Bugtraq
[Prev Page][Next Page]
- [ MDVSA-2013:171 ] gnutls
- [security bulletin] HPSBPI02869 SSRT100936 rev.2 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
- [SECURITY] [DSA 2697-1] gnutls26 security update
- Re: [oss-security] KDE Paste Applet
- [SECURITY] [DSA 2695-1] chromium-browser security update
- [SECURITY] [DSA 2696-1] otrs2 security update
- CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities
- From: CORE Security Technologies Advisories
- [SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference
- CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities
- From: CORE Security Technologies Advisories
- RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface
- From: Ruckus Product Security Team
- RUCKUS ADVISORY ID 031813-1: Unauthenticated TCP tunneling on Ruckus devices via SSH server process
- From: Ruckus Product Security Team
- [ MDVSA-2013:170 ] socat
- [ MDVSA-2013:169 ] socat
- CA20130528-01: Security Notice for CA Process Automation (CA PAM)
- Monkey HTTPD 1.1.1 - Denial of Service Vulnerability
- ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities
- KDE Paste Applet
- Barracuda SSL VPN 680 2.2.2.203 - Redirect Web Vulnerability
- [ MDVSA-2013:168 ] python-httplib2
- [ MDVSA-2013:167 ] openvpn
- GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France
- DC4420 - London DEFCON - May meet - Tuesday 28th May 2013
- [SECURITY] [DSA 2693-1] libx11 security update
- [SECURITY] [DSA 2675-2] libxvmc regression update
- [security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information
- [SECURITY] [DSA 2676-1] libxfixes security update
- [SECURITY] [DSA 2692-1] libxxf86vm security update
- [SECURITY] [DSA 2691-1] libxinerama security update
- [SECURITY] [DSA 2690-1] libxxf86dga security update
- [SECURITY] [DSA 2673-1] libdmx security update
- [SECURITY] [DSA 2674-1] libxv security update
- [SECURITY] [DSA 2675-1] libxvmc security update
- [SECURITY] [DSA 2689-1] libxtst security update
- [SECURITY] [DSA 2688-1] libxres security update
- [SECURITY] [DSA 2687-1] libfs security update
- [SECURITY] [DSA 2686-1] libxcb security update
- [SECURITY] [DSA 2685-1] libxp security update
- [SECURITY] [DSA 2684-1] libxrandr security update
- [SECURITY] [DSA 2683-1] libxi security update
- [SECURITY] [DSA 2682-1] libxext security update
- [SECURITY] [DSA 2681-1] libxcursor security update
- [SECURITY] [DSA 2680-1] libxt security update
- [SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update
- [SECURITY] [DSA 2678-1] mesa security update
- [SECURITY] [DSA 2677-1] libxrender security update
- CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation
- SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services
- From: SEC Consult Vulnerability Lab
- [ANN] Struts 2.3.14.1 GA (fast track | security)
- APPLE-SA-2013-05-22-1 QuickTime 7.7.4
- From: Apple Product Security
- [SECURITY] [DSA 2672-1] kfreebsd-9 security update
- [waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin
- [waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin
- Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities
- VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own)
- From: VUPEN Security Research
- [ MDVSA-2013:166 ] krb5
- [slackware-security] kernel (SSA:2013-140-01)
- From: Slackware Security Team
- Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall)
- Static analysis tool exposition (SATE) V Call for participation
- Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt)
- Defense in depth -- the Microsoft way
- CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!
