Mail Index

• Thread Index

• MULTIPLE REMOTE VULNERABILITIES--Leap CMS 0.1.4-->
  • From: y3nh4ck3r
• Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit
  • From: secure
• Addonics NAS Adapter FTP Remote Denial of Service
  • From: mcyr2
• [ MDVSA-2009:103 ] udev
  • From: security
• Durzosploit v0.1 alpha
  • From: Benjilenoob
• Re: Security tools list: First Version
  • From: Ulises2k
• BLIND SQL INJECTION--Leap CMS 0.1.4-->
  • From: y3nh4ck3r
• [ MDVSA-2009:104 ] udev
  • From: security
• [SECURITY] [DSA 1784-1] New freetype packages fix arbitrary code execution
  • From: Nico Golde
• New WebApp security paper: Anti-fraud Image Solutions
  • From: WebAppSec
• [ MDVSA-2009:102 ] apache
  • From: security
• MULTIPLE SQL INJECTION VULNERABILITIES --MiniTwitter v0.2-Beta-->
  • From: y3nh4ck3r
• USER OPTIONS CHANGER EXPLOIT --MiniTwitter v0.2-Beta+->
  • From: y3nh4ck3r
• multiple vendor - PF NULL pointer dereference
  • From: rembrandt
• BH USA CFP closing next Tuesday
  • From: jmoss
• CA20090429-01: CA ARCserve Backup Apache HTTP Server Multiple Vulnerabilities
  • From: Williams, James K
• Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit
  • From: Nick FitzGerald
• [SECURITY] [DSA 1785-1] New wireshark packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)
  • From: Thierry Zoller
• about inactive account hijacking
  • From: innate
• [SECURITY] [DSA 1786-1] New acpid packages fix denial of service
  • From: Steffen Joeris
• [ GLSA 200905-01 ] Asterisk: Multiple vulnerabilities
  • From: Robert Buchholz
• Coppermine Photo Gallery 1.4.21 Cross-Site Scripting
  • From: darkz . gsa
• [SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities
  • From: dann frazier
• Call for Papers Hack.lu 2009
  • From: hack.lu 2009 info
• “Cross-Site Scripting” vulnerability in MyBB 1.4.5
  • From: Jacques Copeau
• Secunia Research: IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows
  • From: Secunia Research
• [SecNiche WhitePaper ] - PDF Silent HTTP Form Repurposing Attacks
  • From: Aditya K Sood
• Grabit <= 1.7.2 beta 3 NZB file parsing stack overflow
  • From: Niels Teusink
• [ MDVSA-2009:105 ] memcached
  • From: security
• [USN-769-1] libwmf vulnerability
  • From: Marc Deslauriers
• MULTPLE REMOTE VULNERABILITIES --ProjectCMS v-1.1 Beta-->
  • From: y3nh4ck3r
• [security bulletin] HPSBMA02425 SSRT080091 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
  • From: security-alert
• [security bulletin] HPSBMA02374 SSRT080046 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
  • From: security-alert
• LayerOne 2009 - Final Announcement
  • From: LayerOne Call For Papers
• [SECURITY] [DSA 1787-1] New quagga packages fix denial of service
  • From: Florian Weimer
• [SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities
  • From: Thijs Kinkhorst
• [RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View
  • From: RedTeam Pentesting GmbH
• [RT-SA-2009-004] IceWarp WebMail Server: Client-Side Specification of "Forgot Password" eMail Content
  • From: RedTeam Pentesting GmbH
• [RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader
  • From: RedTeam Pentesting GmbH
• [USN-770-1] ClamAV vulnerability
  • From: Jamie Strandboge
• [RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component
  • From: RedTeam Pentesting GmbH
• [DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies
  • From: Digital Security Research Group [DSecRG]
• [DSECRG-09-038] Sun Glassfish Woodstock Project - Linked XSS Vulnerability
  • From: Digital Security Research Group [DSecRG]
• CONFidence 2009 trainings
  • From: andrzej . targosz
• MULTIPLE REMOTE VULNERABILITIES--TemaTres 1.0.3-->
  • From: y3nh4ck3r
• BLIND SQL INJECTION EXPLOIT--TemaTres 1.0.3-->
  • From: y3nh4ck3r
• [SECURITY] [DSA 1790-1] New xpdf packages fix multiple vulnerabilities
  • From: Noah Meyerhans
• [security bulletin] HPSBMA02419 SSRT090060 rev.1 - Insight Control Suite For Linux (ICE-LX) Multiple Remote Vulnerabilities In Nagios
  • From: security-alert
• [ MDVSA-2009:106 ] libwmf
  • From: security
• New Browser Security Paper: Why Silent Updates Boost Security
  • From: Stefan Frei
• [SECURITY] [DSA 1791-1] New moin packages fix cross-site scripting
  • From: Steffen Joeris
• [SECURITY] [DSA 1792-1] New drupal6 packages fix multiple vulnerabilities
  • From: Noah Meyerhans
• [SECURITY] [DSA 1793-1] New kdegraphics packages fix multiple vulnerabilities
  • From: Noah Meyerhans
• Persistent XSS in Kayako Support Suite
  • From: pen-test
• EUSecWest 2009 (May27/28) London Agenda and PacSec 2009 (Nov 4/5) Tokyo CFP deadline: June 1 2009
  • From: Dragos Ruiu
• [SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities
  • From: dann frazier
• [SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution
  • From: Devin Carraway
• Secunia Research: Garmin Communicator Plug-In Domain Locking Security Bypass
  • From: Secunia Research
• Update: [TZO-15-2009] Aladdin eSafe generic bypass - Forced release
  • From: Thierry Zoller
• [ MDVSA-2009:107 ] acpid
  • From: security
• SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha-->
  • From: y3nh4ck3r
• [ MDVSA-2009:108 ] zsh
  • From: security
• [oCERT-2009-001] Pango integer overflow in heap allocation size calculations
  • From: Will Drewry
• [USN-771-1] libmodplug vulnerabilities
  • From: Marc Deslauriers
• [USN-772-1] MPFR vulnerability
  • From: Marc Deslauriers
• [USN-773-1] Pango vulnerability
  • From: Marc Deslauriers
• [SECURITY] [DSA 1796-1] New libwmf packages fix denial of service
  • From: Nico Golde
• [TOOL] moth - vulnerable web application vmware
  • From: Andres Riancho
• Re: [WEB SECURITY] [TOOL] moth - vulnerable web application vmware
  • From: romain
• Claroline v.1.8.11 Cross-Site Scripting
  • From: darkz . gsa
• [security bulletin] HPSBUX02366 SSRT080120 rev.2 - HPUX Running useradd(1M), Local Unauthorized Access
  • From: security-alert
• BLIND SQL INJECTION exploit (GET var 'AlbumID')--RTWebalbum 1.0.462-->
  • From: y3nh4ck3r
• Vpopmail/QmailAdmin User's Quota Multiple Integer Overflows
  • From: Jacobo Avariento Gimeno
• [TZO-20-2009] AVG ZIP evasion / bypass
  • From: Thierry Zoller
• Universal XSS in all Google Services
  • From: Inferno
• speaker Bill Blunden on Rootkits...
