Mail Thread Index
- DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2,
thesinoda
- Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability,
Matthew Leeds
- [ MDKSA-2007:224-3 ] - Updated samba packages fix regressions,
security
- SCARE metrics and tool release,
Pete Herzog
- Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability,
Vincent Archer
- PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script,
research
- PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script,
research
- Re: Aria-Security.net: CoolShot E-Lite POS 1.0,
coolshot
- rPSA-2007-0254-1 idle python,
rPath Update Announcements
- 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer",
Max Moser
- PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method,
research
- QEMU code_gen_buffer overflow POC,
TeLeMan
- rPSA-2007-0255-1 nss_ldap,
rPath Update Announcements
- DC4420 - London DEFCON chapter Christmas Party - 11th December,
Major Malfunction
- Realplayer 11 DOS attack when processing a malformed AU file on MS Vista and XP,
thesinoda
- PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability,
research
- [SECURITY] [DSA 1417-1] New asterisk packages fix SQL injection,
Moritz Muehlenhoff
- PR06-11: BEA Plumtree portal search facility leaks usernames to unauthenticated users,
research
- [SECURITY] [DSA 1418-1] New cacti packages fix SQL injection,
Thijs Kinkhorst
- PR06-09: BEA Plumtree portal full version disclosure vulnerability,
research
- Re: SQL Injection in saphp "showcat.php",
security curmudgeon
- [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps,
AKS aka (0kn0ck)
- sing (debian) vunlerability?,
Milen Rangelov
- Re: SQL Injection in SaphpLesson2.0 "show.php",
security curmudgeon
- Lotfian Brochure and cataloge Script XSS And SQL Injection,
noreply
- McAfee SecurityCenter Privacy Service HTML Execution Vulnerability,
DoZ
- SYMSA-2007-014: SQL Injection Vulnerability in Beehive Forum Software,
research
- [USN-550-1] Cairo vulnerability,
Kees Cook
- Snitz2000 SQL Injection: A user can gain admin level,
admin
- [MacOS X] Insecure eval() in Twitgit and Twitterlex dashboard widgets,
Thomas Roessler
- [USN-551-1] OpenLDAP vulnerabilities,
Jamie Strandboge
- SEC Consult SA-20071204-0 :: SonicWALL Global VPN Client Format String Vulnerability,
Bernhard Mueller
- [USN-549-2] PHP regression,
Kees Cook
- [ MDKSA-2007:235 ] - Updated apache packages fix vulnerabilities,
security
- [ MDKSA-2007:234 ] - Updated vixie-cron packages fix DoS vulnerability,
security
- (Re-post) ATC-08 CFP,
atc08
- The first release of SWFIntruder is out !,
Stefano Di Paola
- Re: [dns-operations] Web Proxy Auto-Discovery (WPAD) Information Disclosure (fwd),
Gadi Evron
- PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection,
research
- [security bulletin] HPSBMA02293 SSRT071494 rev.1 - HP Select Identity, Remote Unauthorized Access,
security-alert
- Re: Powerschool 404 Admin Exposure,
bob
- CORE-2007-1004: VLC Activex Bad Pointer Initialization Vulnerability,
CORE Security Technologies Advisories
- TIBCO Rendezvous Exploitation Video,
IRM Research
- RFI and Multiple XSS in PhpMyChat,
beenudel1986
- [USN-546-2] Firefox regression,
Kees Cook
- rPSA-2007-0257-1 rsync,
rPath Update Announcements
- [USN-552-1] Perl vulnerability,
Kees Cook
- The recent number of unpatched QuickTime flaws is: two,
Juha-Matti Laurio
- [USN-553-1] Mono vulnerability,
Kees Cook
- [ MDKSA-2007:236 ] - Updated openssh packages fix X11 cookie vulnerability,
security
- [ MDKSA-2007:237 ] - Updated openssl packages fix DTLS vulnerability,
security
- Blind Sql-Injection in Joomla 1.5 RC3,
beenudel1986
- Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer",
Michal Bucko
- Opera 9.50 beta and prior remote DoS (freeze),
gynvael
- [ECHO_ADV_86$2007] Mambo/Joomla Component rsgallery <= 2.0 beta 5 (catid) Remote SQL Injection Vulnerability,
erdc
- Sql Injection in wordpress 2.3.1,
beenudel1986
- Advisory: Cross Site Scripting in CiscoWorks,
Liquidmatrix Security Digest
- [SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution,
Martin Schulze
- [ELEYTT] Public Advisory 05-12-2007,
Michal Bucko
- [SECURITY] [DSA 1420-1] New zabbix packages fix privilege escalation,
Thijs Kinkhorst
- Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability,
Cisco Systems Product Security Incident Response Team
- Firefox 2.0.0.11 INPUT Denial Of Service,
azizov
- [ GLSA 200712-02 ] Cacti: SQL injection,
Pierre-Yves Rofes
- SineCMS <= 2.3.4 Calendar SQL Injection 'n something else..,
kingoftheworld92
- [ GLSA 200712-01 ] Hugin: Insecure temporary file creation,
Pierre-Yves Rofes
- ezContents Version 1.4.5 Remote File Disclosure Vulnerability.,
p4imi0
- Aria-Security.Net: PenPals Login and search page SQL Injection,
no-reply
- Avast! AntiVirus TAR Processing Remote Heap Corruption,
Sowhat
- [security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code,
security-alert
- [UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability,
cocoruder
- [SECURITY] [DSA 1421-1] New wesnoth packages fix arbitrary file disclosure,
Martin Schulze
- NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability,
NSFOCUS Security Team
- SQUID-2007:2, Dec 4, 2007,
Adrian Chadd
- Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection,
NetAuctionHelp Support
- HITBSecConf2007 Malaysia Videos Now Available,
Praburaajan
- [XSS] OpenNewsletter v2.5 Multipe XSS Attacks,
bugtraq
- UPDATE: [ GLSA 200711-29 ] Samba: Execution of arbitrary code,
Pierre-Yves Rofes
- [Security Advisorie] OpenNewsletter v2.5 Multipe XSS Attacks,
Sarasa
- [ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow,
security
- [USN-554-1] teTeX and TeX Live vulnerabilities,
Jamie Strandboge
- ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows,
zdi-disclosures
- ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability,
zdi-disclosures
- TCP Port randomization paper,
Fernando Gont
- [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities,
Williams, James K
- Potential SQL injection vulnerability in Apache::AuthCAS,
Matthias Bethke
- [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution,
Steve Kemp
- [ MDKSA-2007:239 ] - Updated heimdal packages fix potential vulnerability,
security
- Re: RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability,
security curmudgeon
- Re: Friend Script 2.5 - 2.4 Remote File İnclude,
security curmudgeon
- rPSA-2007-0260-1 firefox,
rPath Update Announcements
- Re: BellaBiblio Admin Login Bypass,
security curmudgeon
- [ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS,
ISecAuditors Security Advisories
- Re: Phorm v3.0 Remote File Upload Vulnerability,
security curmudgeon
- R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities,
advisory
- [SECURITY] [DSA 1423-1] New sitebar packages fix several vulnerabilities,
Steve Kemp
- Kvaliitti WebDoc 3.0 CMS SQL Injection vulnerability,
jaakkoNOSPAM
- [ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw,
security
- Two vulnerabilities in Simple HTTPD 1.38,
Luigi Auriemma
- Limited upload directory traversal in HTTP File Server 2.2a / 2.3 beta (build #146),
Luigi Auriemma
- Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699,
Luigi Auriemma
- Upload directory traversal in Easy File Sharing 4.5,
Luigi Auriemma
