Bugtraq
[Prev Page][Next Page]
- RE: RDP TLS downgrade, (continued)
- [ MDKSA-2007:099 ] - Updated python packages fix vulnerabilities,
security
- [ MDKSA-2007:098 ] - Updated clamav packages fix vulnerabilities,
security
- [SECURITY] [DSA 1288-1] New pptpd packages fix denial of service,
Moritz Muehlenhoff
- [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation,
security-alert
- [security bulletin] HPSBMA02138 SSRT061184 rev.3 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution,
security-alert
- ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability,
zdi-disclosures
- [USN-458-1] MoinMoin vulnerabilities,
Kees Cook
- rPSA-2007-0094-1 cpio,
rPath Update Announcements
- Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities,
securityresearch
- [ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities,
Raphael Marichez
- ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability,
zdi-disclosures
- [ GLSA 200705-11 ] MySQL: Two Denial of Service vulnerabilities,
Raphael Marichez
- AP Newspower software <=4.0.1 allows remote data manipulation,
gobbles_fo_evar
- [ GLSA 200705-09 ] IPsec-Tools: Denial of Service,
Raphael Marichez
- Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability,
securityresearch
- FLEA-2007-0016-1: kernel,
Foresight Linux Essential Announcement Service
- rPSA-2007-0092-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi,
rPath Update Announcements
- Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities,
securityresearch
- ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability,
zdi-disclosures
- VMSA-2007-0004 Multiple Denial-of-Service issues fixed,
VMware Security team
- WASC Announcement: Distributed Open Proxy Honeypot Project Data Released,
announcements
- [ GLSA 200705-08 ] GIMP: Buffer overflow,
Raphael Marichez
- [ GLSA 200705-07 ] Lighttpd: Two Denials of Service,
Raphael Marichez
- Updated: webMethods Security Advisory: Glue console directory traversal vulnerability,
Jeremy Epstein
- OTRS <= 2.0.x XSS/XSRF,
ciri
- iDefense Security Advisory 05.07.07: Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability,
iDefense Labs
- PHPHtmlLib <= 2.4.0 Remote File Include Exploit,
ilkerkandemir
- american cart 3.* (abs_path) remote file include,
kepledehlah
- phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability,
ilkerkandemir
- fipsCMS v2.1 Remote SQL injection Vulnerability,
ilkerkandemir
- pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability,
ilkerkandemir
- [Reversemode Advisory] VMware Products - GPF Denial of Service,
Reversemode
- [USN-457-1] elinks vulnerability,
Kees Cook
- [SECURITY] [DSA 1287-1] New ldap-account-manager packages fix multiple vulnerabilities,
Noah Meyerhans
- Kayako eSupport v3.00.90 Cross Site Scripting (XSS),
e1c4
- Mini Web Shop v.2 Vulnerable to XSS,
corrado . liotta
- Drake CMS (v0.4.0) - CRLF Injection Vulnerability,
john
- UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability,
john
- [ GLSA 200705-06 ] X.Org X11 library: Multiple integer overflows,
Raphael Marichez
- SunShop (v4) Multiple Vulnerabilities,
john
- Podium CMS - Cookie Manipulation Exploit,
john
- Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies),
sapheal-hack.pl
- Nuked-klaN 1.7.6 Remote Code Execution Exploit,
gmdarkfig
- [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue,
admin
- ACP3 (v4.0b3) - Multiple Vulnerabilities,
john
- XSS in Microsoft SharePoint,
ville . solarius
- NPDS <= 5.10 - Multiple SQL injections,
aeroxteam_PLEASEDONTSPAMUS
- safari's saved password at risk,
poplix
- RunCms <= 1.5.2 debug_show.php sql injection,
retrog
- Remote File Include In Script impex,
RaeD
- PHPSecurityAdmin Remote File Include Exploit,
ilkerkandemir
- Multiple vendors ZOO file decompression infinite loop DoS,
Jean-Sébastien Guay-Leroux
- rPSA-2007-0088-1 xscreensaver,
rPath Update Announcements
- rPSA-2007-0089-1 net-snmp net-snmp-utils,
rPath Update Announcements
- rPSA-2007-0090-1 gimp,
rPath Update Announcements
- rPSA-2007-0085-1 lftp,
rPath Update Announcements
- [security bulletin] HPSBUX01137 SSRT5954 rev.10 - HP-UX Running TCP/IP (IPv4), Remote Unauthorized Denial of Service (DoS),
security-alert
- [security bulletin] HPSBMI02210 SSRT071396 rev.1 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS),
security-alert
- [security bulletin] HPSBTU02116 SSRT061135 rev.3 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS),
security-alert
- Aardvark Topsites PHP Directory Disclosure Vulnerability,
DoZ
- SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability,
ilkerkandemir
- Bradford CampusManager v3.1(6) Sensitive Data Disclosure,
