Bugtraq
[Prev Page][Next Page]
- [SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2678-1] mesa security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2677-1] libxrender security update,
Moritz Muehlenhoff
- CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation,
James Joshi
- SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services,
SEC Consult Vulnerability Lab
- [ANN] Struts 2.3.14.1 GA (fast track | security),
Lukasz Lenart
- APPLE-SA-2013-05-22-1 QuickTime 7.7.4,
Apple Product Security
- [SECURITY] [DSA 2672-1] kfreebsd-9 security update,
Florian Weimer
- [waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin,
come2waraxe
- [waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin,
come2waraxe
- Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities,
Vulnerability Lab
- VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own),
VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own),
VUPEN Security Research
- [ MDVSA-2013:166 ] krb5,
security
- [slackware-security] kernel (SSA:2013-140-01),
Slackware Security Team
- Sony PS3 Firmware v4.31 - Code Execution Vulnerability,
Vulnerability Lab
- CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall),
chudakovma
- Static analysis tool exposition (SATE) V Call for participation,
aure
- Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt),
Fernando Gont
- Defense in depth -- the Microsoft way,
Stefan Kanthak
- CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!,
Sławomir Jabs
- [slackware-security] ruby (SSA:2013-136-02),
Slackware Security Team
- [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01),
Slackware Security Team
- APPLE-SA-2013-05-16-1 iTunes 11.0.3,
Apple Product Security
- ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability,
Security Alert
- ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability,
Security Alert
- [slackware-security] mozilla-thunderbird (SSA:2013-135-02),
Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-135-01),
Slackware Security Team
- [SECURITY] [DSA 2669-1] linux security update,
dann frazier
- Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Multiple Vulnerabilities in Exponent CMS,
advisory
- [ MDVSA-2013:165 ] firefox,
security
- [security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code,
security-alert
- [SECURITY] [DSA 2668-1] linux-2.6 security update,
dann frazier
- WASC Announcement: Static Analysis Technologies Evaluation Criteria Published,
announcements
- File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities,
Vulnerability Lab
- SimpleTransfer 2.2.1 - Command Injection Vulnerabilities,
Vulnerability Lab
- Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities,
Vulnerability Lab
- Wifi Album v1.47 iOS - Command Injection Vulnerability,
Vulnerability Lab
- Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities,
Vulnerability Lab
- Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities,
Vulnerability Lab
- [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution,
RedTeam Pentesting GmbH
- [ MDVSA-2013:164 ] mesa,
security
- [SECURITY] [DSA 2667-1] mysql-5.5 security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2666-1] xen security update,
Salvatore Bonaccorso
- CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException,
Mark Thomas
- ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability,
Security Alert
- [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited,
Mark Thomas
- CFP: Hacktivity 2013, October 11-12, Budapest, Hungary,
cfp
- [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator,
Mark Thomas
- DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities,
ddivulnalert
- ESA-2013-021: EMC Documentum Multiple Vulnerabilities,
Security Alert
- Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued],
Stefan Kanthak
- ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability,
Security Alert
- Vulnerability in "Fujitsu Desktop Update" (for Windows),
Stefan Kanthak
- [security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS),
security-alert
- [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software,
Cisco Systems Product Security Incident Response Team
- Cross-Site Request Forgery (CSRF) in UMI.CMS,
advisory
- [ MDVSA-2013:163 ] glibc,
security
- [ MDVSA-2013:162 ] glibc,
security
- SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager,
SEC Consult Vulnerability Lab
- Apache VCL improper input validation,
Josh Thompson
- [ MDVSA-2013:161 ] java-1.7.0-openjdk,
security
- ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities,
Security Alert
- VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6,
Stefan Kanthak
- Multiple buffer overflows on Huawei SNMPv3 service,
roberto . paleari
- Vulnerability in Microsoft Security Essentials <v4.2,
Stefan Kanthak
- [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java,
Security Explorations
- Multiple Vulnerabilities in D-Link DSL-320B,
devnull
- [ MDVSA-2013:160 ] phpmyadmin,
security
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028),
VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028),
VUPEN Security Research
- ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability,
Security Alert
- ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability,
Security Alert
- ESA-2013-034: EMC Avamar Improper Authorization vulnerability,
Security Alert
- [SECURITY] [DSA 2664-1] stunnel4 security update,
Salvatore Bonaccorso
- NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth),
NCC Group Research
- WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability,
admin
- NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth),
NCC Group Research
- NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal,
NCC Group Research
- NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection,
NCC Group Research
- Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS,
advisory
- SQL Injection in b2evolution,
advisory
- [HITB-Announce] #HITB2013KUL Call for Papers,
Hafez Kamal
- Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution,
az . bugreport . subscriber
- [ MDVSA-2013:159 ] clamav,
security
- [ MDVSA-2013:158 ] krb5,
security
- Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability,
demonalex
- [SECURITY] [DSA 2665-1] strongswan security update,
Yves-Alexis Perez
- [ MDVSA-2013:157 ] krb5,
security
- [security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS),
security-alert
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED],
FreeBSD Security Advisories
- WowzaMediaServer SecureToken bypass (and worse),
Michal J.
