Bugtraq
[Prev Page][Next Page]
- SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin
- [CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF
- [MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing
- Multiple Vulnerabilities in Linksys E1500/E2500
- [PT-2012-53] Privilege Gaining in DataLife Engine
- CVE-2012-6451 Authentication Bypass in LOREX IP Cameras
- [security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code
- [ MDVSA-2013:007 ] mysql
- Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU
- From: Security Explorations
- APPLE-SA-2013-02-04-1 OS X Server v2.2.1
- From: Apple Product Security
- Free Monthly Websites v2.0 - Multiple Web Vulnerabilities
- Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B)
- [IMF 2013] Call for Participation
- [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU
- From: Security Explorations
- NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation
- NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation
- Directory Traversal - EasyITSP <= 2.0.7
- APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12
- From: Apple Product Security
- [SECURITY] [DSA 2616-1] nagios3 security update
- [SECURITY] [DSA 2617-1] samba security update
- [SECURITY] [DSA 2615-1] libupnp4 security update
- [SECURITY] [DSA 2614-1] libupnp security update
- DC++ 0.802 and below incorrectly registers URI schemes in Windows
- [security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)
- [ MDVSA-2013:006 ] freetype2
- FreeBSD 9.1 ftpd Remote Denial of Service
- Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install
- [HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions
- ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities
- Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images
- DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability
- [security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS)
- marc4dasm - Atmel MARC microprocessor disassembler published
- OWASP Zed Attack Proxy 2.0.0
- CFP Observe. Hack. Make.
- Buffalo TeraStation TS-Series multiple vulnerabilities
- [SECURITY] [DSA 2613-1] rails security update
- Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Re: Wordpress Valums Uploader - File Upload Vulnerability
- Adobe Reader XI versions are vulnerable to a heap overflow
- XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget")
- Unauthenticated remote access to D-Link DCS cameras
- APPLE-SA-2013-01-28-2 Apple TV 5.2
- From: Apple Product Security
- APPLE-SA-2013-01-28-1 iOS 6.1 Software Update
- From: Apple Product Security
- [KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability
- Kohana Framework v2.3.3 - Directory Traversal Vulnerability
- ESA-2013-010: EMC AlphaStor Buffer Overflow Vulnerability
- Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities
- nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities
- [ MDVSA-2013:005 ] perl
- [SE-2012-01] An issue with new Java SE 7 security features
- From: Security Explorations
- WordPress SolveMedia 1.1.0 CSRF Vulnerability
- From: illSecResearchGroup
- [SECURITY] [DSA 2612-1] ircd-ratbox security update
- New Blog Post: Attacking the Windows 7/8 Address Space Randomization
- SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products
- From: SEC Consult Vulnerability Lab
- IPv6: How to avoid security issues with VPN leaks on dual-stack networks
- CVE-2013-0805 / CSNC-2013-001
- SQL Injection Vulnerability in ImageCMS
- Cross-Site Scripting (XSS) vulnerability in gpEasy
- CVE ID Syntax Change - Call for Public Feedback
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
- From: Cisco Systems Product Security Incident Response Team
- DC4420 - London DEFCON - January 2013 meet. Tuesday 29th January 2013
- [slackware-security] mysql (SSA:2013-022-01)
- From: Slackware Security Team
- [security bulletin] HPSBMU02841 SSRT100724 rev.1 - HP Diagnostics Server, Remote Execution of Arbitrary Code
- Re: [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable
- From: Security Explorations
- Wordpress Valums Uploader - File Upload Vulnerability
- CVE-2013-1402 - DigiLIBE Management Console - Execution After Redirect (EAR) Vulnerability
- [SECURITY] [DSA 2611-1] movabletype-opensource security update
- SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20130122-0 :: F5 BIG-IP XML External Entity Injection vulnerability
- From: SEC Consult Vulnerability Lab
- Wordpress Developer Formatter CSRF Vulnerability
- From: illSecResearchGroup
- Looking for security contacts
- [HITB-Announce] REMINDER: #HITB2013AMS Call for Papers Closes 8th Feb
- [SECURITY] [DSA 2610-1] ganglia security update
- Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin
- Re: EMC Avamar: World writable cache files
- Multiple Vulnerabilities in Linksys WRT54GL
- (AUSCERT#20131775e) AusCERT 2013 Call For Presentations - closing in 10 days
- NoSuchCon CFP / 15-17 May 2013 / Paris, France
- Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069
- [SECURITY] [DSA 2605-2] asterisk regression update
- CA20121220-01: Security Notice for CA IdentityMinder [updated]
- ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities
- [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable
- From: Security Explorations
- Recently-revised IETF I-Ds about IPv6 security
- CVE-2012-6452 Axway Secure Messenger Username Disclosure
- NSOADV-2013-002: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/sgms/)
- NSOADV-2013-001: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/appliance/)
- Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow
- Secunia Research: Oracle Outside In Technology Paradox Database Handling Denial of Service
- Cisco Security Advisory Update v1.1: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2609-1] rails security update
- DC4420 - 2013 CFP
- Cisco Security Advisory: Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Re: [CVE-ID REQUEST] vBulletin - Multiple Open Redirects
- Re: [CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities
- Re: Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability
- [slackware-security] freetype (SSA:2013-015-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2608-1] qemu security update
- Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting (XSS) vulnerability
- From: Rustein, Fara Denise (LATCO - Buenos Aires)
- [SECURITY] [DSA 2607-1] qemu-kvm security update
- [IA34] Serva v2.0.0 HTTP Server GET Remote Denial of Service
- [IA33] Serva v2.0.0 DNS Server Remote Denial of Service
- Updated - CA20121018-01: Security Notice for CA ARCserve Backup
- CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash
- CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI
- CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows
- [SECURITY] [DSA 2605-1] asterisk security update
- [SECURITY] [DSA 2606-1] proftpd-dfsg security update
- Arbitrary File Upload and Code Execution in Accusoft Prizm Content Connect
- From: Include Security Research
- Re: Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability
- [security bulletin] HPSBMU02838 SSRT100789 rev.1 - HP Serviceguard on Linux, Remote Denial of Service (DoS)
- [SE-2012-01] 'Fix' for Issue 32 exploited by new Java 0-day code
- From: Security Explorations
- DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit
- Detailed examples of two vulnerabilities in whitelisting software: SE46 (Cryptzone) and Application Control (McAfee)
- Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability
- OrangeHRM 2.7.1 Vacancy Name Persistent XSS
- [slackware-security] seamonkey (SSA:2013-009-03)
- From: Slackware Security Team
- [ MDVSA-2013:004 ] tomcat5
- [slackware-security] mozilla-thunderbird (SSA:2013-009-02)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-009-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2604-1] rails security update
- [SECURITY] [DSA 2603-1] emacs23 security update
- [ MDVSA-2013:003 ] rootcerts
- Nero MediaHome Multiple Remote DoS Vulnerabilities
- Remote Buffer Overflow Vulnerability in Samsung Kies
- Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart
- [ MDVSA-2013:002 ] firefox
- Cisco Security Advisory: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Prime LAN Management Solution Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2602-1] zendframework security update
- [security bulletin] HPSBUX02829 SSRT100883 rev.1 - HP-UX Running X Font Server (xfs) Software, Local Denial of Service (DoS), Unauthorized Access
- ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability
- Chrome for Android - Bypassing SOP for Local Files By Symlinks
- Facebook for Android - Information Diclosure Vulnerability
- Chrome for Android - Cookie theft from Chrome by malicious Android app
- Chrome for Android - Android APIs exposed to JavaScript
- Chrome for Android - Download Function Information Disclosure
- Chrome for Android - UXSS via com.android.browser.application_id Intent extra
- [security bulletin] HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- [SECURITY] [DSA 2600-1] cups security update
- [SECURITY] [DSA 2599-1] nss security update
- [SECURITY] [DSA 2598-1] weechat security update
- [SECURITY] [DSA 2597-1] rails security update
- CFP: InfoSec Southwest 2013
- TomatoCart 1.x | Unrestricted File Creation
- From: YGN Ethical Hacker Group
- CVE-2012-6494 - Nexpose Security Console - Session Hijacking
- CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF)
- Simple Webserver 2.3-rc1 Directory Traversal
- Aastra IP Telephone encrypted .tuz configuration file leakage
- From: Timo Juhani Lindfors
- AST-2012-015: Denial of Service Through Exploitation of Device State Caching
- From: Asterisk Security Team
- AST-2012-014: Crashes due to large stack allocations when using TCP
- From: Asterisk Security Team
- [ MDVSA-2013:001 ] gnupg
- ShakaCon 2013 - Call for Papers
- Re: GnuPG 1.4.12 and lower - memory access errors and keyring database corruption
- AthCon 2013 CFP OPEN
- Re: GnuPG 1.4.12 and lower - memory access errors and keyring database corruption
- Charybdis: Improper assumptions in the server handshake code may lead to a remote crash
- CubeCart 5.x | Multiple Cross Site Scripting Vulnerabilities