john
- [ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability,
security
- [security bulletin] HPSBTU02179 SSRT061256 rev.1 - HP Tru64 UNIX Running the ps command, Local Disclosure of Sensitive Information,
security-alert
- Medium security hole affecting DSL-G624T,
Tim Brown
- [security bulletin] HPSBPI02185 SSRT071290 rev.2 - HP Jetdirect Running ftp, Remote Denial of Service (DoS),
security-alert
- 12All File Upload Vulnerability,
John McGuire
- TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities,
TSRT
- TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption,
TSRT
- [ MDKSA-2007:096 ] - Updated quagga packages fix DoS vulnerability,
security
- [SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities,
Dann Frazier
- iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability,
iDefense Labs
- Post Nuke v4bJournal Module Sql Inject,
abbasi
- Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances,
Cisco Systems Product Security Incident Response Team
- response Progress: Denial of Service attack against WebSpeed possible,
suresync
- Disable website access for sites running Webspeed,
suresync
- Vulnerability in InterVations' MailCopa,
skillTube.com
- Atomix Mp3 Buffer Overflow,
preth00nker
- [USN-456-1] net-snmp vulnerability,
Kees Cook
- [ MDKSA-2007:095 ] - Updated ktorrent packages fix vulnerability,
security
- [ GLSA 200705-04 ] Apache mod_perl: Denial of Service,
Sune Kloppenborg Jeppesen
- [ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability,
erdc
- Wordpress All versions XSS,
jcarlos . norte
- [ GLSA 200705-05 ] Quagga: Denial of Service,
Sune Kloppenborg Jeppesen
- rPSA-2007-0084-1 kernel,
rPath Update Announcements
- ZDI-07-023: Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability,
zdi-disclosures
- Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability,
no-reply
- [ GLSA 200705-03 ] Tomcat: Information disclosure,
Raphael Marichez
- [ GLSA 200705-01 ] Ktorrent: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200705-02 ] FreeType: User-assisted execution of arbitrary code,
Raphael Marichez
- [SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities,
Noah Meyerhans
- [SECURITY] [DSA 1284-1] New qemu packages fix several vulnerabilities,
Moritz Muehlenhoff
- ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability,
Matousec - Transparent security Research
- iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities,
iDefense Labs
- E-Annu (home.php) Remote SQL Injection Vulnerability,
ilkerkandemir
- [security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges,
security-alert
- iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability,
iDefense Labs
- 3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits.,
v9
- GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability,
crazy_king
- [SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities,
Moritz Muehlenhoff
- please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB",
Simson Garfinkel
- Flaw in about.r OS and Progress version disclosure,
suresync
- Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability,
ilkerkandemir
- Sphider Version 1.2.x (include_dir) file include,
1one1
- [ GLSA 200704-22 ] BEAST: Denial of Service,
Raphael Marichez
- [ GLSA 200704-23 ] capi4k-utils: Buffer overflow,
Raphael Marichez
- AFFLIB(TM): Multiple Shell Metacharacter Injections,
VSR Advisories
- AFFLIB(TM): Multiple Format String Injections,
VSR Advisories
- AFFLIB(TM): Multiple Buffer Overflows,
VSR Advisories
- AFFLIB(TM): Time-of-Check-Time-of-Use File Race,
VSR Advisories
- Security Concerns in Web 2.0,
dharmeshmm
- iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability,
iDefense Labs
- [USN-454-1] PostgreSQL vulnerability,
Martin Pitt
- [USN-455-1] PHP vulnerabilities,
Martin Pitt
- FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6,
FreeBSD Security Advisories
- TSLSA-2007-0015 - postgresql,
Trustix Security Advisor
- iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities,
Moritz Muehlenhoff
- Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability,
dj_remix_20
- SineCMS,
nexus
- modbuild >> 4.1 Remote File Inclusion,
s433d_only_linux
- [CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities,
Williams, James K
- [ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability,
security
- [USN-453-2] rdesktop regression,
Martin Pitt
- [CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability,
Williams, James K
- :doruk100net >> RFI,
alijsb
- ASA-2007-012: Remote Crash Vulnerability in Manager Interface,
Kevin P. Fleming
- IE 7 and Firefox Browsers Digest Authentication Request Splitting,