- WowzaMediaServer StorageDir escape (regression),
Michal J.
- Personal File Share HTTP Server Remote Overflow Vulnerability,
demonalex
- CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities,
CORE Security Technologies Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver,
FreeBSD Security Advisories
- [ MDVSA-2013:156 ] apache-mod_security,
security
- [security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update,
security-alert
- [security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update,
security-alert
- [ MDVSA-2013:155 ] fuse,
security
- [ MDVSA-2013:154 ] util-linux,
security
- Cisco/Linksys E1200 N300 Reflected XSS,
Carl Benedict
- [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability,
Egidio Romano
- [ MDVSA-2013:153 ] subversion,
security
- [ MDVSA-2013:152 ] subversion,
security
- [ MDVSA-2013:151 ] curl,
security
- EDSC 2013 CFP Open,
Michael Eddington
- Hacking IPv6 networks training (slideware, upcoming trainings, etc.),
Fernando Gont
- [security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files,
security-alert
- [security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS),
security-alert
- [security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege,
security-alert
- Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows,
nospam
- Multiple Vulnerabilities in D'Link DIR-635,
devnull
- Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution,
nospam
- Nginx ngx_http_close_connection function integer overflow,
safe3q
- [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin,
come2waraxe
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
- [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver,
ESNC Security
- Cisco/Linksys HTTP Service Remote DoS (Denial of Service),
Carl Benedict
- [security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency,
security-alert
- [ MDVSA-2013:150 ] mysql,
security
- [ MDVSA-2013:148 ] roundcubemail,
security
- [SECURITY] [DSA 2663-1] tinc security update,
Yves-Alexis Perez
- [ MDVSA-2013:149 ] roundcubemail,
security
- Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A,
devnull
- [SQLi] vBilling for FreeSWITCH,
Michał Błaszczak
- [SECURITY] [DSA 2660-1] curl security update,
Salvatore Bonaccorso
- 44Café 23rd April details,
Steve
- [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE,
Security Explorations
- [ MDVSA-2013:147 ] libarchive,
security
- [ MDVSA-2013:145 ] java-1.6.0-openjdk,
security
- [ MDVSA-2013:146 ] icedtea-web,
security
- VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555),
VUPEN Security Research
- TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation,
Trustwave Advisories
- [SECURITY] [DSA 2662-1] xen security update,
Salvatore Bonaccorso
- [SECURITY] [DSA 2661-1] xorg-server security update,
Yves-Alexis Perez
- SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey,
SEC Consult Vulnerability Lab
- CVE-2013-2504 : Matrix42 Service Desk XSS,
43z sec
- VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013),
VUPEN Security Research
- DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013,
Major Malfunction
- Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability,
Cisco Systems Product Security Incident Response Team
- SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server,
SEC Consult Vulnerability Lab
- SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption,
SEC Consult Vulnerability Lab
- [ MDVSA-2013:144 ] phpmyadmin,
security
- [ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution,
ESNC Security
- SI6 Networks' IPv6 Toolkit v1.3.4 released!,
Fernando Gont
- Multiple Vulnerabilities in KrisonAV CMS,
advisory
- Open-Xchange Security Advisory 2013-04-17,
Martin Braun
- APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15,
Apple Product Security
- APPLE-SA-2013-04-16-1 Safari 6.0.4,
Apple Product Security
- [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services,
ESNC Security
- [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control,
ESNC Security
- [SE-2012-01] Details of issues fixed by Java SE 7 Update 21,
Security Explorations
- Sitecom WLM-3500 backdoor accounts,
roberto . paleari
- [ MDVSA-2013:143 ] poppler,
security
- [security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities,
security-alert
- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal,
ddivulnalert
- Remote command injection in Ruby Gem kelredd-pruview 0.3.8,
larry0
- [ MDVSA-2013:142 ] postgresql,
security
- MacOSX 10.8.3 ftpd Remote Resource Exhaustion,
submit
- [ MDVSA-2013:141 ] libxslt,
security
- Cisco Security Advisory: Cisco Prime Network Control Systems Database Default Credentials Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software,