  • From: Alex Keller
• [SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• Changes : [TZO-17-2009]Trendmicro multiple bypass/evasions
  • From: Thierry Zoller
• [TZO-21-2009] Fprot CAB bypass / evasion
  • From: Thierry Zoller
• TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit
  • From: travesti
• [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution
  • From: Steffen Joeris
• Insufficient Authentication vulnerability in Acer notebooks
  • From: MustLive
• [ MDVSA-2009:109 ] quagga
  • From: security
• [Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability
  • From: Bkis
• RE: Insufficient Authentication vulnerability in Acer notebooks
  • From: David Sánchez Martín
• Advisory - Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing
  • From: Aditya K Sood
• Five days left to find the oldest data loss incident
  • From: Juha-Matti Laurio
• Re: TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit
  • From: michael
• [USN-774-1] MoinMoin vulnerability
  • From: Marc Deslauriers
• [oCERT-2009-004] AjaxTerm session id collision
  • From: Andrea Barisani
• (POST var 'rating') BLIND SQL INJECTION--microTopic v1 Initial Release-->
  • From: y3nh4ck3r
• Re: Five days left to find the oldest data loss incident
  • From: Dragos Ruiu
• [security bulletin] HPSBMA02349 SSRT080043 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data
  • From: security-alert
• [security bulletin] HPSBMA02348 SSRT080033 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
  • From: security-alert
• [SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit
  • From: nospam
• xcon2009 is coming
  • From: bugdigger
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: dpo5003
• Security Advisory: Banks in Australia
  • From: militan . c7
• Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities
  • From: Felipe M. Aragon
• Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
  • From: Inferno
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: Øystein Larsen
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: Garrett M. Groff
• The security tools list, new version with more than 200 new tools!
  • From: Ying
• Re: Universal XSS in all Google Services
  • From: Nam Nguyen
• FormMail 1.92 Multiple Vulnerabilities
  • From: ascii
• Sun IDM Arbitrary Commands Execution Vulnerability
  • From: abb@xxxxxxxxx
• Re: Five days left to find the oldest data loss incident
  • From: Elazar Broad
• CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities [Updated]
  • From: Williams, James K
• User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5-->
  • From: y3nh4ck3r
• Secunia Research: Microsoft PowerPoint Atom Parsing Buffer Overflows
  • From: Secunia Research
• Re: The security tools list, new version with more than 200 new tools!
  • From: Stephen Mullins
• ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability
  • From: ZDI Disclosures
• ZDI-09-020: Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability
  • From: ZDI Disclosures
• Re: The security tools list, new version with more than 200 new tools!
  • From: Ying
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Buffer Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Heap Corruption Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT 4.0 Importer Multiple Stack Buffer Overflow Vulnerabilities
  • From: iDefense Labs
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities
  • From: iDefense Labs
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Overflow
  • From: iDefense Labs
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities
  • From: iDefense Labs
• [USN-775-1] Quagga vulnerability
  • From: Kees Cook
• [USN-776-1] KVM vulnerabilities
  • From: Kees Cook
• [ MDVSA-2009:111 ] firefox
  • From: security
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint Integer Overflow Vulnerability
  • From: iDefense Labs
• [ MDVSA-2009:111-1 ] firefox
  • From: security
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint Build List Memory Corruption Vulnerability
  • From: iDefense Labs
• [ MDVSA-2009:110 ] squirrelmail
  • From: security
• [USN-776-2] KVM regression
  • From: Marc Deslauriers
• iDefense Security Advisory 05.12.09: Microsoft PowerPoint Notes Container Heap Corruption Vulnerability
  • From: iDefense Labs
• Re: FormMail 1.92 Multiple Vulnerabilities
  • From: David Cantrell
• Re: The security tools list, new version with more than 200 new tools!
