View online: https://drupal.org/node/2124279
* Advisory ID: DRUPAL-SA-CONTRIB-2013-085
* Project: Feed Element Mapper [1] (third-party module)
* Version: 6.x
* Date: 2013-October-30
* Security risk: Less critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
View online: https://drupal.org/node/2123995
* Advisory ID: DRUPAL-SA-CONTRIB-2013-083
* Project: Quiz [1] (third-party module)
* Version: 6.x
* Date: 2013-October-30
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass, Information
View online: https://drupal.org/node/2124241
* Advisory ID: DRUPAL-SA-CONTRIB-2013-084
* Project: FileField Sources [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2013-Oct-30
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for
1000 Series Aggregation Services Routers
Advisory ID: cisco-sa-20131030-asr1000
Revision 1.0
For Public Release 2013 October 30 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:263
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:262
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:261
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:260
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:259
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:258
http://www.mandriva.com/en/support/security
=
INTERNET SECURITY AUDITORS ALERT 2013-003
- Original release date: March 3rd, 2013
- Last revised: March 10th, 2013
- Discovered by: Vicente Aguilera Diaz
- Severity: 4.3/10 (CVSSv2 Base Score)
=
I
=
INTERNET SECURITY AUDITORS ALERT 2013-011
- Original release date: March 21st, 2013
- Last revised: March 21st, 2013
- Discovered by: Manuel García Cárdenas
- Severity: 5/10 (CVSS Base Score)
- CVE-ID: CVE-2013-2652
View online: https://drupal.org/node/2118873
* Advisory ID: DRUPAL-SA-CONTRIB-2013-082
* Project: Bean [1] (third-party module)
* Version: 7.x
* Date: 2013-10-23
* Security risk: Highly critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
View online: https://drupal.org/node/2118717
* Advisory ID: DRUPAL-SA-CONTRIB-2013-081
* Project: Spaces [1] (third-party module)
* Version: 6.x
* Date: 2013-10-23
* Security risk: Less critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
DESCRIPTION
ed the SMU for CSCtz62593 are not affected by this
vulnerability.
Cisco has released free software updates that address these vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-iosxr
-BEGIN PGP
vulnerabilities are not available. This
advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-ise
Note: Cisco ISE Software is also affected by the Apache Struts Command
Execution Vulnerability described in a separate Cisco
products except Cisco Business Edition 3000. Cisco Business
Edition 3000 should contact their Cisco representative for available options.
Workarounds that mitigate this vulnerability are not available. This advisory
is available at the following link:
http://tools.cisco.com/security/center/content
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:257
http://www.mandriva.com/en/support/security
"The _local_ command inject web vulnerability via device name can be
exploited by _remote_ attackers with _physical_ device access and low user
interaction."
Keep up the stellar work Ben! #derp
___
Full-Disclosure - We believe in it.
Charter: http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:249
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:248
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:247
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services
Module Software
Advisory ID: cisco-sa-20131009-fwsm
Revision 1.0
For Public Release 2013 October 9 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software
Advisory ID: cisco-sa-20131009-asa
Revision 1.0
For Public Release 2013 October 9 16:00 UTC (GMT
=
INTERNET SECURITY AUDITORS ALERT 2013-010
- Original release date: March 20th, 2013
- Last revised: March 25th, 2013
- Discovered by: Manuel Garcia Cardenas
- Severity: 4,8/10 (CVSS Base Score)
- CVE-ID: CVE-2013-2651
=
INTERNET SECURITY AUDITORS ALERT 2013-008
- Original release date: March 15th, 2013
- Last revised: March 20th, 2013
- Discovered by: Manuel Garcia Cardenas
- Severity: 4,8/10 (CVSS Base Score)
- CVE-ID: CVE-2013-2621,
CVE-2013-2622
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:246
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:245
http://www.mandriva.com/en/support/security
View online: https://drupal.org/node/2103187
* Advisory ID: DRUPAL-SA-CONTRIB-2013-078
* Project: Quick Tabs [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2013-October-02
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability
Advisory ID: cisco-sa-20131002-iosxr
Revision 1.0
For Public Release 2013 October 2 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:244
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:243
http://www.mandriva.com/en/support/security
=
INTERNET SECURITY AUDITORS ALERT 2012-003
- Original release date: 16th December 2012
- Last revised: 26th September 2013
- Discovered by: Eduardo Garcia Melia
- Severity: 6.8/10 (CVSS Base Scored)
=
I
=
INTERNET SECURITY AUDITORS ALERT 2013-007
- Original release date: March 14th, 2013
- Last revised: March 19th, 2013
- Discovered by: Manuel García Cárdenas
- Severity: 6,8/10 (CVSS Base Score)
- CVE-ID: CVE-2013-2586
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:242
http://www.mandriva.com/en/support/security
:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-rsvp
Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled
publication includes eight Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Each Cisco IOS
link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ike
Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled
publication includes eight Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Each
this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp
Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled
publication includes eight Cisco Security Advisories. All
vulnerability are available.
Cisco has released free software updates that address this vulnerability. This
advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-wedge
Note: The September 25, 2013, Cisco IOS Software Security
device. Repeated exploitation could result in a sustained DoS
condition.
Cisco has released free software updates that address this vulnerability. A
workaround is available to mitigate this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center
released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-cce
Note: The September 25
that address these vulnerabilities.
