Bugtraq
[Prev Page][Next Page]
- DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315]
- ZDI-11-310 : Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerability
- ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
- ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability
- ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability
- ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability
- ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
- ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulnerability
- ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
- SANS AppSec 2012 CFP is Open
- [SECURITY] [DSA 2329-1] torque security update
- ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability
- ZDI-11-301 : Adobe Reader U3D PICT 0Eh Encoding Remote Code Execution Vulnerability
- ZDI-11-300 : Adobe Reader U3D PICT 10h Encoding Remote Code Execution Vulnerability
- ZDI-11-299 : Adobe Reader PICT Parsing Remote Code Execution Vulnerability
- ZDI-11-298 : Adobe Reader U3D IFF RGBA Parsing Remote Code Execution Vulnerability
- ZDI-11-297 : Adobe Reader U3D PCX Parsing Remote Code Execution Vulnerability
- ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability
- Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBMU02714 SSRT100244 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information
- Path disclosure in SPIP
- [ GLSA 201110-23 ] Apache mod_authnz_external: SQL injection
- Re: jara 1.6 sql injection vulnerability
- [ GLSA 201110-19 ] X.Org X Server: Multiple vulnerabilities
- [ GLSA 201110-22 ] PostgreSQL: Multiple vulnerabilities
- zFtp Server <= 2011-04-13 | "STAT,CWD" Remote Denial of Service Vulnerability
- From: YGN Ethical Hacker Group
- [SECURITY] [DSA 2328-1] freetype security update
- [security bulletin] HPSBUX02700 SSRT100506 rev.2 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code
- [ MDVSA-2011:161 ] postgresql
- [ GLSA 201110-21 ] Asterisk: Multiple vulnerabilities
- [SECURITY] [DSA 2327-1] libfcgi-perl security-update
- TC-SA-2011-01: Multiple vulnerabilities in OmniTouch Instant Communication Suite
- phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit
- jara 1.6 sql injection vulnerability
- From: muuratsalo experimental hack lab
- [CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues.
- [SECURITY] [DSA 2326-1] pam security update
- [SECURITY] [DSA 2325-1] kfreebsd-8 security update
- [ GLSA 201110-20 ] Clam AntiVirus: Multiple vulnerabilities
- [ MDVSA-2011:160 ] krb5
- [ MDVSA-2011:159 ] krb5
- [ GLSA 201110-18 ] rgmanager: Privilege escalation
- [ GLSA 201110-17 ] Avahi: Denial of Service
- [ GLSA 201110-16 ] Cyrus IMAP Server: Multiple vulnerabilities
- [ GLSA 201110-15 ] GnuPG: User-assisted execution of arbitrary code
- [ GLSA 201110-14 ] D-Bus: Multiple vulnerabilities
- TeamSHATTER Security Advisory: SQL Injection Vulnerability in Oracle DROP INDEX for spatial datatypes
- TeamSHATTER Security Advisory: Database Vault Account Management Vulnerabilites
- TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN function)
- [ MDVSA-2011:158 ] phpmyadmin
- inCommand Technologies, Inc. Cross-site Scripting Vulnerability
- From: md . r00t . defacer
- VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after-free Vulnerability
- From: VUPEN Security Research
- [ MDVSA-2011:157 ] freetype2
- Metasploit 4.1.0 Web UI stored XSS vulnerability
- [SECURITY] [DSA 2324-1] wireshark security update
- GotRoot Security Challenge
- OCS Inventory NG 2.0.1 Persistent XSS (CVE-2011-4024)
- Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow Vulnerability
- [security bulletin] HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote Execution of Arbitrary Code
- Multiple vulnerabilities in Tine 2.0
- DNS Poisoning via Port Exhaustion
- [security bulletin] HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure
- Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities
- Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- ZDI-11-295 : Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerability
- [ GLSA 201110-13 ] Tor: Multiple vulnerabilities
- MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529]
- [ MDVSA-2011:156 ] tomcat5
- Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection
- Site@School 2.4.10 SQL Injection & XSS vulnerabilities
- [PT-2011-14] SQL injection vulnerability in BoonEx Dolphin
- [ MDVSA-2011:155 ] systemtap
- AST-2011-012: Remote crash vulnerability in SIP channel driver
- From: Asterisk Security Team
- ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability
- ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code,Execution Vulnerability
- ZDI-11-288 : Microsoft Internet Explorer Select Element Insufficient,Type Checking Remote Code Execution Vulnerability
- [ MDVSA-2011:154 ] systemtap
- [ MDVSA-2011:153 ] libxfont
- [ MDVSA-2011:152 ] ncompress
- [Announcement] ClubHack Magazine - Call for Articles
- WordPress Plugin BackWPUp 2.1.4 - Security Advisory - SOS-11-012
- DAEMON Tools IOCTL local denial-of-service vulnerability
- foofus.net Security Advisory - Toshiba eStudio Multifunction Printer Authentication Bypass
- Re: [Full-disclosure] Breaking the links: Exploiting the linker
- [ MDVSA-2011:151 ] libpng
