Mail Thread Index
- [SECURITY] [DSA-1940-1] New php5 packages fix several issues,
Stefan Fritsch
- [ MDVSA-2009:303 ] php,
security
- [SECURITY] [DSA 1941-1] New poppler packages fix several vulnerabilities,
Moritz Muehlenhoff
- [security bulletin] HPSBUX02482 SSRT090249 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of,
security-alert
- [USN-862-1] PHP vulnerabilities,
Marc Deslauriers
- [ MDVSA-2009:306 ] dovecot,
security
- Remote Command Execution in dotDefender Site Management,
John Dos
- Cacti 0.8.7e: Multiple security issues,
Moritz Naumann
- Some more details on IE STYLE zero-day,
ds . adv . pub
- [BMSA-2009-07] Backdoor in PyForum,
Nam Nguyen
- TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability),
Thierry Zoller
- Eureka Mail Client Remote Buffer Overflow Exploit XP SP3 English Egghunter Edition,
k4mr4n_St
- Announce: RFIDIOt-1.0a released - November 2009,
Adam Laurie
- Xxasp v3.3.2 Sql injection,
secu_lab_ir
- Windows packages for BIND9 contain vulnerable MSVC runtime components,
Stefan Kanthak
- [ MDVSA-2009:304 ] php,
security
- [ GLSA 200911-06 ] PEAR Net_Traceroute: Command injection,
Alex Legler
- Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others,
Andrea Purificato
- [ MDVSA-2009:304 ] bind,
security
- Eshopbuilde CMS SQL Injection Vulnerability,
faghani
- [SECURITY] [DSA 1942-1] New wireshark packages fix several vulnerabilities,
Moritz Muehlenhoff
- [ MDVSA-2009:305 ] php,
security
- WinAppDbg 1.3 is out!,
Mario Alejandro Vilas Jerez
- [oCERT-2009-017] PHP multiple issues,
Andrea Barisani
- ** FreeBSD local r00t zeroday,
Kingcope
- Upcoming FreeBSD Security Advisory,
FreeBSD Security Officer
- AST-2009-010: RTP Remote Crash Vulnerability,
Asterisk Security Team
- Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities,
c0dy
- Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability,
Secunia Research
- 40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit),
smf2 . review
- [ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities,
Alex Legler
- Same-origin policy bypass vulnerabilities in several VPN products reported,
Juha-Matti Laurio
- Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow,
Secunia Research
- Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil,
Luiz Eduardo
- [SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness,
Giuseppe Iuculano
- [ MDVSA-2009:121-1 ] lcms,
security
- Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit,
nospam
- Re: Millions of PDF invisibly embedded with your internal disk paths,
Pavel Machek
- Message not available
- Message not available
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl,
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:16.rtld,
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:17.freebsd-update,
FreeBSD Security Advisories
- [SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability,
Steffen Joeris
- [SECURITY] [DSA 1945-1] New gforge packages fix denial of service,
Steffen Joeris
- [ MDVSA-2009:197-3 ] nss,
security
- [ MDVSA-2009:217-3 ] mozilla-thunderbird,
security
- [ MDVSA-2009:107-1 ] acpid,
security
- [ MDVSA-2009:112-1 ] ipsec-tools,
security
- [ MDVSA-2009:103-1 ] udev,
security
- [ MDVSA-2009:106-1 ] libwmf,
security
- [ MDVSA-2009:108-1 ] zsh,
security
- U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821,
Frank Stuart
- [ MDVSA-2009:309 ] ntp,
security
- [ MDVSA-2009:113-1 ] cyrus-sasl,
security
- [USN-863-1] QEMU vulnerability,
Jamie Strandboge
- CORE-2009-0911: DAZ Studio Arbitrary Command Execution,
CORE Security Technologies Advisories
- [ MDVSA-2009:310 ] openssl,
security
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl [REVISED],
FreeBSD Security Advisories
- [ MDVSA-2009:308 ] gnutls,
security
- [ MDVSA-2009:292-1 ] wireshark,
security
- [ MDVSA-2009:132-1 ] libsndfile,
security
- [ MDVSA-2009:313-1 ] bind,
security
- Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection,
Dawid Golunski
- [ MDVSA-2009:290-1 ] firefox,
security
- [ MDVSA-2009:169-1 ] libtiff,
security
- [ MDVSA-2009:203-1 ] curl,
security
- [InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability,
advisories
- [ MDVSA-2009:208-1 ] libgadu,
security
- [ MDVSA-2009:158-3 ] pango,
security
- Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability,
Secunia Research
- PHP 5.3.1 open_basedir bypass,
cxib
- [ MDVSA-2009:287-1 ] xpdf,
security
- [ MDVSA-2009:311 ] ghostscript,
security
- [ MDVSA-2009:142-1 ] jasper,
security
- [ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib,
security
- [ MDVSA-2009:212-1 ] python,
security
- [ MDVSA-2009:315 ] libneon,
security
- [ MDVSA-2009:223-1 ] xerces-c,
security
- [ MDVSA-2009:211-1 ] expat,
security
- [ MDVSA-2009:312 ] dhcp,
security
- [ MDVSA-2009:206-1 ] wget,
security
- [ MDVSA-2009:218-1 ] w3c-libwww,
