Bugtraq
[Prev Page][Next Page]
- SAP NetWeaver XSS Vulnerability
- JetAudio Basic 7.0.3 BufferOverFlow PoC
- CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)
- OpenX 2.6.3 - Local File Inclusion
- Secunia Research: OpenX Multiple Vulnerabilities
- [USN-712-1] Vim vulnerabilities
- ACROS Security: HTML Injection in BEA (Oracle) WebLogic Server Console (ASPR #2009-01-27-1)
- NewsCMSlite Insecure Cookie Handling
- Re: FUD Forum < 2.7.1 PHP code injection vurnelability
- [USN-711-1] KTorrent vulnerabilities
- [USN-710-1] xine-lib vulnerabilities
- [SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution
- [SECURITY] [DSA 1710-1] New ganglia-monitor-core packages fix remote code execution
- WB News v2.0.X Remote File include ..
- Re: Oblog XSS valnerability
- CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
- Re: munky-bliki lfi
- From: security curmudgeon
- [ MDVSA-2009:027 ] cups
- EleCard MPEG PLAYER (.m3u file) Local Stack Overflow Exploit
- Benchmarking attacks and major security weakness on all recent Windows versions up to Windows 200
- Browse3d (.sfs file) Local Stack Overflow Exploit
- Re: [Full-disclosure] ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
- Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
- From: security curmudgeon
- MediaMonkey 3.0.6 (.m3u file) Local Buffer Overflow PoC
- /bin/login DoS remains after DSA-1709
- Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit
- LDF Sql injection vulnerability
- SonyEricsson WAP Push Denial of Service
- From: Mobile Security Lab
- Lootan(kedor) Sql Injection vulnerability
- [HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS
- Browser3D 3.5 (.sfs File) Local Stack Overflow Exploit (c)
- From: maroc-anti-connexion
- VUplayer (.wax file) local buffer overflow crash exploit
- Problems with syscall filtering technologies on Linux
- ZDI-09-009: EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability
- Oblog XSS valnerability
- [ MDVSA-2009:026 ] phpMyAdmin
- BBSxp Xss vulnerability
- Secunia Research: AXIS Camera Control "image_pan_tilt" Property Buffer Overflow
- PHP-Nuke 8.0 Downloads Blind Sql Injection
- [ MDVSA-2009:025 ] pidgin
- [TKADV2009-003] GStreamer Heap Overflow and Array Index out of Bounds Vulnerabilities
- ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
- [ MDVSA-2009:021 ] php
- [ MDVSA-2009:023 ] php
- VUPlayer 2.49 .ASX local universal BOF exploit
- From: maroc-anti-connexion
- [ GLSA 200901-15 ] Net-SNMP: Denial of Service
- ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability
- [ MDVSA-2009:022 ] php
- Asp-project Cookie Handling
- ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability
- ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability
- [ MDVSA-2009:020 ] xine-lib
- [ MDVSA-2009:024 ] php4
- Digital Security opens a site of its research center DSec Research Group
- From: Digital Security Research Group
- [IMF 2009] Call for Papers
- [ GLSA 200901-14 ] Scilab: Insecure temporary file usage
- Re: [Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server
- Joomla component beamospetition 1.0.12 Sql Injection
- Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability`
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Security Manager Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [DSECRG-09-004] AXIS 70U Network Document Server - Privilege Escalation and XSS
- From: Digital Security Research Group
- CfP: 16th ACM Conference on Computer and Communications Security (CCS) 2009
- From: Christopher Kruegel
- [SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation
- [SECURITY] [DSA 1693-2] New phppgadmin packages fix regression
- rPSA-2009-0014-1 hplip
- From: rPath Update Announcements
- [ GLSA 200901-13 ] Pidgin: Multiple vulnerabilities
- rPSA-2009-0008-1 openssl
- From: rPath Update Announcements
- rPSA-2009-0010-1 ntp ntp-utils
- From: rPath Update Announcements
- rPSA-2009-0009-1 bind bind-utils
- From: rPath Update Announcements
- rPSA-2009-0011-1 perl
- From: rPath Update Announcements
- Videos from HITBSecConf2008 - Malaysia released!