- [slackware-security] ruby (SSA:2013-136-02)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)
- From: Slackware Security Team
- APPLE-SA-2013-05-16-1 iTunes 11.0.3
- From: Apple Product Security
- ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability
- ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability
- [slackware-security] mozilla-thunderbird (SSA:2013-135-02)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-135-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2669-1] linux security update
- Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Multiple Vulnerabilities in Exponent CMS
- [ MDVSA-2013:165 ] firefox
- [security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
- [SECURITY] [DSA 2668-1] linux-2.6 security update
- WASC Announcement: Static Analysis Technologies Evaluation Criteria Published
- File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities
- SimpleTransfer 2.2.1 - Command Injection Vulnerabilities
- Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities
- Wifi Album v1.47 iOS - Command Injection Vulnerability
- Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities
- Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities
- [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution
- From: RedTeam Pentesting GmbH
- [ MDVSA-2013:164 ] mesa
- [SECURITY] [DSA 2667-1] mysql-5.5 security update
- [SECURITY] [DSA 2666-1] xen security update
- From: Salvatore Bonaccorso
- CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException
- ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability
- [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited
- CFP: Hacktivity 2013, October 11-12, Budapest, Hungary
- [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator
- DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities
- ESA-2013-021: EMC Documentum Multiple Vulnerabilities
- Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued]
- ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability
- Vulnerability in "Fujitsu Desktop Update" (for Windows)
- [security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code
- [security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
- [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software
- From: Cisco Systems Product Security Incident Response Team
- Cross-Site Request Forgery (CSRF) in UMI.CMS
- [ MDVSA-2013:163 ] glibc
- [ MDVSA-2013:162 ] glibc
- SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager
- From: SEC Consult Vulnerability Lab
- Apache VCL improper input validation
- [ MDVSA-2013:161 ] java-1.7.0-openjdk
- ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities
- VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6
- Multiple buffer overflows on Huawei SNMPv3 service
- Vulnerability in Microsoft Security Essentials <v4.2
- [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java
- From: Security Explorations
- Multiple Vulnerabilities in D-Link DSL-320B
- [ MDVSA-2013:160 ] phpmyadmin
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028)
- From: VUPEN Security Research
- ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability
- ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability
- ESA-2013-034: EMC Avamar Improper Authorization vulnerability
- [SECURITY] [DSA 2664-1] stunnel4 security update
- From: Salvatore Bonaccorso
- NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth)
- WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability
- NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)
- NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal
- NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection
- Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS
- SQL Injection in b2evolution
- [HITB-Announce] #HITB2013KUL Call for Papers
- Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution
- From: az . bugreport . subscriber
- [ MDVSA-2013:159 ] clamav
- [ MDVSA-2013:158 ] krb5
- Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability
- [SECURITY] [DSA 2665-1] strongswan security update
- [ MDVSA-2013:157 ] krb5
- [security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS)
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED]
- From: FreeBSD Security Advisories
- WowzaMediaServer SecureToken bypass (and worse)
- WowzaMediaServer StorageDir escape (regression)
- Personal File Share HTTP Server Remote Overflow Vulnerability
- CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver
- From: FreeBSD Security Advisories
- [ MDVSA-2013:156 ] apache-mod_security
- [security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update
- [security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update
- Re: Nginx ngx_http_close_connection function integer overflow
- [ MDVSA-2013:155 ] fuse
- [ MDVSA-2013:154 ] util-linux
- Cisco/Linksys E1200 N300 Reflected XSS
- [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability
- [ MDVSA-2013:153 ] subversion
- [ MDVSA-2013:152 ] subversion
- [ MDVSA-2013:151 ] curl
- EDSC 2013 CFP Open
- Hacking IPv6 networks training (slideware, upcoming trainings, etc.)