- Nullsoft Winamp MP4 tags Stack Overflow,
gforce
- [SECURITY] [DSA 1425-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- Windows media player 6.4 MP4 Stack Overflow 0-day,
gforce
- [USN-555-1] e2fsprogs vulnerability,
Kees Cook
- Media Player Classic 6.4.9 MP4 Stack Overflow 0-day,
gforce
- [SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities,
Moritz Muehlenhoff
- Lotfian.com DATABASE DRIVEN TRAVEL SITE Multiple SQL Injection,
no-reply
- webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability,
brainheadbrainhead
- [ GLSA 200712-09 ] Ruby-GNOME2: Format string error,
Pierre-Yves Rofes
- Call for Papers - Security and High Performance Computing System 2008,
shpcs08
- Two vulnerabilities in SquirrelMail GPG plugin,
Tomas Kuliavas
- The Cookie Tools v0.3 -- first public release,
michele dallachiesa
- Unsanitized scripting in RoundCube webmail,
Tomas Kuliavas
- CVE-2007-6205,
Hanno Böck
- Flat PHP Board <= 1.2 Multiple Vulnerabilities,
kingoftheworld92
- Bitweaver XSS & SQL Injection Vulnerability,
DoZ
- Security and hacking papers,
Ork
- [ GLSA 200712-03 ] GNU Emacs: Multiple vulnerabilities,
Pierre-Yves Rofes
- bttlxeForum Multiple SQL Injection And Cross Site Scripting,
noreply
- [ GLSA 200712-06 ] Firebird: Multiple buffer overflows,
Pierre-Yves Rofes
- [ GLSA 200712-04 ] Cairo: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- [ GLSA 200712-05 ] PEAR::MDB2: Information disclosure,
Pierre-Yves Rofes
- Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability,
Secunia Research
- SQL injection - GestDownV1.00Beta,
bebe
- [ GLSA 200712-08 ] AMD64 x86 emulation Qt library: Multiple vulnerabilities,
Pierre-Yves Rofes
- squids ICAP implementation lacks a defer check when reading from ICAP server,
Martin Huter
- Falt4 CMS Security Report/Advisory,
Mesut Timur
- [ GLSA 200712-07 ] Lookup: Insecure temporary file creation,
Pierre-Yves Rofes
- Advisory: Websense XSS Vulnerability,
Liquidmatrix Security Digest
- [SECURITY] Buffer overrun in send_mailslot(),
Gerald (Jerry) Carter
- Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) and vulnerable bz2lib (CAN-2005-0758 & CAN-2005-0953),
Stefan Kanthak
- rPSA-2007-0261-1 samba samba-swat,
rPath Update Announcements
- WordPress Charset SQL injection vulnerability (re-resend),
Abel Cheung
- Multiple vulnerabilities in BarracudaDrive 3.7.2,
Luigi Auriemma
- Multiple vulnerabilities in BadBlue 2.72b,
Luigi Auriemma
- Filesystem access in DOSBox 0.72,
Luigi Auriemma
- [USN-550-2] Cairo regression,
Kees Cook
- [SECURITY] [DSA 1427-1] New samba packages fix arbitrary code execution,
Moritz Muehlenhoff
- Dell / Dell Financial Services - Contact,
Justin@InfoTek
- WASC Announcement: The Script Mapping Project Results and Call for Participation,
announcements
- ZDI-07-072: Novell Netmail AntiVirus Agent Multiple Overflow Vulnerabilities,
zdi-disclosures
- [ GLSA 200712-10 ] Samba: Execution of arbitrary code,
Pierre-Yves Rofes
- [ MDKSA-2007:242 ] - Updated e2fsprogs packages fix vulnerability,
security
- [ MDKSA-2007:243 ] - Updated MySQL packages fix multiple vulnerabilities,
security
- [SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- [ MDKSA-2007:241 ] - Updated tomcat5 packages fix multiple vulnerabilities,
security
- rPSA-2007-0262-1 e2fsprogs,
rPath Update Announcements
- SupportSuite 3.11.01~ Multiple file ~ PHP SELF XSS,
imei Addmimistrator
- PGMfuzz - a tool for testing Pragmatic General Multicast protocol implementations,
IRM Research
- HP notebooks remote code execution vulnerability (multiple series),
porkythepig
- Black Hat Briefings Call for Papers,
jmoss
- Meridian Prolog Manager Username and Plain Text Password Disclosure,