- Secunia Research: OpenSG Radiance RGBE Buffer Overflow Vulnerability
- Re: Remote Cisco IOS FTP exploit
- From: security curmudgeon
- Microsoft Bluetooth Stack OBEX Directory Traversal
- [security bulletin] HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- Secunia Research: Trend Micro Network Security Component Vulnerabilities
- Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server
- MoinMoin Wiki Engine XSS Vulnerability
- Re: Remote Cisco IOS FTP exploit
- [ANNOUNCE] Apache Jackrabbit 1.5.2 released
- Cybershade CMS Remote File include vulnerability
- Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow
- [SECURITY] [DSA 1708-1] New Git packages fix remote code execution
- [ MDVSA-2009:019 ] imlib2
- Web Hacking Incidents update for Jan 19th
- Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability
- [ GLSA 200901-12 ] noip-updater: Execution of arbitrary code
- [Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow.
- Ralinktech wireless cards drivers vulnerability
- 53KF Web IM 2009 Cross-Site Scripting Vulnerabilities
- [ MDVSA-2009:018 ] tomcat5
- FBI XSS Vulnerability
- Sagem router f@st 2404 remote reset poc
- Excel Viewer OCX 3.1/3.2 Denial of Service PoC
- [ MDVSA-2009:017 ] kdebase
- [ MDVSA-2009:016 ] xen
- Announce: RSBAC 1.4.0 released
- Active Bids
- [ MDVSA-2009:013 ] mplayer
- DMXReady Blog Manager (SQL/XSS)
- [ MDVSA-2009:015 ] ffmpeg
- [ MDVSA-2009:014 ] mplayer
- Syslserve 1.058 Denial of Service Vulnerability
- [USN-700-2] Perl regression
- [SECURITY] [DSA 1706-1] New amarok packages fix arbitrary code execution
- [ MDVSA-2009:012 ] mozilla-thunderbird
- [SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities
- [USN-709-1] tar vulnerability
- [SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution
- [waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1
- [TZO-2009-2] Avira Antivir - Priviledge escalation
- Errata: [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference
- ANNOUNCE: apache_1.3.41+ssl_1.60 released
- Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability
- From: noreply-secresearch@xxxxxxxxxxxx
- Oracle Secure Backup's observiced.exe Denial Of Service vulnerability
- From: noreply-secresearch@xxxxxxxxxxxx
- Oracle Secure Backup Multiple Denial Of Service vulnerabilities
- From: noreply-secresearch@xxxxxxxxxxxx
- Re: iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability
- From: security curmudgeon
- [ MDVSA-2009:011 ] virtualbox
- Re: Assurent VR - Oracle BEA WebLogic Server Apache Connector Buffer Overflow
- From: security curmudgeon
- Windows NTP Time Server Syslog Monitor 1.0.000 Denial of Service Vulnerability
- TFTPUtil GUI TFTP Server Denial of Service Vulnerability
- TFTPUtil GUI TFTP Directory Traversal
- [ GLSA 200901-11 ] Avahi: Denial of Service
- [ GLSA 200901-10 ] GnuTLS: Certificate validation error
- Oracle TimesTen Remote Format String
- Oracle Secure Backup 10g Remote Code Execution
- ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability
- ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability
- [SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities
- [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference
- OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit
- Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Call for Papers: Cyber Warfare
- [ MDVSA-2009:010 ] qemu
- Cisco Security Advisory: Cisco ONS Platform Crafted Packet Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2009:009 ] kvm
- Oracle CPU Jan 2009 Advisories.
- Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2009:008 ] qemu
- DoS code for Cisco VLAN Trunking Protocol Vulnerability
- PR08-19: XSS on Cisco IOS HTTP Server
- From: ProCheckUp Research
- RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability
- From: Paul Oxman (poxman)
- WowWee Rovio - Insufficient Access Controls - Covert Audio/Video Snooping Possible
- [ MDVSA-2009:007 ] ntp
- Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability
- phpList <= 2.10.8 Local File inclusion
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability
- Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability
- iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-09:04.bind
- From: FreeBSD Security Advisories
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'bitmaps' Heap Overflow Vulnerability
- [USN-708-1] HPLIP vulnerability
- rPSA-2009-0007-1 pam_krb5
- From: rPath Update Announcements
- rPSA-2009-0005-1 git gitweb
- From: rPath Update Announcements
- ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability
- ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'symWidths' Heap Overflow Vulnerability
- rPSA-2009-0006-1 samba samba-client samba-server samba-swat
- From: rPath Update Announcements
- ANNOUNCE: DEFCON London - DC4420 - January meet - Thursday 15th Jan 2009
- [ MDVSA-2009:006 ] openoffice.org
- [ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities
- [ GLSA 200901-09 ] Adobe Reader: User-assisted execution of arbitrary code
- PDFBuilderX 2.2 Arbitrary File Overwrite
- Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities
- [SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness
- [SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness
- [TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability
- [ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities
- [SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness
- Hack Aethra SV 1042 Adsl/Voip Router
- [TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities
- [security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- Visuplay CMS SQL injection vulnerability
- SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei
- From: organiser@xxxxxxxxxx
- [ MDVSA-2009:005 ] xterm
- [SECURITY] [DSA 1700-1] New lasso packages fix validation bypass
- [ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code
- [BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below
- PHP Buffer Overflow(popen)
- RE: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (Oracle CPU April 2008 DB11)
- [USN-707-1] CUPS vulnerabilities
- [ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities
- [SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation
- [ GLSA 200901-04 ] D-Bus: Denial of Service
- [ GLSA 200901-03 ] pdnsd: Denial of Service and cache poisoning
- Comersus Shopping Cart <= v6 Remote User Pass Exploit
- [ GLSA 200901-02 ] JHead: Multiple vulnerabilities
- [ GLSA 200901-01 ] NDISwrapper: Arbitrary remote code execution
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)
- From: security curmudgeon
- [ MDVSA-2009:002 ] bind
- [ MDVSA-2009:004 ] pam_mount
- [ MDVSA-2009:003 ] python
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Java Runtime UTF-8 Decoder Smuggling Vector
- From: William A. Rowe, Jr.
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting
- ShakaCon 2009 Call for Papers and Trainers
- [SECURITY] [DSA 1698-1] New gforge packages fix SQL injection
- [USN-706-1] Bind vulnerability
- AST-2009-001: Information leak in IAX2 authentication
- From: Asterisk Security Team
- [USN-705-1] NTP vulnerability
- Re: [IBM Datapower XS40] Denial of Service
- LayerOne 2009 Call for Papers
- From: LayerOne Call For Papers
- CORE-2008-1128: Openfire multiple vulnerabilities
- From: CORE Security Technologies Advisories
- [IBM Datapower XS40] Denial of Service
- PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability
- [USN-704-1] OpenSSL vulnerability
- Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF
- CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities
- [SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting
- PHP-Fusion Mod E-Cart Sql Injection
- [USN-701-1] Thunderbird vulnerabilities
- Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow
- Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- PHP-Fusion Mod Members Bewerb Sql Injection
- [USN-701-2] Thunderbird vulnerabilities
- Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities
- CFP: COLSEC 2009
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting
- [oCERT-2008-016] Multiple OpenSSL signature verification API misuses
- VUPLAYER BufferOver flow POC
- New WHID web hacking incidents
- [SECURITY] [DSA 1694-2] New xterm packages fix regression
- [USN-703-1] xterm vulnerability
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF
- [USN-702-1] Samba vulnerability
- Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- MSFXDC Metasploit eXploits Development Contest
- php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009
- Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability.
- Destiny Media Player 1.61 (.lst File) Local Stack Overflow Exploit
- SolucionWeb (main.php?id_area) Remote SQL injection Vulnerability
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- Call for papers and trainers - SeacureIT 2009
- PollPro 3.0 XSRF VuLn.
- Top 5-ish Threats to Watch for in 2009
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- [SECURITY] [DSA 1695-1] New Ruby packages fix denial of service
- [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution
- A tool to identify the MD5 certs on FF
- Re: apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎
- Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- CFP uCon Security Conference 2009 - Recife, Brazil
- From: uCon Security Conference
- apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎
- Re: php-nuke 8.0 module sections artid blind sql inj vuln.
- MD5 Considered Harmful Today: Creating a rogue CA certificate
- Re: MagpieRSS XSS 0day
- php-nuke 8.0 module sections artid blind sql inj vuln.