Stefano Di Paola
- VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include,
s433d_only_linux
- Remote File Inclusion,
s433d_only_linux
- CFP: 3rd European Conference on Computer Network Defense (EC2ND),
Stefano Zanero
- download engine V1.4.1 >> RFI (local),
alijsb
- nucleus 3.22 >> RFI,
alijsb
- ASA-2007-011: Multiple problems in SIP channel parser handling response codes,
Kevin P. Fleming
- ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code,
Kevin P. Fleming
- blogsystem 1.4 >> local & remote = -rfi & lfi & -xss,
info
- comus 2.0 Final >> RFI,
alijsb
- Built2Go_PHP_Link_Portal_v1.79 >> RFI,
alijsb
- Searchactivity >> RFI,
alijsb
- B2 Weblog and News Publishing Tool v0.6.1 >> RFI,
alijsb
- adrevenue script (CyKuH.com)>> RFI,
alijsb
- Shop-Script v 2.0 >> RFI,
alijsb
- sunshop v4 >> RFI,
info
- [SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
- phpMYTGP v v1.4b >> RFI,
alijsb
- netbingo v 2000 >> RFI,
alijsb
- DynaTracker &v151>> RFI,
alijsb
- HTMLeditbox & 2.2 >> RFI,
alijsb
- WordPress v2.1.3 >> remote file include~,
s433d_only_linux
- HYIP Manager Pro Script >> Remote file Include,
alijsb
- MyNewsGroups >> RFI in include.php,
alijsb
- Cisco Security Advisory: Default Passwords in NetFlow Collection Engine,
Cisco Systems Product Security Incident Response Team
- ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities,
zdi-disclosures
- dcp-portal v611 >> RFi,
s433d_only_linux
- 3Com's TippingPoint Denial of Service,
mike20061005
- [SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution,
Moritz Muehlenhoff
- [MajorSecurity Advisory #46]Plogger - Session fixation Issue,
admin
- Progress Webspeed exploit for all releases,
suresync
- [security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access,
security-alert
- Security Advisory: CA CleverPath SQL Injection,
Irene Abezgauz
- ImageProcessing ... Local (Denial of Service Exploit),
Dr . Ninux
- gallery >> 1.5.6 Remote File Inclusion,
s433d_only_linux
- YA Book 0.98 Persistent XSS,
omnipresent
- [ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities,
Matthias Geerdsen
- rPSA-2007-0081-1 postgresql postgresql-server,
rPath Update Announcements
- Post Revolution Remote File Inclusion,
InyeXion
- phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit,
john
- DmCMS Shell Uploading,
security
- acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy,
Mohandko
- [ GLSA 200704-20 ] NAS: Multiple vulnerabilities,
Raphael Marichez
- [ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability,
security
- [security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS),
security-alert
- [ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code,
Raphael Marichez
- [ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability,
security
- TJSChat Version 0.95 Cross Site Scripting,
the_3dit0r
- 3proxy 0.5.3i bugfix release,
Vladimir Dubrovin
- Big Blue Guestbook HTML Injection Vulnerabilities,
seko
- WASC-Articles: 'The business case for security frameworks',
announcements
- bibtex mase Remote File Inclusion,
InyeXion
- Remote file inclusion in Joomla 1.5.0 Beta,
Omid
- [ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code,
Raphael Marichez
- [SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting,
Moritz Muehlenhoff
- c-arbre <= Multiple Remote File Include Vulnerablitiy,
Mohandko
- Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit,
john
- File117 Remote File Inclusion,
InyeXion
- [ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code,
Raphael Marichez
- PHPMyBibli <= Multiple Remote File Include,
Mohandko
- EsForum <= 3.0 SQL Injection Vulnerability,
ilkerkandemir
- lms 1.5.3 Remote File Inclusion,
InyeXion
- claroline <= Multiple Remote File Include Vulnerablitiy,
Mohandko
- [Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation,
Reversemode
- [ GLSA 200704-17 ] 3proxy: Buffer overflow,
Raphael Marichez
- Allfaclassfieds (level2.php dir) remote file inclusion,
asdasd asdsadas
- WS_FTP Home 2007 NetscapeFTPHandler denial of service,
Michal Bucko
- turbolence core 0.0.1 alpha Remote File Inclusion,
omnipresent
- Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org,
seko
- UseBB Version 1.0.4 Path Disclosure Vulnerability,
securityresearch
- iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability,
iDefense Labs
- TSLSA-2007-0013 - multi,
Trustix Security Advisor
- Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org,
seko
- ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability,
zdi-disclosures
- NeatUpload vulnerability and fix,
dean
- [security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022,
security-alert
