security (lists vantagepoint sg)

SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities 2016-02-10
SEC Consult Vulnerability Lab (research sec-consult com)

ManageEngine Eventlog Analyzer Privilege Escalation v10.8 2016-02-10
graphx sigaint org

dotDefender Firewall CSRF 2016-02-10
hyp3rlinx lycos com

Safebreach adsivory: Node.js HTTP Response Splitting (CVE-2016-2216) 2016-02-09
Amit Klein (aksecurity gmail com)

ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities 2016-02-09
Security Alert (Security_Alert emc com)

Privilege escalation Vulnerability in ManageEngine Network Configuration Management 2016-02-09
kingkaustubh me com

[slackware-security] curl (SSA:2016-039-01) 2016-02-08
Slackware Security Team (security slackware com)

[slackware-security] libsndfile (SSA:2016-039-02) 2016-02-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3472-1] wordpress security update 2016-02-08
Salvatore Bonaccorso (carnil debian org)

Privilege escalation Vulnerability in ManageEngine Network Configuration Management 2016-02-09
kingkaustubh me com

[slackware-security] curl (SSA:2016-039-01) 2016-02-08
Slackware Security Team (security slackware com)

[slackware-security] libsndfile (SSA:2016-039-02) 2016-02-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3472-1] wordpress security update 2016-02-08
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3470-1] qemu-kvm security update 2016-02-08
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3469-1] qemu security update 2016-02-08
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3471-1] qemu security update 2016-02-08
Sebastien Delafond (seb debian org)

WordPress WP User Frontend Plugin [Unrestricted File Upload] 2016-02-08
Panagiotis Vagenas (pan vagenas gmail com)

WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation] 2016-02-08
Panagiotis Vagenas (pan vagenas gmail com)

PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Getdpd BB #4 - (name) Persistent Validation Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Getdpd BB #5 - Persistent Filename Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

WordPress WP User Frontend Plugin [Unrestricted File Upload] 2016-02-08
Panagiotis Vagenas (pan vagenas gmail com)

WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation] 2016-02-08
Panagiotis Vagenas (pan vagenas gmail com)

PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Getdpd BB #4 - (name) Persistent Validation Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Getdpd BB #5 - Persistent Filename Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability 2016-02-08
Vulnerability Lab (research vulnerability-lab com)

Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-Driver (ser2co64.sys) 2016-02-08
Ralf Spenneberg (info os-t de)

Symphony CMS multiple vulnerabilities 2016-02-08
Filippo Cavallarin (filippo cavallarin wearesegment com)

WordPress User Meta Manager Plugin [Information Disclosure] 2016-02-08
Panagiotis Vagenas (pan vagenas gmail com)

Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-02-07
Stefan Kanthak (stefan kanthak nexgo de)

CFP: SIN 2016 - 9th International Conference on Security of Information and Networks 2016-02-07
Hossain Shahriar (hshahria kennesaw edu)

[SECURITY] [DSA 3468-1] polarssl security update 2016-02-06
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3467-1] tiff security update 2016-02-06
Salvatore Bonaccorso (carnil debian org)

CVE-2015-3252: Apache CloudStack VNC authentication issue 2016-02-05
John Kinsella (jlk thrashyour com)

CVE-2015-3251: Apache CloudStack VM Credential Exposure 2016-02-05
John Kinsella (jlk thrashyour com)

[SECURITY] [DSA 3466-1] krb5 security update 2016-02-04
Salvatore Bonaccorso (carnil debian org)

WordPress User Meta Manager Plugin [Blind SQLI] 2016-02-04
pan vagenas gmail com

WordPress User Meta Manager Plugin [Privilege Escalation] 2016-02-04
pan vagenas gmail com

Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass 2016-02-04
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] mozilla-firefox (SSA:2016-034-01) 2016-02-04
Slackware Security Team (security slackware com)

[slackware-security] openssl (SSA:2016-034-03) 2016-02-04
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2016-034-04) 2016-02-04
Slackware Security Team (security slackware com)

[slackware-security] MPlayer (SSA:2016-034-02) 2016-02-04
Slackware Security Team (security slackware com)