Prolog Error
- ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability,
zdi-disclosures
- ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption,
zdi-disclosures
- [SECURITY] [DSA 1429-1] New htdig packages fix cross site scripting,
Steve Kemp
- ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability,
zdi-disclosures
- ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability,
zdi-disclosures
- [SECURITY] [DSA 1430-1] New libnss-ldap packages fix denial of service,
Steve Kemp
- [SECURITY] [DSA 1431-1] New ruby-gnome2 packages fix execution of arbitrary code,
Steve Kemp
- [ MDKSA-2007:244 ] - Updated samba packages fix vulnerability,
security
- [SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- Cpanel Vulnerability?,
Francisco Pecorella
- MS Office 2007: Digital Signature does not protect Meta-Data,
poehls
- iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability,
iDefense Labs
- rPSA-2007-0264-1 mod_dav_svn subversion,
rPath Update Announcements
- iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability,
iDefense Labs
- QK SMTP Server 3 - Denial of service,
jplopezy
- Hosting Controller - Multiple Security Bugs (Extremely Critical),
admin
- [security bulletin] HPSBUX02296 SSRT071504 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code,
security-alert
- OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents,
poehls
- [security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS),
security-alert
- SQL MKPortal M1.1 Rc1,
Sw33t . h4cK3r
- Fwd: Websense 6.3.1 Filtering Bypass,
The Security Community
- MS Office 2007: Target of Hyperlinks not covered by Digital Signatures,
poehls
- [USN-550-3] Cairo regression,
Kees Cook
- SECURITY: 1.4.12 Package Compromise,
Jon Angliss
- [ GLSA 200712-11 ] Portage: Information disclosure,
Pierre-Yves Rofes
- [ GLSA 200712-12 ] IRC Services: Denial of Service,
Pierre-Yves Rofes
- [ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote denial of service,
security
- + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338,
swhite
- Re: AW: MS Office 2007: Digital Signature does not protect Meta-Data,
webmaster@xxxxxxxxxxxxxxxxxx
- PHP MySQL Banner Exchange 2.2.1 remote mysql database bug,
arsalan1991
- HPSBUX02296 SSRT071504 rev.2 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code,
security-alert
- [ISR] - Novell Groupwise client remote stack overflow silently patched.,
ISR-noreply
- [ MDKSA-2007:246 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- ANNOUNCE: SquirrelMail 1.4.13 Released,
Jon Angliss
- POC for samba send_mailslot(),
x 86
- Phpay - Local File Inclusion,
th3 . r00k . nospam
- [security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access,
security-alert
- Anon Proxy Server - Remote Code Execution,
th3 . r00k . nospam
- Oreon/Centreon - Multiple Remote File Inclusion,
th3 . r00k . nospam
- PHP RPG - Sql Injection and Session Information Disclosure.,
th3 . r00k . nospam
- Wordpress - Broken Access Control,
th3 . r00k . nospam
- ClubHack2007: Presentation are online now,
`ClubHack `
- neuron news1.0 Multiple Remote Vulnerabilities (sql injection/xss),
hadihadi_zedehal_2006
- ZSA-2007-029: syslog-ng Denial of Service,
Balazs Scheidler
- PHP Security Framework: Vuln and Security Bypass,
gmdarkfig
- jetAudio 7.0.5 COWON Media Center MP4 Stack Overflow,
gforce
- [SECURITY] [DSA 1432-1] New link-grammar packages fix execution of code,
Steve Kemp
- [SECURITY] [DSA 1433-1] New centericq packages fix execution of code,
Steve Kemp
- [SECURITY] [DSA 1434-1] New mydns packages fix denial of service,
Thijs Kinkhorst
- release uhooker v1.3,