security
- [ MDVSA-2009:213-1 ] wxgtk,
security
- [ MDVSA-2009:200-1 ] libxml,
security
- [ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good,
security
- [ MDVSA-2009:224-1 ] postfix,
security
- [ MDVSA-2009:128-1 ] libmodplug,
security
- [ MDVSA-2009:314 ] apr,
security
- [ MDVSA-2009:201-1 ] fetchmail,
security
- [ MDVSA-2009:231-1 ] htmldoc,
security
- [ MDVSA-2009:232-1 ] libsamplerate,
security
- [ MDVSA-2009:297-1 ] ffmpeg,
security
- [ MDVSA-2009:249-1 ] newt,
security
- [ MDVSA-2009:318 ] xmlsec1,
security
- [ MDVSA-2009:319 ] xine-lib,
security
- [ MDVSA-2009:316 ] expat,
security
- [ MDVSA-2009:307-1 ] libtool,
security
- [ MDVSA-2009:272-1 ] libmikmod,
security
- [ MDVSA-2009:284-1 ] gd,
security
- [ MDVSA-2009:320 ] samba,
security
- [ MDVSA-2009:321 ] pidgin,
security
- [ MDVSA-2009:215-1 ] audacity,
security
- [ MDVSA-2009:260-1 ] imagemagick,
security
- [ MDVSA-2009:317 ] netpbm,
security
- [ MDVSA-2009:219-1 ] kompozer,
security
- [SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness,
Steffen Joeris
- [ MDVSA-2009:322 ] mono,
security
- [ MDVSA-2009:234-2 ] silc-toolkit,
security
- Re: Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla,
anonymous
- [ MDVSA-2009:323 ] apache,
security
- PhpShop Multiple Vulnerabilities,
Andrea Fabrizi
- [ MDVSA-2009:254-1 ] graphviz,
security
- CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability,
Patroklos Argyroudis
- [USN-865-1] Bind vulnerability,
Marc Deslauriers
- Mozilla Firefox JavaScript Prompt Spoofing Weakness,
tcphttp
- [ MDVSA-2009:229-1 ] cyrus-imapd,
security
- [ MDVSA-2008:233-1 ] libcdaudio,
security
- [ MDVSA-2009:252-1 ] perl-IO-Socket-SSL,
security
- [ MDVSA-2009:324 ] php,
security
- [ MDVSA-2009:243-2 ] freetype2,
security
- [ MDVSA-2009:256-1 ] dbus,
security
- [ MDVSA-2009:199-1 ] subversion,
security
- [ MDVSA-2009:325 ] ruby,
security
- [ MDVSA-2009:326 ] mysql,
security
- [USN-866-1] gnome-screensaver vulnerability,
Marc Deslauriers
- [SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting,
Moritz Muehlenhoff
- [ MDVSA-2009:282-1 ] cups,
security
- Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow,
Secunia Research
- Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow,
Secunia Research
- Security Contact for Netcool at IBM?,
Michael Gripenstedt
- [ MDVSA-2009:251-1 ] postgresql8.2,
security
- [security bulletin] HPSBMA02481 SSRT090113 rev.1 - HP OpenView Data Protector Application Recovery Manager, Remote Denial,
security-alert
- [ MDVSA-2009:191-1 ] OpenEXR,
security
- [ MDVSA-2009:327 ] clamav,
security
- Applicure Technologies response,
tomer
- [ MDVSA-2009:133-1 ] irssi,
security
- [ MDVSA-2009:098-1 ] krb5,
security
- [ MDVSA-2009:099-1 ] openafs,
security
- [ MDVSA-2009:126-1 ] eggdrop,
security
- [SECURITY] [DSA 1948-1] New ntp packages fix denial of service,
Nico Golde
- ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:091-1 ] mod_perl,
security
- ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:093-1 ] mpg123,
security
- [ MDVSA-2009:038-1 ] blender,
security
- [security bulletin] HPSBUX02495 SSRT090151 rev.1 - HP-UX Running sendmail, Remote Denial of Service (DoS),
security-alert
- ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability,
ZDI Disclosures
- ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:046-1 ] dia,
security
- Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec,
noreply-secresearch
- ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability,
ZDI Disclosures
- ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability,
ZDI Disclosures
- ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability,
ZDI Disclosures
- IPB v2.x up to 3.0.4 XSS vulnerability,
Xacker
- UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821,
Frank Stuart
- Advisory 03/2009: Piwik Cookie unserialize() Vulnerability,
Stefan Esser
- Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability,
noreply-secresearch
- Zen Cart local file disclosure vulnerability,
Bogdan Calin
- [USN-867-1] Ntp vulnerability,
Jamie Strandboge
- [ MDVSA-2009:276-1 ] python-django,
security
- [ MDVSA-2009:059-1 ] xchat,
security
- Advisory 02/2009: PHPIDS Unserialize() Vulnerability,
Stefan Esser
- ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities,
ZDI Disclosures
- [USN-868-1] GRUB 2 vulnerability,
Jamie Strandboge
- ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:328 ] ntp,
security
- ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability,
ZDI Disclosures
- ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability,
ZDI Disclosures
- ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability,
ZDI Disclosures
- TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability,
dvlabs
- TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability,
dvlabs
- TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability,
dvlabs
- TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability,
dvlabs
- TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability,
dvlabs
- TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability,
dvlabs
- TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability,
dvlabs
- [ MDVSA-2009:030-1 ] amarok,
security
- ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability,
ZDI Disclosures
- CA20091208-01: Security Notice for CA Service Desk,
Kotas, Kevin J
- iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability,
iDefense Labs
- iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability,
iDefense Labs
- CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System,
CORE Security Technologies Advisories
- [security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege,
security-alert
- [USN-869-1] Linux kernel vulnerabilities,
Kees Cook
- [ MDVSA-2009:329 ] kernel,
security
- [security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBMA02477 SSRT090177 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS),
security-alert
- [ MDVSA-2009:330 ] kdelibs,
security
- [ MDVSA-2009:331 ] kdegraphics,
security
- [USN-870-1] PyGreSQL vulnerability,
Jamie Strandboge
- [USN-871-1] KDE vulnerability,
Jamie Strandboge
- [USN-871-2] KDE 4 vulnerabilities,
Jamie Strandboge
- E-Store SQL Injection Vulnerability,
Salvatore Fresta aka Drosophila
- Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities,
Salvatore Fresta aka Drosophila
- [USN-872-1] KDE 4 Runtime vulnerabilities,
Jamie Strandboge
- [ MDVSA-2009:332 ] gimp,
security
- [security bulletin] HPSBMA02400 SSRT080144 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities,
Salvatore Fresta aka Drosophila
- [security bulletin] HPSBMA02424 SSRT080125 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBMA02425 SSRT080091 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBPI02472 SSRT090196 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service,
security-alert
- [security bulletin] HPSBMA02483 SSRT090257 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- [ MDVSA-2009:296-1 ] gimp,
security
- Flock 2.5.2 Remote Array Overrun (Arbitrary code execution),
cxib
- Camino 1.6.10 Remote Array Overrun (Arbitrary code execution),
cxib
- [ MDVSA-2009:259-1 ] snort,
security
- Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover,
Ofer Maor
- [SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution,
Raphael Geissert
- Zabbix Server : Multiple remote vulnerabilities,
Nicob
- Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities,
admin
- Miniweb 2.0 Full Path Disclosure,
Salvatore Fresta aka Drosophila
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities,
admin
- B2C Booking Centre Systems - SQL Injection Vulnerability,
Salvatore Fresta aka Drosophila
- Cross-Site Scripting vulnerabilities in Invision Power Board,
MustLive
- EEGshop v1.2,
secu_lab_ir
- Monkey HTTPd improper input validation vulnerability,
Patroklos Argyroudis
- [SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities,
Giuseppe Iuculano
- DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December,
Major Malfunction
- Zabbix Agent : Bypass of EnableRemoteCommands=0,
Nicob
- [security bulletin] HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk,
security-alert
- Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched),
Reversemode
- [security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS),
security-alert
- WSCreator 1.1 Blind SQL Injection,
Salvatore Fresta aka Drosophila
- APC Switched Rack PDU XSS Vulnerability,
jpecou
- [SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing,
Steffen Joeris
- Trango Broadband Wireless Rogue SU Authentication Bug,
Blair
- [SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable,
Steffen Joeris
- [SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities,
Steffen Joeris
- Daloradius XSS Vulnerability,
hadikiamarsi
- [BMSA-2009-08] Multiple Vulnerabilities in PyForum,
Nam Nguyen
- [scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability,
Stefan Friedli
- [ MDVSA-2009:333 ] postgresql,
security
- VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues,
VMware Security Team
- [SECURITY] [DSA-1953-1] New expat packages fix denial of service,
Stefan Fritsch
- FW: [Full-disclosure] File Access Vulnerability in Easy File Sharing Web Server,
Thor (Hammer of God)
- [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities,
ISecAuditors Security Advisories
- Family Connections <= 2.1.3 Multiple Remote Vulnerabilities,
Salvatore Fresta aka Drosophila
- File Access Vulnerability in Easy File Sharing Web Server,
Thor (Hammer of God)
- [SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising,
Steffen Joeris