- [ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability,
security
- [ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities,
security
- [security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
- Yet another SQL injection framework,
Guillermo Marro
- RaidenFTPd IXceedCompression multiple denial of service vulnerabilities,
Michal Bucko
- Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY),
UniquE
- [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20,
come2waraxe
- IPB (Invision Power Board) Full Path Disclusure,
security
- CfP Hack.lu 2007,
info
- [ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities,
security
- [ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities,
security
- [ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities,
security
- [USN-453-1] X.org vulnerability,
Kees Cook
- ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability,
zdi-disclosures
- ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability,
zdi-disclosures
- ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability,
zdi-disclosures
- ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability,
zdi-disclosures
- ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability,
zdi-disclosures
- ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability,
zdi-disclosures
- NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities,
john
- Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day,
Fergie
- [security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017,
security-alert
- Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL,
Team SHATTER
- EclipseBB Remote File Inclusion,
security
- Extreme PHPBB2 Remote File Inclusion,
security
- FullyModdedphpBB2 Remote File Inclusion,
security
- MediaBeez Sql query Execution .. Wear isn't ?? :),
security
- [ GLSA 200704-13 ] File: Denial of Service,
Raphael Marichez
- rPSA-2007-0074-1 dovecot,
rPath Update Announcements
- [ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities,
Raphael Marichez
- rPSA-2007-0073-1 php php-mysql php-pgsql,
rPath Update Announcements
- rPSA-2007-0072-1 lighttpd,
rPath Update Announcements
- iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability,
iDefense Labs
- Analysis of the Oracle April 2007 Critical Patch Update,
David Litchfield
- Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01],
ak
- Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01],
ak
- Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks,
Praburaajan
- Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL,
ak
- iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow,
iDefense Labs
- Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS,
ak
- Advisory: Bypass Oracle Logon Trigger,
ak
- NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections,
programmer
- [ GLSA 200704-14 ] FreeRADIUS: Denial of Service,
Raphael Marichez
- Gizzar <= (basePath) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
- Mambo/Joomla Component New Article Component RFI,
meftun
- Cross Domain XMLHttpRequest,
Michal Majchrowicz
- n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability,
security
- Re: [Full-disclosure] A Botted Fortune 500 a Day,
Steven Adair
- WASC-Articles: 'The Importance of Application Classification in Secure Application Development',
contact
- ShoutPro 1.5.2 - arbitrary code execution,
jd2k2000
- SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass,
research
- BlueArc Firmware 4.2.944b FTP bounce,
Tim Rupp
- Multiple Ask IE Toolbar denial of service vulnerabilities,
Michal Bucko
- [security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS),
security-alert
- webMethods Security Advisory: Glue console directory traversal vu lnerability,
Jeremy Epstein
- my little forum 1.7 Remote File Include Vulnerabilitiy,
the_3dit0r
- my little weblog Cross Site Scripting,
the_3dit0r
- Wabbit PHP Gallery v0.9 Cross Site Scripting,
the_3dit0r
- Remot File Include download_engine_V1.4.3,
RaeD
- Remot File Include In Script phphd_downloads,
RaeD
- PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities,
programmer
- Netsprint Toolbar 1.1 arbitrary remote code vulnerability,
Michal Bucko
- iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability,
iDefense Labs
- [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities,
Raphael Marichez
- [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability,
security
- [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability,
security
- [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability,
security
- Akamai Technologies Security Advisory 2007-0001,
Akamai Security Team