Hernan Ochoa
- Heap overflow in PeerCast 0.1217,
Luigi Auriemma
- rPSA-2007-0266-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi,
rPath Update Announcements
- RaidenHTTPD 2.0.19 ulang cmd exec poc exploit,
retrog
- SurgeMail v.38k4 webmail Host header crash,
retrog
- Uber Uploader <= 5.3.6 Remote File Upload Vulnerability,
sys-project
- Apple OS X Software Update Remote Command Execution,
Moritz Jodeit
- rPSA-2007-0268-1 kdebase,
rPath Update Announcements
- Rosoft Media Player 4.1.7 crash,
jplopezy
- ZDI-07-078: St. Bernard Open File Manager Heap Overflow Vulnerability,
zdi-disclosures
- Multiple xss in mambo 4.6.2,
beenudel1986
- ZDI-07-079: Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability,
zdi-disclosures
- SyScan'08 Call For Paper/Training,
organiser@xxxxxxxxxx
- ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability,
zdi-disclosures
- [security bulletin] HPSBST02299 SSRT071506 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-063 to MS07-069,
security-alert
- [USN-556-1] Samba vulnerability,
Kees Cook
- iDefense Security Advisory 12.18.07: ClamAV libclamav MEW PE File Integer Overflow Vulnerability,
iDefense Labs
- rPSA-2007-0269-1 kernel,
rPath Update Announcements
- iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability,
iDefense Labs
- Tiger Team: New TV series about pen testers airing on CourtTV Dec 25 11 pm,
blackredyellow
- AST-2007-027 - Database matching order permits host-based authentication to be ignored,
Security Officer
- Google Toolbar Dialog Spoofing Vulnerability,
avivra
- [ GLSA 200712-13 ] E2fsprogs: Multiple buffer overflows,
Robert Buchholz
- [ GLSA 200712-14 ] CUPS: Multiple vulnerabilities,
Robert Buchholz
- [USN-557-1] GD library vulnerability,
Jamie Strandboge
- smbfs and apache+php source code disclosure,
Maciej Gąsiorowski
- Cisco Security Advisory: Application Inspection Vulnerability in Cisco Firewall Services Module,
Cisco Systems Product Security Incident Response Team
- SYMSA-2007-015,
research
- Array overflow in id3lib (devel CVS),
Luigi Auriemma
- [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
- HP laptops Software Update tool vulnerability,
porkythepig
- xeCMS 1.x.x Remote File Disclosure Vulnerability.,
p4imi0
- Black Hat Briefings Call for Papers and Happy Happy Joy Joy,
jmoss
- Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability,
mj
- iSupport v1.8 Local file include vulnerability,
ahcrew
- [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection,
The-0utl4w-noreply
- [security bulletin] HPSBTU02300 SSRT071452 rev.1 - HP Tru64 UNIX running FFM, Local Denial of Service (Dos),
security-alert
- [security bulletin] HPSBUX02295 SSRT071333 rev.1 - HP-UX Running rpc.yppasswdd, Remote Denial of Service (DoS),
security-alert
- SiteScape Forum TCL injection,
lolo lolo
- [security bulletin] HPSBUX02284 SSRT071483 rev.4 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access,
security-alert
- PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability,
sys-project
- Re: Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability,
antonio
- [SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- Re: Design flaw in AS3 socket handling allows port probing,
fukami
- CFP CISIS '08,
hjan
- [USN-559-1] MySQL vulnerabilities,
Jamie Strandboge
- Moodle SQL Injection,
root
- Cryptome: NSA has real-time access to Hushmail servers,
Juha-Matti Laurio
- Buffer-overflow in WinUAE 1.4.4,
Luigi Auriemma
- [CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability,
Williams, James K
- HPSBGN2301 SSRT071508 rev.1 - HP Software Update Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access,