- VideoCache 1.9.2 vccleaner root vulnerability,
Dominick LaTrappe
- Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability,
Maxim A. Kulakov
- [security bulletin] HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- [SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure,
Steffen Joeris
- {PRL} QuickHeal antivirus 2010 Local Privilege Escalation,
Protek Research Lab
- Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- rPSA-2009-0161-1 hwdata kernel,
rPath Update Announcements
- [SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- [security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution,
security-alert
- Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows,
Secunia Research
- [ MDVSA-2009:334 ] poppler,
security
- Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow,
Secunia Research
- SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module,
Lukas Weichselbaum
- Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow,
Secunia Research
- Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability,
Secunia Research
- [ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass,
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability,
ISecAuditors Security Advisories
- VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities,
VUPEN Security Research
- [ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability,
ISecAuditors Security Advisories
- [ MDVSA-2009:335 ] ffmpeg,
security
- [Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors,
Andrea Barisani
- Rumba XML XSS vulnerability,
hadikiamarsi
- Campus Party Eu 2010 Security Challenge - Call For Participants,
Campus Party EU Spain
- ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability,
ZDI Disclosures
- TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability,
dvlabs
- Re: Powered By Dvbbs Version 7.1.0 Sp1 By Pass,
macaco-listo
- [ MDVSA-2009:336 ] koffice,
security
- [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability,
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability,
ISecAuditors Security Advisories
- [USN-875-1] Red Hat Cluster Suite vulnerabilities,
Jamie Strandboge
- SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani,
irancrash
- [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities,
Jamie Strandboge
- [USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities,
Jamie Strandboge
- [SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution,
Raphael Geissert
- [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions,
Raphael Geissert
- [ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities,
Alex Legler
- phpPollScript - 1.3 Remote File Include,
admin
- pragmaMx CMS Blind SQL/XPath Injection vulnerability,
hadikiamarsi
- TLS Renegotiation Vulnerability: Proof of Concept Code (Python),
RedTeam Pentesting GmbH
- SQL-Ledger – several vulnerabilities,
Alexander Klink
- ClarkConnect XSS vulnerability,
edgard . chammas
- [ MDVSA-2009:337 ] proftpd,
security
- Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03,
Socket_0x03
- [security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of,
security-alert
- [ MDVSA-2009:338 ] firefox,
security
- [ MDVSA-2009:339 ] firefox,
security
- [SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning,
Florian Weimer
- [SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities,
Giuseppe Iuculano
- XSS Vulnerability in JpGraph 3.0.6,
Martin Barbella
- Vulnerability in Joomulus for Joomla,
MustLive
- ClubHack2009 presentations are now online,
ClubHack
- [ MDVSA-2009:340 ] jpgraph,
security
- Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug),
bugreport
- [ MDVSA-2009:341 ] dstat,
security
- [SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation,
Florian Weimer
- [tools] hostmap-0.2.1 released,
Alessandro Tanasi
- [ MDVSA-2009:342 ] acpid,
security
- [ MDVSA-2009:343 ] acpid,
security
- [InterN0T] LiveZilla - XSS Vulnerability,
advisories
- DBHCMS Web Content Management System v1.1.4 RFI Vulnerability,
info
- Sheedravi CMS SQL Injection Vulnerability,
faghani
- [SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution,
Steffen Joeris
- [ MDVSA-2009:244-1 ] xfig,
security
- [ MDVSA-2009:344 ] perl-DBD-Pg,
security
- Code to mitigate IIS semicolon zero-day,
ds . adv . pub
- [ MDVSA-2009:189-1 ] apache-mod_auth_mysql,
security
- MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing,
Tom Yu
- [ MDVSA-2009:146-1 ] imap,
security
- Tests about semicolon zero-day (BID 37460),
Crash - DcLabs
- [ MDVSA-2009:345 ] acl,
security
- FreeWebshop.org: multiple vulnerabilities,
Akita Software Security
- Secunia Research: AproxEngine Multiple Vulnerabilities,
Secunia Research
- [SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation,
Raphael Geissert
- [ MDVSA-2009:346 ] kde,
security
Mail converted by MHonArc