- rPSA-2007-0071-1 kernel,
rPath Update Announcements
- [ GLSA 200704-11 ] Vixie Cron: Denial of Service,
Matthias Geerdsen
- Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit,
seko
- iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability,
iDefense Labs
- Persistent CSRF and The Hotlink Hell,
pdp (architect)
- [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities,
Matthias Geerdsen
- Windows DNS Cache Poisoning by Forwarder DNS Spoofing,
Makoto Shiotsuki
- Microsoft DNS Server Remote Code execution: Analysis and exploit,
mballano
- MyBlog <= 0.9.8 Remote Command Execution Exploit,
BlackHawk
- ActionPoll Script (actionpoll.php) Remote File Include // starhack.org,
seko
- ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability,
Matousec - Transparent security Research
- [MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue,
admin
- Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln.,
crazy_king
- LS simple guestbook - arbitrary code execution,
jd2k2000
- Re: [exploits] RPC vuln in DNS Server (fwd),
Gadi Evron
- [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow,
Raphael Marichez
- Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities,
?? ???? ??????
- Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability,
irvian_yoe
- phpMyChat-0.14.5,
k4rtal
- bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy,
the_3dit0r
- Maian Weblog v3.1,
k4rtal
- Flip-search-add-on 2.0,
k4rtal
- Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities,
the_3dit0r
- MySpeach v1.9,
k4rtal
- B2evolution 1.6 RFi,
k4rtal
- Maian Gallery v1.0,
k4rtal
- Maian Search v1.1,
k4rtal
- FloweRS v2.0 Cross Site Scripting,
the_3dit0r
- MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities,
the_3dit0r
- Back-End CMS Database Tables v0.4.7 Cross Site Scripting,
the_3dit0r
- VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit,
meftun
- bloofoxCMS 0.2.2 Cross Site Scripting,
the_3dit0r
- Vbulletin 3.6.5 Sql Injection ! [misc.php],
seko
- TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability,
TSRT
- [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke,
come2waraxe
- [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue,
admin
- [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed,
Matteo Beccati
- [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed,
Matteo Beccati
- [Argeniss] Hacking Databases for owning your data (paper),
Cesar
- [USN-452-1] KDE library vulnerability,
Kees Cook
- iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability,
iDefense Labs
- Aircrack-ng (airodump-ng) remote buffer overflow vulnerability,
jonny
- FAC GuestBook v2.0 remote database disclosure vulnerability,
the_3dit0r
- Chatness <= 2.5.3 - Arbitrary Code Execution,
jd2k2000
- phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites,
the_3dit0r
- TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy,
the_3dit0r
- [security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege,
security-alert
- Cross site scripting in mephisto 0.7.3,
Hanno Böck
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System,
Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution,
security-alert
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points,
Cisco Systems Product Security Incident Response Team
- [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability,
Matthias Geerdsen
- [security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS),
security-alert
- [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014,
security-alert
- Critical phpwiki c99shell exploit,
rurban
- CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3,
Hanno Böck
- INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows,
infocus
- CVE-2007-1871: Cross site scripting in chcounter 3.1.3,
Hanno Böck
- HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS),
security-alert
- E107 - (v0.7.8) Access Escalation Vulnerbility - PoC,
jd2k2000
- [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities,
security
- [USN-451-1] Linux kernel vulnerabilities,
Kees Cook
- iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities,
iDefense Labs
- [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug,
security
- [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability,
security
- [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
- Steganos Encrypted Safe NOT so safe,
frankrizzo604
- PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory),
gmdarkfig
- PunBB <= 1.2.14 Remote Code Execution (Exploit),
gmdarkfig
- Cosign SSO Authentication Bypass,
Jon Oberheide
- CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability,
john