- [security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
- [security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS)
- Re: Nginx ngx_http_close_connection function integer overflow
- [security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege
- Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows
- Multiple Vulnerabilities in D'Link DIR-635
- Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution
- Nginx ngx_http_close_connection function integer overflow
- [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver
- Cisco/Linksys HTTP Service Remote DoS (Denial of Service)
- [security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency
- [ MDVSA-2013:150 ] mysql
- [ MDVSA-2013:148 ] roundcubemail
- [SECURITY] [DSA 2663-1] tinc security update
- [ MDVSA-2013:149 ] roundcubemail
- Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A
- [SQLi] vBilling for FreeSWITCH
- [SECURITY] [DSA 2660-1] curl security update
- From: Salvatore Bonaccorso
- 44Café 23rd April details
- [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE
- From: Security Explorations
- [ MDVSA-2013:147 ] libarchive
- [ MDVSA-2013:145 ] java-1.6.0-openjdk
- [ MDVSA-2013:146 ] icedtea-web
- VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555)
- From: VUPEN Security Research
- Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
- From: SEC Consult Vulnerability Lab
- TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation
- From: Trustwave Advisories
- [SECURITY] [DSA 2662-1] xen security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 2661-1] xorg-server security update
- SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey
- From: SEC Consult Vulnerability Lab
- CVE-2013-2504 : Matrix42 Service Desk XSS
- VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013)
- From: VUPEN Security Research
- DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013
- Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2013:144 ] phpmyadmin
- Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21
- From: Security Explorations
- [ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution
- SI6 Networks' IPv6 Toolkit v1.3.4 released!
- Multiple Vulnerabilities in KrisonAV CMS
- Open-Xchange Security Advisory 2013-04-17
- APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15
- From: Apple Product Security
- APPLE-SA-2013-04-16-1 Safari 6.0.4
- From: Apple Product Security
- [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services
- [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control
- [SE-2012-01] Details of issues fixed by Java SE 7 Update 21
- From: Security Explorations
- Sitecom WLM-3500 backdoor accounts
- [ MDVSA-2013:143 ] poppler
- [security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities
- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal
- Remote command injection in Ruby Gem kelredd-pruview 0.3.8
- [ MDVSA-2013:142 ] postgresql
- MacOSX 10.8.3 ftpd Remote Resource Exhaustion
- [ MDVSA-2013:141 ] libxslt
- Cisco Security Advisory: Cisco Prime Network Control Systems Database Default Credentials Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2013:134 ] viewvc
- [security bulletin] HPSBUX02859 SSRT101144 rev.2 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code
- [ MDVSA-2013:136 ] weechat
- [ MDVSA-2013:132 ] tor
- [ MDVSA-2013:131 ] taglib
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2659-1] libapache-mod-security security update
- From: Salvatore Bonaccorso
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBUX02864 SSRT101156 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [ MDVSA-2013:139 ] x11-server
- [ MDVSA-2013:138 ] x11-driver-video-qxl
- [ MDVSA-2013:137 ] wordpress
- [ MDVSA-2013:135 ] vte
- [ MDVSA-2013:133 ] usbmuxd
- [ MDVSA-2013:130 ] stunnel
- [ MDVSA-2013:124 ] ruby
- [ MDVSA-2013:129 ] squid
- [ MDVSA-2013:128 ] squashfs-tools
- [ MDVSA-2013:127 ] socat
- [ MDVSA-2013:126 ] snack
- [ MDVSA-2013:125 ] sleuthkit
- [ MDVSA-2013:123 ] rpmdevtools
- [ MDVSA-2013:122 ] quagga
- [ MDVSA-2013:121 ] qemu
- [ MDVSA-2013:116 ] pixman
- DeepSec 2013 - Call for Papers
- [ MDVSA-2013:120 ] python-pycrypto
- [ MDVSA-2013:119 ] python-httplib2
- [ MDVSA-2013:118 ] python-feedparser
- [ MDVSA-2013:117 ] python
- [ MDVSA-2013:115 ] php-ZendFramework
- [ MDVSA-2013:114 ] php
- [ MDVSA-2013:113 ] perl
- [ MDVSA-2013:112 ] otrs
- [ MDVSA-2013:111 ] openslp
- [ MDVSA-2013:110 ] openjpeg
- [ MDVSA-2013:109 ] open-iscsi
- [ MDVSA-2013:108 ] openconnect
- [ MDVSA-2013:107 ] ocaml-xml-light
- [ MDVSA-2013:106 ] nss-pam-ldapd
- [ MDVSA-2013:105 ] munin
- [ MDVSA-2013:104 ] mosh
- [ MDVSA-2013:103 ] mesa
- [ MDVSA-2013:102 ] mariadb
- [ MDVSA-2013:101 ] lynx
- [ MDVSA-2013:100 ] lighttpd
- [ MDVSA-2013:099 ] libytnef
- [ MDVSA-2013:098 ] libupnp
- [ MDVSA-2013:097 ] libotr
- [ MDVSA-2013:096 ] keepalived
- [ MDVSA-2013:095 ] java-1.7.0-openjdk
- [ MDVSA-2013:094 ] jakarta-poi
- [ MDVSA-2013:093 ] ircd-hybrid
- [ MDVSA-2013:077 ] ettercap
- CVE-2013-0798 : World read and write access to app_tmp directory on Android
- Hackito Ergo Sum 2013 Speaker Announcement!