- [ MDVSA-2011:150 ] squid
- ZDI-11-287 : Internet Explorer Select Element Cache Remote Code Execution Vulnerability
- [ GLSA 201110-12 ] Unbound: Denial of Service
- [slackware-security] httpd (SSA:2011-284-01)
- From: Slackware Security Team
- [ MDVSA-2011:149 ] cyrus-imapd
- [PTResearch] SAP DIAG Decompress plugin for Wireshark
- DC4420 - London DEFCON - October meet - Tuesday October 18th 2011
- [ GLSA 201110-11 ] Adobe Flash Player: Multiple vulnerabilities
- [ GLSA 201110-10 ] Wget: User-assisted file creation or overwrite
- [ GLSA 201110-09 ] Conky: Privilege escalation
- [ GLSA 201110-08 ] feh: Multiple vulnerabilities
- iDefense Security Advisory 10.12.11: Apple Mobile OfficeImport Framework Word Document Parsing Memory Corruption Vulnerability
- iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability
- Multiple G-WAN vulnerabilities
- Security-Assessment.com Advisory: Destination Search Admin Console Access Control Bypass
- SEC Consult SA-20111012-0 :: Client-side remote file upload & command execution in Microsoft Forefront UAG Remote Access Agent (CVE-2011-1969)
- From: SEC Consult Vulnerability Lab
- VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
- From: VMware Security Team
- Two Remote Code Execution Vulnerabilities in Internet Explorer
- APPLE-SA-2011-10-12-4 Safari 5.1.1
- From: Apple Product Security
- iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability
- APPLE-SA-2011-10-12-6 Numbers for iOS v1.5
- From: Apple Product Security
- APPLE-SA-2011-10-12-5 Pages for iOS v1.5
- From: Apple Product Security
- APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006
- From: Apple Product Security
- APPLE-SA-2011-10-12-1 iOS 5 Software Update
- From: Apple Product Security
- APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4
- From: Apple Product Security
- CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption
- From: CORE Security Technologies Advisories
- AppSec DC 2012 CFP is OPEN!
- Re: SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities
- Multiple vulnerabilities in Pretty Link WordPress Plugin
- Multiple vulnerabilities in BugFree
- LedgerSMB 1.3.0 released, includes anti-XSRF framework
- Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364)
- [ MDVSA-2011:148 ] samba
- APPLE-SA-2011-10-11-1 iTunes 10.5
- From: Apple Product Security
- [ GLSA 201110-06 ] PHP: Multiple vulnerabilities
- ZOHO ManageEngine ADSelfService Plus Administrative Access
- Related POC for JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities
- [ GLSA 201110-07 ] vsftpd: Denial of Service
- [ GLSA 201110-05 ] GnuTLS: Multiple vulnerabilities
- [ GLSA 201110-04 ]
- [ GLSA 201110-03 ]
- [security bulletin] HPSBMU02710 SSRT100601 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access
- [SECURITY] [DSA 2322-1] bugzilla security update
- [SECURITY] [DSA 2321-1] moin security update
- [ MDVSA-2011:147 ] cups
- [ MDVSA-2011:146 ] cups
- [Announcement] ClubHack Mag Issue 21- October 2011 Released
- NGS00062 Technical Advisory: Apple OSX / iPhone ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow
- [ MDVSA-2011:145 ] libxml2
- [ MDVSA-2011:131-1 ] libxml
- [ GLSA 201110-01 ] OpenSSL: Multiple vulnerabilities
- KaiBB 2.0.1 XSS and SQL Injection vulnerabilities
- openEngine 2.0 'key' Blind SQL Injection vulnerability
- [SECURITY] [DSA 2320-1] dokuwiki regression fix
- [SECURITY] [DSA 2319-1] policykit-1 security update
- [ MDVSA-2011:144 ] apache
- SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities
- Contao 2.10.1 Cross-site scripting vulnerability
- ABUS TVIP 11550/21550 Multiple vulnerabilities (and possibly other ABUS cams)
- Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM
- Medium severity flaw with Ark
- VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability
- From: VUPEN Security Research
- Secunia Research: Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability
- Secunia Research: Autonomy Keyview Ichitaro Text Parsing Buffer Overflow
- Secunia Research: Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability
- [SECURITY] [DSA 2318-1] cyrus-imapd-2.2 security update
- Active CMS 1.2.0 'mod' Cross-site Scripting Vulnerability
- [SECURITY] [DSA 2317-1] icedove security update
- [ MDVSA-2011:143 ] rpm
- [SECURITY] [DSA 2316-1] quagga security update
- Re: vTiger CRM 5.2.x <= Remote Code Execution Vulnerability
- Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2315-1] openoffice.org security update
- Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability
- vTiger CRM 5.2.x <= Blind SQL Injection Vulnerability
- From: YGN Ethical Hacker Group
- vTiger CRM 5.2.x <= Remote Code Execution Vulnerability
- From: YGN Ethical Hacker Group
- VMSA-2011-0011 VMware hosted products address remote code execution vulnerability
- From: VMware Security Team
- FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED]
- From: FreeBSD Security Advisories
- New open source Security Framework
- Multiple vulnerabilities in SonicWall
- vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities
- From: YGN Ethical Hacker Group
- [SECURITY] [DSA 2314-1] puppet security update
- Phorum 5.2.18 Cross-site scripting vulnerability
- DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal
- DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval
- Vulnerabilities in GenStat 14.1.0.5943
- Vulnerabilities in Cytel Studio 9
- Netvolution referer header SQL injection vulnerability
- SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability
- From: research@xxxxxxxxxxxxxxxxxxxxx
- [ MDVSA-2011:142 ] mozilla-thunderbird
- [ MDVSA-2011:141 ] firefox
- [ MDVSA-2011:140 ] mozilla-thunderbird
- [ MDVSA-2011:139 ] firefox
- Elastix PBX Extensions Enumeration
- [SECURITY] [DSA 2313-1] iceweasel security update
- DeepSec 2011 Conference - Final Schedule Published
- [SECURITY] [DSA 2312-1] iceape security update
- Arbitrary memory corruption in NCSS 07.1.21
- Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities
- Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities
- From: YGN Ethical Hacker Group
- [ MDVSA-2011:138 ] wireshark
- [security bulletin] HPSBUX02707 SSRT100626 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
- [ MDVSA-2011:136 ] openssl
- Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2011:137 ] openssl
- Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability
- Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco 10000 Series Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability
- iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability
- Integer overflow in Sterling Trader 7.0.2
- Vulnerabilities in EViews 7.2
- Multiple vulnerabilities in Traq
- Vulnerabilities in PcVue 10 (SCADA)
- VUPEN Security Research - Novell GroupWise "RRULE" Remote Buffer Overflow Vulnerability
- From: VUPEN Security Research
- FreeBSD Security Advisory FreeBSD-SA-11:05.unix
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-11:04.compress
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-11:03.bind
- From: FreeBSD Security Advisories
- VUPEN Security Research - Novell GroupWise "integerList" Remote Buffer Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Novell GroupWise "BYWEEKNO" Remote Memory Corruption Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Novell GroupWise "TZNAME" Remote Buffer Overflow Vulnerability
- From: VUPEN Security Research
- Barracuda Backup v2.0 - Multiple Web Vulnerabilities
- From: research@xxxxxxxxxxxxxxxxxxxxx
- European Security Services GPS v1.0 - Multiple Vulnerabilities
- From: research@xxxxxxxxxxxxxxxxxxxxx
- [SECURITY] [DSA 2311-1] openjdk-6 security update
- iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability
- Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow
- Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability
- NGS00109 Patch Notification: ImpressPages CMS Remote code execution
- openEngine 2.0 'id' Blind SQL Injection vulnerability
- [security bulletin] HPSBUX02702 SSRT100606 rev.4 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
- Re: PunBB 1.3.6 bug
- Vulnerability found in Flynax Classifieds products
- [SECURITY] CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication
- [CVE-2011-3645] Multiple vulnerability in Newgen's Omnidocs
- AdaptCMS 2.0.1 Multiple security vulnerabilities
- Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability
- From: YGN Ethical Hacker Group
- Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability
- PunBB 1.3.6 bug
- Hackito Ergo Sum 2012 dates
- TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server
- From: Trustwave Advisories
- TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation
- From: Trustwave Advisories
- Security issue is_a function in PHP 5.3.7+
- XSS Vulnerabilities in TWiki < 5.1.0
- From: Netsparker Advisories
- TLS/SSL Compatibility Report 2011
- secureURL.php design flaws
- [SECURITY] [DSA 2310-1] linux-2.6 security update
- Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)
- [ MDVSA-2011:135 ] iproute2
- [security bulletin] HPSBOV02497 SSRT090245 rev.4 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- Re: NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux
- IPv6 security presentation at Hack.lu 2011
- Trusteer Rapport and anti-keylogging
- Multiple vulnerabilities in Help Desk Software
- NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux
- Advisory: Dolphin Browser HD Cross-Application Scripting
- Advisory: Opera Mobile Cache Poisoning XAS
- NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011
- [security bulletin] HPSBMU02705 SSRT100622 rev.1 - HP Business Service Automation (BSA) Essentials, Remote Execution of Arbitrary Code
- VUPEN Security Research - Microsoft Office Excel Formula Record Heap Corruption Vulnerability
- From: VUPEN Security Research
- Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
- [SECURITY] [DSA 2305-1] vsftpd security update
- [ MDVSA-2011:130-1 ] apache
- [ MDVSA-2011:134-1 ] rsyslog
- [ MDVSA-2011:132-1 ] pidgin
- [ MDVSA-2011:133-1 ] mozilla
- Re: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- [DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose (by ERPScan)
- [DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability (by ERPScan)
- CFP for first independent international Security Conference in Russia - ZeroNights (by Defcon-Russia)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- From: ACROS Security Lists