security-alert
- Word 2003 denial of service,
jplopezy
- America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution,
evanchik
- Microsoft Office Publisher,
jplopezy
- My Blog Rfi,
beenudel1986
- [HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities,
DoZ
- pdflib long filename multiple bufferoverflows,
poplix
- Logaholic Web Analytics Software,
malibu . r
- [CVE-2007-5342] Apache Tomcat's default security policy is too open,
Mark Thomas
- [ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack,
ISecAuditors Security Advisories
- Tikiwiki 1.9.8.3 tiki-special_chars.php XSS Vulnerability,
Mesut Timur
- [waraxe-2007-SA#060] - Sensitive info disclosure in CuteNews <= 1.4.5,
come2waraxe
- PHP <= 5.2.5 Safe Mode Bypass,
admin
- Jupiter Cms Multiple Vulnerabilities,
admin
- Buffer-overflow and format string in VideoLAN VLC 0.8.6d,
Luigi Auriemma
- SimpleForum <= 4.6.2 - Cross-Site Scripting Vulnerability,
sys-project
- Update: Clients buffer-overflow in Live for Speed 0.5X10,
Luigi Auriemma
- Double directory traversal in ImgSvr 0.6.21,
Luigi Auriemma
- Unicode buffer-overflow in Zoom Player 6.00b2,
Luigi Auriemma
- Multiple vulnerabilities in RUNCMS 1.6 by DSecRG,
Digital Security Research Group
- TotalPlayer 3.0 .m3u crash,
david130490
- Confixx Professional RFİ,
erne
- [SECURITY] [DSA 1437-1] New cupsys packages fix several vulnerabilities,
Moritz Muehlenhoff
- Bid 24744 ?,
balrog
- Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection,
sys-project
- XZero Community Classifieds <= v4.95.11 LFI & SQL Injection,
office
- IPortalX Forums Cross-Site Scripting Vulnerability,
DoZ
- [security bulletin] HPSBGN02298 SSRT071502 rev.2 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access,
security-alert
- Latest round of web hacking incidents for 2007 & Project news,
Ofer Shezaf
- PHP -> set_time_limit,
brancohat
- Multiple vulnerabilities in Feng 0.1.15,
Luigi Auriemma
- Multiple vulnerabilities in libnemesi 0.6.4-rc1,
Luigi Auriemma
- Buffer-overflow in Extended Module Player 2.5.1,
Luigi Auriemma
- OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities,
Juan Galiana
- FAQMasterFlexPlus multiple vulnerabilities,
Juan Galiana
- 2z-project 0.9.6.1 Multiple Security Vulnerabilities,
Digital Security Research Group [DSecRG]
- [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities,
Florian Weimer
- [SECURITY] [DSA 1405-3] New zope-cmfplone packages fix regression,
Thijs Kinkhorst
- [SECURITY] [DSA 1439-1] New typo3-src packages fix SQL injection,
Thijs Kinkhorst
- [SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary code execution,
Moritz Muehlenhoff
- [SECURITY] [DSA 1441-1] New peercast packages fix arbitrary code execution,
Thijs Kinkhorst
- Buffer-overflow in CoolPlayer 217,
Luigi Auriemma
- [SECURITY] [DSA 1442-2] New libsndfile packages fix arbitrary code execution,
Moritz Muehlenhoff
- [ GLSA 200712-15 ] libexif: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200712-16 ] Exiv2: Integer overflow,
Pierre-Yves Rofes
- [ GLSA 200712-17 ] exiftags: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200712-18 ] Multi-Threaded DAAP Daemon: Multiple vulnerabilities,
Robert Buchholz
- [ GLSA 200712-19 ] Syslog-ng: Denial of Service,
Robert Buchholz
- [ GLSA 200712-20 ] ClamAV: Multiple vulnerabilities,
Robert Buchholz
- [ GLSA 200712-21 ] Mozilla Firefox, SeaMonkey: Multiple vulnerabilities,
Robert Buchholz
- TK53 Advisory #2: Multiple vulnerabilities in ClamAV,
Lolek of TK53
- CuteNews Arbitrary File Download AllVersion,
pawel2827
- CCMS v3.1 Demo <= SQL Injection Vulnerability 0day,
pawel2827
Mail converted by MHonArc