Cisco Systems Product Security Incident Response Team
- [ MDVSA-2013:134 ] viewvc,
security
- [security bulletin] HPSBUX02859 SSRT101144 rev.2 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code,
security-alert
- [ MDVSA-2013:136 ] weechat,
security
- [ MDVSA-2013:132 ] tor,
security
- [ MDVSA-2013:131 ] taglib,
security
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software,
Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2659-1] libapache-mod-security security update,
Salvatore Bonaccorso
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution,
Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBUX02864 SSRT101156 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities,
security-alert
- [ MDVSA-2013:139 ] x11-server,
security
- [ MDVSA-2013:138 ] x11-driver-video-qxl,
security
- [ MDVSA-2013:137 ] wordpress,
security
- [ MDVSA-2013:135 ] vte,
security
- [ MDVSA-2013:133 ] usbmuxd,
security
- [ MDVSA-2013:130 ] stunnel,
security
- [ MDVSA-2013:124 ] ruby,
security
- [ MDVSA-2013:129 ] squid,
security
- [ MDVSA-2013:128 ] squashfs-tools,
security
- [ MDVSA-2013:127 ] socat,
security
- [ MDVSA-2013:126 ] snack,
security
- [ MDVSA-2013:125 ] sleuthkit,
security
- [ MDVSA-2013:123 ] rpmdevtools,
security
- [ MDVSA-2013:122 ] quagga,
security
- [ MDVSA-2013:121 ] qemu,
security
- [ MDVSA-2013:116 ] pixman,
security
- DeepSec 2013 - Call for Papers,
DeepSec Conference
- [ MDVSA-2013:120 ] python-pycrypto,
security
- [ MDVSA-2013:119 ] python-httplib2,
security
- [ MDVSA-2013:118 ] python-feedparser,
security
- [ MDVSA-2013:117 ] python,
security
- [ MDVSA-2013:115 ] php-ZendFramework,
security
- [ MDVSA-2013:114 ] php,
security
- [ MDVSA-2013:113 ] perl,
security
- [ MDVSA-2013:112 ] otrs,
security
- [ MDVSA-2013:111 ] openslp,
security
- [ MDVSA-2013:110 ] openjpeg,
security
- [ MDVSA-2013:109 ] open-iscsi,
security
- [ MDVSA-2013:108 ] openconnect,
security
- [ MDVSA-2013:107 ] ocaml-xml-light,
security
- [ MDVSA-2013:106 ] nss-pam-ldapd,
security
- [ MDVSA-2013:105 ] munin,
security
- [ MDVSA-2013:104 ] mosh,
security
- [ MDVSA-2013:103 ] mesa,
security
- [ MDVSA-2013:102 ] mariadb,
security
- [ MDVSA-2013:101 ] lynx,
security
- [ MDVSA-2013:100 ] lighttpd,
security
- [ MDVSA-2013:099 ] libytnef,
security
- [ MDVSA-2013:098 ] libupnp,
security
- [ MDVSA-2013:097 ] libotr,
security
- [ MDVSA-2013:096 ] keepalived,
security
- [ MDVSA-2013:095 ] java-1.7.0-openjdk,
security
- [ MDVSA-2013:094 ] jakarta-poi,
security
- [ MDVSA-2013:093 ] ircd-hybrid,
security
- [ MDVSA-2013:077 ] ettercap,
security
- CVE-2013-0798 : World read and write access to app_tmp directory on Android,
suzuki
- Hackito Ergo Sum 2013 Speaker Announcement!,
Alexandre De Oliveira
- [ MDVSA-2013:092 ] imagemagick,
security
- [ MDVSA-2013:083 ] glib2.0,
security
- [ MDVSA-2013:078 ] fail2ban,
security
- [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7,
come2waraxe
- [ MDVSA-2013:091 ] icecast,
security
- [ MDVSA-2013:090 ] argyllcms,
security
- [ MDVSA-2013:089 ] icclib,
security
- [ MDVSA-2013:088 ] hplip,
security
- [ MDVSA-2013:084 ] gnome-keyring,
security
- [ MDVSA-2013:087 ] firefox,
security
- [ MDVSA-2013:086 ] groff,
security
- [ MDVSA-2013:085 ] groff,
security
- [ MDVSA-2013:082 ] gimp,
security
- [ MDVSA-2013:081 ] gegl,
security
- [ MDVSA-2013:074 ] drupal,
security
- [ MDVSA-2013:076 ] emacs,
security
- [ MDVSA-2013:073 ] dokuwiki,
security
- [ MDVSA-2013:075 ] elinks,
security
- [ MDVSA-2013:072 ] dnsmasq,
security
- [ MDVSA-2013:050 ] nss,
security
- [ MDVSA-2013:049 ] net-snmp,
security
- [ MDVSA-2013:046 ] libtiff,
security
- [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9,
ISecAuditors Security Advisories
- [CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI,
shekyan
- [ MDVSA-2013:066 ] bugzilla,
security
- [CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2,
Ken
- [ MDVSA-2013:071 ] dbus-glib,
security
- [ MDVSA-2013:070 ] dbus,
security
- [ MDVSA-2013:069 ] cups-pk-helper,
security
- [ MDVSA-2013:068 ] courier-authlib,
security
- [ MDVSA-2013:067 ] couchdb,
security
- [ MDVSA-2013:065 ] boost,
security
- [ MDVSA-2013:064 ] bogofilter,
security
- [ MDVSA-2013:063 ] bip,
security
- [ MDVSA-2013:057 ] xinetd,
security
- [ MDVSA-2013:055 ] wireshark,
security
- [ MDVSA-2013:062 ] backuppc,
security
- [ MDVSA-2013:061 ] awstats,
security
- [ MDVSA-2013:060 ] accountsservice,
security
- [ MDVSA-2013:059 ] dhcp,
security
- [ MDVSA-2013:058 ] bind,
security
- [ MDVSA-2013:056 ] libxml2,
security
- [slackware-security] seamonkey (SSA:2013-097-01),
Slackware Security Team
- Multiple Vulnerabilities in D-Link devices,
devnull
- [ MDVSA-2013:037 ] fetchmail,
security
- [ MDVSA-2013:035 ] libexif,
security
- Aastra IP Telephone hardcoded telnet admin password,