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- From: ACROS Security Lists
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- From: Thor (Hammer of God)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- From: ACROS Security Lists
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- From: ACROS Security Lists
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
- From: Thor (Hammer of God)
- [Onapsis Security Advisory 2011-016] SAP WebAS Malicious SAP Shortcut Generation
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2011-015] SAP WebAS webrfc Cross-Site Scripting
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2011-014] SAP WebAS Remote Denial of Service
- From: Onapsis Research Labs
- Microsoft's Binary Planting Clean-Up Mission
- From: ACROS Security Lists
- XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke
- Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit
- CORE-2011-0506 - Multiples Vulnerabilities in ManageEngine ServiceDesk Plus
- From: CORE Security Technologies Advisories
- Re: Vulnerabilities in trading and SCADA softwares
- Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products
- Invitation to Register and Participate in the Entretiens Jacques Cartier (EJC) Colloquium on IT Security, Cyber Forensics and Combating Cybercrime
- From: Serguei A. Mokhov (on behalf of EJC2011SecForensics-11)
- VUPEN Security Research - Adobe Acrobat and Reader Picture Processing Stack Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Adobe Acrobat and Reader BMP Dimensions Heap Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Adobe Acrobat and Reader PCX Processing Heap Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Adobe Acrobat and Reader IFF Processing Heap Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability
- From: VUPEN Security Research
- Re: Vulnerabilities in trading and SCADA softwares
- Multiple vulnerabilities in SiT! Support Incident Tracker
- Seeker Advisory Sep11: Insecure Redirect in Microsoft SharePoint Portal
- Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service
- [SECURITY] [DSA 2309-1] openssl security update
- iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability
- iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability
- iDefense Security Advisory 09.13.11: Microsoft Excel Record Integer Signedness Vulnerability
- iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability
- Seeker Advisory Sep11: Reflected Cross Site Scripting in Microsoft SharePoint Portal
- [security bulletin] HPSBMU02703 SSRT100242 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
- Vulnerabilities in trading and SCADA softwares
- XSS vulnerability in FortiMail Messaging Security Appliance
- Advisory for MS11-035 / ZDI-11-167
- [SECURITY] [DSA 2308-1] mantis security update
- ESA-2011-018: Domain administration privilege enforcement bypass in EMC Avamar
- Multiple XSS vulnerabilities in CMS Papoo Light Version
- [NTMS 2012] Call for Papers, Istanbul- Turkey, 7 - 10 May 2012
- [Announcement] ClubHack Magazine - Call for Articles
- [SECURITY] [DSA 2304-1] squid3 security update
- [SECURITY] [DSA 2307-1] chromium-browser security update
- [SECURITY] [DSA 2306-1] ffmpeg security update
- [SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
- APPLE-SA-2011-09-09-1 Security Update 2011-005
- From: Apple Product Security
- [slackware-security] httpd (SSA:2011-252-01)
- From: Slackware Security Team
- [ MDVSA-2011:134 ] rsyslog
- CVE-2011-2731: Spring Security privilege escalation when using RunAsManager
- CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities
- CVE-2011-2732: Spring Security header injection vulnerability
- CVE-2011-2730: Spring Framework Information Disclosure
- Disassembling .NET Client Challenge
- 28C3: CFP for 28th Chaos Communication Congress
- [security bulletin] HPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
- [SECURITY] [DSA 2303-1] linux-2.6 security update
- [security bulletin] HPSBUX02702 SSRT100606 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
- Multiple XSS vulnerabilities in LightNEasy 3.2.4
- [SECURITY] [DSA 2302-1] bcfg2 security update
- [ MDVSA-2011:133 ] mozilla
- OWASP AppSec USA 2011 - Two Weeks Away
- Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- XSS in Zikula
- Embarcadero ER/Studio XE2 Server Portal Tom Sawyer's Default GET Extension Factory ActiveX Control Remote Code Execution
- Arbitrary File Upload in '1 Flash Gallery' Wordpress Plugin
- [slackware-security] mozilla-thunderbird (SSA:2011-249-02)
- From: Slackware Security Team
- [slackware-security] seamonkey (SSA:2011-249-03)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2011-249-01)
- From: Slackware Security Team
- Windows server 2008 R1 local DoS
- openvas 2.x race condition
- [ MDVSA-2011:132 ] pidgin
- [SECURITY] [DSA 2301-1] rails security update
- [SECURITY] [DSA 2300-2] nss security update
- [SECURITY] [DSA 2298-2] apache2 regression fix
- [Announcement] ClubHack Mag Issue 20- September 2011 Released
- Multiple vulnerabilities in MantisBT
- [ MDVSA-2011:131 ] libxml
- [ MDVSA-2011:130 ] apache
- Extended submission deadline for: The 6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)!
