Bugtraq
[Prev Page][Next Page]
- [SECURITY] [DSA 1981-2] New maildrop packages fix regression
- [USN-893-1] Samba vulnerability
- PR09-19: Cross-Site Scripting (XSS) on CommonSpot server
- [SECURITY] [DSA 1981-1] New maildrop packages fix privilege escalation
- Firefox Observation Plugin Attack
- Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit
- [USN-891-1] lintian vulnerabilities
- [security bulletin] HPSBMA02502 SSRT090171 rev.1 - HP OpenView Storage Data Protector, Local Unauthorized Access
- [SECURITY] [DSA 1980-1] New ircd-hybrid/ircd-ratbox packages fix arbitrary code execution
- [ MDVSA-2010:028 ] kdelibs4
- PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace
- From: Cisco Systems Product Security Incident Response Team
- [USN-803-2] Dhcp vulnerability
- [SECURITY] [DSA-1979-1] New lintian packages fix multiple vulnerabilities
- [RT-SA-2010-003] Geo++(R) GNCASTER: Faulty implementation of HTTP Digest Authentication
- From: RedTeam Pentesting GmbH
- [RT-SA-2010-002] Geo++(R) GNCASTER: Insecure handling of NMEA-data
- From: RedTeam Pentesting GmbH
- [RT-SA-2010-001] Geo++(R) GNCASTER: Insecure handling of long URLs
- From: RedTeam Pentesting GmbH
- [InterN0T] ShareTronix 1.0.4 - HTML Injection Vulnerability
- [ MDVSA-2010:027 ] kdelibs4
- Re: Microsoft IE 6&7 Crash Exploit
- Re: [Full-disclosure] e107 latest download link is backdoored
- Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.
- [security bulletin] HPSBMA02502 SSRT090171 rev.1 - HP OpenView Storage Data Protector, Local Unauthorized Access
- PR09-02 Multiple Cross-Site Scripting (XSS) / Cross Domain redirects and Server path information disclosure on SAP BusinessObjects version 12
- Re: RE: Microsoft IE 6&7 Crash Exploit
- [USN-890-4] PyXML vulnerabilities
- Re: Re: e107 latest download link is backdoored
- RE: Microsoft IE 6&7 Crash Exploit
- More information on CVE-2009-3580
- Re: [Full-disclosure] e107 latest download link is backdoored
- The future of XSS attacks
- [SECURITY] [DSA 1978-1] New phpgroupware packages fix several vulnerabilities
- Netsupport gateway remote DoS
- Cross-Site Scripting vulnerability in 3D Cloud for Joomla
- Paper: Weaning the Web off of Session Cookies
- [ MDVSA-2010:026 ] openldap
- [security bulletin] HPSBMA02477 SSRT090177 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- [IBM Datapower XS40] Denial of Service
- Microsoft IE 6&7 Crash Exploit
- Re: [Full-disclosure] e107 latest download link is backdoored
- Re: [Full-disclosure] e107 latest download link is backdoored
- Re: e107 latest download link is backdoored
- Setting arbitrary Personas without user interaction in Firefox 3.6
- Secunia Research: Google Chrome Pop-Up Block Menu Handling Vulnerability
- [SECURITY] [DSA-1977-1] New python packages fix several vulnerabilities
- FWD: LedgerSMB Security Advisory: Multiple Vulnerabilities
- Security improvements of Microsoft Silverlight Build 3.0.50106.0?