  • From: Ying
• Re: FormMail 1.92 Multiple Vulnerabilities
  • From: ascii
• maxcms2.0 creat new admin exploit
  • From: info
• Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal vulnerability poc
  • From: ipsdix
• (GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 -->
  • From: y3nh4ck3r
• [ MDVSA-2009:112 ] ipsec-tools
  • From: security
• Insufficient Authentication vulnerability in Asus notebook
  • From: MustLive
• Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->
  • From: robi
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Jeremy Brown
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Susan Bradley
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Mike Vasquez
• [security bulletin] HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code
  • From: security-alert
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Bob Fiero
• iDefense Security Advisory 05.14.09: Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeitem Index Validation Vulnerability
  • From: iDefense Labs
• RE: Insufficient Authentication vulnerability in Asus notebook
  • From: Mike Wilson
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: nameless
• Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->
  • From: Tomas Kuliavas
• MULTIPLE CODE INJECTION VULNERABILITIES --TUENTI--SPAIN-->
  • From: y3nh4ck3r
• MULTIPLE SQL INJECTION VULNERABILITIES --Shutter v-0.1.1-->
  • From: y3nh4ck3r
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Michael Scheidell
• Re: Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->
  • From: y3nh4ck3r
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: KF (lists)
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Ansgar Wiechers
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Susan Bradley
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Susan Bradley
• RE: Insufficient Authentication vulnerability in Asus notebook
  • From: Mike Wilson
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Daniel Hazelton
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: nameless
• RE: Insufficient Authentication vulnerability in Asus notebook
  • From: Steve Quan
• eggdrop/windrop remote crash vulnerability
  • From: Thomas Sader
• [SECURITY] [DSA 1802-1] New squirrelmail packages fix several vulnerabilities
  • From: Thijs Kinkhorst
• (GET var 'id') BLIND SQL INJECTION EXPLOIT --Dog Pedigree Online Database v1.0.1-Beta -->
  • From: y3nh4ck3r
• INSECURE COOKIE HANDLING VULNERABILITIES --Dog Pedigree Online Database v1.0.1-Beta-->
  • From: y3nh4ck3r
• [SECURITY] [DSA 1801-1] New ntp packages fix several vulnerabilities
  • From: Thijs Kinkhorst
• HTTP Parameter Pollution
  • From: Luca.carettoni
• [ MDVSA-2009:117 ] ntp
  • From: security
• Re: POC & exploit for Apache mod_rewrite off-by-one
  • From: arulvadivel1
• Namad Cms Remote File Download
  • From: info
• [security bulletin] HPSBMA02428 SSRT090048 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
  • From: security-alert
• [TZO-23-2009] Avira antivir generic evasion of heuristics (for PDF)
  • From: Thierry Zoller
• [ MDVSA-2009:118 ] kernel
  • From: security
• [TZO-22-2009] Bitdefender generic evasion of heuristics (for PDF)
  • From: Thierry Zoller
• [ MDVSA-2009:116 ] gnutls
  • From: security
• rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server
  • From: rPath Update Announcements
• ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability
  • From: ZDI Disclosures
• [ MDVSA-2009:115 ] phpMyAdmin
  • From: security
• [ MDVSA-2009:114 ] ipsec-tools
  • From: security
• Conference on Cyber Warfare: registration open!
  • From: kgconference
• PAPER: Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case)
  • From: Piotr Bania
• ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
  • From: ZDI Disclosures
• [ MDVSA-2009:113 ] cyrus-sasl
  • From: security
• BugCON '09 has swine influenza!!
  • From: Carlos Augusto
• NetDecision TFTP Server 4.2 TFTP Directory Traversal
  • From: vuln_research
• [TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow
  • From: Tobias Klein
• WinAppDbg module v1.1 is out!
  • From: Mario Alejandro Vilas Jerez
• rPSA-2009-0084-1 kernel
  • From: rPath Update Announcements
• Fwd: [Full-disclosure] IIS6 + webdav and unicode rides again in 2009
  • From: Thierry Zoller
• n.runs-SA-2009.001 - OS X CFNetwork advisory
  • From: security
• [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access
  • From: security-alert
• [security bulletin] HPSBMA02427 SSRT090069 rev.1 - HP Remote Graphics Software (RGS) Sender Running Easy Login, Remote Unauthorized Access
  • From: security-alert
• MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2-->
  • From: y3nh4ck3r
• MULTIPLE REMOTE VULNERABILITIES --my-Gesuad 0.9.14-->
  • From: y3nh4ck3r
• [SECURITY] [DSA 1800-1] New Linux 2.6.26 packages fix several vulnerabilities
  • From: dann frazier
• iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Integer Overflow Vulnerabilities
  • From: iDefense Labs
• iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Integer Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Buffer Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Spreadsheet Buffer Overflow Vulnerabilities
  • From: iDefense Labs
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: MustLive
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Bob Fiero
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Susan Bradley
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Ansgar Wiechers
• RE: Insufficient Authentication vulnerability in Asus notebook
  • From: Jim Harrison
• Re: Insufficient Authentication vulnerability in Asus notebook
  • From: Just1n T1mberlake
• [ MDVSA-2009:119 ] kernel
  • From: security
• Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 1803-1] New nsd packages fix denial of service
  • From: Thijs Kinkhorst
• [SECURITY] [DSA 1804-1] New ipsec-tools packages fix denial of service
  • From: Nico Golde
• Shakacon Security Conference - Trainers and Speakers Finalized
  • From: Shakacon
• [USN-777-1] Ntp vulnerabilities
  • From: Jamie Strandboge
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: Susan Bradley
• DMXReady Registration Manager Arbitrary File Upload Vulnerability
  • From: info
• Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities.