- Pranian Group e107 Cross Site Scripting Vulnerabilities
- TTW (ricetta.php?id) Remote SQL injection Vulnerability
- Abarkam (detail.php?input) Remote SQL injection Vulnerability
- MaiNick (ricetta.php?id) Remote SQL injection Vulnerability
- WSTAFF Remote SQL injection Vulnerability
- BvCom (dettaglio.php?idnews) Remote SQL injection Vulnerability
- Editel (news-dettaglio.php?id) Remote SQL injection Vulnerability
- [ MDVSA-2011:129 ] mozilla
- ZDI-11-279: (0day) Witness Systems eQuality Unify Remote Code Execution Vulnerability
- ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability
- XSS Ebuddy (responsible disclosure)
- Manifattura Web (prodotto.php?id) Remote SQL injection Vulnerability
- Loop (ricetta.php?id) Remote SQL injection Vulnerability
- Virtualismi (prodotto.php?id) Cross Site Scripting Vulnerabilities
- Vulnerabilities in BroadWin WebAccess Client 1.0.0.10
- [PT-2011-19] SQL injection vulnerability in Help Request System
- ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability
- ITTWeb Remote SQL injection Vulnerability
- KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow
- PMCMA: Post Memory Corruption Memory Analysis
- Studio Linea (prodotto.php?id) Remote SQL injection Vulnerability
- Olonet (prodotto.php?idproduct) Remote SQL injection Vulnerability
- Fulci (prodotto.php?id) Remote SQL injection Vulnerability
- Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)]
- Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)]
- Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)]
- Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)]
- Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)]
- More on IPv6 RA-Guard evasion (IPv6 security)
- Sana Net (viewpages.php?id) Remote SQL injection Vulnerability
- Secunia Research: InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities
- [security bulletin] HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code
- ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability
- XSS in Redirection wordpress plugin
- Sana Net (viewnews.php?id) Remote SQL injection Vulnerability
- Dexanet Remote SQL injection Vulnerability
- CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability
- Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability
- [SECURITY] [DSA 2200-1] nss security update
- Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger
- [SECURITY] [DSA 2299-1] ca-certificates security update
- Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs
- From: Cisco Systems Product Security Incident Response Team
- Pc Web Agency (prodotto.php?id) Remote SQL injection Vulnerability
- webyuss (prodotto.php?id) (quadri.php?id) Remote SQL injection Vulnerability
- Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- bizConsulting (prodotto.php?id) Remote SQL injection Vulnerability
- XSS in IBM Open Admin Tool
- [SECURITY] [DSA 2298-1] apache2 security update
- [SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure
- DDIVRT-2011-32 Axway SecureTransport '/icons/' Directory Traversal
- LifeSize Room Vulnerabilities
- Multimedia Creative (prodotto.php?id) Remote SQL injection Vulnerability
- Datriks Solutions (prodotto.php?id) (dettaglio_socio.php?id) Remote SQL injection Vulnerability
- Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability
- Fabio Rispoli (prodotto.php?id) Remote SQL injection Vulnerability
- JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities
- [Foreground Security 2011-001]: Casper Suite (JSS 8.1) Cross-Site Scripting
- From: Jose Carlos de Arriba
- phpWebSite (publisher) Remote SQL injection Vulnerability
- Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
- From: YGN Ethical Hacker Group
- Jcow CMS 4.2 <= | Cross Site Scripting
- From: YGN Ethical Hacker Group
- Listendifferent (prodotto.php?IDprodotto) Remote SQL injection Vulnerability
- OMNITEC (prodotto.php?id_prodotto) Remote SQL injection Vulnerability
- Web Art Studio (prodotto.php?lang) Remote SQL injection Vulnerability
- TconZERO (prodotto.php?idprodotto) Remote SQL injection Vulnerability
- Marinet Remote SQL injection Vulnerability
- Marinet Remote SQL injection Vulnerability
- Spherica Remote SQL injection Vulnerability
- Web Progetto (prodotti.php?idcategoria) Remote SQL injection Vulnerability
- Foresta Creativa (prodotti.php?idCategoria) Remote SQL injection Vulnerability
- BUZLAB (prodotti.php?idCategoria) Remote SQL injection Vulnerability
- B-Keen communication (dettaglio_news.php&id) Remote SQL injection Vulnerability
- NGS00054 Technical Advisory: : Lumension Device Control (formerly Sanctuary) remote memory corruption
- Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine
- From: Cisco Systems Product Security Incident Response Team
- ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability
- LAB GRAPHIC DESIGN (index.php?categoria_id) Remote SQL injection Vulnerability
- Data Center Foz (product_cat.php?CATEGORIA_ID) Remote SQL injection Vulnerability
- Nativedreams (Fabarth_gallery.php?categoria_id) Remote SQL injection Vulnerability
- Nafis Group (review.php?ID) Remote SQL injection Vulnerability
- [PT-2011-23] Database information disclosure in GLPI
- JagoanStore CMS Arbitary file upload vulnerability
- ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability
- SQL-Ledger patch update for SQL injection
- Cross-Site Scripting (XSS) in Microsoft ReportViewer Controls
- NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure
- Dataminas (noticias.php?categoria_id) (galeria.php?galeria_id) Remote SQL injection Vulnerability
- Simply Media Web (archivio.asp?categoria_id) Remote SQL injection Vulnerability
- Warah Agencia (productos.php?categoria_id) Remote SQL injection Vulnerability
- Alfazeta (list-prodotti.php?idcategoria) Remote SQL injection Vulnerability
- CreatiWeb Remote SQL injection Vulnerability
- ValtNet (photogallery.html?id_categoria) Remote SQL injection Vulnerability
- [slackware-security] php (SSA:2011-237-01)
- From: Slackware Security Team
- PHP 5.3.6 ZipArchive invalid use glob(3)
- [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS
- ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability
- [CVE-2011-2712] Apache Wicket XSS vulnerability
- PHP 5.3.6 multiple null pointer dereference
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- ZDI-11-274: EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability
- Security advisory: SQL Injection in LedgerSMB 1.2.24 and lower
- Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution
- [SECURITY] [DSA 2297-1] icedove security update
- ESA-2011-030: RSA, The Security Division of EMC, announces security fixes for RSA enVision
- Concrete CMS 5.4.1.1 <= Cross Site Scripting
- From: YGN Ethical Hacker Group
- Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server
- From: Cisco Systems Product Security Incident Response Team
- Grupo Argentina Web Remote SQL injection Vulnerability
- ALTOGRADO (catalogo.php?id_categoria) Remote SQL injection Vulnerability
- ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart
- ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox
- From: ACROS Security Lists
- ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird
- From: ACROS Security Lists
- Elgg 1.7.10 <= | Multiple Vulnerabilities
- From: YGN Ethical Hacker Group
- ToorCon 13 Call For Papers
- [ MDVSA-2011:128 ] dhcp
- [SECURITY] [DSA 2296-1] iceweasel security update
- ZDI-11-272: (0day) FlexNet License Server Manager Remote Code Execution Vulnerability
- [SECURITY] [DSA 2295-1] iceape security update
- Xplace Company (dettaglio.asp?id) (alloggi-dett.asp?id) (eventi.asp?id) Remote SQL injection Vulnerability
- [ MDVSA-2011:127 ] mozilla
- ZDI-11-271: Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability
- WebRising (dettaglio.asp?id) Remote SQL injection Vulnerability
- ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability
- StudioLine Photo Basic 3 ActiveX control Insecure Method
- Multiple XSS in WP-Stats-Dashboard
- XSS in Fast Secure Contact Form wordpress plugin
- ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)
- lab382 (dettaglio.php?id) Remote SQL injection Vulnerability
- ZDI-11-269: RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability
- ZDI-11-268: RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability
- ZDI-11-267: RealNetworks Realplayer MP3 ID3 tags Remote Code Execution Vulnerability
- ZDI-11-266: RealNetworks RealPlayer Advanced Audio Coding Element Remote Code Execution Vulnerability
- ZDI-11-265: RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
- ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability
- ZDI-11-263: Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability
- ZDI-11-262: Symantec Veritas Storage Foundation vxsvc.exe Unicode String Parsing Remote Code Execution Vulnerability
- ZDI-11-261: HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability
- ZDI-11-260: Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability
- ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability
- ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability
- ZDI-11-257: Apple QuickTime Player H.264 Slice Header Remote Code Execution Vulnerability
- ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability
- ZDI-11-255: Apple QuickTime Player H.264 Reference Picture List Remote Code Execution Vulnerability
- ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability
- InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability
- netplanet (dettaglio.asp?id) Remote SQL injection Vulnerability
- Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability
- ECHO Creative Company (dettaglio.php?id) Remote SQL injection Vulnerability
- dpconsulenze (dettaglio.php?id) Remote SQL injection Vulnerability
- dedacom (dettaglio.php?id) Remote SQL injection Vulnerability
- phpWebSite (userpage) Cross Site Scripting Vulnerabilities
- Malformed DHCPv6 packets cause RPC to become unresponsive
- CVE-2011-2664 Symlink Following and Second-Order Symlink Vulnerabilities in Multiple Check Point Security Management Products
- phpList Improper Access Control and Information Leakage vulnerabilities
- {Lostmon´s Group} Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid' SQL Injection
- [Annoucement] ClubHack Magazine - Call for Articles
- [ MDVSA-2011:126 ] java-1.6.0-openjdk
- Call for Papers: The 6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)!
- NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
- NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability
- The LAD Melbourne Cms Sql Injection Vulnerability
- [security bulletin] HPSBMU02695 SSRT100480 rev.2 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access, Cross Site Scripting (XSS)
- Ruxcon 2011 Final Call For Papers
- awiki 20100125 multiple local file inclusion vulnerabilities
- From: muuratsalo experimental hack lab
- SAY Comunicacion (producto.php?id) Remote SQL injection Vulnerability
- BACKEND (categoria.php?id) Remote SQL injection Vulnerability
- DoodleIT (gallery.php?id) (about.php?id) Remote SQL injection Vulnerability
- CdeVision(students.php?id) (gallery.php?cat) Remote SQL injection Vulnerability
- WebsiteBaker 2.8.1 <= Arbitrary File Upload Vulnerability
- From: YGN Ethical Hacker Group
- WebsiteBaker 2.8.1 <= Cross Site Request Forgery (CSRF) Vulnerability
- From: YGN Ethical Hacker Group
- [slackware-security] bind (SSA:2011-224-01)
- From: Slackware Security Team
- ZDI-11-253: Adobe Flash Player BitmapData.scroll Integer Overflow Remote Code Execution Vulnerability
- ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability
- INSECT Pro - Exploit EChat Server <= v2.5 20110812 - Remote Buffer Overflow Exploit
- PCVmedia (free_gallery.php?cat_id) Remote SQL injection Vulnerability
- CdeVision Cross Site Scripting Vulnerabilities
- cdeVision (index.php?page) Remote File Inclusion Vulnerability
- QOLQA (categoria.php?id) Remote SQL injection Vulnerability
- [SECURITY] [DSA 2293-1] libxfont security update
- Neox (categoria.php?id) Remote SQL injection Vulnerability
- [SECURITY] CVE-2011-2481: Apache Tomcat information disclosure vulnerability
- [SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
- Calisto light, light plus and full, Sql Injection And user or Admin bypass
- [SECURITY] [DSA 2294-1] freetype security update
- [ MDVSA-2011:125 ] foomatic-filters
- [ MDVSA-2011:124 ] phpmyadmin
- [ MDVSA-2011:123 ] squirrelmail
- [ MDVSA-2011:122 ] clamav
- VUPEN Security Research - Adobe Flash Player ActionScript FileReference Buffer Overflow (APSB11-21)
- From: VUPEN Security Research
- VUPEN Security Research - Adobe Shockwave rcsL Record Array Indexing Vulnerability (APSB11-19)
- From: VUPEN Security Research
- CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass
- [SECURITY] [DSA 2292-1] ISC DHCP security update
- SEC Consult SA-20110810-0 :: Client-side remote file upload & command execution in Check Point SSL VPN On-Demand applications - CVE-2011-1827
- From: SEC Consult Vulnerability Lab
- iDefense Security Advisory 08.09.11: Adobe Flash Player Integer Overflow
- iDefense Security Advisory 08.09.11: Adobe Flash Player ActionScript Display Memory Corruption Vulnerability
- CA20110809-01: Security Notice for CA ARCserve D2D
- [oCERT-2011-002] libavcodec insufficient boundary check
- [security bulletin] HPSBGN02696 SSRT100590 rev.1 - HP webOS Calendar Application, Remote Execution of Arbitrary Code
- SQL injection in Social Slider
- [security bulletin] HPSBGN02694 SSRT100586 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code
- Multiple XSS in eShop for Wordpress
- [security bulletin] HPSBHF02699 SSRT100592 rev.1 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure
- CfP for 4th OWASP Day Germany 2011 now open
- ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability
- ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability
- ZDI-11-249: (Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
- ZDI-11-248: Microsoft Internet Explorer 9 STYLE Object Parsing Remote Code Execution Vulnerability
- ZDI-11-247: Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability
- Fwd: {Lostmon´s Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability
- ezmlm warning
- TPTI-11-12: McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability
- [security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access
- XWeavers (page.asp?id) Remote SQL injection Vulnerability
- Synchrony Infotech (product_details.php?id) Remote SQL injection Vulnerability
- Kimia Remote SQL injection Vulnerability
- XWeavers (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities
- Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability
- EasyContent CMS (participant.php?id) Remote SQL injection Vulnerability
- IPv6 Hackers mailing-list
- SEO New York (prod.php?id) Remote SQL injection Vulnerability
- TWSL2011-008: Focus Stealing Vulnerability in Android
- From: Trustwave Advisories
- THE STUDIO (prod.php?id) Remote SQL injection Vulnerability
- Webdesigns-studio (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities
- 6House Design (product_details.php?id) Remote SQL injection Vulnerability
- Amigot Corp (story.php?id) Remote SQL injection Vulnerability
- Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials
- Liberating IT (picture.php?gid) Remote SQL injection Vulnerability
- Avant-Garde Technologies (display-section.php?id) Remote SQL injection Vulnerability
- Web Design Sydney (news-item.php?id) (news-item.php?newsid) Remote SQL injection Vulnerability
- Arte Dude (collections.php?id) (property.php?id) Remote SQL injection Vulnerability
- TPTI-11-13: McAfee SaaS myCIOScn.dll Scan Method Script Injection Remote Code Execution Vulnerability
- [security bulletin] HPSBPI02698 SSRT100404 rev.1 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code
- [SECURITY] [DSA 2291-1] squirrelmail security update