- [ MDVSA-2010:025 ] php-pear-Mail
- DDIVRT-2009-27 F2L-3000 files2links SQL Injection Vulnerability
- [ MDVSA-2010:024 ] coreutils
- Re: e107 latest download link is backdoored
- Re: e107 latest download link is backdoored
- CVE-2009-3583, confirming problem and adding info
- [SECURITY] CVE-2009-2901 Apache Tomcat insecure partial deploy after failed undeploy
- Safari 4.0.4 Crash
- [SECURITY] CVE-2009-2902 Apache Tomcat unexpected file deletion in work directory
- [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration
- e107 latest download link is backdoored
- London DEFCON January meet - DC4420 - Wed 27th Jan 2010
- Abusing weak PRNGs in PHP applications
- Publique! CMS SQL Injection Vulnerabilities
- Silverstripe <= v2.3.4: two XSS vulnerabilities
- [USN-890-2] Python 2.5 vulnerabilities
- iBoutique v4.0
- Kayako SupportSuite Multiple Persistent Cross Site Scripting (Current Versions)
- [USN-890-3] Python 2.4 vulnerabilities
- [SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
- IdeaCMS v1.0 (fck) Remote Arbitrary File Upload
- FortiGuard Advisory: Microsoft Internet Explorer Remote Memory Corruption Vulnerability
- From: noreply-secresearch@xxxxxxxxxxxx
- ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability
- Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack
- ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability
- ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability
- ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability
- ZDI-10-013: Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerability
- ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability
- ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability
- ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability
- ZDI-10-004: Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability
- ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability
- [SECURITY] [DSA-1972-2] New audiofile packages fix buffer overflow
- [ MDVSA-2010:023 ] phpldapadmin
- ZDI-10-009: RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability
- [ MDVSA-2010:022 ] openssl
- eWebeditor Directory Traversal Vulnerability
- TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security Advisory - SOS-10-001
- RE: All China, All The Time
- ZDI-10-003: Novell ZENworks Asset Management docfiledownload Remote SQL Injection Vulnerability
- Insufficient User Input Validation in VP-ASP 6.50 Demo Code
- From: CodeScan Labs Advisories
- [SECURITY] [DSA-1975-1] Security Support for Debian 4.0 to be discontinued on February 15th
- [ MDVSA-2010:021 ] bind
- [UPDATE] NSOADV-2010-001: Panda Security Local Privilege Escalation
- [USN-890-1] Expat vulnerabilities
- [ MDVSA-2010:020 ] gzip
- [USN-889-1] gzip vulnerabilities
- [USN-888-1] Bind vulnerabilities
- [ MDVSA-2010:019 ] gzip
- RE: All China, All The Time
- [SECURITY] [DSA 1974-1] New gzip packages fix arbitrary code execution
- Re: All China, All The Time
- Secunia Research: HP Power Manager "formExportDataLogs" Directory Traversal
- Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Secunia Research: Adobe Shockwave Player 3D Model Buffer Overflow
- [Onapsis Security Advisory 2010-001] SAP WebAS Integrated ITS Remote Command Execution
- From: Onapsis Research Labs
- Re: Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC
- Secunia Research: Adobe Shockwave Player 3D Model Two Integer Overflows
- Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability
- vBulletin nulled (validator.php) files/directories disclosure
- [security bulletin] HPSBMA02474 SSRT090107 rev.2 - HP Power Manager, Remote Execution of Arbitrary Code
- Secunia Research: Adobe Shockwave Player Four Integer Overflow Vulnerabilities
- Secunia Research: HP Power Manager "formExportDataLogs" Buffer Overflow
- Cisco Security Advisory: Cisco IOS XR Software SSH Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 1973-1] New glibc packages fix information disclosure
- [CORELAN-10-006] BOF Vulnerability in S.O.M.P.L. Player
- [ MDVSA-2010:016 ] wireshark
- [ MDVSA-2010:018 ] phpMyAdmin
- Re: facebook 'routing flaw'?
- [security bulletin] HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
- [ MDVSA-2010:017 ] ruby
- Re: facebook 'routing flaw'?
- RE: facebook 'routing flaw'?
- [ MDVSA-2010:015 ] roundcubemail
- Blaze Apps Multiple Vulnerabilities
- ezContents CMS Multiple Vulnerabilities
- Re: All China, All The Time
- Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC
- Baidu Security Center FireFoxProxy ActiveX Remote Exec 0day POC
- Xunlei XPPlayer ActiveX Remote Exec 0day POC
- Multiple Vulnerabilities in XOOPS 2.4.3 and earlier
- From: CodeScan Labs Advisories
- Re: facebook 'routing flaw'?
- OpenOffice for Windows ".slk" File Parsing Null Pointer Vulnerability
- JBroFuzz 1.9 Fuzzer Released!
- Study of BlackBerry Proof-of-Concept Malicious Applications (Whitepaper)
- QvodPlayer ColorFilter Codec ActiveX Remote Exec
- facebook 'routing flaw'?