- From: YGN Ethical Hacker Group
- CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability
- From: YGN Ethical Hacker Group
- Re: CubeCart 5.0.7 and lower versions | Insecure Backup File Handling
- From: YGN Ethical Hacker Group
- GnuPG 1.4.12 and lower - memory access errors and keyring database corruption
- [SECURITY] [DSA 2596-1] mediawiki-extensions security update
- [SECURITY] [DSA 2595-1] ghostscript security update
- [SECURITY] [DSA 2594-1] virtualbox-ose security update
- [SECURITY] [DSA 2593-1] moin security update
- Re: CubeCart 5.0.7 and lower versions | Insecure Backup File Handling
- [SECURITY] [DSA 2591-1] mahara security update
- CubeCart 5.0.7 and lower versions | Insecure Backup File Handling
- From: YGN Ethical Hacker Group
- [SECURITY] [DSA 2592-1] elinks security update
- SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability
- Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability
- Polycom® HDX® Video End Points Web Management Cross Site Scripting (XSS) vulnerability
- From: Rustein, Fara Denise (LATCO - Buenos Aires)
- [ MDVSA-2012:184 ] libtiff
- [SECURITY] [DSA 2590-1] wireshark security update
- Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability
- From: YGN Ethical Hacker Group
- Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability
- From: YGN Ethical Hacker Group
- DoS vulnerability in Siemens S7-1200 PLCs
- CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability
- From: YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Local File Inclusion Vulnerability
- From: YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities
- From: YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Multiple Cross Site Scripting Vulnerabilities
- From: YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability
- From: YGN Ethical Hacker Group
- CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability
- From: YGN Ethical Hacker Group
- [TOOL RELEASE] SQL Fingerprint powered by ENG++ Technology [Version 1.33.23-170308]
- CubeCart 4.4.6 and lower | Open URL Redirection Vulnerability
- From: YGN Ethical Hacker Group
- [ MDVSA-2012:183 ] apache-mod_security
- [ MDVSA-2012:182 ] apache-mod_security
- CubeCart 3.0.20 (3.0.x) and lower | Multiple SQL Injection Vulnerabilities
- From: YGN Ethical Hacker Group
- CubeCart 3.0.20 (3.0.x) and lower | Arbitrary File Upload
- From: YGN Ethical Hacker Group
- CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities
- From: YGN Ethical Hacker Group
- Re: Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
- VMSA-2012-0018 VMware security updates for vCSA and ESXi
- From: VMware Security Response Center
- CA20121220-01: Security Notice for CA IdentityMinder
- ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability.
- [security bulletin] HPSBUX02835 SSRT100763 rev.1 - HP-UX Running BIND, Remote Domain Name Revalidation
- Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
- Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
- Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
- EMC Avamar: World writable cache files
- Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339]
- [ MDVSA-2012:181 ] python-django
- Multiple vulnerabilities in Banana Dance
- Firefly MediaServer Multiple Remote DoS Vulnerabilities
- Multiple SQL Injection Vulnerabilities in Elite Bulletin Board
- Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root
- Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities
- SonicWall SonicOS 5.8.1.8 WAF - POST Inject Vulnerability
- Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
- IPv6 Neighbor Discovery security (new documents)
- RE: PHP Addressbook v8.2.5 Group Name XSS
- Re: Issues in Netgear WGR614 wireless router
- Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and other vulnerabilities in MAKETEXT macro
- [ MDVSA-2012:180 ] perl-CGI
- [SECURITY] [DSA 2589-1] tiff security update
- [SECURITY] [DSA 2588-1] icedove security update
- Wordpress Pingback Port Scanner
- DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978)
- Issues in Netgear WGR614 wireless router
- Password Disclosure in D-Link IP Cameras (CVE-2012-4046)
- [btrfs] is vulnerable to a hash-DoS attack
- From: Pascal Junod (Mailing Lists)
- Re: Centrify Deployment Manager v2.1.0.283
- [security bulletin] HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- RVAsec 2013 CFP Now Open
- Network Reconnaissance in IPv6 Networks (errata)
- Network Reconnaissance in IPv6 Networks
- 'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469)
- OpenDocMan 1.2.6.2 - 3 Vulnerabilities
- FCKEditor File Upload Vulnerability
- File Upload Concern in Front Account 2.3.13 and OpenDocMan 1.2.6.2
- Addressbook v8.1.24.1 Group Name XSS
- [ MDVSA-2012:179 ] cups
- [SECURITY] [DSA 2587-1] libcgi-pm-perl security update
- Multiple critical vulnerabilities in Maxthon and Avant browsers
- From: Roberto Suggi Liverani
- [SECURITY] [DSA 2586-1] perl security update
- [SECURITY] [DSA 2585-1] bogofilter security update
- Information disclosure (mouse tracking) vulnerability in Microsoft Internet Explorer versions 6-10