Timo Juhani Lindfors
- [ MDVSA-2013:033 ] cronie,
security
- [ MDVSA-2013:023-1 ] coreutils,
security
- Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable,
mschratt
- [ MDVSA-2013:054 ] sudo,
security
- [ MDVSA-2013:053 ] proftpd,
security
- [ MDVSA-2013:052 ] openssl,
security
- [ MDVSA-2013:051 ] openssh,
security
- [ MDVSA-2013:048 ] ncpfs,
security
- [ MDVSA-2013:047 ] libxslt,
security
- [ MDVSA-2013:031 ] automake,
security
- [ MDVSA-2013:045 ] libssh,
security
- [ MDVSA-2013:044 ] libjpeg,
security
- [ MDVSA-2013:043 ] libgssglue,
security
- [ MDVSA-2013:042 ] krb5,
security
- [security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS),
security-alert
- [ MDVSA-2013:041 ] html2ps,
security
- [ MDVSA-2013:040 ] gnutls,
security
- [ MDVSA-2013:001-1 ] gnupg,
security
- [ MDVSA-2013:039 ] freetype2,
security
- [ MDVSA-2013:029 ] apache-mod_security,
security
- [ MDVSA-2013:038 ] freeradius,
security
- [ MDVSA-2013:036 ] exif,
security
- [ MDVSA-2013:034 ] cups,
security
- [ MDVSA-2013:032 ] bash,
security
- [ MDVSA-2013:030 ] arpwatch,
security
- [slackware-security] subversion (SSA:2013-095-01),
Slackware Security Team
- [ MDVSA-2013:019 ] bash,
security
- [ MDVSA-2013:027-1 ] clamav,
security
- [ MDVSA-2013:017 ] arpwatch,
security
- [ MDVSA-2013:018 ] automake,
security
- [ MDVSA-2013:016 ] apache-mod_security,
security
- Groovy Media Player buffer overflow Vulnerability,
akshay . vaghela
- Hackersh 0.1 Release Announcement,
Itzik Kotler
- GreHack 2013 - Call For Papers - November 15, Grenoble, France,
F. Duchene
- SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7),
SEC Consult Vulnerability Lab
- [ MDVSA-2013:015-1 ] apache,
security
- [SECURITY] [DSA 2658-1] postgresql-9.1 security update,
Giuseppe Iuculano
- [SECURITY] [DSA 2654-1] libxslt security update,
Salvatore Bonaccorso
- [SECURITY] [DSA 2657-1] postgresql-8.4 security update,
Giuseppe Iuculano
- Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001,
Lists
- Novell GroupWise Multiple Remote Code Execution Vulnerabilities,
advisory
- TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2,
Simon Bieber
- PHP Code Injection in FUDforum,
advisory
- SQL Injection Vulnerability in Symphony,
advisory
- [slackware-security] mozilla-firefox (SSA:2013-093-01),
Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-093-02),
Slackware Security Team
- SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance,
SEC Consult Vulnerability Lab
- FreeBSD Security Advisory FreeBSD-SA-13:04.bind,
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:03.openssl,
FreeBSD Security Advisories
- NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities,
NCC Group Research
- Remote command execution in Ruby Gem ldoce 0.0.2,
larry0
- [security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities,
security-alert
- [SECURITY] [DSA 2656-1] bind9 security update,
Salvatore Bonaccorso
- US-CERT Alert TA13-088A: DNS Amplification Attacks,
US-CERT Alerts
- Authentication bypass on Netgear WNR1000,
roberto
- [waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5,
come2waraxe
- [waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50,
come2waraxe
- [Suspected Spam] [slackware-security] libssh (SSA:2013-087-01),
Slackware Security Team
- [security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code,
security-alert
- MailOrderWorks v5.907 - Multiple Web Vulnerabilities,
Vulnerability Lab
- AST-2013-002: Denial of Service in HTTP server,
Asterisk Security Team
- [SECURITY] [DSA 2655-1] rails security update,
Moritz Muehlenhoff
- Workshop Proposal/Paper Submission Deadlines,
asemailing
- AST-2013-003: Username disclosure in SIP channel driver,
Asterisk Security Team
- AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header,
Asterisk Security Team
- WordPress podPress Plugin XSS in SWF,
hip
- Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information,
security-alert
- ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability,
Security Alert
- Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Path Traversal in AWS XMS,
advisory
- [slackware-security] bind (SSA:2013-086-01),
Slackware Security Team
- [slackware-security] dhcp (SSA:2013-086-02),
Slackware Security Team
- McAfee Virtual Technician ActiveX Control Insecure Method,
advisory
- [SECURITY] [DSA 2653-1] icinga security update,
Florian Weimer
- [security bulletin] HPSBUX02857 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities,
security-alert
- [security bulletin] HPSBOV02852 SSRT101108 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification,
security-alert
- [SECURITY] [DSA 2652-1] libxml2 security update,
Michael Gilbert
- [security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF),