- Re: All China, All The Time
- 0day vulnerability Sogou input method to obtain system privileges
- [SECURITY] [DSA-1972-1] New audiofile packages fix buffer overflow
- Zenoss Multiple Admin CSRF
- [ MDVSA-2010:013 ] transmission
- [ MDVSA-2010:014 ] transmission
- [USN-886-1] Pidgin vulnerabilities
- [USN-887-1] LibThai vulnerability
- Re: All China, All The Time
- [ MDVSA-2010:011 ] mysql
- [ATHCON2010] CFP/1st Call for Papers - AthCon IT Security Conference
- From: Kyprianos Vasilopoulos
- [ MDVSA-2010:012 ] mysql
- Reminder: Campus Party EU 2010 Call For Participants
- From: Campus Party EU Spain
- AOL 9.5 ActiveX Heap Overflow Vulnerability
- GDT and LDT in Windows kernel vulnerability exploitation (paper)
- [USN-885-1] LibThai vulnerability
- Re: [Full-disclosure] Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker
- Code to mitigate IE event zero-day (CVE-2010-0249)
- [ MDVSA-2010:010 ] libthai
- Browser Fuzzer 3
- RE: All China, All The Time
- Re: [Full-disclosure] Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker
- [ MDVSA-2010:009 ] php
- [ MDVSA-2010:008 ] php
- [ MDVSA-2010:007 ] php
- [security bulletin] HPSBUX02495 SSRT090151 rev.2 - HP-UX Running sendmail, Remote Denial of Service (DoS)
- C4 SCADA Security Advisory - Rockwell Automation (Allen Bradley) Multiple Vulnerabilities in Micrologix 1100 & 1400 Series Controllers
- RE: All China, All The Time
- From: Thor (Hammer of God)
- Re: All China, All The Time
- Re: Major security risk in the unlock pattern for Android devices
- RE: Major security risk in the unlock pattern for Android devices
- VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow Vulnerability
- From: VUPEN Security Research
- Major security risk in the unlock pattern for Android devices
- rPSA-2010-0004-1 openssl openssl-scripts
- From: rPath Update Announcements
- Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker
- SEC Consult SA-20100115-0 :: Local file inclusion/execution and multiple CSRF vulnerabilities in LetoDMS (formerly MyDMS)
- [SECURITY] [DSA-1971-1] New libthai packages fix arbitrary code execution
- [USN-885-1] Transmission vulnerabilities
- [security bulletin] HPSBMA02433 SSRT090084 rev.2 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Unauthorized Access, Execution of Arbitrary Code
- [ GLSA 201001-05 ] net-snmp: Authorization bypass
- [USN-884-1] OpenSSL vulnerability
- All China, All The Time
- From: Thor (Hammer of God)
- [ GLSA 201001-07 ] Blender: Untrusted search path
- [ GLSA 201001-09 ] Ruby: Terminal Control Character Injection
- XSS Vulnerability in Drupal's Node Blocks contributed module (6.x-1.3 and 5.x-1.1)
- [ GLSA 201001-06 ] aria2: Multiple vulnerabilities
- [ GLSA 201001-04 ] VirtualBox: Multiple vulnerabilities
- Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability
- [ GLSA 201001-08 ] SquirrelMail: Multiple vulnerabilities
- [ MDVSA-2010:005 ] krb5
- RE: All China, All The Time
- From: Thor (Hammer of God)
- [ MDVSA-2010:006 ] krb5
- [SECURITY] [DSA-1970-1] New openssl packages fix denial of service
- [USN-882-1] PHP vulnerabilities
- [security bulletin] HPSBPI02500 SSRT090263 rev.1 - HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service (DoS)
- [ MDVSA-2010:004 ] bash
- [CORE-2009-1209] Google SketchUp 'lib3ds' 3DS Importer Memory Corruption
- From: CORE Security Advisories
- Yoono Firefox Extension - Privileged Code Injection
- [USN-883-1] network-manager-applet vulnerabilities
- [USN-881-1] Kerberos vulnerability
- [SECURITY] [DSA-1969-1] New krb5 packages fix denial of service
- [ MDVSA-2010:003 ] sendmail
- iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability
- Cross Site Identification (CSID) attack. Description and demonstration.
- Secunia Research: Microsoft Windows Flash Player Movie Unloading Vulnerability
- MITKRB5-SA-2009-004 [CVE-2009-4212] integer underflow in AES and RC4 decryption
- [CORELAN-10-004] TurboFTP Server 1.00.712 remote DoS
- ZDI-10-002: Oracle Secure Backup observiced.exe Remote Code Execution Vulnerability
- Invitation: nullcon Goa 2010 International Security & Hacking Conference
- HITB Ezine 'Reloaded' - Issue #001
- [ MDVSA-2010:002 ] pidgin
- [ MDVSA-2010:001 ] pidgin
- [ MDVSA-2009:241-1 ] squid
- [ MDVSA-2009:293-1 ] squidGuard
- XSS Vulnerability in Active Calendar 1.2.0
- [ MDVSA-2009:227-1 ] freeradius
- [ MDVSA-2010:000 ] firefox
- XSS vulnerabilities in 34 millions flash files
- [ MDVSA-2009:316-3 ] expat
- Cross-Site Scripting vulnerability in JVClouds3D for Joomla
- Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection
- [ MDVSA-2009:316-2 ] expat
- NSOADV-2010-001: Panda Security Local Privilege Escalation
- [SECURITY] [DSA 1968-1] New pdns-recursor packages fix potential code execution
- [CORELAN-10-001] Audiotran 1.4.1 buffer overflow
- Re: TELUS Security Labs VR - ACDSee Systems ACDSee Products XBM File Handling Buffer Overflow
- TELUS Security Labs VR - ACDSee Systems ACDSee Products XBM File Handling Buffer Overflow
- MacOS X 10.5/10.6 libc/strtod(3) buffer overflow
- [ MDVSA-2009:316-1 ] expat
- Google Chrome 3.0.195.38 | Chrome Frame - Reloading Memory Allocation based Tab Crashing
- [HACKATTACK Advisory 080110] Windows Live Messenger 2009 ActiveX DoS Vulnerability
- Secunia Research: Adobe Illustrator Encapsulated Postscript Parsing Vulnerability
- [USN-878-1] Firefox 3.5 and Xulrunner 1.9.1 regression
- [USN-877-1] Firefox 3.0 and Xulrunner 1.9 regression
- ZDI-10-001: Novell iManager eDirectory Plugin Remote Code Execution Vulnerability
- Security contact at Lexmark?