- Megacubo 5.0.7 (mega://) remote eval() injection exploit
- reliable IOS exploitation
- [SECURITY] [DSA 1693-1] New phppgadmin packages fix several vulnerabilities
- Mavi Emlak Sql Injection
- Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC
- [ MDVSA-2008:246 ] kernel
- MagpieRSS XSS 0day
- Madrese-Portal Sql Injection
- ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities
- MSN messenger sends IP addresses Public and Private
- hm? new vulnerabilities? wav windows media
- [SECURITY] [DSA 1692-1] New php-xajax packages fix cross-site scripting
- Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit
- From: hadihadi_zedehal_2006
- ClubHack2008 presentations are now online
- PHP-Fusion Mod TI - Blog System Sql Injection
- Castlecops security site closed for good
- joomla com_lowcosthotels sql injection
- Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC
- From: Already-sended-information-to-security-focus
- MS Windows Media Player * (.WAV) Remote Integrer Overflow
- Google Chrome Browser (ChromeHTML://) remote parameter injection POC
- FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd
- From: FreeBSD Security Advisories
- PGP Desktop 9.0.6 Denial Of Service - ZeroDay
- [ GLSA 200812-21 ] ClamAV: Multiple vulnerabilities
- [ GLSA 200812-24 ] VLC: Multiple vulnerabilities
- [ GLSA 200812-22 ] Ampache: Insecure temporary file usage
- [USN-698-3] Nagios vulnerabilities
- FRHACK Registration open (Christmas offer)
- Personal Sticky Threads v1.0.3c vbulletin Add-on problem
- [ GLSA 200812-23 ] Imlib2: User-assisted execution of arbitrary code
- [SECURITY] [DSA 1688-2] New courier-authlib packages fix regression
- [USN-700-1] Perl vulnerabilities
- [security bulletin] HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078
- [USN-677-2] OpenOffice.org Internationalization update
- DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832
- From: VulnerabilityResearch
- Re: rPSA-2008-0341-1 dovecot
- FreeBSD Security Advisory FreeBSD-SA-08:13.protosw
- From: FreeBSD Security Advisories
- [ISecAuditors Security Advisories] PSI remote integer overflow DoS
- From: ISecAuditors Security Advisories
- [ MDVA-2008:241 ] mailscanner
- CORE-2008-1210: Qemu and KVM VNC server remote DoS
- From: CORE Security Technologies Advisories
- [ GLSA 200812-20 ] phpCollab: Multiple vulnerabilities
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass
- rPSA-2008-0341-1 dovecot
- From: rPath Update Announcements
- [ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+
- From: ISecAuditors Security Advisories
- [SECURITY] [DSA 1690-1] New avahi packages fix denial of service
- [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS
- From: ISecAuditors Security Advisories
- [SECURITY] [DSA 1689-1] New proftpd-dfsg packages fix Cross-Site Request Forgery
- Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution
- CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit
- From: writ3r-dont-want-bugtraq-spam-
- [USN-697-1] Imlib2 vulnerability
- FreeSSHd Multiple Remote Stack Overflow Vulnerabilities
- From: writ3r-dont-want-bugtraq-spam-
- POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection)
- From: Jacobo Avariento Gimeno
- [SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities
- [UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting by default
- From: Ubuntu Privacy Remix Team
- [USN-698-2] Nagios3 vulnerabilities
- [USN-699-1] Blender vulnerabilities
- Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability
- [SECURITY] [DSA 1678-2] New perl packages fix regression
- [USN-698-1] Nagios vulnerability
- Re: chicomas <=2.0.4 Multiple Vulnerabilities
- From: security curmudgeon
- chicomas <=2.0.4 Multiple Vulnerabilities
- [SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection
- [ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities
- rPSA-2008-0338-1 cups