security-alert
- [slackware-security] php (SSA:2013-081-01),
Slackware Security Team
- SynConnect PMS SQL Injection Vulnerability,
bhadresh . k . patel
- Report OWASP WAF Naxsi bypass Vulnerability,
safe3q
- ESA-2013-016: EMC Smarts Network Configuration Manager,
Security Alert
- [waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2,
come2waraxe
- DC4420 - London DEFCON - March meet - Tuesday 26th March 2013,
Major Malfunction
- [security bulletin] HPSBUX02856 SSRT101104 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Disclosure,
security-alert
- [SE-2011-01] PoC code for digital SAT TV research released,
Security Explorations
- [SECURITY] [DSA 2651-1] smokeping security update,
Salvatore Bonaccorso
- [SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1,
Salvatore Bonaccorso
- [IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation,
Inshell Security
- APPLE-SA-2013-03-19-2 Apple TV 5.2.1,
Apple Product Security
- APPLE-SA-2013-03-19-1 iOS 6.1.3,
Apple Product Security
- CA20130319-01: Security Notice for SiteMinder products using SAML,
Kotas, Kevin J
- [waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1,
come2waraxe
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free (MS13-021 / CVE-2013-0087),
VUPEN Security Research
- VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087),
VUPEN Security Research
- VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Use-After-Free (MFSA-2013-29 / CVE-2013-0787),
VUPEN Security Research
- Remote command execution in Ruby Gem Command Wrap,
Larry0
- NOPcon 2013 - Call for paper - Istanbul , Turkey,
info
- Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue,
Cisco Systems Product Security Incident Response Team
- NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow,
NCC Group Research
- [ MDVSA-2013:028 ] nagios,
security
- [ MDVSA-2013:027 ] clamav,
security
- [ MDVSA-2013:026 ] sudo,
security
- [SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54),
Security Explorations
- [SECURITY] [DSA 2650-2] libvirt regression update,
Yves-Alexis Perez
- Remote command execution in fastreader ruby gem,
larry0
- [SECURITY] [DSA 2646-1] typo3-src security update,
Yves-Alexis Perez
- [slackware-security] ruby (SSA:2013-075-01),
Slackware Security Team
- [SECURITY] [DSA 2650-1] libvirt-bin security update,
Yves-Alexis Perez
- [SECURITY] [DSA 2649-1] lighttpd security update,
Yves-Alexis Perez
- n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access,
security
- n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability,
security
- n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection,
security
- n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection,
security
- [SECURITY] [DSA 2648-1] firebird2.5 security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2647-1] firebird2.1 security update,
Moritz Muehlenhoff
- Skype Click to Call Update Service local privilege escalation,
Oliver-Tobias Ripka
- DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal,
ddivulnalert
- MiniMagic ruby gem remote code execution,
Larry0
- Curl Ruby Gem Remote command execution,
Larry0
- [SECURITY] [DSA 2645-1] inetutils security update,
Yves-Alexis Perez
- APPLE-SA-2013-03-14-2 Safari 6.0.3,
Apple Product Security
- APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001,
Apple Product Security
- [SECURITY] [DSA 2640-1] zoneminder security update,
Salvatore Bonaccorso
- [SECURITY] [DSA 2644-1] wireshark security update,
Moritz Muehlenhoff
- [ MDVSA-2013:025 ] pidgin,
security
- [slackware-security] seamonkey (SSA:2013-072-02),
Slackware Security Team
- [slackware-security] perl (SSA:2013-072-01),
Slackware Security Team
- [ MDVSA-2013:024 ] firefox,
security
- Cisco Video Surveillance Operations Manager Multiple vulnerabilities,
b . saleh
- [ MDVSA-2013:023 ] coreutils,
security
- SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow,
SEC Consult Vulnerability Lab
- [CVE-2013-1814] Apache Rave exposes User over API,
Matt Franklin
- [ MDVSA-2013:022 ] openssh,
security
- Open-Xchange Security Advisory 2013-03-13,
Martin Braun
- [SECURITY] [DSA 2643-1] puppet security update,
Yves-Alexis Perez
- TagScanner v5.1 - Stack Buffer Overflow Vulnerability,
Vulnerability Lab
- Announcing ChronIC - a wearable Sub-GHz RF hacking tool,
Adam Laurie
- Results of a XSLT fuzzing effort,
Nicolas Grégoire
- AthCon 2013 Rev. Challenge 2013,
info
- SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum,
SEC Consult Vulnerability Lab
- Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3),
Fernando Gont
- Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503,
Chris John Riley
- [ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics,
ISecAuditors Security Advisories
- OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability,
larry0
- Recon 2013 Call For Papers - June 21-23, 2013 - Montreal, Quebec,
cfp2013@xxxxxxxx
- [SECURITY] [DSA 2641-1] perl security update,
Salvatore Bonaccorso
- [slackware-security] mozilla-firefox (SSA:2013-068-01),
Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-068-02),
Slackware Security Team
- [SECURITY] [DSA 2642-1] sudo security update,
Michael Gilbert
- Stored XSS in Terillion Reviews Wordpress Plugin,
nauty . me04
- SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2),
SEC Consult Vulnerability Lab
- SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1),
SEC Consult Vulnerability Lab
- [ MDVSA-2013:021 ] java-1.6.0-openjdk,
security
- [ MDVSA-2013:020 ] wireshark,
security
- Re: Oracle Auto Service Request /tmp file clobbering vulnerability,
larry0
- Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6,
advisory
- Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6,
advisory
- [security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, Remote Disclosure of Information,
security-alert
- [ MDVSA-2013:019 ] gnutls,
security
- [security bulletin] HPSBPI02851 SSRT101078 rev.1 - Certain HP LaserJet Pro Printers, Unauthorized Access to Data,
security-alert
- [slackware-security] sudo (SSA:2013-065-01),
Slackware Security Team
- [security bulletin] HPSBMU02849 SSRT101124 rev.1 - HP ServiceCenter, Remote Denial of Service (DoS),
security-alert
- DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion,
ddivulnalert
- [ MDVSA-2013:018 ] openssl,
security
- Verax NMS Password Disclosure (CVE-2013-1631),
Just Bugs
- Verax NMS Hardcoded Private Key (CVE-2013-1352),
Just Bugs
- Verax NMS Password Replay Attack (CVE-2013-1351),
Just Bugs
- Verax NMS Authenication Bypass (CVE-2013-1350),
Just Bugs
- [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples,
Mark Thomas
- Multiple XSS vulnerabilities in Events Manager WordPress plugin,
advisory
- OS Command Injection in CosCms,
advisory
- Re: Kingcopes AthCon 2012 Slides & Notes --> Video online,
king cope
- Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND,
tytusromekiatomek
- Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header,
tytusromekiatomek
- Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption.,
tytusromekiatomek
- Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header,
tytusromekiatomek
- SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2,
tytusromekiatomek
- Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc,
tytusromekiatomek
- Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header,
tytusromekiatomek
- Samsung TV DoS (possible overflow) via SOAPACTION,
tytusromekiatomek
- Varnish 2.1.5, 3.0.3 DoS in VRY_Create() while parsing Vary header,
tytusromekiatomek
- [ MDVSA-2013:017 ] libxml2,
security
- [SECURITY] [DSA 2639-1] php5 security update,
Thijs Kinkhorst
- RE: [Full-disclosure] Remote system freeze thanks to Kaspersky Internet Security 2013 (SA52053),
Vulnerability Mailbox
- [PT-2013-17] Arbitrary Files Reading in mnoGoSearch,
noreply
- WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS),
alej andr0
- [SECURITY] [DSA 2638-1] openafs security update,
Moritz Muehlenhoff
- [IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting,
Inshell Security
- APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14,
Apple Product Security
- [SECURITY] [DSA 2637-1] apache2 security update,
Stefan Fritsch
- Remote system freeze thanks to Kaspersky Internet Security 2013,
Marc Heuse
- Remote command execution for Ruby Gem ftpd-0.2.1,
larry0
- Proofpoint Protection Server Session Persistence,
BugsNotHugs
- [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability,
Frédéric Basse
- [slackware-security] httpd (SSA:2013-062-01),
Slackware Security Team
- CVE-2013-1413,
stephan . rickauer
- rpi-update tmpfile vulnerability,
Technion
- [SE-2012-01] One more attack affecting Oracle's Java SE 7u15,
Security Explorations
- [SECURITY] [DSA 2636-2] xen regression update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2636-1] xen security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2635-1] cfingerd security update,
Salvatore Bonaccorso
- ESA-2013-012: RSA® Authentication Agent 7.1.1 for Microsoft Windows® Access Control Vulnerability,
Security Alert
- Fileutils ruby gem possible remote command execution and insecure file handling in /tmp,
larry0
- PHEARCON Call For Papers,
AA
- Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell,
scott . behrens
- Cross-Site Scripting (XSS) in Geeklog,
advisory
- [KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability,
Egidio Romano
- Unauthenticated remote access to D-Link DIR-645 devices,
roberto
- Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability,