- From: Protek Research Lab
- [SECURITY] [DSA 1967-1] New transmission packages fix directory traversal
- VMSA-2010-0001 ESX Service Console updates for nss and nspr
- From: VMware Security team
- [USN-880-1] GIMP vulnerabilities
- [SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
- [ MDVSA-2009:300-2 ] apache-conf
- [ MDVSA-2009:300-1 ] apache-conf
- FreeBSD Security Advisory FreeBSD-SA-10:03.zfs
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-10:02.ntpd
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-10:01.bind
- From: FreeBSD Security Advisories
- [SECURITY] [DSA-1965-1] New phpldapadmin packages fix remote file inclusion
- HTTP Digest Integrity: Another look, in light of recent attacks
- Re: Multiple vulnerabilities in LineWeb 1.0.5
- Re: [WEB SECURITY] Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw
- [TOOL RELEASE] Microsoft SQL Server Fingerprint Too BETA-3l!!!
- Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2
- [USN-879-1] Kerberos vulnerability
- Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw
- Re: Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow
- {PRL} Novell Netware CIFS And AFP Remote Memory Consumption DoS
- From: Protek Research Lab
- [ GLSA 201001-03 ] PHP: Multiple vulnerabilities
- Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw
- [ MDVSA-2009:220-1 ] davfs
- Multiple vulnerabilities in LineWeb 1.0.5
- UPDATE: MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing
- Re: [Full-disclosure] [Tool] DeepToad 1.1.0
- Re: [Full-disclosure] [Tool] DeepToad 1.1.0
- SyScan'10 Call For Training (CFT)
- From: organiser@xxxxxxxxxx
- REWTERZ-20100103 - Ofilter Player Local Denial of Service (DoS) Vulnerability
- From: rewterz security team
- REWTERZ-20100101 - n.player Local Heap Overflow Vulnerability
- From: rewterz security team
- Re: [Full-disclosure] [Tool] DeepToad 1.1.0
- Re: Y2K10 spamassassin bug, 2010 year mails discared as spam
- Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw
- REWTERZ-20100102 - Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability
- From: rewterz security team
- Re: Y2K10 spamassassin bug, 2010 year mails discared as spam
- Y2K10 spamassassin bug, 2010 year mails discared as spam
- httpdx webserver v1.5 Remote Source Disclosure
- [ GLSA 201001-01 ] NTP: Denial of Service
- [Tool] DeepToad 1.1.0
- Java vulnerability
- [ GLSA 201001-02 ] Adobe Flash Player: Multiple vulnerabilities
- [USN-876-1] PostgreSQL vulnerabilities
- Secunia Research: PDF-XChange Viewer Content Parsing Memory Corruption Vulnerability
- WASC Announcement: WASC Threat Classification v2.0 Published
- Latest Intel Pro/10* ethernet adaptor drivers contain vulnerable MSVC runtime!