- [MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue,
admin
- New bug :),
asdasd asdsadas
- pL-PHP beta 0.9 - Multiple Vulnerabilities,
omnipresent
- nEw Bug :D,
asdasd asdsadas
- [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities,
security
- webMethods Glue Management Console Directory Traversal,
Patrick Webster
- [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability,
security
- [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities,
security
- iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability,
iDefense Labs
- PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities,
seko
- Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability,
Secunia Research
- EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation,
eEye Advisories
- EEYE: Windows VDM Zero Page Race Condition Privilege Escalation,
eEye Advisories
- DEF CON One Five CfP in effect!,
The Dark Tangent
- phpGalleryScript 1.0 - File Inclusion Vulnerabilities,
z12xxa
- [USN-450-1] ipsec-tools vulnerability,
Kees Cook
- iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability,
iDefense Labs
- rPSA-2007-0070-1 openoffice.org,
rPath Update Announcements
- xodagallery Remote Code Execution Vulnerability,
the_3dit0r
- Hot Editor v4.0 Local File Inclusion,
liz0
- Mybb Hot Editor Plugin Local File Inclusion,
liz0
- QuizShock 1.6.1 - Cross-Site Scripting Vulnerability,
john
- Request It : Song Request System 1.0b - remote file inclusion,
mail
- DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability,
john
- Remot File Include In Script Lore v1,
RaeD
- phpMyAdmin 2.6.1 Local Cross Site Scripting,
the_3dit0r
- Take Control In Script Jeebles Directory,
RaeD
- Gsylvain35 Portail Web Remote File Include Vulnerabilities,
the_3dit0r
- Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit,
k4rtal
- UBB.threads (<= 6.1.1) SQL Injection Vulnerability,
john
- witshare 0.9 Remote File Include Vulnerabilitiy,
the_3dit0r
- CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit,
ajannhwt
- [MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues,
Securityaudit
- PHP <= 5.2.1 wbmp file handling integer overflow,
Ivan Fratric
- [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200704-06 ] Evince: Stack overflow in included gv code,
Raphael Marichez
- LayerOne 2007 - Speaker Line up Announced,
Layer One
- [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution,
Noah Meyerhans
- AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption,
Piotr Bania
- AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption,
Piotr Bania
- AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero),
Piotr Bania
- livor 2.5 Cross-Site Scripting Vulnerability,
rko . thelegendkiller
- [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue,
Securityaudit
- [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue,
Securityaudit
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability,
zdi-disclosures
- [MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue,
Securityaudit
- phpContact Multiple Remote File Inclusion Vulnerabilities,
rko . thelegendkiller
- ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity,
zdi-disclosures
- ACLS ineffective in SQL-Ledger and LedgerSMB,
Chris Travers
- [security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS),
security-alert
- Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service,
UniquE
- iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability,
iDefense Labs
- Microsoft .NET request filtering bypass vulnerability (BID 20753),
research
- iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability,
iDefense Labs
- [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability,
security
- [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities,
security
- LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589,
Chris Travers
- [ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
- [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates,
VMware Security team
- Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug,
pdp (architect)
- [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities,
security
- Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection,
r00t-balance
- [SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution,
Noah Meyerhans
- Several Windows image viewers vulnerabilities,
Ivan Fratric
- High Risk Vulnerability in OpenOffice,
NGSSoftware Insight Security Research
- rPSA-2007-0062-1 firefox,
rPath Update Announcements
- Mozilla Firefox Insecure Element Stealth Injection Vulnerability,
Michal Majchrowicz
- [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS,
security
- MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy,
the_3dit0r
- MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy,
the_3dit0r
- rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
- phpechocms2 Remote File Include Vulnerabilities,
the_3dit0r
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability,
iDefense Labs
- phpechocms v.2 Cross-Site Scripting Vulnerabilitiy,
the_3dit0r
- Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy,
the_3dit0r
- rPSA-2007-0066-1 kdelibs qt-x11-free,
rPath Update Announcements
- K-CMS v1.0 Remote File Include Vulnerabilities,
the_3dit0r
- rPSA-2007-0067-1 nas,
rPath Update Announcements
- iXon_CMS 0.30 Remote File Include Vulnerabilities,
the_3dit0r
- [USN-448-1] X.org vulnerabilities,
Kees Cook
- Remot File Include In phpexplorator_2_0,
RaeD
- [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues,
Securityaudit
- [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug,
security
- CYBSEC Release: SAP Security - Paper & Tool release,
Mariano Nuñez Di Croce
- rPSA-2007-0064-1 ImageMagick,
rPath Update Announcements
- CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service,
CYBSEC Advisories
- [USN-449-1] krb5 vulnerabilities,
Kees Cook
- CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow,
CYBSEC Advisories
- CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow,
CYBSEC Advisories
- lite-cms-0.2.1 Remote File Include Vulnerabilities,
the_3dit0r
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability,
iDefense Labs
- CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities,
CYBSEC Advisories
- CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure,
CYBSEC Advisories
- rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation,
rPath Update Announcements
- Three New Papers on Oracle Forensics,
David Litchfield
- [ GLSA 200704-03 ] OpenAFS: Privilege escalation,
Raphael Marichez
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability,
iDefense Labs
- [ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug,
security
- [ GLSA 200704-05 ] zziplib: Buffer Overflow,
Raphael Marichez
- Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation,
Jim Hoagland
- [ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities,
Moritz Muehlenhoff
- ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow,
zdi-disclosures
- iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability,
iDefense Labs
- MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956],
Tom Yu
- iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability,
iDefense Labs
- MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216],
Tom Yu
- MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957],
Tom Yu
- Remote File Include In Script stat12,
RaeD
- MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit,
gmdarkfig
- [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue,
SecurityAudit
- Re: Exploiting Microsoft dynamic Dns updates,
Denis Jedig
- TWOVB][ The Week Of Vista Bugs: the truth is out there,
TWOVB Team
- [SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw,
Noah Meyerhans
- iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities,
iDefense Labs
- [ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities,
Sune Kloppenborg Jeppesen
- [CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007,
rd
- iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability,
iDefense Labs
- APOP vulnerability,
Gaëtan LEURENT
- WOVB #01: Bypassing Vista Firewall, Flying over obstructive line,
TWOVB Team
- More information on ZERT patch for ANI 0day,
Gadi Evron
- iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities,
iDefense Labs
- Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability,
mufti . rizal
- Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch),
jamikazu
- 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA,
Andrea "bunker" Purificato
- Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability,
Matousec - Transparent security Research
- DirectAdmin persistant XSS [takeover an Administrator`s account],
Kanedaaa Bohater
- [ GLSA 200703-28 ] CUPS: Denial of Service,
Raphael Marichez
- [security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access,
security-alert
- [ GLSA 200703-27 ] Squid: Denial of Service,
Raphael Marichez
- [SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution,
Noah Meyerhans
- 2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
- MS announces out-of-band patch for ANI 0day,
Gadi Evron
- Remot File Include In Aardvark Topsites PHP 5,
RaeD Hasadya
- Remot File Include In Shop-SCRIPT FREE,
RaeD Hasadya
- Remot File Include In SLAED_CMS_2,