Cisco Systems Product Security Incident Response Team
- [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05,
come2waraxe
- [ MDVSA-2013:016 ] php,
security
- Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2634-1] python-django security update,
Nico Golde
- [SECURITY] [DSA 2633-1] fusionforge security update,
Yves-Alexis Perez
- Denial of Service vulnerability in War FTP Daemon 1.82,
Jarle Aase
- [ MDVSA-2013:015 ] apache,
security
- [slackware-security] seamonkey (SSA:2013-056-01),
Slackware Security Team
- [SECURITY] [DSA 2632-1] linux-2.6 security update,
dann frazier
- [Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection,
Onapsis Research Labs
- Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4,
Olivier Lamy
- [IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability,
Inshell Security
- Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities,
Vulnerability Lab
- [Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-002] SAP SDM Denial of Service,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure,
Onapsis Research Labs
- [SECURITY] [DSA 2629-1] openjpeg security update,
Michael Gilbert
- VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability,
VUPEN Security Research
- DC4420 - London DEFCON Tuesday 26th Feb 2013,
Major Malfunction
- [SE-2012-01] New security issues affecting Oracle's Java SE 7u15,
Security Explorations
- NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France,
Jonathan Brossard
- [SECURITY] [DSA 2631-1] squid3 security update,
Salvatore Bonaccorso
- [ MDVSA-2013:014 ] java-1.6.0-openjdk,
security
- TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352),
Shatter
- Samsung Galaxy S3 partial screen-lock bypass,
ukpentestinfo
- TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355),
Shatter
- OSEC-2013-01: nagios metacharacter filtering omission,
Rudolph Pereira
- CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement,
Kurt Seifried
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358),
Shatter
- TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353),
Shatter
- TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372),
Shatter
- TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354),
Shatter
- Paper - Hiding Data in Hard-drive Service Areas,
Ariel Berkman
- MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities,
Vulnerability Lab
- TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751),
Shatter
- [security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS),
security-alert
- [SECURITY] [DSA 2630-1] postgresql-8.4 security update,
Moritz Muehlenhoff
- [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏,
hip
- [ MDVSA-2013:013 ] squid,
security
- Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability,
demetris papapetrou
- Alt-N MDaemon Email Body HTML/JS Injection Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WorldClient Username Enumeration Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability,
demetris papapetrou
- Multiple Cross-Site Scripting (XSS) in glFusion,
advisory
- [slackware-security] mozilla-thunderbird (SSA:2013-050-02),
Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-050-01),
Slackware Security Team
- APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13,
Apple Product Security
- SQLi found in Kodak Insite,
robert
- Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro.,
George Clark
- FreeBSD Security Advisory FreeBSD-SA-13:02.libc,
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:01.bind,
FreeBSD Security Advisories
- Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability,
nauty . me04
- Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability,
nauty . me04
- [SECURITY] [DSA 2628-1] nss-pam-ldapd security update,
Moritz Muehlenhoff
- PHP-Fusion 7.02.05 SQL Injection,
Krzysztof Katowicz-Kowalewski
- [IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow,
Inshell Security
- Multiple Vulnerabilities in Netgear DGN2200B,
devnull
- Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable,
Adam Laurie
- [SECURITY] [DSA 2627-1] nginx security update,
Thijs Kinkhorst
- [SECURITY] [DSA 2626-1] lighttpd security update,
Thijs Kinkhorst
- Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit),
Fernando Gont
- [SECURITY] [DSA 2625-1] wireshark security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2624-1] ffmpeg security update,
Moritz Muehlenhoff
- SI6 Networks IPv6 Toolkit v1.3 released!,
Fernando Gont
- CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities,
CORE Security Technologies Advisories
- Empirum Password Obfuscation Design Flaw,
otr
- [ MDVSA-2013:012 ] postgresql,
security
- [IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption,
Inshell Security