- From: rPath Update Announcements
- PHP APC vulnerable to local attacks
- HTC Touch vCard over IP Denial of Service
- From: Mobile Security Lab
- [security bulletin] HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077
- SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions remote command injection vulnerability
- Re: CONFidence 2009, CFP
- From: Dominik 'Rathann' Mierzejewski
- [USN-696-1] Avahi vulnerabilities
- CONFidence 2009, CFP
- EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability
- [ MDVSA-2008:245 ] firefox
- php python extension safe_mode bypass
- [USN-695-1] shadow vulnerability
- Firefox cross-domain text theft (CESA-2008-011)
- [USN-694-1] libvirt vulnerability
- [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Update 2
- [USN-690-3] Firefox vulnerabilities
- Re: Joomla: Session hijacking vulnerability, CVE-2008-4122
- [USN-690-2] Firefox vulnerabilities
- [TKADV2008-015] Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer dereference
- [USN-693-1] LittleCMS vulnerability
- [USN-692-1] Gadu vulnerability
- [USN-690-1] Firefox and xulrunner vulnerabilities
- [ MDVSA-2008:244 ] mozilla-firefox
- Network Security Scanner OpenVAS 2.0.0 Released
- n.runs-SA-2008.010 - Opera HTML parsing Code Execution
- RE: [Full-disclosure] ZDI-08-088: Oracle E-Business Suite Self-Service Web Applications SQL Injection Vulnerability
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass
- [ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code
- Joomla: Session hijacking vulnerability, CVE-2008-4122
- CVE-2008-0971 - Barracuda Networks products Multiple Cross-Site Scripting Vulnerabilities
- CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability
- ZDI-08-088: Oracle E-Business Suite Business Intelligence SQL Injection Vulnerability
- [ GLSA 200812-17 ] Ruby: Multiple vulnerabilities
- Re: ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc
- [ MDVSA-2008:243 ] enscript
- [USN-691-1] Ruby vulnerability
- Re: Moodle 1.9.3 Remote Code Execution
- Re: Re: Moodle 1.9.3 Remote Code Execution
- [SECURITY] [DSA 1687-1] New Linux 2.6.18 packages fix several vulnerabilities
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- [ MDVSA-2008:242 ] wireshark
- Fwd: TmaxSoft JEUS Alternate Data Streams Vulnerability
- TmaxSoft JEUS Alternate Data Streams Vulnerability
- Re: Moodle 1.9.3 Remote Code Execution
- phpList vulnerability
- Multiple XSS Vulnerabilities in World Recipe 2.11
- Re: Moodle 1.9.3 Remote Code Execution
- [TKADV2008-014] MPlayer TwinVQ Processing Stack Buffer Overflow Vulnerability
- CFAGCMS Remote File Inclusion
- [ GLSA 200812-16 ] Dovecot: Multiple vulnerabilities
- [ GLSA 200812-15 ] POV-Ray: User-assisted execution of arbitrary code
- [SECURITY] [DSA 1686-1] New no-ip packages fix arbitrary code execution
- [ GLSA 200812-14 ] aview: Insecure temporary file usage
- [ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities
- [ GLSA 200812-12 ] Honeyd: Insecure temporary file creation
- Moodle 1.9.3 Remote Code Execution
- [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities
- Nokia N70/N73 Bluetooth Stack OBEX Implementation Denial of Service
- rPSA-2008-0336-1 tshark wireshark
- From: rPath Update Announcements
- ASP-CMS v.1.0 Sql Injection/Database Disclosure
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Aspect9: Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- From: Sebastian Gottschall (DD-WRT)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- From: Sebastian Gottschall (DD-WRT)
- Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability
- Re[2]: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- From: Vladimir '3APA3A' Dubrovin
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- facto Database Disclosure
- Meta Cart Free Database Disclosure
- aspProductCatalog Sql Injection
- Black Hat: New Webinar, Japan audio now on-line.