AST-2016-002: File descriptor exhaustion in chan_sip 2016-02-04
Asterisk Security Team (security asterisk org)

AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data. 2016-02-04
Asterisk Security Team (security asterisk org)

AST-2016-001: BEAST vulnerability in HTTP server 2016-02-04
Asterisk Security Team (security asterisk org)

[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 2016-02-04
Pedro Ribeiro (pedrib gmail com)

Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability 2016-02-03
David Coomber (davidcoomber infosec gmail com)

WordPress User Meta Manager Plugin [Blind SQLI] 2016-02-04
pan vagenas gmail com

WordPress User Meta Manager Plugin [Privilege Escalation] 2016-02-04
pan vagenas gmail com

Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass 2016-02-04
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] mozilla-firefox (SSA:2016-034-01) 2016-02-04
Slackware Security Team (security slackware com)

[slackware-security] openssl (SSA:2016-034-03) 2016-02-04
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2016-034-04) 2016-02-04
Slackware Security Team (security slackware com)

[slackware-security] MPlayer (SSA:2016-034-02) 2016-02-04
Slackware Security Team (security slackware com)

AST-2016-002: File descriptor exhaustion in chan_sip 2016-02-04
Asterisk Security Team (security asterisk org)

AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data. 2016-02-04
Asterisk Security Team (security asterisk org)

AST-2016-001: BEAST vulnerability in HTTP server 2016-02-04
Asterisk Security Team (security asterisk org)

[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 2016-02-04
Pedro Ribeiro (pedrib gmail com)

Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability 2016-02-03
David Coomber (davidcoomber infosec gmail com)

Cisco Security Advisory: Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability 2016-02-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability 2016-02-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2016-02-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Security Advisories 2016-02-03
Portcullis Advisories (advisories portcullis-security com)

Soso Transfer v1.1 iOS - Denial of Service Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

SimpleView CRM - Client Side Open Redirect Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

Security Advisories 2016-02-03
Portcullis Advisories (advisories portcullis-security com)

Soso Transfer v1.1 iOS - Denial of Service Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

SimpleView CRM - Client Side Open Redirect Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability 2016-02-03
Vulnerability Lab (research vulnerability-lab com)

Mezzanine CMS 4.1.0 XSS 2016-02-03
hyp3rlinx lycos com

Mezzanine CMS 4.1.0 Arbitrary File Upload 2016-02-03
hyp3rlinx lycos com

ASUS RT-N56U Persistent XSS 2016-02-02
graphx sigaint org

TimeClock - Multiple SQL Injections 2016-02-02
marcelabx gmail com

[SECURITY] [DSA 3465-1] openjdk-6 security update 2016-02-02
Moritz Muehlenhoff (jmm debian org)

MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS 2016-02-02
Onur Yilmaz (onur netsparker com)

Re: VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability 2016-02-02
Phil Pearl (ppearl zimbra com)

WebKitGTK+ Security Advisory WSA-2016-0001 2016-02-01
Carlos Alberto Lopez Perez (clopez igalia com)

MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS 2016-02-02
Onur Yilmaz (onur netsparker com)

Re: VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability 2016-02-02
Phil Pearl (ppearl zimbra com)

WebKitGTK+ Security Advisory WSA-2016-0001 2016-02-01
Carlos Alberto Lopez Perez (clopez igalia com)

File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities 2016-02-01
Vulnerability Lab (research vulnerability-lab com)

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-02-01
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3461-1] freetype security update 2016-01-31
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3462-1] radicale security update 2016-01-30
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3463-1] prosody security update 2016-01-31
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3464-1] rails security update 2016-01-31
Moritz Muehlenhoff (jmm debian org)

eClinicalWorks (CCMR) - Multiple Vulnerabilities 2016-01-31
jerold v00d00sec com

File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities 2016-02-01
Vulnerability Lab (research vulnerability-lab com)