- [SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities
- [SECURITY] [DSA-1953-2] New expat packages fix regression
- [ MDVSA-2009:346 ] kde
- Re: RE: Tests about semicolon zero-day (BID 37460)
- RE: Tests about semicolon zero-day (BID 37460)
- [SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation
- RE: Tests about semicolon zero-day (BID 37460)
- Secunia Research: AproxEngine Multiple Vulnerabilities
- FreeWebshop.org: multiple vulnerabilities
- From: Akita Software Security
- [ MDVSA-2009:345 ] acl
- Tests about semicolon zero-day (BID 37460)
- [ MDVSA-2009:146-1 ] imap
- MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing
- [ MDVSA-2009:189-1 ] apache-mod_auth_mysql
- Code to mitigate IIS semicolon zero-day
- [ MDVSA-2009:344 ] perl-DBD-Pg
- [ MDVSA-2009:244-1 ] xfig
- [SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution
- Sheedravi CMS SQL Injection Vulnerability
- DBHCMS Web Content Management System v1.1.4 RFI Vulnerability
- [InterN0T] LiveZilla - XSS Vulnerability
- [SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
- [ MDVSA-2009:343 ] acpid
- [ MDVSA-2009:342 ] acpid
- Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug)
- [tools] hostmap-0.2.1 released
- [ MDVSA-2009:341 ] dstat
- [ MDVSA-2009:340 ] jpgraph
- Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03
- ClubHack2009 presentations are now online
- Vulnerability in Joomulus for Joomla
- RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python)
- XSS Vulnerability in JpGraph 3.0.6
- [SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities
- [SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning
- [ MDVSA-2009:339 ] firefox
- [ MDVSA-2009:338 ] firefox
- RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python)
- From: Barry Raveendran Greene
- Re: phpPollScript - 1.3 Remote File Include
- ClarkConnect XSS vulnerability
- [security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of
- Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03
- [ MDVSA-2009:337 ] proftpd
- SQL-Ledger – several vulnerabilities
- TLS Renegotiation Vulnerability: Proof of Concept Code (Python)
- From: RedTeam Pentesting GmbH
- pragmaMx CMS Blind SQL/XPath Injection vulnerability
- phpPollScript - 1.3 Remote File Include
- [ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities
- [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions
- [SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution
- [USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
- [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities
- SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani
- [USN-875-1] Red Hat Cluster Suite vulnerabilities
- [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability
- From: ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability
- From: ISecAuditors Security Advisories
- [ MDVSA-2009:336 ] koffice
- Re: Powered By Dvbbs Version 7.1.0 Sp1 By Pass
- TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability
- ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability
- Campus Party Eu 2010 Security Challenge - Call For Participants
- From: Campus Party EU Spain
- Rumba XML XSS vulnerability
- [Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors
- [ MDVSA-2009:335 ] ffmpeg
- SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module
- [ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability
- From: ISecAuditors Security Advisories
- VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities
- From: VUPEN Security Research
- [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability
- From: ISecAuditors Security Advisories
- Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability
- Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow
- Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows
- [ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass
- From: ISecAuditors Security Advisories
- Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow
- [ MDVSA-2009:334 ] poppler
- [security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution
- [SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities
- rPSA-2009-0161-1 hwdata kernel
- From: rPath Update Announcements
- Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- {PRL} QuickHeal antivirus 2010 Local Privilege Escalation
- From: Protek Research Lab
- [SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure
- [security bulletin] HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability
- FW: [Full-disclosure] File Access Vulnerability in Easy File Sharing Web Server
- From: Thor (Hammer of God)
- VideoCache 1.9.2 vccleaner root vulnerability
- Family Connections <= 2.1.3 Multiple Remote Vulnerabilities
- From: Salvatore Fresta aka Drosophila
- [SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising
- File Access Vulnerability in Easy File Sharing Web Server
- From: Thor (Hammer of God)
- [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities
- From: ISecAuditors Security Advisories
- [SECURITY] [DSA-1953-1] New expat packages fix denial of service
- VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues
- From: VMware Security Team
- [ MDVSA-2009:333 ] postgresql
- Trango Broadband Wireless Rogue SU Authentication Bug
- [scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability
- [BMSA-2009-08] Multiple Vulnerabilities in PyForum
- Daloradius XSS Vulnerability
- [SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities
- APC Switched Rack PDU XSS Vulnerability
- [SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable
- [SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing
- WSCreator 1.1 Blind SQL Injection
- From: Salvatore Fresta aka Drosophila
- Re: WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- [security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS)
- Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)
- [security bulletin] HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk
- Zabbix Agent : Bypass of EnableRemoteCommands=0
- DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December
- [SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities
- Monkey HTTPd improper input validation vulnerability
- From: Patroklos Argyroudis
- B2C Booking Centre Systems - SQL Injection Vulnerability
- From: Salvatore Fresta aka Drosophila
- EEGshop v1.2
- Cross-Site Scripting vulnerabilities in Invision Power Board
- Re: IPB v2.x up to 3.0.4 XSS vulnerability
- Re: E-Store SQL Injection Vulnerability
- Miniweb 2.0 Full Path Disclosure
- From: Salvatore Fresta aka Drosophila
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities
- Zabbix Server : Multiple remote vulnerabilities
- Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover
- [SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution
- [ MDVSA-2009:259-1 ] snort
- Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)
- Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)
- [ MDVSA-2009:296-1 ] gimp
- [security bulletin] HPSBMA02483 SSRT090257 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBPI02472 SSRT090196 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service
- [security bulletin] HPSBMA02425 SSRT080091 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02424 SSRT080125 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
- From: Salvatore Fresta aka Drosophila
- [security bulletin] HPSBMA02400 SSRT080144 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [ MDVSA-2009:332 ] gimp
- Re: TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)
- [USN-872-1] KDE 4 Runtime vulnerabilities
- Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities
- From: Salvatore Fresta aka Drosophila
- E-Store SQL Injection Vulnerability
- From: Salvatore Fresta aka Drosophila
- [USN-871-2] KDE 4 vulnerabilities
- [USN-871-1] KDE vulnerability
- [USN-870-1] PyGreSQL vulnerability
- [ MDVSA-2009:331 ] kdegraphics
- [ MDVSA-2009:330 ] kdelibs
- [security bulletin] HPSBMA02477 SSRT090177 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- [security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [ MDVSA-2009:329 ] kernel
- [USN-869-1] Linux kernel vulnerabilities
- [security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege
- CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
- From: CORE Security Technologies Advisories
- RE: Millions of PDF invisibly embedded with your internal disk paths
- From: Thor (Hammer of God)
- iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability
- iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability
- iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability
- CA20091208-01: Security Notice for CA Service Desk
- ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
- [ MDVSA-2009:030-1 ] amarok
- TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability
- TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
- TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability
- TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability
- TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability
- TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability
- [USN-868-1] GRUB 2 vulnerability
- TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability
- Advisory 02/2009: PHPIDS Unserialize() Vulnerability
- ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability
- ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability
- ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability
- [ MDVSA-2009:328 ] ntp
- ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability
- ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities
- [ MDVSA-2009:276-1 ] python-django
- [ MDVSA-2009:059-1 ] xchat
- [USN-867-1] Ntp vulnerability
- Zen Cart local file disclosure vulnerability
- Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability
- From: noreply-secresearch
- Advisory 03/2009: Piwik Cookie unserialize() Vulnerability
- UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821
- ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability
- ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
- ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability
- Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec
- From: noreply-secresearch
- ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability
- IPB v2.x up to 3.0.4 XSS vulnerability
- [ MDVSA-2009:046-1 ] dia
- ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability
- Notepad++ buffer overflow issue
- [security bulletin] HPSBUX02495 SSRT090151 rev.1 - HP-UX Running sendmail, Remote Denial of Service (DoS)
- ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability
- [ MDVSA-2009:091-1 ] mod_perl
- [ MDVSA-2009:038-1 ] blender
- [ MDVSA-2009:093-1 ] mpg123
- ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability
- [SECURITY] [DSA 1948-1] New ntp packages fix denial of service
- [ MDVSA-2009:126-1 ] eggdrop
- [ MDVSA-2009:099-1 ] openafs