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- AST-2008-012: Remote crash vulnerability in IAX2
- From: Asterisk Security Team
- Browser Security Handbook
- [ GLSA 200812-11 ] CUPS: Multiple vulnerabilities
- CA ARCserve Backup LDBserver Vulnerability
- [ MDVSA-2008:240 ] vinagre
- Max's Guestbook (XSS) Remote Vulnerability
- iDefense Security Advisory 12.10.08: Microsoft Excel Malformed Object Memoy Corruption Vulnerability
- [ GLSA 200812-10 ] Archive::Tar: Directory traversal vulnerability
- [ GLSA 200812-09 ] OpenSC: Insufficient protection of smart card PIN
- [security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS)
- CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability
- From: CORE Security Technologies Advisories
- Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass
- From: iViZ Security Advisories
- [IVIZ-08-015] Sophos Antivirus for Linux vulnerability
- From: iViZ Security Advisories
- [IVIZ-08-014] AVG antivirus for Linux vulnerability
- From: iViZ Security Advisories
- [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities
- From: iViZ Security Advisories
- [IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities
- From: iViZ Security Advisories
- [IVIZ-08-011] ClamAV lzh unpacking segmentation fault
- From: iViZ Security Advisories
- [SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities
- [USN-678-2] GnuTLS regression
- [USN-689-1] Vinagre vulnerability
- ISOI 6, Dallas, TX - January 29, 30
- Insomnia : ISVA-081209.1 - IE Webdav Request Parsing Heap Corruption Vulnerability
- ZDI-08-087: Microsoft Internet Explorer Webdav Request Parsing Heap Corruption Vulnerability
- ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability
- ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow Vulnerability
- ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability
- ZDI-08-083: Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability
- Secunia Research: Microsoft Hierarchical FlexGrid Control Integer Overflows
- iDefense Security Advisory 12.09.08: Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability
- iDefense Security Advisory 12.09.08: Microsoft Internet Explorer 5.01 EMBED tag Long File Name Extension Stack Buffer Overflow Vulnerability (iDefense Exclusive)
- CORE-2008-1127 - Vinagre show_error() format string vulnerability
- From: CORE Security Technologies Advisories
- Secunia Research: Microsoft Excel NAME Record Array Indexing Vulnerability
- Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow
- Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-
- Re: DoS attacks on MIME-capable software via complex MIME emails
- From: Vladimir '3APA3A' Dubrovin
- rPSA-2008-0332-1 kernel
- From: rPath Update Announcements
- SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability
- PHP safe_mode can be bypassed via proc_open() and custom environment.
- [ MDVSA-2008:236-1 ] vim
- DoS attacks on MIME-capable software via complex MIME emails
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- Multiple XSRF in DD-WRT (Remote Root Command Execution)
- From: th3 . r00k . ieatpork
- ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability
- DoS Vulnerability in Aruba Mobility Controller Caused by Malformed EAP Frame (Aruba Advisory ID: AID-12808)
- From: Robbie (Rupinder) Gill
- [security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS)
- [SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution
- Neostrada Livebox Remote Network Down PoC Exploit
- [security bulletin] HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on Windows, Remote Denial of Service (DoS)
- Re: RadAsm <=2.2.1.5 Local Command Execution
- [SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- From: Maksymilian Arciemowicz
- [DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x
- From: Digital Security Research Group [DSecRG]
- [DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x
- From: Digital Security Research Group [DSecRG]
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- RadAsm <=2.2.1.5 Local Command Execution
- XSS in PHPepperShop v 1.4
- From: th3 . r00k . ieatpork
- Two XSS Flaws in PrestaShop 1.1.0.3
- From: th3 . r00k . ieatpork
- [SECURITY] [DSA 1682-1] New squirrelmail packages fix cross site scripting
- SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- [ GLSA 200812-08 ] Mgetty: Insecure temporary file usage
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
- [ MDVSA-2008:239 ] clamav
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
- RE: DDIVRT-DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal
- CVE-2008-5079: multiple listen()s on same socket corrupts the vcc table
- [ MDVSA-2008:238 ] libsamplerate
- ZDI-08-081: Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities
- ZDI-08-080: Sun Java AWT Library Sandbox Violation Vulnerability
- ZDI-08-079: Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability
- ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability
- ZDI-08-077: Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability
- iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability
- [USN-687-1] nfs-utils vulnerability
- [ MDVSA-2008:237 ] apache2
- Re: Joomla Component GameQ
- iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability
- iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding Memory Corruption Vulnerability
- Joomla Component mydyngallery
- iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability
- [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities
- Re: XSS in Internet Explorer 6 and 7
- [UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues
- From: Ubuntu Privacy Remix Team
- CVE-2008-2086: Java Web Start File Inclusion via System Properties Override
- Joomla Component GameQ
- [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
- DDIVRT-2008-18 Orb Denial of Service
- From: DDI . VulnerabilityAlert
- Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability
- [ MDVSA-2008:236 ] vim
- Re: [USN-684-1] ClamAV vulnerability
- [USN-686-1] AWStats vulnerability
- [USN-685-1] Net-SNMP vulnerabilities
- Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
- Re: [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation
- [security bulletin] HPSBUX02389 SSRT080141 rev.1 - HP-UX, Local Denial of Service (DoS)
- [SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM
- [SECURITY] [DSA 1679-1] New awstats packages fix cross-site scripting
- [USN-684-1] ClamAV vulnerability
- [HACKATTACK Advisory 20081203]Pro Clan Manager 0.4.2 - Session Fixation
- [SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
- VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
- From: VMware Security team
- Re: Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- [SECURITY] [DSA 1677-1] New CUPS packages fix arbitrary code execution
- [ GLSA 200812-07 ] Mantis: Multiple vulnerabilities
- [ GLSA 200812-02 ] enscript: User-assisted execution of arbitrary code
- [ GLSA 200812-04 ] lighttpd: Multiple vulnerabilities
- [ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code
- [USN-683-1] Imlib2 vulnerability
- [ GLSA 200812-03 ] IPsec-Tools: racoon Denial of Service
- [ GLSA 200812-06 ] libxml2: Multiple vulnerabilities
- [ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code
- Re: /bin/login gives root to group utmp
- Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"
- Dates for SyScan'09
- From: organiser@xxxxxxxxxx
- [SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service
- [USN-682-1] libvorbis vulnerabilities
- [USN-681-1] ImageMagick vulnerability
- [BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- /bin/login gives root to group utmp
- [TKADV2008-013] VLC media player RealMedia Processing Integer Overflow Vulnerability
- [SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting
- [SECURITY] [DSA 1674-1] New jailer packages fix denial of service
- [SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities
- [SECURITY] [DSA 1672-1] New imlib2 packages fix arbitrary code execution
- [tool] Exomind v0.2 is out!
- SecurityReason : PHP 5.2.6 dba_replace() destroying file
- DC4420 - DEFCON London - Christmas meeting - Tuesday 2nd December 2008
- AssoCIateD 1.4.4 Remote Cross Site Scripting Vulnerability
- [USN-680-1] Samba vulnerability
- [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation
- FreeRainbowTables.com has changed generation platform
- Re: WHMCS V3.7.1 Sensible Information Disclosure
- WHMCS V3.7.1 Sensible Information Disclosure
- Re: XSS in Internet Explorer 6 and 7
- XSS in Internet Explorer 6 and 7
- Updated: Google Chrome 0.4.154.25 URI Meta Character URL Obfuscation
- [USN-668-1] Thunderbird vulnerabilities
- [USN-678-1] GnuTLS vulnerability
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- [CFP] FRHACK 01 Call For Papers (save the dates!)
- Re: Microsoft VISTA TCP/IP stack buffer overflow
- WordPress XSS vulnerability in RSS Feed Generator
- RSA EnVision Remote Password Disclosure
- Re: Microsoft VISTA TCP/IP stack buffer overflow
- [security bulletin] HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution
- Re: OpenSSH security advisory: cbc.adv
- New tool and paper for Oracle forensics...
- [USN-677-1] OpenOffice.org vulnerabilities
- MyBB 1.4.3 my_post_key Disclosure Vulnerability
- Re: OpenSSH security advisory: cbc.adv
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- Re: Re: OpenSSH security advisory: cbc.adv
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
- Re: OpenSSH security advisory: cbc.adv
- Re: OpenSSH security advisory: cbc.adv
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- [SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities
- Siemens C450IP/C475IP DoS
- WebStudio CMS 'pageid' Blind SQL Injection
- [SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution
- [USN-674-2] HPLIP vulnerabilities
- Re: Re: OpenSSH security advisory: cbc.adv
- [USN-675-2] Gaim vulnerability
- [USN-676-1] WebKit vulnerability
- Re: OpenSSH security advisory: cbc.adv
- FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random
- From: FreeBSD Security Advisories
- [USN-675-1] Pidgin vulnerabilities