- Path Traversal Vulnerability on Secure Transport versions 5.1 SP2 and earlier
- From: Perez, Sebastian (LATCO - Buenos Aires)
- [security bulletin] HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS)
- SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932
- Snare for Linux Password Disclosure
- Snare for Linux Cross-Site Request Forgery
- FreeVimager 4.1.0 <= WriteAV Arbitrary Code Execution
- Snare for Linux Cross-Site Scripting via Log Injection
- Call for Papers: DIMVA 2013
- Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework
- DIMIN Viewer 5.4.0 <= WriteAV Arbitrary Code Execution
- Centrify Deployment Manager v2.1.0.283 local root
- Android Kernel 2.6 Local DoS
- [slackware-security] bind (SSA:2012-341-01)
- From: Slackware Security Team
- [ MDVSA-2012:178 ] mysql
- [SECURITY] [DSA 2584-1] iceape security update
- [SECURITY] [DSA 2583-1] iceweasel security update
- [slackware-security] libssh (SSA:2012-341-02)
- From: Slackware Security Team
- Update on CVE assigned for Wordpress Plugin Simple Gmail Login
- TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
- Multiple SQL Injection vulnerabilities in ClipBucket
- Multiple vulnerabilities in Achievo
- Update on CVE assigned for Video Lead Form Plugin Cross-Site
- CanSecWest13 CFP Open Until December 14 2012, Conf March 7-9 2013, Vancouver
- Fwd: SQL injection
- Multiple vulnerabilities in Achievo
- Multiple SQL Injection vulnerabilities in ClipBucket
- TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
- [SECURITY] [DSA 2582-1] xen security update
- [slackware-security] libxml2 (SSA:2012-341-03)
- From: Slackware Security Team
- [slackware-security] ruby (SSA:2012-341-04)
- From: Slackware Security Team
- CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux
- [ MDVSA-2012:177 ] bind
- Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information
- Re: Stack overflow in Microsoft HTML Help 6.1 (CHM files)
- From: chiles . simpson . ctr
- [security bulletin] HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMU02816 SSRT100949 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
- CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter
- CVE-2012-3546 Apache Tomcat Bypass of security constraints
- CVE-2012-4534 Apache Tomcat denial of service
- [security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS)
- [security bulletin] HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access
- FreeFTPD Remote Authentication Bypass Zeroday Exploit (Stuxnet technique)
- Centrify Deployment Manager v2.1.0.283
- Re: MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
- FreeSSHD Remote Authentication Bypass Zeroday Exploit
- Centrify Deployment Manager v2.1.0.283
- Privilege Escalation through Binary Planting in Panda Internet Security
- MySQL Local/Remote FAST Account Password Cracking
- DC4420 - London DEFCON - Christmas 2012 meet! Tuesday 11th December 2012
- [SECURITY] [DSA 2581-1] mysql-5.1 security update
- Re: phpGiftReq SQL Injection
- SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion
- From: SEC Consult Vulnerability Lab
- tinymcpuk xss vulnerability
- Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- [ MDVSA-2012:176 ] libxml2
- [SECURITY] [DSA 2580-1] libxml security update
- Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- From: Huzaifa Sidhpurwala
- Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday
- Re: [Full-disclosure] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
- Re: [Full-disclosure] MySQL Remote Preauth User Enumeration Zeroday
- Re: [Full-disclosure] MySQL Denial of Service Zeroday PoC
- Re: [Full-disclosure] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
- Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday
- Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
- Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday
- MySQL Remote Preauth User Enumeration Zeroday
- MySQL Denial of Service Zeroday PoC
- MySQL (Linux) Database Privilege Elevation Zeroday Exploit
- MySQL (Linux) Heap Based Overrun PoC Zeroday
- MySQL (Linux) Stack based buffer overrun PoC Zeroday
- IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday)
- FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities
- FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability
- Low severity flaw in RIM BlackBerry PlayBook OS browser
- ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities
- [SECURITY] [DSA 2577-1] libssh security update
- NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator
- NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email
- NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection
- NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL
- APPLE-SA-2012-11-29-1 Apple TV 5.1.1
- From: Apple Product Security
- NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel
- NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection
- NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout
- NGS000330 Technical Advisory: Squiz CMS File Path Traversal
- NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection
- NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow
- SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011
- [SECURITY] [DSA 2579-1] apache2 security update
- VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability
- From: VUPEN Security Research
- Safend Data Protector Multiple Vulnerabilities
- Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability
- ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL
- Oracle Exadata leaf switch logins
- Re: rssh security announcement
- [ MDVSA-2012:175 ] libssh
- Re: rssh security announcement
- Re: rssh security announcement
- Re: rssh security announcement
- [SECURITY] [DSA 2578-1] rssh security update
- [SE-2011-01] Additional materials released for SAT TV research
- From: Security Explorations
- Forescout NAC (Network Access Control) multiple vulnerabilities
- [DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities
- ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities
- ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities
- VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability
- From: VUPEN Security Research
- [oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision
- Twitter App 5.0 vulnerable to eavesdropping
- FreeBSD Security Advisory FreeBSD-SA-12:08.linux
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 2576-1] trousers security update
- XSS Vulnerability in Simple Slider Wordpress Plugin
- FreeBSD Security Advisory FreeBSD-SA-12:06.bind
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd
- From: FreeBSD Security Advisories
- [ MDVSA-2012:174 ] libtiff
- [slackware-security] mozilla-thunderbird (SSA:2012-326-03)
- From: Slackware Security Team
- [slackware-security] seamonkey (SSA:2012-326-01)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2012-326-02)
- From: Slackware Security Team
- [ MDVSA-2012:173 ] firefox
- Multiple vulnerabilities in dotProject
- ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities
- n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS
- OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures
- Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers
- Wordpress Facebook Survey v1 - SQL Injection Vulnerability
- FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |=
- Re: [SE-2012-01] Security vulnerabilities in Java SE (details released)
- From: Security Explorations
- SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities
- [security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information
- n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS
- CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers
- Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites
- Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local)
- [ MDVSA-2012:172 ] libproxy
- [SECURITY] [DSA 2575-1] tiff security update
- Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability
- From: YGN Ethical Hacker Group
- [SE-2012-01] Security vulnerabilities in Java SE (details released)
- From: Security Explorations
- DC4420 - London DEFCON - November meet - Tuesday 20th November
- [SECURITY] [DSA 2574-1] typo3-src security update
- [CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air
- SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability
- From: SEC Consult Vulnerability Lab
- Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection
- iDev Rentals v1.0 - Multiple Web Vulnerabilities
- Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12
- Multiple vulnerabilities in BabyGekko
- Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection
- 0-day vulnerabilities in Call of Duty MW3 and CryEngine 3
- Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework
- Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection
- Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework
- Reflective XSS in uk cookie plugin
- ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities
- [DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities
- Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities
- [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection
- Weak password encryption on Huawei products
- Eventy CMS v1.8 Plus - Multiple Web Vulnerablities
- BananaDance Wiki b2.2 - Multiple Web Vulnerabilities
- [SECURITY] [DSA 2573-1] radsecproxy security update
- [ MDVSA-2012:171 ] icedtea-web
- Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Vulnerability Report on AWCM 2.2
- APPLE-SA-2012-11-07-1 QuickTime 7.7.3
- From: Apple Product Security
- Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue
- From: Cisco Systems Product Security Incident Response Team
- Cross-Site Request Forgery (CSRF) in CMS Made Simple
- Sql injection in AJAX post Search wordpress plugin
- Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0
- [security bulletin] HPSBHF02699 SSRT100592 rev.2 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure
- Wisecracker 1.0 - A high performance distributed cryptanalysis framework
- multiple critical vulnerabilities in sophos products
- SQL Injection Vulnerability in OrangeHRM
- Multiple Vulnerabilities in LibreOffice
- [CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability
- VideoLAN VLC Media Player <= 2.0.4 Crash Bug
- XSS in answer my question plugin
- iCompel Digital Signage risks
- Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client
- PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls
- [SECURITY] [DSA 2572-1] iceape security update
- [SECURITY] [DSA 2571-1] libproxy security update
- [ MDVSA-2012:170 ] firefox
- [CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability
- [security bulletin] HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
- Re: [Full-disclosure] XSS, LFI and SQL Injection Vulnerabilities in Achievo
- [security bulletin] HPSBMU02815 SSRT100715 rev.4 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution
- [security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data
- APPLE-SA-2012-11-01-2 Safari 6.0.2
- From: Apple Product Security
- APPLE-SA-2012-11-01-1 iOS 6.0.1
- From: Apple Product Security
- [ MDVSA-2012:169 ] java-1.6.0-openjdk
- Re: [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]
- [SECURITY] [DSA 2570-1] openoffice.org security update
- Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing
- From: Cisco Systems Product Security Incident Response Team
- XSS in dokeos 2.1.1
- Medium risk security flaws in Konqueror
- VaM Shop v1.69 - Multiple Web Vulnerabilities
- PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities
- PrestaShop <= 1.5.1 Persistent XSS
- NetCat CMS v5.0.1 - Multiple Web Vulnerabilities
- [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]
- [slackware-security] seamonkey (SSA:2012-304-02)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2012-304-01)
- From: Slackware Security Team
- [waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin
- [SECURITY] [DSA 2569-1] icedove security update
- [security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulnerabilities
- Call for Papers: DIMVA 2013
- [slackware-security] mozilla-firefox (SSA:2012-300-01)
- From: Slackware Security Team
- PIAF H.M.S - SQL Injection
- KmPlayer v3.0.0.1440 Local Crash PoC
- Exploit - EasyITSP by Lemens Telephone Systems 2.0.2
- EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability
- [SECURITY] [DSA 2568-1] rtfm security update
- [SECURITY] [DSA 2567-1] request-tracker3.8 security update
- Inventory 1.0 Multiple XSS Vulnerabilities
- Inventory 1.0 Multiple SQL Vulnerabilities
- [security bulletin] HPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information
- [SECURITY] [DSA 2566-1] exim4 security update
- Wordpress 3.4 Cross-Site Scripting Vulnerability
- Smf 2.0.2 Cross-Site Scripting Vulnerability
- [SECURITY] [DSA 2564-1] tinyproxy security update
- [SECURITY] [DSA 2565-1] iceweasel security update
- [waraxe-2012-SA#094] - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin
- [SECURITY] [DSA 2562-1] cups-pk-helper security update
- [SECURITY] [DSA 2563-1] viewvc security update
- HP/H3C and Huawei SNMP Weak Access to Critical Data
- VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vulnerability (MS12-063)
- From: VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerability (MS12-063)
- From: VUPEN Security Research
- [security bulletin] HPSBUX02824 SSRT100970 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
- [security bulletin] HPSBHF02819 SSRT100920 rev.1 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information
- DC4420 - London DEFCON - October meet - tomorrow, Tuesday 23rd October.
- [ MDVSA-2012:168 ] hostapd
- VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities
- Re: [Full-disclosure] F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection
- [SECURITY] [DSA 2561-1] tiff security update
- [SECURITY] [DSA 2560-1] bind9 security update
- F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection
- From: YGN Ethical Hacker Group
- XSS Vulnerabilities in ClipBucket
- From: Netsparker Advisories
- XSS Vulnerabilities in CMSMini
- From: Netsparker Advisories
- XSS Vulnerabilities in TaskFreak
- From: Netsparker Advisories
- CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies
- Old Habits Die Hard: Cross-Zone Scripting in Dropbox & Google Drive Mobile Apps
- Multiple Vulnerabilities in Campaign Enterprise <= 11.0.538
- CA20121018-01: Security Notice for CA ARCserve Backup
- Internet Explorer 9 XSS Filter Bypass
- MitM-vulnerability in Palo Alto Networks GlobalProtect
- [waraxe-2012-SA#093] - Multiple Vulnerabilities in Wordpress Social Discussions Plugin
- [waraxe-2012-SA#092] - Multiple Vulnerabilities in Wordpress Slideshow Plugin
- Multiple vulnerabilities in jCore
- Multiple vulnerabilities in Subrion CMS
- Multiple vulnerabilities in AContent
- SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites (former FatWire Content Server)
- From: SEC Consult Vulnerability Lab
- [IMF 2013] 3rd Call for Papers: Deadline Extended
- SEC Consult SA-20121017-1 :: Unirgy uStoreLocator SQL Injection - Magento extension
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 2559-1] libexif security update
- APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11
- From: Apple Product Security