Workarounds that mitigate these vulnerabilities are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat
Note: The September 25, 2013, Cisco IOS Software
has released free software updates that address this vulnerability. There
are no workarounds for this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr
Note: The September 25, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:241
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:240
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:239
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:238
http://www.mandriva.com/en/support/security
View online: https://drupal.org/node/2092395
* Advisory ID: DRUPAL-SA-CONTRIB-2013-077
* Project: Google Site Search [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2013-September-18
* Security risk: Less critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution
Assurance Unauthenticated Username and Password Enumeration Vulnerability
Advisory ID: cisco-sa-20130918-pc
Revision 1.0
For Public Release 2013 September 18 16:00
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center
Network Manager
Advisory ID: cisco-sa-20130918-dcnm
Revision 1.0
For Public Release 2013 September 18 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:237
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:236
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:235
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:234
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:233
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:232
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:231
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:230
http://www.mandriva.com/en/support/security
View online: https://drupal.org/node/2087055
* Advisory ID: DRUPAL-SA-CONTRIB-2013-075
* Project: Click2Sell Suite [1] (third-party module)
* Version: 6.x
* Date: 2013-September-11
* Security risk: Highly critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
View online: https://drupal.org/node/2087095
* Advisory ID: DRUPAL-SA-CONTRIB-2013-076
* Project: jQuery Countdown [1] (third-party module)
* Version: 7.x
* Date: 2013-September-11
* Security risk: Less critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
View online: https://drupal.org/node/2087051
* Advisory ID: DRUPAL-SA-CONTRIB-2013-074
* Project: MediaFront [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2013-September-11
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:229
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:228
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:227
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:226
http://www.mandriva.com/en/support/security
View online: https://drupal.org/node/2081887
* Advisory ID: PSA-2013-001
* Project: Drupal core [1]
* Version: 6.x, 7.x
* Date: 2013-September-04
* Security risk: Not critical [2]
* Exploitable from: Remote
* Vulnerability: Information Disclosure
DESCRIPTION
View online: https://drupal.org/node/2081637
* Advisory ID: DRUPAL-SA-CONTRIB-2013-073
* Project: Make Meeting Scheduler [1] (third-party module)
* Version: 6.x
* Date: 2013-September-04
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording
Format and Advanced Recording Format Players
Advisory ID: cisco-sa-20130904-webex
Revision 1.0
For Public Release 2013 September 4 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:225
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:224
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:223
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- ---
VMware Security Advisory
Advisory ID: VMSA-2013-0011
Synopsis:VMware ESXi and ESX address an NFC Protocol Unhandled
Exception
Issue date: 2013-08-29
Updated
View online: https://drupal.org/node/2076221
* Advisory ID: DRUPAL-SA-CONTRIB-2013-071
* Project: Flag [1] (third-party module)
* Version: 7.x
* Date: 2013-August-28
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
View online: https://drupal.org/node/2076315
* Advisory ID: DRUPAL-SA-CONTRIB-2013-072
* Project: Node View Permissions [1] (third-party module)
* Version: 7.x
* Date: 2013-August-28
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Cisco Secure Access Control Server Remote Command
Execution Vulnerability
Advisory ID: cisco-sa-20130828-acs
Revision 1.0
For Public Release 2013 August 28 16:00 UTC (GMT
Asterisk Project Security Advisory - AST-2013-005
ProductAsterisk
SummaryRemote Crash when Invalid SDP is sent in SIP Request
Nature of Advisory Remote Crash
Asterisk Project Security Advisory - AST-2013-004
Product Asterisk
Summary Remote Crash From Late Arriving SIP ACK With SDP
Nature of Advisory Remote Crash
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:222
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:221
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:220
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:219
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:218
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:217
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:216
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- ---
VMware Security Advisory
Advisory ID: VMSA-2013-0010
Synopsis:VMware Workstation host privilege escalation vulnerability
Issue date: 2013-08-22
Updated
ring OXM issue is fixed in 4.0.0.M2
Credit:
These issues were identified by Alvaro Munoz of the HP Enterprise Security Team.
References:
http://www.gopivotal.com/security/cve-2013-4152
https://github.com/SpringSource/spring-framework/pull/317 (Spring OXM)
https://jira.springsource.org/browse/SPR-1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:215
http://www.mandriva.com/en/support/security
View online: https://drupal.org/node/2071157
* Advisory ID: DRUPAL-SA-CONTRIB-2013-070
* Project: Zen [1] (third-party module)
* Version: 7.x
* Date: 2013-August-21
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
interruption of presence services.
Cisco has released free software updates that address this vulnerability.
There are no workarounds available to mitigate exploitation of this
vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content
the monitoring of voice services and exhaust
system resources.
Cisco has released free software updates that address these vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm
-BEGIN PGP
vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
iF4EAREIAAYFAlIUzXcACgkQUddfH3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:214
http://www.mandriva.com/en/support/security
Hi All
Sparty is an open source tool written in python to audit web
applications using SharePoint
and FrontPage architecture. The motivation behind this tool is to
provide an easy and robust
way to scrutinize the security configurations of SharePoint and
FrontPage based web applications.
Due to
View online: https://drupal.org/node/2065387
* Advisory ID: DRUPAL-SA-CONTRIB-2013-069
* Project: Password policy [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2013-August-14
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site
View online: https://drupal.org/node/2065207
* Advisory ID: DRUPAL-SA-CONTRIB-2013-068
* Project: Entity API [1] (third-party module)
* Version: 7.x
* Date: 2013-August-14
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
View online: https://drupal.org/node/2065057
* Advisory ID: DRUPAL-SA-CONTRIB-2013-067
* Project: BOTCHA Spam Prevention [1] (third-party module)
* Version: 7.x
* Date: 2013-August-14
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Information
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:213
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:212
http://www.mandriva.com/en/support/security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:211
http://www.mandriva.com/en/support/security
View online: https://drupal.org/node/2059823
* Advisory ID: DRUPAL-SA-CONTRIB-2013-066
* Project: Monster Menus [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2013-August-07
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
201 - 300 of 4261 matches
Mail list logo