- Google Chrome MetaCharacter URI Obfuscation Vulnerability
- [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- Amaya (id) Remote Stack Overflow Vulnerability
- Amaya (URL Bar) Remote Stack Overflow Vulnerability
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
- [ MDVSA-2008:235 ] mozilla-thunderbird
- Re: MS Internet Explorer 7 Denial Of Service Exploit
- Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- Re: Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
- [SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilities
- Revised: OpenSSH security advisory: cbc.adv
- Re: OpenSSH security advisory: cbc.adv
- Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- rPSA-2008-0328-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2008-0327-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2008-0324-1 gvim vim vim-minimal
- From: rPath Update Announcements
- [SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
- [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack
- Adobe Flash Multiple Vulnerabilities
- [ MDVSA-2008:234 ] kernel
- DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal
- From: vulnerabilityresearch
- OpenSSH security advisory: cbc.adv
- KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit
- ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability
- ZDI-08-075: EMC Control Center SAN Manager Master SST_CTGTRANS Overflow Vulnerability
- [ MDVSA-2008:233 ] libcdaudio
- Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- SecurityReason : PHP 5.2.6 (error_log) safe_mode bypass
- Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- Re: Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- Social Engine 2.7 CRLF Injection + SQL injection
- Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- [security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
- boastMachine v3.1 Remote Sql Injection
- [ MDVSA-2008:220-1 ] kernel
- Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- Re: Re: Re: Re: Opera 9.6x file:// overflow
- Re: [ MDVSA-2008:232 ] dovecot
- Re: Re: Re: Re: Opera 9.6x file:// overflow
- [ MDVSA-2008:232 ] dovecot
- [USN-674-1] HPLIP vulnerabilities
- Re: [ MDVSA-2008:231 ] libxml2
- rPSA-2008-0325-1 libxml2
- From: rPath Update Announcements
- PR07-40: Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760
- From: ProCheckUp Research
- [SECURITY] [DSA 1667-1] New python2.4 packages fix several vulnerabilities
- [ MDVSA-2008:231 ] libxml2
- PR08-09: Unauthenticated File Retrieval on Sun Java System Identity Manager "ext" parameter
- From: ProCheckUp Research
- Secunia Research: Streamripper Multiple Buffer Overflows
- Re: Opera 9.6x file:// overflow
- Microsoft VISTA TCP/IP stack buffer overflow
- From: Thomas Unterleitner
- PR07-11: Cross-site Request Forgery (CSRF) on Sun Java System Identity Manager
- From: ProCheckUp Research
- Metasploit Framework 3.2 Released
- Firefox cross-domain image theft (CESA-2008-009)
- [USN-673-1] libxml2 vulnerabilities
- Re: Re: Re: Opera 9.6x file:// overflow
- Black Hat November News: CFPS Now Open, Webinar 5 and Japan on-line.
- Re: Re: Opera 9.6x file:// overflow
- [security bulletin] HPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-067 to MS08-069
- Outdated and vulnerable OpenSource libraries used in "Deutsche Telekom" home banking software
- [DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3
- From: Digital Security Research Group
- [ MDVSA-2008:230 ] firefox
- [SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
- [USN-672-1] ClamAV vulnerability
- [USN-667-1] Firefox and xulrunner vulnerabilities
- [ MDVSA-2008:227-1 ] gnutls
- Re: Opera 9.6x file:// overflow
- rPSA-2008-0322-1 gnutls
- From: rPath Update Announcements
- Kimson cms cross site scripting vulnerability
- From: md . r00t . defacer
- [USN-671-1] MySQL vulnerabilities
- [waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4
- Exodus v0.10 uri handler arbitrary parameter injection
- Opera 9.6x file:// overflow
- RE: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- From: Castigliola, Angelo
- rPSA-2008-0321-1 enscript
- From: rPath Update Announcements
- [waraxe-2008-SA#068] - Sql Injection in vBulletin 3.7.3.pl1
- [ GLSA 200811-05 ] PHP: Multiple vulnerabilities
- Microsoft Windows Server Service (MS08-067) Exploit
- Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- ANNOUNCE: RFIDIOt release RFIDIOt-0.1u
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- [ MDVSA-2008:229 ] clamav
- [USN-670-1] VMBuilder vulnerability
- [ MDVSA-2008:228 ] mozilla-firefox
- Re: A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability
- New Whitepaper - .NET Framework Rootkits: Backdoors inside your Framework
- Digital Armaments October-November Hacking Challenge: Linux Local Kernel Exploit (5,000$)
- Team SHATTER Security Advisory: Oracle Database Multiple SQL Injection vulnerabilities in LTADM
- [ MDVSA-2008:227 ] gnutls
- Team SHATTER Security Advisory: Oracle Database multiple SQL Injection vulnerabilities in Workspace Manager
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