- [SECURITY] [DSA 2623-1] openconnect security update,
Florian Weimer
- Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg,
devnull
- Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND,
devnull
- [security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution,
security-alert
- [slackware-security] pidgin (SSA:2013-044-01),
Slackware Security Team
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability,
Vulnerability Lab
- Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities,
Vulnerability Lab
- CA20130213-01: Security Notice for CA ControlMinder,
Kotas, Kevin J
- [SECURITY] [DSA 2621-1] openssl security update,
Thijs Kinkhorst
- [SECURITY] [DSA 2622-1] polarssl security update,
Thijs Kinkhorst
- Multiple Vulnerabilities in OpenPLI,
devnull
- [ MDVSA-2013:011 ] samba,
security
- [SECURITY] [DSA 2620-1] rails security update,
Florian Weimer
- Simple password obfuscation in Enterprise Architect,
Diening, Holm
- [slackware-security] openssl (SSA:2013-042-01),
Slackware Security Team
- I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution,
aeon . s . flux
- Multiple Vulnerabilities in Linksys WAG200G,
devnull
- Multiple Vulnerabilities in Linksys WRT160Nv2,
devnull
- Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack,
Adam Laurie
- [ MDVSA-2013:010 ] java-1.6.0-openjdk,
security
- [SECURITY] [DSA 2612-2] ircd-ratbox update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update,
Moritz Muehlenhoff
- [ MDVSA-2013:009 ] libssh,
security
- Mathematica9.0.1 on Linux /tmp/MathLink vulnerability,
paul . szabo
- [slackware-security] curl (SSA:2013-038-01),
Slackware Security Team
- [SECURITY] [DSA 2618-1] ircd-hybrid security update,
Luciano Bello
- DIMVA 2013 - Extended deadline for paper submission: February 17, 2013!,
Collin Mulliner
- [CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏,
hip
- Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability,
Cisco Systems Product Security Incident Response Team
- DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up,
DefenseCode
- [ MDVSA-2013:008 ] mysql,
security
- [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability,
Egidio Romano
- Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin,
advisory
- SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin,
advisory
- [CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF,
hip
- [MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing,
research
- Multiple Vulnerabilities in Linksys E1500/E2500,
devnull
- [PT-2012-53] Privilege Gaining in DataLife Engine,
noreply
- CVE-2012-6451 Authentication Bypass in LOREX IP Cameras,
doylej . ia
- [security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code,
security-alert
- [ MDVSA-2013:007 ] mysql,
security
- APPLE-SA-2013-02-04-1 OS X Server v2.2.1,
Apple Product Security
- Free Monthly Websites v2.0 - Multiple Web Vulnerabilities,
Vulnerability Lab
- Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B),
devnull
- [IMF 2013] Call for Participation,
Oliver Goebel
- [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU,
Security Explorations
- NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation,
NCC Group Research
- NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation,
NCC Group Research
- Directory Traversal - EasyITSP <= 2.0.7,
Michał Błaszczak
- APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12,
Apple Product Security
- [SECURITY] [DSA 2616-1] nagios3 security update,
Jonathan Wiltshire
- [SECURITY] [DSA 2617-1] samba security update,
Luciano Bello
- [SECURITY] [DSA 2615-1] libupnp4 security update,
Yves-Alexis Perez
- [SECURITY] [DSA 2614-1] libupnp security update,
Yves-Alexis Perez
- DC++ 0.802 and below incorrectly registers URI schemes in Windows,
ullner
- [security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS),
security-alert
- [ MDVSA-2013:006 ] freetype2,
security
- FreeBSD 9.1 ftpd Remote Denial of Service,
max
- Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install,
larry0
- [HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions,
Hafez Kamal
- ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities,
Security Alert
- Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images,
Major Malfunction
- DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability,
DefenseCode
- [security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS),
security-alert
- marc4dasm - Atmel MARC microprocessor disassembler published,
Adam Laurie
- OWASP Zed Attack Proxy 2.0.0,
psiinon
- CFP Observe. Hack. Make.,
Walter Belgers
- Buffalo TeraStation TS-Series multiple vulnerabilities,
Andrea Fabrizi
- [SECURITY] [DSA 2613-1] rails security update,
Thijs Kinkhorst
[Index of Archives]
[Netfilter]
[Security]
[PHP]
[Linux Kernel]