  • From: publists
• Re: [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access
  • From: Steve Shockley
• CORE-2009-0109 - Multiple XSS in Sun Communications Express
  • From: CORE Security Technologies Advisories
• [security bulletin] HPSBPI02398 SSRT080166 rev.3 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
  • From: security-alert
• (GET vars 'x' & 'y') ADMIN FUNCTION EXECUTION--Jorp v-1.3.05.09-->
  • From: y3nh4ck3r
• iDefense Security Advisory 05.20.09: IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability
  • From: iDefense Labs
• DDIVRT-2009-25 IPsession SQL Injection Vulnerability
  • From: ddvulnalert
• Novell GroupWise Web Access Multiple XSS
  • From: swhite
• MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2-->
  • From: y3nh4ck3r
• [ MDVSA-2009:120 ] openssl
  • From: security
• [ MDVSA-2009:121 ] lcms
  • From: security
• DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability
  • From: Ben Hawkes
• Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities
  • From: VUPEN Security Research
• [SECURITY] [DSA 1802-2] New squirrelmail packages correct incomplete fix
  • From: Thijs Kinkhorst
• Serena Dimensions CM Desktop Client does not validate the server SSL certificate
  • From: roland . gruber . extern
• LxBlog
  • From: info
• [TZO-24-2009] Panda generic evasion (CAB)
  • From: Thierry Zoller
• [TZO-25-2009] Panda generic evasion (TAR)
  • From: Thierry Zoller
• [SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• [oCERT-2009-006] Android improper package verification when using shared uids
  • From: Will Drewry
• Secunia Research: Sun Solaris "sadmind" Integer Overflow Vulnerability
  • From: Secunia Research
• [ GLSA 200905-03 ] IPSec Tools: Denial of Service
  • From: Alex Legler
• [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities
  • From: security
• MULTIPLE REMOTE VULNERABILITIES --MiniTwitter<=v0.3-Beta-->
  • From: y3nh4ck3r
• [ GLSA 200905-06 ] acpid: Denial of Service
  • From: Pierre-Yves Rofes
• [ GLSA 200905-02 ] Cscope: User-assisted execution of arbitrary code
  • From: Pierre-Yves Rofes
• [ GLSA 200905-04 ] GnuTLS: Multiple vulnerabilities
  • From: Alex Legler
• [ MDVSA-2009:122 ] squirrelmail
  • From: security
• [SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• Re: FUD Forum < 2.7.1 PHP code injection vurnelability
  • From: naudefj
• MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' <= v-0.3 (com_bsadv)-->
  • From: y3nh4ck3r
• Secunia Research: Sun Solaris "sadmind" Buffer Overflow Vulnerability
  • From: Secunia Research
• [ GLSA 200905-05 ] FreeType: Multiple vulnerabilities
  • From: Alex Legler
• Hardening OSX against CVE-2008-5353
  • From: Marc Schoenefeld
• PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs
  • From: Piotr Bania
• Arcade Trade Script XSS
  • From: SmOk3
• Backdoor in com_rsgallery2 gallery extension for joomla
  • From: Jan van Niekerk
• [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Thierry Zoller
• Multiple vulnerabilities in several ATEN IP KVM Switches
  • From: Jakob Lell
• SEC Consult SA-20090525-0 :: Nortel Contact Center Manager Server Authentication Bypass Vulnerability
  • From: Bernhard Mueller
• SEC Consult SA-20090525-1 :: Nortel Contact Center Manager Server Password Disclosure Vulnerability
  • From: Bernhard Mueller
• [ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities
  • From: Alex Legler
• COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit
  • From: nospam
• SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability
  • From: Bernhard Mueller
• SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability
  • From: Bernhard Mueller
• SEC Consult SA-20090525-4 :: SonicOS Format String Vulnerability
  • From: Bernhard Mueller
• [ GLSA 200905-08 ] NTP: Remote execution of arbitrary code
  • From: Alex Legler
• Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Thierry Zoller
• [IMF 2009] 3rd Call - Deadline Extended
  • From: Oliver Goebel
• W3af ninja training class in NYC
  • From: Michelangelo Sidagni
• Re: Backdoor in com_rsgallery2 gallery extension for joomla
  • From: Jonah Braun
• PHP Nuke v.8.0 (referer) SQL Injection
  • From: darkz . gsa
• Vanilla v.1.1.7 Cross-Site Scripting
  • From: darkz . gsa
• [security bulletin] HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities
  • From: security-alert
• Re: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Jim Parkhurst
• [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code
  • From: Alex Legler
• Re[2]: [Full-disclosure] Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Thierry Zoller
• Re: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Michal Zalewski
• Re[2]: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Vladimir '3APA3A' Dubrovin
• Re[2]: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
  • From: Thierry Zoller
• [ MDVSA-2009:123 ] opensc
  • From: security
• [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities
  • From: security
• New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln
  • From: Steve Friedl
• MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1-->
  • From: y3nh4ck3r
• rPSA-2009-0092-1 ntp ntp-utils
  • From: rPath Update Announcements
• rPSA-2009-0095-1 tshark wireshark
  • From: rPath Update Announcements
• [Bkis-09-2009] XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher
  • From: Bkis
• rPSA-2009-0091-1 cyrus-sasl cyrus-sasl-server
  • From: rPath Update Announcements
• Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts
  • From: Jacques Copeau
• ecshop 2.6.2
  • From: info
• Re: [TZO-27-2009] Firefox Denial of Service (Keygen)
  • From: Tavis Ormandy
• [TZO-27-2009] Firefox Denial of Service (Keygen)
  • From: Thierry Zoller
• Re: [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities
  • From: TK147
• ZDI-09-021: Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability
  • From: ZDI Disclosures
• Call For Papers – ACM CCS 2009 Workshops
  • From: Christopher Kruegel
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: MustLive
• Re[2]: [TZO-27-2009] Firefox Denial of Service (Keygen)
  • From: Thierry Zoller
• Re: Insufficient Authentication vulnerability in Acer notebooks
  • From: Susan Bradley
• CORE-2009-0401 - StoneTrip S3DPlayers remote command injection
  • From: CORE Security Technologies Advisories
• [InterN0T] Achievo 1.3.4 - XSS Vulnerability
  • From: security
• Novell Groupwise fails to properly sanitize emails.
  • From: c3rb3r
• [TZO-28-2009] - Avira Antivir generic RAR,CAB,ZIP
  • From: Thierry Zoller
• Re: PHP Nuke v.8.0 (referer) SQL Injection
  • From: a
• (whitepaper) Microsoft WPAD Technology Weaknesses [PTResearch Team]
  • From: srublev
• Re: Re: [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities
  • From: security
• Re: [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities
  • From: support
• VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues
  • From: VMware Security team
• SonicWALL SSL-VPN Appliance Format String Vulnerability
  • From: Patrick Webster
• Re: [InterN0T] Achievo 1.3.4 - XSS Vulnerability
  • From: security
• Whitepaper
  • From: Jared DeMott