RaeD Hasadya
- PHP-Fusion 'Calendar_Panel' Module show_event.PHP (m_month) SQL Injection Exploit And PoC,
UniquE
- Windows .ANI Stack Overflow Exploit,
devcode29
- On-going Internet Emergency and Domain Names,
Gadi Evron
- CA BrightStor ARCserve Backup Mediasvr.exe vulnerability,
Williams, James K
- TSRT-07-03: America Online SuperBuddy ActiveX Control Code Execution Vulnerability,
TSRT
- Busting The Bluetooth Myth,
Max Moser
- [ GLSA 200703-26 ] file: Integer underflow,
Raphael Marichez
- ANI Zeroday, Third Party Patch,
Marc Maiffret
- [ECHO_ADV_80$2007] Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vulnerability,
erdc
- The Week Of Vista Bugs [TWOVB],
TWOVB Team
- AIX 4.3 lsmcode local root command execution,
pr1nce_empire
- DrakeCMS multiple vulerabilities,
security
- VMSA-2007-0002 VMware ESX security updates,
VMware Security team
- CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability,
M. Shirk
- 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038),
Alexander Sotirov
- Mybb Change Password Vulnerability,
security
- [ MDKSA-2007:073 ] - Updated openoffice.org packages to address vulnerabilities,
security
- [ GLSA 200703-25 ] Ekiga: Format string vulnerability,
Raphael Marichez
- [ MDKSA-2007:072 ] - Updated kdelibs packages to address FTP PASV issue in konqueror,
security
- iDefense Security Advisory 03.29.07: IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability,
iDefense Labs
- [ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities,
security
- AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability,
Justin Seitz
- Windows Live Spaces logged user NetworkSetup.aspx cross site scripting,
paolo . difebbo
- Re: Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability,
acme
- [Full-disclosure] [USN-447-1] KDE library vulnerabilities,
Kees Cook
- Widespread vulnerabilities in Libero.it/Infostrada.it web portals,
rosario . valotta
- Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability,
bithedz
- Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit,
ajannhwt
- Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability,
3APA3A
- rPSA-2007-0061-1 inkscape,
rPath Update Announcements
- Arbitrary Command Execution in DataDomain Administrator Interface,
Elliot Kendall
- [SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
- Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180),
Tim Rees
- Cisco Security Advisory: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability,
iDefense Labs
- ZDI-07-011: IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability,
zdi-disclosures
- iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability,
iDefense Labs
- [Full-Disclosure] Another XSS vulnerability in italian Libero.it,
Matteo G.P. Flora
- Corel Wordperfect Office X3 Stack Overflow,
jonny
- [USN-446-1] NAS vulnerabilities,
Kees Cook
- Bypass phishing protection in Firefox / Opera,
zonafirefox
- [USN-445-1] XMMS vulnerabilities,
Kees Cook
- [USN-444-1] OpenOffice.org vulnerabilities,
Kees Cook
- [USN-443-1] Firefox vulnerability,
Kees Cook
- [SECURITY] [DSA 1273-1] New nas packages fix multiple remote vulnerabilities,
Noah Meyerhans
- Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01,
skillTube.com
- [ MDKSA-2007:070 ] - Updated evolution packages to address vulnerability,
security
- Linux Kernel DCCP Memory Disclosure Vulnerability,
Robert Święcki
- Yahoo! Messenger Auth Bypass Vulnerability,
kishor . tech
- [KDE Security Advisory] KDE ioslave PASV port scanning vulnerability,
Dirk Mueller
- [ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability,
erdc
- [KAPDA::#64] - Flexbb Sql Injection,
alireza hassani
- Metasploit Framework 3.0 RELEASED!,
H D Moore
- Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC,
UniquE
- [ GLSA 200703-24 ] mgv: Stack overflow in included gv code,
Raphael Marichez
- [USN-442-1] Evolution vulnerability,
Kees Cook
- [USN-441-1] Squid vulnerability,
Kees Cook
- Libero.it (italian ISP) XSS vulnerability,
rosario . valotta
- Playstation 3 "Remote Play" Remote DoS Exploit,
mak0b
- PHP 5.2.1 with PECL phpDOC local buffer overflow,
retrog
- Re: [Full-disclosure] XSS at Aon.at, Austrian ISP,
Nikolay Kichukov
- Multiple XSS in IronMail,
Javier Olascoaga
- Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion,
stormhacker
- Mephisto blog is vulnerable to XSS,
Sergey Tikhonov
- Fizzle : Firefox Extension Vulnerability,
CrYpTiC MauleR
- Horde Webmail Multiple HTML Injection vulnerability,
DoZ
- CcCounter 2.0 cross-site scripting vulnerability,
localexploit
- Path Disclosure - Wordpress 2.1.2,
lj
[Index of Archives]
[Netfilter]
[Security]
[PHP]
[Linux Kernel]