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-02-01
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3461-1] freetype security update 2016-01-31
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3462-1] radicale security update 2016-01-30
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3463-1] prosody security update 2016-01-31
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3464-1] rails security update 2016-01-31
Moritz Muehlenhoff (jmm debian org)

eClinicalWorks (CCMR) - Multiple Vulnerabilities 2016-01-31
jerold v00d00sec com

Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-01-30
Stefan Kanthak (stefan kanthak nexgo de)

WP-Comment-Rating XSS Vulnerability 2016-01-30
Rahul Pratap Singh (techno rps gmail com)

OpenXchange | Information Disclosure 2016-01-30
t schughart prosec-networks com

VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability 2016-01-30
t schughart prosec-networks com

[SECURITY] [DSA 3460-1] privoxy security update 2016-01-30
Sebastien Delafond (seb debian org)

CVE-2015-5344 - Apache Camel medium disclosure vulnerability 2016-01-30
Claus Ibsen (claus ibsen gmail com)

FreeBSD Security Advisory FreeBSD-SA-16:11.openssl 2016-01-30
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-16:11.openssl 2016-01-30
FreeBSD Security Advisories (security-advisories freebsd org)

[security bulletin] HPSBHF03419 rev.3 - HPE Networking Products, Remote Denial of Service (DoS), Unauthorized Access 2016-01-29
security-alert hpe com

Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network 2016-01-29
kingkaustubh me com

[security bulletin] HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Unauthorized Modification 2016-01-29
security-alert hpe com

ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation 2016-01-29
graphx sigaint org

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-01-29
Vulnerability Lab (research vulnerability-lab com)

ProjectSend multiple vulnerabilities 2016-01-29
Filippo Cavallarin (filippo cavallarin wearesegment com)

[security bulletin] HPSBHF03538 rev.1 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Remote Code Execution, Denial of Service (DoS) 2016-01-28
security-alert hpe com

[security bulletin] HPSBHF03535 rev.3 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Multiple Remote Vulnerabilities 2016-01-28
security-alert hpe com

CVE-2015-7521: Apache Hive authorization bug disclosure 2016-01-28
khorgath apache org (Sushanth Sowmyan)

[SECURITY] [DSA 3459-1] mysql-5.5 security update 2016-01-28
Salvatore Bonaccorso (carnil debian org)

New Era Company CMS - (id) SQL Injection Vulnerability 2016-01-28
Vulnerability Lab (research vulnerability-lab com)

Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability 2016-01-28
Vulnerability Lab (research vulnerability-lab com)

HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase 2016-01-28
Hacking Corporation Sàrl (releases hackingcorp ch)

[SECURITY] [DSA 3458-1] openjdk-7 security update 2016-01-27
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3457-1] iceweasel security update 2016-01-27
Moritz Muehlenhoff (jmm debian org)

Log2Space Central v 6.2 Multiple XSS Vulnerability 2016-01-27
Rahul Pratap Singh (techno rps gmail com)

[SECURITY] [DSA 3459-1] mysql-5.5 security update 2016-01-28
Salvatore Bonaccorso (carnil debian org)

New Era Company CMS - (id) SQL Injection Vulnerability 2016-01-28
Vulnerability Lab (research vulnerability-lab com)

Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability 2016-01-28
Vulnerability Lab (research vulnerability-lab com)

HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase 2016-01-28
Hacking Corporation Sàrl (releases hackingcorp ch)

[SECURITY] [DSA 3458-1] openjdk-7 security update 2016-01-27
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3457-1] iceweasel security update 2016-01-27
Moritz Muehlenhoff (jmm debian org)

Log2Space Central v 6.2 Multiple XSS Vulnerability 2016-01-27
Rahul Pratap Singh (techno rps gmail com)

Cisco Security Advisory: Cisco RV220 Management Authentication Bypass Vulnerability 2016-01-27
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Wide Area Application Service CIFS DoS Vulnerability 2016-01-27
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Netgear GS105Ev2 - Multiple Vulnerabilities 2016-01-27
benedikt westermann i-sec tuv com

los818 CMS 2016 Q1 - SQL Injection Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Kleefa v1.7 (IR) - Multiple Web Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

los818 CMS 2016 Q1 - SQL Injection Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Kleefa v1.7 (IR) - Multiple Web Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Classic Infomedia (Login) - Auth Bypass Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Telegram (API) - Cross Site Request Forgery Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Apple WatchOS v2.1 - Denial of Service Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)