- [ MDVSA-2009:098-1 ] krb5
- [ MDVSA-2009:327 ] clamav
- [ MDVSA-2009:133-1 ] irssi
- Re: Security Contact for Netcool at IBM?
- Applicure Technologies response
- [ MDVSA-2009:191-1 ] OpenEXR
- [security bulletin] HPSBMA02481 SSRT090113 rev.1 - HP OpenView Data Protector Application Recovery Manager, Remote Denial
- [ MDVSA-2009:251-1 ] postgresql8.2
- Security Contact for Netcool at IBM?
- From: Michael Gripenstedt
- Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow
- Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow
- [ MDVSA-2009:282-1 ] cups
- [SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting
- Mozilla Firefox JavaScript Prompt Spoofing Weakness
- [USN-866-1] gnome-screensaver vulnerability
- [ MDVSA-2009:326 ] mysql
- [ MDVSA-2009:325 ] ruby
- CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability
- From: Patroklos Argyroudis
- [ MDVSA-2009:199-1 ] subversion
- [ MDVSA-2009:256-1 ] dbus
- [ MDVSA-2009:243-2 ] freetype2
- [ MDVSA-2009:254-1 ] graphviz
- [ MDVSA-2009:324 ] php
- [ MDVSA-2009:252-1 ] perl-IO-Socket-SSL
- [ MDVSA-2008:233-1 ] libcdaudio
- [ MDVSA-2009:229-1 ] cyrus-imapd
- [USN-865-1] Bind vulnerability
- [ MDVSA-2009:322 ] mono
- PhpShop Multiple Vulnerabilities
- [ MDVSA-2009:323 ] apache
- Re: Millions of PDF invisibly embedded with your internal disk paths
- [ MDVSA-2009:234-2 ] silc-toolkit
- Re: Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla
- Re: Millions of PDF invisibly embedded with your internal disk paths
- [SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness
- [ MDVSA-2009:232-1 ] libsamplerate
- Re: Millions of PDF invisibly embedded with your internal disk paths
- [ MDVSA-2009:317 ] netpbm
- [ MDVSA-2009:219-1 ] kompozer
- [ MDVSA-2009:260-1 ] imagemagick
- [ MDVSA-2009:215-1 ] audacity
- [ MDVSA-2009:272-1 ] libmikmod
- [ MDVSA-2009:321 ] pidgin
- [ MDVSA-2009:316 ] expat
- [ MDVSA-2009:284-1 ] gd
- [ MDVSA-2009:320 ] samba
- [ MDVSA-2009:231-1 ] htmldoc
- [ MDVSA-2009:307-1 ] libtool
- [ MDVSA-2009:319 ] xine-lib
- [ MDVSA-2009:318 ] xmlsec1
- [ MDVSA-2009:249-1 ] newt
- [ MDVSA-2009:297-1 ] ffmpeg
- [ MDVSA-2009:128-1 ] libmodplug
- RE: Millions of PDF invisibly embedded with your internal disk paths
- [ MDVSA-2009:201-1 ] fetchmail
- [ MDVSA-2009:314 ] apr
- [ MDVSA-2009:224-1 ] postfix
- [ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good
- [ MDVSA-2009:200-1 ] libxml
- [ MDVSA-2009:213-1 ] wxgtk
- [ MDVSA-2009:292-1 ] wireshark
- [ MDVSA-2009:218-1 ] w3c-libwww
- [ MDVSA-2009:206-1 ] wget
- [ MDVSA-2009:223-1 ] xerces-c
- [ MDVSA-2009:312 ] dhcp
- [ MDVSA-2009:211-1 ] expat
- [ MDVSA-2009:315 ] libneon
- [ MDVSA-2009:212-1 ] python
- [ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib
- [ MDVSA-2009:287-1 ] xpdf
- [ MDVSA-2009:311 ] ghostscript
- Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability
- [ MDVSA-2009:142-1 ] jasper
- PHP 5.3.1 open_basedir bypass
- [ MDVSA-2009:158-3 ] pango
- [ MDVSA-2009:208-1 ] libgadu
- [InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability
- [ MDVSA-2009:203-1 ] curl
- [ MDVSA-2009:169-1 ] libtiff
- [ MDVSA-2009:290-1 ] firefox
- Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection
- [ MDVSA-2009:313-1 ] bind
- RE: Millions of PDF invisibly embedded with your internal disk paths
- From: Thor (Hammer of God)
- [ MDVSA-2009:132-1 ] libsndfile
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl [REVISED]
- From: FreeBSD Security Advisories
- [ MDVSA-2009:308 ] gnutls
- [ MDVSA-2009:310 ] openssl
- CORE-2009-0911: DAZ Studio Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- [USN-863-1] QEMU vulnerability
- [ MDVSA-2009:113-1 ] cyrus-sasl
- [ MDVSA-2009:309 ] ntp
- U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821
- [ MDVSA-2009:103-1 ] udev
- [ MDVSA-2009:112-1 ] ipsec-tools
- [ MDVSA-2009:108-1 ] zsh
- [ MDVSA-2009:106-1 ] libwmf
- [ MDVSA-2009:107-1 ] acpid
- [ MDVSA-2009:197-3 ] nss
- [ MDVSA-2009:217-3 ] mozilla-thunderbird
- [SECURITY] [DSA 1945-1] New gforge packages fix denial of service
- [SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability
- FreeBSD Security Advisory FreeBSD-SA-09:17.freebsd-update
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:16.rtld
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl
- From: FreeBSD Security Advisories
- Re: Millions of PDF invisibly embedded with your internal disk paths
- Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit
- [ MDVSA-2009:121-1 ] lcms
- [SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness
- Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil
- Re: ** FreeBSD local r00t zeroday
- Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow
- Re: ** FreeBSD local r00t zeroday
- Same-origin policy bypass vulnerabilities in several VPN products reported
- [ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities
- Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management
- 40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)
- Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability
- Re: [rejected] Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others
- AST-2009-010: RTP Remote Crash Vulnerability
- From: Asterisk Security Team
- Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities
- Upcoming FreeBSD Security Advisory
- From: FreeBSD Security Officer
- Re: [Full-disclosure] ** FreeBSD local r00t zeroday
- ** FreeBSD local r00t zeroday
- [oCERT-2009-017] PHP multiple issues
- WinAppDbg 1.3 is out!