- Visual Tools DVR multiple vulnerabilities
- [slackware-security] seamonkey (SSA:2012-288-01)
- From: Slackware Security Team
- Critical issues affecting Steam users
- Multiple vulnerabilities in Samsung Kies
- SilverStripe CMS 2.4.7 <= Persistent Cross Site Scripting Vulnerability
- From: YGN Ethical Hacker Group
- SilverStripe CMS 2.4.7 <= Arbitrary URL Redirection
- From: YGN Ethical Hacker Group
- Re: VLC Player 2.0.3 <= ReadAV Arbitrary Code Execution (Update)
- [CVE-2012-4750] Ezhometech EzServer 7.0 Remote Heap Corruption Vulnerability
- From: lorenzo . cantoni86
- [ MDVSA-2012:167 ] firefox
- [slackware-security] mozilla-firefox (SSA:2012-285-01)
- From: Slackware Security Team
- [ MDVSA-2012:166 ] bacula
- [ MDVSA-2012:165 ] graphicsmagick
- [slackware-security] mozilla-thunderbird (SSA:2012-285-02)
- From: Slackware Security Team
- Last reminder for ClubHack 2012 : Call for Papers
- [ MDVSA-2012:164 ] libxslt
- [ MDVSA-2012:163 ] firefox
- Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB
- [slackware-security] bind (SSA:2012-284-01)
- From: Slackware Security Team
- FileBound - Privilege Escalation Vulnerability - Security Advisory - SOS-12-010
- VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates
- From: VMware Security Response Center
- ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities
- VLC Player 2.0.3 <= ReadAV Arbitrary Code Execution (Update)
- vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities
- Omnistar Document Manager v8.0 - Multiple Vulnerabilities
- Multiple vulnerabilities in OpenX
- Microsoft Office Excel ReadAV Arbitrary Code Execution
- [ MDVSA-2012:162 ] bind
- [CVE-2012-4501] CloudStack configuration vulnerability
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player
- From: Cisco Systems Product Security Incident Response Team
- [slackware-security] mozilla-firefox (SSA:2012-283-01)
- From: Slackware Security Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module
- From: Cisco Systems Product Security Incident Response Team
- Re: FastStone Image Viewer 4.6 <= ReadAVonIP Arbitrary Code Execution
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
- From: Cisco Systems Product Security Incident Response Team
- WingFTP Server Denial of Service Vulnerability
- Key Systems Electronic Key Lockers command injection and weak authentication vulnerabilities
- FastStone Image Viewer 4.6 <= ReadAVonIP Arbitrary Code Execution
- Hardcoreview WriteAV Arbitrary Code Execution
- Team SHATTER Security Advisory: Elevated roles through DBCC
- WingFTP Server Denial of Service Vulnerability
- BufferOverflow Vulnerability on Logica HotScan SWIFT Alliance Access Interface
- [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation
- soapbox Local Root / Privilege Escalation Vulnerability
- Privilege Escalation Vulnerability in Microsoft Windows
- [security bulletin] HPSBOV02822 SSRT100966 rev.1 - HP Secure Web Server (SWS) for OpenVMS, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information
- Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components)
- [SECURITY] [DSA 2558-1] bacula security update
- Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities
- GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities
- Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites
- [SECURITY] [DSA 2557-1] hostapd security update
- [SECURITY] [DSA 2556-1] icedove security update
- utempter allows fake host setting
- [ MDVSA-2012:161 ] html2ps
- Blender 2.63 Exploitable User Mode Write AV
- ESA-2012-035: RSAR Adaptive Authentication (On-Premise) Information Disclosure Vulnerability
- [SECURITY] [DSA 2555-1] libxslt security update
- [ MDVSA-2012:160 ] imagemagick
- [ MDVSA-2012:150-1 ] java-1.6.0-openjdk
- Team SHATTER Security Advisory: XML file disclosure vulnerability via GET_WRAP_CFG_C and GET_WRAP_CFG_C2
- [ MDVSA-2012:151-1 ] ghostscript
- Team SHATTER Security Advisory: Java Operating System command execution
- [DCA-2011-0013] - IBM Informix Dynamic Server 11.50 SET COLLATION Stack OverFlow
- From: Ewerson Guimarães (Crash) - Dclabs
- Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by Ogg DirectShow filters
- XnView JLS File Decompression Heap Overflow
- ANNOUNCE: RFIDIOt v1.0d released and code migration
- One week left! CFP for ZeroNights Conference in Moscow 19-20 November 2012
- [ MDVSA-2012:159 ] freeradius
- [security bulletin] HPSBMU02817 SSRT100950 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information
- Omnistar Mailer v7.2 - Multiple Web Vulnerabilities
- Multiple vulnerabilities in Template CMS
- [ MDVSA-2012:158 ] gc
- [ MDVSA-2012:157 ] openjpeg
- [ MDVSA-2012:153-1 ] dhcp
- CA20121001-01: Security Notice for CA License
- XSS Vulnerabilities in phpFreeChat
- From: Netsparker Advisories
- phptax 0.8 <= Remote Code Execution Vulnerability
- Reminder: ClubHack2012 Call for Papers Closing Soon
- Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities
- Better WP Security v3.4.3 Wordpress - Web Vulnerabilities
- Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities
- GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities
- [ MDVSA-2012:155-1 ] xinetd
- [ MDVSA-2012:156 ] inn
- [ MDVSA-2012:152-1 ] bind
- [security bulletin] HPSBUX02814 SSRT100930 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS)
- [security bulletin] HPSBST02818 SSRT100960 rev.1 - HP IBRIX X9000 Storage, Remote Disclosure of Information
- [ MDVSA-2012:154-1 ] apache
- CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9
- [ MDVSA-2012:155 ] xinetd
- [ MDVSA-2012:154 ] apache
- Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [IMF 2013] 2nd Call for Papers
- NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution
- XSS in OSSEC wui 0.3
- [SECURITY] [DSA 2552-1] tiff security update
- [SECURITY] [DSA 2554-1] iceape security update
- Cisco Security Advisory: Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2550-2] asterisk regression update
- [Full-disclosure] "Dell Data Protection | Access" for Windows contains and installs outdated, superfluous and vulnerable system components and 3rd party components/drivers
- [Announcement] CHMag - Call for Articles
- [waraxe-2012-SA#090] - Insecure SSL Connection in Thomson SpeedTouch ST780
- [SE-2012-01] Critical security issue affecting Java SE 5/6/7
- From: Security Explorations
- APPLE-SA-2012-09-24-1 Apple TV 5.1
- From: Apple Product Security
- [Positive Research] Intel SMEP Part II: Bypassing Intel SMEP on Windows 8 x64 Using Return-oriented Programming
- CVE-2012-4415: guacamole local root vulnerability
- From: Timo Juhani Lindfors
- [Announcement] ClubHack Magazine's Sept 2012 Issue Out
- DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419)
- Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field
- Toshiba ConfigFree CF7 File Remote Command Execution
- Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName)
- ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability
- [CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities
- GreHack 2012 - 19th Oct. Grenoble, France - Conference + CTF - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ]
- [SECURITY] [DSA 2551-1] isc-dhcp security update
- [security bulletin] HPSBMU02815 SSRT100715 rev.3 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution
- APPLE-SA-2012-09-19-3 Safari 6.0.1
- From: Apple Product Security
- APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004
- From: Apple Product Security
- APPLE-SA-2012-09-19-1 iOS 6
- From: Apple Product Security
- [security bulletin] HPSBMU02815 SSRT100715 rev.2 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution
- [2.0 Update] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
- From: Cisco Systems Product Security Incident Response Team
- Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
- [SECURITY] [DSA 2550-1] asterisk security update
- Vbulletin (blog_plugin_useradmin) v4.1.12 Sql Injection Vulnerability
- NGS00266 Patch Notification: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL
- NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure
- NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator
- NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email
- NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account
- APPLE-SA-2012-09-17-1 Apple Remote Desktop 3.5.3
- From: Apple Product Security
- Fortigate UTM WAF Appliance - Cross Site Vulnerabilities
- [security bulletin] HPSBMU02813 SSRT100712 rev.1 - HP Operations Orchestration, Remote Execution of Arbitrary Code
- Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
- SonicWALL EMail Security 7.3.5 - Multiple Vulnerabilities
- Axis VoIP Manager v2.1.5.7 - Multiple Web Vulnerabilities
- [waraxe-2012-SA#089] - Multiple Vulnerabilities in TorrentTrader 2.08
- [Positive Research] Intel SMEP overview and partial bypass on Windows 8 (whitepaper)
- [slackware-security] patch (SSA:2012-257-02)
- From: Slackware Security Team
- Secunia Research: Novell GroupWise iCalendar Date/Time Parsing Denial of Service
- [IA38] NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow
- IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings)
- [slackware-security] dhcp (SSA:2012-258-01)
- From: Slackware Security Team
- [slackware-security] bind (SSA:2012-257-01)
- From: Slackware Security Team
- [INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability
- NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities
- ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities
- ipv6mon v1.0 released! (IPv6 address monitoring daemon)
- [SECURITY] [DSA 2480-4] request-tracker3.8 regression update
- [SECURITY] [DSA 2548-1] Debian Security Team PGP/GPG key change notice
- [ MDVSA-2012:153 ] dhcp
- [SECURITY] [DSA 2549-1] devscripts security update
- [SECURITY] [DSA 2548-1] tor security update
- [ MDVSA-2012:152 ] bind
- Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
- Knowledge Base EE v4.62.0 - SQL Injection Vulnerability
- APPLE-SA-2012-09-12-1 iTunes 10.7
- From: Apple Product Security
- [SECURITY] [DSA 2547-1] bind9 security update
- Security Advisory AA-007: Command Injection Vulnerability in Sitecom Home Storage Center
- Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