- [SECURITY] [DSA 2290-1] samba security update
- [SECURITY] [DSA 2289-1] typo3-src security update
- Sophos Antivirus Review
- Useless OpenSSH resources exhausion bug via GSSAPI
- Community Server - Stored Cross-Site Scripting in User's Signature
- From: Advisories PontoSec
- Community Server - Reflected Cross-Site Scripting -
- From: Advisories PontoSec
- Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation
- APPLE-SA-2011-08-03-1 QuickTime 7.7
- From: Apple Product Security
- ThreeDify Designer ActiveX control multiple buffer overflow vulnerabilities
- ThreeDify Designer ActiveX control Insecure Method
- Multiple XSS in HESK
- XSS in WP e-Commerce
- Cross Site Scription Vulnerability in vBulletin 4.1.3, 4.1.4 and 4.1.5
- Android Browser Cross-Application Scripting (CVE-2011-2357)
- NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write
- CFP open for ClubHack2011
- Elgg 1.7.9 <= | Multiple Cross Site Scripting Vulnerabilities
- From: YGN Ethical Hacker Group
- cgcraft llc (collections.php?id) Cross Site Scripting Vulnerabilities
- [slackware-security] libpng (SSA:2011-210-01)
- From: Slackware Security Team
- [slackware-security] samba (SSA:2011-210-03)
- From: Slackware Security Team
- [slackware-security] dhcpcd (SSA:2011-210-02)
- From: Slackware Security Team
- ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability
- n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption
- n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow
- Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability
- [security bulletin] HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion
- [security bulletin] HPSBUX02689 SSRT100494 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS)
- [security bulletin] HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon (mmd), Remote Denial of Service (DoS)
- [security bulletin] HPSBMU02693 SSRT100583 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS)
- [SECURITY] [DSA 2287-1] libpng security update
- [security bulletin] HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting (XSS) and Session Fixation Attack
- Two security issues fixed in ioQuake3 engine
- Re: [Full-disclosure] [BMSA-2009-07] Backdoor in PyForum
- Wireshark 1.6.1 Malformed IKE Packet Denial of Service
- CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability
- indiacon (selloffers.php?cid) Remote SQL injection Vulnerability
- A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability
- Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability
- Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability
- Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability
- Web Fusion Nepal (tour.php?category) XSS Vulnerability
- Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities
- Zones Web Solution (StoneDetails.php?stone) XSS Vulnerability
- Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability
- WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability
- Coherendz (products.php?cat_id) Remote SQL injection Vulnerability
- TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page)
- TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page)
- TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (notifRuleInfo$mode page)
- FootBall Cms (view_table_lig.php?group) XSS Vulnerability
- Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability
- ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
- ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability
- ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability
- ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability
- ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability
- [ MDVSA-2011:121 ] samba
- Redirection vulnerability in MBoard
- Multiple XSS in GBook PHP guestbook
- Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability
- Solutiontech (product.php?cat_id) Remote SQL injection Vulnerability
- iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability
- G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability
- [ MDVSA-2011:120 ] freetype2
- SA500 vulnerabilities - details
- Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability
- ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability
- ESA-2011-024: EMC Captiva eInput multiple vulnerabilities
- [SECURITY] [DSA 2286-1] phpmyadmin security update
- [Tool] DoS for OpenSLP (and others)
- Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials
- Hacking IPv6 Networks (slides)
- [PT-2011-05] Cross-Site Scripting in Koha Library Software
- [PT-2011-25] SQL injection vulnerabilities in Support Incident Tracker
- [PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1
- Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability
- Precision (products.php?cat_id) Remote SQL injection Vulnerability
- DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability
- Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability
- Funnel Web (pages.php?page) Remote SQL injection Vulnerability
- Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability
- Funnel Web (directory.php?cid) Remote SQL injection Vulnerability
- Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability
- Zones Web Solution (index.php?manufacturers_id) Remote SQL injection Vulnerability
- CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Disclosure and Commands Execution
- PHP-Barcode 0.3pl1 Remote Code Execution
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