- From: Mario Alejandro Vilas Jerez
- Re: [Full-disclosure] ** FreeBSD local r00t zeroday
- [ MDVSA-2009:305 ] php
- [SECURITY] [DSA 1942-1] New wireshark packages fix several vulnerabilities
- Eshopbuilde CMS SQL Injection Vulnerability
- [ MDVSA-2009:304 ] bind
- Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others
- [ GLSA 200911-06 ] PEAR Net_Traceroute: Command injection
- [ MDVSA-2009:304 ] php
- TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)
- Announce: RFIDIOt-1.0a released - November 2009
- Windows packages for BIND9 contain vulnerable MSVC runtime components
- Eureka Mail Client Remote Buffer Overflow Exploit XP SP3 English Egghunter Edition
- [ MDVSA-2009:306 ] dovecot
- Xxasp v3.3.2 Sql injection
- [USN-862-1] PHP vulnerabilities
- Remote Command Execution in dotDefender Site Management
- [BMSA-2009-07] Backdoor in PyForum
- [ MDVSA-2009:303 ] php
- Some more details on IE STYLE zero-day
- Cacti 0.8.7e: Multiple security issues
- [security bulletin] HPSBUX02482 SSRT090249 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of
- [SECURITY] [DSA 1941-1] New poppler packages fix several vulnerabilities
- [SECURITY] [DSA-1940-1] New php5 packages fix several issues
- [ GLSA 200911-05 ] Wireshark: Multiple vulnerabilities
- [resent] [ GLSA 200911-04 ] dstat: Untrusted search path
- [ GLSA 200911-03 ] UW IMAP toolkit: Multiple vulnerabilities
- Re: Millions of PDF invisibly embedded with your internal disk paths
- rPSA-2009-0156-1 sun-jdk sun-jre
- From: rPath Update Announcements
- rPSA-2009-0155-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2009-0154-1 httpd mod_ssl
- From: rPath Update Announcements
- [SECURITY] [DSA 1939-1] New libvorbis packages fix several vulnerabilities
- Vulnerabilities in WP-Cumulus for WordPress
- [security bulletin] HPSBMA02417 SSRT090031 rev.2 - HP Data Protector Express and HP Data Protector Express Single Server
- [USN-861-1] libvorbis vulnerabilities
- New Paper: MitM Attacks against the chipTAN comfort Online Banking System
- From: RedTeam Pentesting GmbH
- Executing arbitrary PHP code on OpenX <= 2.8.1
- XM Easy Personal FTP Server Remote DoS Vulnerability
- TYPSoft FTP Server 'APPE' and 'DELE' Commands Remote DoS Vulnerabilities
- RE: Millions of PDF invisibly embedded with your internal disk paths
- From: Thor (Hammer of God)
- CORE-2009-0910: Autodesk Maya Script Nodes Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- CORE-2009-0909: Autodesk 3DS Max Application Callbacks Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- CORE-2009-0908: Autodesk SoftImage Scene TOC Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- Millions of PDF invisibly embedded with your internal disk paths
- [ MDVSA-2009:301 ] kernel
- Code to mitigate IE STYLE zero-day
- [ MDVSA-2009:302 ] php
- [SECURITY] [DSA 1938-1] New php-mail packages fix insufficient input sanitising
- [Bkis-13-2009] e107 Multiple Vulnerabilities
- Vulnerabilities in plugins for WordPress
- [SECURITY] [DSA 1937-1] New gforge packages fix cross-site scripting
- ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
- VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
- From: VMware Security Team
- IE7
- K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)
- [security bulletin] HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access
- PHP "multipart/form-data" denial of service
- Firefox 3.5.3 Remote Array Overrun (UPDATE)
- KDE KDELibs 4.3.3 Remote Array Overrun (Arbitrary code execution)
- SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)
- Opera 10.01 Remote Array Overrun (Arbitrary code execution)
- NSA Iraqi Computer Attacks And U.S. Defense
- AssetsSoSimple supplier_admin.php Supplier Field XSS
- Auto Manager admin.cgi Multiple Field XSS
- [security bulletin] HPSBMA02477 SSRT090177 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- [security bulletin] HPSBPI02472 SSRT090196 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service
- [USN-860-1] Apache vulnerabilities
- CORE-2009-1027: IBM SolidDB invalid error code vulnerability
- From: CORE Security Technologies Advisories
- Announcement: Critical Internet Infrastructure WG is now open to public participation
- Secunia Research: RhinoSoft Serv-U TEA Decoding Buffer Overflow
- [security bulletin] HPSBMI02473 SSRT080138 rev.1 - Cisco Catalyst Blade Switch 3020/3120, Remote Denial of Service (DoS)
- TLS / SSLv3 vulnerability explained (DRAFT)
- DEFCON London - DC4420 - NO MEETING this Thursday! 19th November 2009
- [security bulletin] HPSBUX02409 SSRT080171 rev.2 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege
- [ GLSA 200911-02 ] Sun JDK/JRE: Multiple vulnerabilites
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