BK Mobile CMS SQLi and XSS Vulnerability 2016-01-27
Rahul Pratap Singh (techno rps gmail com)

[SECURITY] [DSA 3456-1] chromium-browser security update 2016-01-27
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 3455-1] curl security update 2016-01-27
Alessandro Ghedini (ghedo debian org)

[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption 2016-01-27
ERPScan inc (erpscan online gmail com)

FreeBSD Security Advisory FreeBSD-SA-16:10.linux 2016-01-27
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-16:09.ntp 2016-01-27
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-16:08.bind 2016-01-27
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3454-1] virtualbox security update 2016-01-26
Moritz Muehlenhoff (jmm debian org)

WP-Ultimate CSV Importer XSS Vulnerability 2016-01-26
Rahul Pratap Singh (techno rps gmail com)

PHP LiteSpeed SAPI out of boundaries read due to missing input validation 2016-01-25
Imre RAD (imre rad search-lab hu)

[CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities 2016-01-25
CORE Advisories Team (advisories coresecurity com)

Authentication bypass in PHP File Manager 0.9.8 2016-01-25
Imre Rad (imre rad search-lab hu)

APPLE-SA-2016-01-25-1 tvOS 9.1.1 2016-01-25
Apple Product Security (product-security-noreply lists apple com)

Magento 1.9.x Multiple Man-In The Middle 2016-01-25
cxsecurity protonmail com

glibc catopen() Multiple unbounded stack allocations 2016-01-25
cxsecurity protonmail com

[SECURITY] [DSA 3453-1] mariadb-10.0 security update 2016-01-25
Salvatore Bonaccorso (carnil debian org)

WP Easy Gallery v4.1.4 Stored XSS Vulnerability 2016-01-26
Rahul Pratap Singh (techno rps gmail com)

PHP LiteSpeed SAPI secret key improper disposal 2016-01-25
Imre RAD (imre rad search-lab hu)

PHP-FPM fpm_log.c memory leak and buffer overflow 2016-01-25
Imre RAD (imre rad search-lab hu)

Remote shutdown vulnerability in Buffalo NAS (Linkstation 420) 2016-01-24
zemnmez googlemail com

ZyXel WAP3205 v1 Multiple XSS 2016-01-23
graphx sigaint org

HP ToComMsg DLL side loading vulnerability 2016-01-23
Securify B.V. (lists securify nl)

PHP LiteSpeed SAPI secret key improper disposal 2016-01-25
Imre RAD (imre rad search-lab hu)

PHP-FPM fpm_log.c memory leak and buffer overflow 2016-01-25
Imre RAD (imre rad search-lab hu)

Remote shutdown vulnerability in Buffalo NAS (Linkstation 420) 2016-01-24
zemnmez googlemail com

ZyXel WAP3205 v1 Multiple XSS 2016-01-23
graphx sigaint org

HP ToComMsg DLL side loading vulnerability 2016-01-23
Securify B.V. (lists securify nl)

LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities 2016-01-23
Securify B.V. (lists securify nl)

HP LaserJet Fax Preview DLL side loading vulnerability 2016-01-23
Securify B.V. (lists securify nl)

XMB - eXtreme Message Board v1.9.11.13 Weak Crypto 2016-01-23
hyp3rlinx lycos com

imageone Cms Multiple vulnerabilities 2016-01-23
iedb team gmail com

[SECURITY] [DSA 3452-1] claws-mail security update 2016-01-23
Ben Hutchings (benh debian org)

January 2016 - Bamboo - Critical Security Advisory 2016-01-22
David Black (dblack atlassian com)

[SECURITY] [DSA 3451-1] fuse security update 2016-01-21
Yves-Alexis Perez (corsac debian org)

Executable installers are vulnerable^WEVIL (case 3): WiX Toolset's bootstrapper "burn.exe" 2016-01-21
Stefan Kanthak (stefan kanthak nexgo de)

SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices 2016-01-21
SEC Consult Vulnerability Lab (research sec-consult com)

Oracle HtmlConverter.exe Buffer Overflow 2016-01-21
hyp3rlinx lycos com

QuickAuth - Google Authenticator Pebble app vulnerable to MITM attack when configuring TOTP keys 2016-01-20
issues github com

Re: [CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 2016-01-19
urikanonov gmail com

Re: [CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 2016-01-19
urikanonov gmail com

Cisco Security Advisory: Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability 2016-01-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3450-1] ecryptfs-utils security update 2016-01-20
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability 2016-01-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[CVE-2016-1926] XSS in Greenbone Security Assistant ≥ 6.0.0 and < 6.0.8 2016-01-20
bugtraq internetwache org

LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability 2016-01-20
Onur Yilmaz (onur netsparker com)

APPLE-SA-2016-01-19-3 Safari 9.0.3 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

Executable installers are vulnerable^WEVIL (case 3): WiX Toolset's bootstrapper "burn.exe" 2016-01-21
Stefan Kanthak (stefan kanthak nexgo de)

SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices 2016-01-21
SEC Consult Vulnerability Lab (research sec-consult com)

Oracle HtmlConverter.exe Buffer Overflow 2016-01-21
hyp3rlinx lycos com

QuickAuth - Google Authenticator Pebble app vulnerable to MITM attack when configuring TOTP keys 2016-01-20
issues github com

Re: [CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 2016-01-19
urikanonov gmail com

Re: [CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 2016-01-19
urikanonov gmail com

Cisco Security Advisory: Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability 2016-01-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3450-1] ecryptfs-utils security update 2016-01-20
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability 2016-01-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[CVE-2016-1926] XSS in Greenbone Security Assistant ≥ 6.0.0 and < 6.0.8 2016-01-20
bugtraq internetwache org

LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability 2016-01-20
Onur Yilmaz (onur netsparker com)

APPLE-SA-2016-01-19-3 Safari 9.0.3 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-01-19-2 OS X El Capitan 10.11.3 and Security Update 2016-001 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-01-19-1 iOS 9.2.1 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3449-1] bind9 security update 2016-01-19
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN03534 rev.1 - HPE Performance Center using Microsoft Report Viewer, Remote Disclosure of Information, Cross-Site Scripting (XSS) 2016-01-19
security-alert hpe com

Executable installers are vulnerable^WEVIL (case 21): Panda Security's installers allow arbitrary (remote) code execution AND escalation of privilege with PANDAIS16.exe 2016-01-19
Stefan Kanthak (stefan kanthak nexgo de)

QuickAuth - Google Authenticator Pebble app vulnerable to MITM attack when configuring TOTP keys 2016-01-20
issues github com

Re: [CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 2016-01-19
urikanonov gmail com

Re: [CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 2016-01-19
urikanonov gmail com

Cisco Security Advisory: Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability 2016-01-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3450-1] ecryptfs-utils security update 2016-01-20
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability 2016-01-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[CVE-2016-1926] XSS in Greenbone Security Assistant ≥ 6.0.0 and < 6.0.8 2016-01-20
bugtraq internetwache org

LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability 2016-01-20
Onur Yilmaz (onur netsparker com)

APPLE-SA-2016-01-19-3 Safari 9.0.3 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-01-19-2 OS X El Capitan 10.11.3 and Security Update 2016-001 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-01-19-1 iOS 9.2.1 2016-01-19
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3449-1] bind9 security update 2016-01-19
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN03534 rev.1 - HPE Performance Center using Microsoft Report Viewer, Remote Disclosure of Information, Cross-Site Scripting (XSS) 2016-01-19
security-alert hpe com

Executable installers are vulnerable^WEVIL (case 21): Panda Security's installers allow arbitrary (remote) code execution AND escalation of privilege with PANDAIS16.exe 2016-01-19
Stefan Kanthak (stefan kanthak nexgo de)

[CORE-2016-0001] - Intel Driver Update Utility MiTM 2016-01-19
CORE Advisories Team (advisories coresecurity com)