- From: Alexandre De Oliveira
- [ MDVSA-2013:092 ] imagemagick
- [ MDVSA-2013:083 ] glib2.0
- [ MDVSA-2013:078 ] fail2ban
- [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7
- [ MDVSA-2013:091 ] icecast
- [ MDVSA-2013:090 ] argyllcms
- [ MDVSA-2013:089 ] icclib
- [ MDVSA-2013:088 ] hplip
- [ MDVSA-2013:084 ] gnome-keyring
- [ MDVSA-2013:087 ] firefox
- [ MDVSA-2013:086 ] groff
- [ MDVSA-2013:085 ] groff
- [ MDVSA-2013:082 ] gimp
- [ MDVSA-2013:081 ] gegl
- [ MDVSA-2013:074 ] drupal
- [ MDVSA-2013:076 ] emacs
- [ MDVSA-2013:073 ] dokuwiki
- [ MDVSA-2013:075 ] elinks
- [ MDVSA-2013:072 ] dnsmasq
- [ MDVSA-2013:050 ] nss
- [ MDVSA-2013:049 ] net-snmp
- [ MDVSA-2013:046 ] libtiff
- [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9
- From: ISecAuditors Security Advisories
- [CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI
- [ MDVSA-2013:066 ] bugzilla
- [CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2
- [ MDVSA-2013:071 ] dbus-glib
- [ MDVSA-2013:070 ] dbus
- [ MDVSA-2013:069 ] cups-pk-helper
- [ MDVSA-2013:068 ] courier-authlib
- [ MDVSA-2013:067 ] couchdb
- [ MDVSA-2013:065 ] boost
- [ MDVSA-2013:064 ] bogofilter
- [ MDVSA-2013:063 ] bip
- [ MDVSA-2013:057 ] xinetd
- [ MDVSA-2013:055 ] wireshark
- [ MDVSA-2013:062 ] backuppc
- [ MDVSA-2013:061 ] awstats
- [ MDVSA-2013:060 ] accountsservice
- [ MDVSA-2013:059 ] dhcp
- [ MDVSA-2013:058 ] bind
- [ MDVSA-2013:056 ] libxml2
- [slackware-security] seamonkey (SSA:2013-097-01)
- From: Slackware Security Team
- Multiple Vulnerabilities in D-Link devices
- [ MDVSA-2013:037 ] fetchmail
- [ MDVSA-2013:035 ] libexif
- Aastra IP Telephone hardcoded telnet admin password
- From: Timo Juhani Lindfors
- [ MDVSA-2013:033 ] cronie
- [ MDVSA-2013:023-1 ] coreutils
- Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable
- [ MDVSA-2013:054 ] sudo
- [ MDVSA-2013:053 ] proftpd
- [ MDVSA-2013:052 ] openssl
- [ MDVSA-2013:051 ] openssh
- [ MDVSA-2013:048 ] ncpfs
- [ MDVSA-2013:047 ] libxslt
- [ MDVSA-2013:031 ] automake
- [ MDVSA-2013:045 ] libssh
- [ MDVSA-2013:044 ] libjpeg
- [ MDVSA-2013:043 ] libgssglue
- [ MDVSA-2013:042 ] krb5
- [security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- [ MDVSA-2013:041 ] html2ps
- [ MDVSA-2013:040 ] gnutls
- [ MDVSA-2013:001-1 ] gnupg
- [ MDVSA-2013:039 ] freetype2
- [ MDVSA-2013:029 ] apache-mod_security
- [ MDVSA-2013:038 ] freeradius
- [ MDVSA-2013:036 ] exif
- [ MDVSA-2013:034 ] cups
- [ MDVSA-2013:032 ] bash
- [ MDVSA-2013:030 ] arpwatch
- [slackware-security] subversion (SSA:2013-095-01)
- From: Slackware Security Team
- [ MDVSA-2013:019 ] bash
- [ MDVSA-2013:027-1 ] clamav
- [ MDVSA-2013:017 ] arpwatch
- [ MDVSA-2013:018 ] automake
- [ MDVSA-2013:016 ] apache-mod_security
- Groovy Media Player buffer overflow Vulnerability
- Hackersh 0.1 Release Announcement
- GreHack 2013 - Call For Papers - November 15, Grenoble, France
- SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7)
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2013:015-1 ] apache
- [ MDVSA-2013:015-1 ] apache
- [SECURITY] [DSA 2658-1] postgresql-9.1 security update
- [SECURITY] [DSA 2654-1] libxslt security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 2657-1] postgresql-8.4 security update
- Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001
- Novell GroupWise Multiple Remote Code Execution Vulnerabilities
- TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2
- PHP Code Injection in FUDforum
- SQL Injection Vulnerability in Symphony
- [slackware-security] mozilla-firefox (SSA:2013-093-01)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-093-02)
- From: Slackware Security Team
- SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance
- From: SEC Consult Vulnerability Lab
- FreeBSD Security Advisory FreeBSD-SA-13:04.bind
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:03.openssl
- From: FreeBSD Security Advisories
- NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities
- Remote command execution in Ruby Gem ldoce 0.0.2
- [security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities
- [SECURITY] [DSA 2656-1] bind9 security update
- From: Salvatore Bonaccorso
- US-CERT Alert TA13-088A: DNS Amplification Attacks
- Authentication bypass on Netgear WNR1000
- [waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5
- [waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50
- [Suspected Spam] [slackware-security] libssh (SSA:2013-087-01)
- From: Slackware Security Team
- [security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code
- MailOrderWorks v5.907 - Multiple Web Vulnerabilities
- AST-2013-002: Denial of Service in HTTP server
- From: Asterisk Security Team
- [SECURITY] [DSA 2655-1] rails security update
- Workshop Proposal/Paper Submission Deadlines
- AST-2013-003: Username disclosure in SIP channel driver
- From: Asterisk Security Team
- AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header
- From: Asterisk Security Team
- WordPress podPress Plugin XSS in SWF
- Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information
- Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability
- Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Path Traversal in AWS XMS
- [slackware-security] bind (SSA:2013-086-01)
- From: Slackware Security Team
- [slackware-security] dhcp (SSA:2013-086-02)
- From: Slackware Security Team
- McAfee Virtual Technician ActiveX Control Insecure Method
- Re: Report OWASP WAF Naxsi bypass Vulnerability
- [SECURITY] [DSA 2653-1] icinga security update
- [security bulletin] HPSBUX02857 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [security bulletin] HPSBOV02852 SSRT101108 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
- [SECURITY] [DSA 2652-1] libxml2 security update
- [security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF)
- [slackware-security] php (SSA:2013-081-01)
- From: Slackware Security Team
- SynConnect PMS SQL Injection Vulnerability
- From: bhadresh . k . patel
- Report OWASP WAF Naxsi bypass Vulnerability
- ESA-2013-016: EMC Smarts Network Configuration Manager
- [waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2
- DC4420 - London DEFCON - March meet - Tuesday 26th March 2013
- [security bulletin] HPSBUX02856 SSRT101104 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Disclosure
- [SE-2011-01] PoC code for digital SAT TV research released
- From: Security Explorations
- [SECURITY] [DSA 2651-1] smokeping security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1
- From: Salvatore Bonaccorso
- [IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation
- APPLE-SA-2013-03-19-2 Apple TV 5.2.1
- From: Apple Product Security
- APPLE-SA-2013-03-19-1 iOS 6.1.3
- From: Apple Product Security
- Re: VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087)
- CA20130319-01: Security Notice for SiteMinder products using SAML
- [waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free (MS13-021 / CVE-2013-0087)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087)
- From: VUPEN Security Research
- VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Use-After-Free (MFSA-2013-29 / CVE-2013-0787)
- From: VUPEN Security Research
- Remote command execution in Ruby Gem Command Wrap
- NOPcon 2013 - Call for paper - Istanbul , Turkey
- Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
- From: Cisco Systems Product Security Incident Response Team
- NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow
- [ MDVSA-2013:028 ] nagios
- [ MDVSA-2013:027 ] clamav
- [ MDVSA-2013:026 ] sudo
- [SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54)
- From: Security Explorations
- [SECURITY] [DSA 2650-2] libvirt regression update
- Remote command execution in fastreader ruby gem
- [SECURITY] [DSA 2646-1] typo3-src security update
- [slackware-security] ruby (SSA:2013-075-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2650-1] libvirt-bin security update
- [SECURITY] [DSA 2649-1] lighttpd security update
- n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access
- n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability
- n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection
- n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection
- [SECURITY] [DSA 2648-1] firebird2.5 security update
- [SECURITY] [DSA 2647-1] firebird2.1 security update
- Skype Click to Call Update Service local privilege escalation
- From: Oliver-Tobias Ripka
- DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal
- MiniMagic ruby gem remote code execution
- Curl Ruby Gem Remote command execution
- [SECURITY] [DSA 2645-1] inetutils security update
- APPLE-SA-2013-03-14-2 Safari 6.0.3
- From: Apple Product Security
- APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
- From: Apple Product Security
- [SECURITY] [DSA 2640-1] zoneminder security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 2644-1] wireshark security update
- [ MDVSA-2013:025 ] pidgin
- [slackware-security] seamonkey (SSA:2013-072-02)
- From: Slackware Security Team
- [slackware-security] perl (SSA:2013-072-01)
- From: Slackware Security Team
- Re: SQLi found in Kodak Insite
- [ MDVSA-2013:024 ] firefox
- Re: [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability
- Cisco Video Surveillance Operations Manager Multiple vulnerabilities
- [ MDVSA-2013:023 ] coreutils
- SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow
- From: SEC Consult Vulnerability Lab
- [CVE-2013-1814] Apache Rave exposes User over API
- [ MDVSA-2013:022 ] openssh
- Open-Xchange Security Advisory 2013-03-13
- [SECURITY] [DSA 2643-1] puppet security update
- TagScanner v5.1 - Stack Buffer Overflow Vulnerability
- Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc
- Announcing ChronIC - a wearable Sub-GHz RF hacking tool
- Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
- Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc
- Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc
- Results of a XSLT fuzzing effort
- AthCon 2013 Rev. Challenge 2013
- SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum
- From: SEC Consult Vulnerability Lab
- Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3)
- Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
- [ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics
- From: ISecAuditors Security Advisories
- OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability
- Recon 2013 Call For Papers - June 21-23, 2013 - Montreal, Quebec
- [SECURITY] [DSA 2641-1] perl security update
- From: Salvatore Bonaccorso
- [slackware-security] mozilla-firefox (SSA:2013-068-01)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-068-02)
- From: Slackware Security Team
- [SECURITY] [DSA 2642-1] sudo security update
- Stored XSS in Terillion Reviews Wordpress Plugin
- SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2)
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1)
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2013:021 ] java-1.6.0-openjdk
- [ MDVSA-2013:020 ] wireshark
- Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc
- Re: Oracle Auto Service Request /tmp file clobbering vulnerability
- Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6
- Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6
- [security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, Remote Disclosure of Information
- [ MDVSA-2013:019 ] gnutls
- [security bulletin] HPSBPI02851 SSRT101078 rev.1 - Certain HP LaserJet Pro Printers, Unauthorized Access to Data
- [slackware-security] sudo (SSA:2013-065-01)
- From: Slackware Security Team
- [security bulletin] HPSBMU02849 SSRT101124 rev.1 - HP ServiceCenter, Remote Denial of Service (DoS)
- DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion
- [ MDVSA-2013:018 ] openssl
- Verax NMS Password Disclosure (CVE-2013-1631)
- Verax NMS Hardcoded Private Key (CVE-2013-1352)
- Verax NMS Password Replay Attack (CVE-2013-1351)
- Verax NMS Authenication Bypass (CVE-2013-1350)
- [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples
- Multiple XSS vulnerabilities in Events Manager WordPress plugin
- OS Command Injection in CosCms
- Re: rpi-update tmpfile vulnerability
- Re: Kingcopes AthCon 2012 Slides & Notes --> Video online
- Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND
- Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header
- Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption.
- Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header
- SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2
- Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc
- Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header
- Samsung TV DoS (possible overflow) via SOAPACTION
- Varnish 2.1.5, 3.0.3 DoS in VRY_Create() while parsing Vary header
- [ MDVSA-2013:017 ] libxml2
- [SECURITY] [DSA 2639-1] php5 security update
- RE: [Full-disclosure] Remote system freeze thanks to Kaspersky Internet Security 2013 (SA52053)
- From: Vulnerability Mailbox
- [PT-2013-17] Arbitrary Files Reading in mnoGoSearch
- WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS)
- [SECURITY] [DSA 2638-1] openafs security update
- [IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting
- APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14
- From: Apple Product Security
- [SECURITY] [DSA 2637-1] apache2 security update
- Remote system freeze thanks to Kaspersky Internet Security 2013
- Remote command execution for Ruby Gem ftpd-0.2.1
- Proofpoint Protection Server Session Persistence
- [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability
- [slackware-security] httpd (SSA:2013-062-01)
- From: Slackware Security Team
- CVE-2013-1413
- rpi-update tmpfile vulnerability
- [SE-2012-01] One more attack affecting Oracle's Java SE 7u15
- From: Security Explorations
- [SECURITY] [DSA 2636-2] xen regression update
- [SECURITY] [DSA 2636-1] xen security update
- [SECURITY] [DSA 2635-1] cfingerd security update
- From: Salvatore Bonaccorso
- ESA-2013-012: RSA® Authentication Agent 7.1.1 for Microsoft Windows® Access Control Vulnerability
- Fileutils ruby gem possible remote command execution and insecure file handling in /tmp
- PHEARCON Call For Papers
- Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell
- Cross-Site Scripting (XSS) in Geeklog
- Multiple Vulnerabilities in Piwigo
- [KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability
- Unauthenticated remote access to D-Link DIR-645 devices
- Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05
- [ MDVSA-2013:016 ] php
- Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2634-1] python-django security update
- [SECURITY] [DSA 2633-1] fusionforge security update
- Denial of Service vulnerability in War FTP Daemon 1.82
- [ MDVSA-2013:015 ] apache
- [slackware-security] seamonkey (SSA:2013-056-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2632-1] linux-2.6 security update
- [Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection
- From: Onapsis Research Labs
- Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4
- [IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability
- Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities
- [Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-002] SAP SDM Denial of Service
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure
- From: Onapsis Research Labs
- [SECURITY] [DSA 2629-1] openjpeg security update
- VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability
- From: VUPEN Security Research
- DC4420 - London DEFCON Tuesday 26th Feb 2013
- [SE-2012-01] New security issues affecting Oracle's Java SE 7u15
- From: Security Explorations
- NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France
- [SECURITY] [DSA 2631-1] squid3 security update
- From: Salvatore Bonaccorso
- [ MDVSA-2013:014 ] java-1.6.0-openjdk
- TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352)
- Samsung Galaxy S3 partial screen-lock bypass
- TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355)
- OSEC-2013-01: nagios metacharacter filtering omission
- CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358)
- TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353)
- TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372)
- TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354)
- Paper - Hiding Data in Hard-drive Service Areas
- Re: Alt-N MDaemon Email Body HTML/JS Injection Vulnerability
- MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability
- TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137)
- TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751)
- [security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS)
- [SECURITY] [DSA 2630-1] postgresql-8.4 security update
- [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏
- [ MDVSA-2013:013 ] squid
- Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon Email Body HTML/JS Injection Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WorldClient Username Enumeration Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability
- From: demetris papapetrou
- Multiple Cross-Site Scripting (XSS) in glFusion
- [slackware-security] mozilla-thunderbird (SSA:2013-050-02)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-050-01)
- From: Slackware Security Team
- APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13
- From: Apple Product Security
- SQLi found in Kodak Insite
- Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro.
- FreeBSD Security Advisory FreeBSD-SA-13:02.libc
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:01.bind
- From: FreeBSD Security Advisories
- Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit)
- Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability
- Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability
- [SECURITY] [DSA 2628-1] nss-pam-ldapd security update
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage
- From: Timo Juhani Lindfors
- PHP-Fusion 7.02.05 SQL Injection
- From: Krzysztof Katowicz-Kowalewski
- [IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow
- Multiple Vulnerabilities in Netgear DGN2200B
- Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable
- [SECURITY] [DSA 2627-1] nginx security update
- [SECURITY] [DSA 2626-1] lighttpd security update
- Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit)
- [SECURITY] [DSA 2625-1] wireshark security update
- [SECURITY] [DSA 2624-1] ffmpeg security update
- SI6 Networks IPv6 Toolkit v1.3 released!
- CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- Empirum Password Obfuscation Design Flaw
- [ MDVSA-2013:012 ] postgresql
- Re: CFP: InfoSec Southwest 2013
- [IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption
- [SECURITY] [DSA 2623-1] openconnect security update
- Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg
- Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND
- [security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage
- [slackware-security] pidgin (SSA:2013-044-01)
- From: Slackware Security Team
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability
- Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities
- CA20130213-01: Security Notice for CA ControlMinder
- [SECURITY] [DSA 2621-1] openssl security update
- [SECURITY] [DSA 2622-1] polarssl security update
- Multiple Vulnerabilities in OpenPLI
- [ MDVSA-2013:011 ] samba
- [SECURITY] [DSA 2620-1] rails security update
- Simple password obfuscation in Enterprise Architect
- [slackware-security] openssl (SSA:2013-042-01)
- From: Slackware Security Team
- Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
- I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution
- Multiple Vulnerabilities in Linksys WAG200G
- Multiple Vulnerabilities in Linksys WRT160Nv2
- Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
- [ MDVSA-2013:010 ] java-1.6.0-openjdk
- [SECURITY] [DSA 2612-2] ircd-ratbox update
- [SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update
- [ MDVSA-2013:009 ] libssh
- Mathematica9.0.1 on Linux /tmp/MathLink vulnerability
- [slackware-security] curl (SSA:2013-038-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2618-1] ircd-hybrid security update
- DIMVA 2013 - Extended deadline for paper submission: February 17, 2013!
- [CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏
- Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up
- [ MDVSA-2013:008 ] mysql
- [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
- Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
