Mail Thread Index

• Date Index

• Multiple XSS vulnerabilities in OSSIM 2.2.1, nicolas . grandjean
• Elevation of Privilege Vulnerability in iTunes for Windows, jason
• Trustwave's SpiderLabs Security Advisory TWSL2010-002, Trustwave Advisories
• [SECURITY] [DSA 2025-1] New icedove packages fix several vulnerabilities, Steffen Joeris
• [SECURITY] [DSA 2024-1] New moin packages fix cross-site scripting, Giuseppe Iuculano
• Secunia Research: Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow, Secunia Research
• [Suspected Spam]Vulnerabilities in NoCMS, MustLive
• BitComet <= 1.19 Remote DOS Exploit, Pierre Noguès
• iDefense Security Advisory 03.30.10: Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability, iDefense Labs
• [SECURITY] CVE-2008-2370: Apache CouchDB Timing Attack Vulnerability, Jan Lehnardt
• [USN-922-1] libnss-db vulnerability, Kees Cook
• VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability, VUPEN Security Research
• VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability, VUPEN Security Research
• CSRF Vulnerability in OSSIM 2.2.1, nicolas . grandjean
• VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability, VUPEN Security Research
• Zabbix <= 1.8.1 SQL Injection, Dawid Golunski
• DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability, eidelweiss
  • <Possible follow-ups>
  • Re: DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability, eidelweiss
• VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability, VUPEN Security Research
• VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability, VUPEN Security Research
• VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability, VUPEN Security Research
• Juniper SRX Critical Denial of Service Vulnerability, J. Oquendo
• VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability, VUPEN Security Research
• VMSA-2010-0006 ESX Service Console updates for samba and acpid, VMware Security Team
• Vulnerability Centreon IT & Network Monitoring v2.1.5, Mehdi Mahdjoub - Sysdream IT Security Services
• [SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service, Giuseppe Iuculano
• ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability, ZDI Disclosures
• [security bulletin] HPSBMA02490 SSRT090222 rev.2 - HP SOA Registry Foundation, Remote Unauthorized Access to Data, Cross Site Scripting (XSS), Privilege Escalation, security-alert
• [SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities, Moritz Muehlenhoff
• ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability, ZDI Disclosures
• Vulnerabilities in HoloCMS, MustLive
• ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-058: Apple Mac OS X ImageIO Framework JPEG2000 Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability, ZDI Disclosures
• ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability, ZDI Disclosures
• [SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities, Luciano Bello
• ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities, ZDI Disclosures
• Vulnerabilities in TAK cms, MustLive
• [SECURITY] [DSA 2029-1] New imlib2 packages fix arbitrary code execution, Nico Golde
• Miranda TLS MitM with XMPP/Jabber protocol, Jan Schejbal
• Hack.lu 2010 CfP, info
• CA20100406-01: Security Notice for CA XOsoft, Kotas, Kevin J
• ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities, ZDI Disclosures
• MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases, Tom Yu
• ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability, ZDI Disclosures
• [SECURITY] [DSA 2030-1] New mahara packages fix sql injection, Nico Golde
• ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability, ZDI Disclosures
• CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin, CORE Security Technologies Advisories
• [ MDVSA-2010:069 ] nss, security
• [USN-923-1] OpenJDK vulnerabilities, Kees Cook
• [USN-924-1] Kerberos vulnerabilities, Kees Cook
• Vulnerabilities in Dunia Soccer, MustLive
  • Re: Vulnerabilities in Dunia Soccer, Susan Bradley
    • Re: Vulnerabilities in Dunia Soccer, MustLive
      • Re: Vulnerabilities in Dunia Soccer, Susan Bradley
• [HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam, Hafez Kamal
• DeepSec 2010 - Call for Papers and Experts, DeepSec Conference
• TCPDF Library Remote Code Execution Vulnerability, Matthias -apoc- Hecker
• Vulnerabilities in CMS SiteLogic, MustLive
  • <Possible follow-ups>
  • Vulnerabilities in CMS SiteLogic, MustLive
• [USN-925-1] MoinMoin vulnerabilities, Jamie Strandboge
• Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability, Secunia Research
• [USN-926-1] ClamAV vulnerabilities, Jamie Strandboge
• Secunia Research: Pulse CMS Cross-Site Request Forgery, Secunia Research
• VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues, VMware Security team
• [USN-624-2] Erlang vulnerability, Jamie Strandboge
• ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• WinSoftMagic Photo Editor .PNG File Buffer Overflow, eidelweiss
• JAVA web start arbitrary command-line injection - "-XXaltjvm" arbitrary dll loading (0day), Reversemode
• Vulnerabilities in phpCOIN, MustLive
  • Re: Vulnerabilities in phpCOIN, Susan Bradley
• Secunia Research: VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities, Secunia Research
• Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow, Secunia Research
• VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability, VUPEN Security Research
• AneCMS Multiple Vulnerabilities, admin
• [USN-927-3] Thunderbird regression, Jamie Strandboge
• [USN-921-1] Firefox 3.5 and Xulrunner vulnerabilities, Jamie Strandboge
• [USN-927-1] NSS vulnerability, Jamie Strandboge
• HITBSecConf DUBAI 2010: Learn more about web attacks and stealth hacking, Laurent OUDOT at TEHTRI-Security
• [SECURITY] [DSA 2032-1] New libpng packages fix several vulnerabilities, Giuseppe Iuculano
• [USN-927-2] NSS regression, Jamie Strandboge
• [SECURITY] [DSA 2031-1] New krb5 packages fix denial of service, Giuseppe Iuculano
• CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval, VSR Advisories
• CVE-2009-4510: TANDBERG VCS Static SSH Host Keys, VSR Advisories
• CVE-2009-4509: TANDBERG VCS Authentication Bypass, Timothy D. Morgan
• [USN-920-1] Firefox 3.0 and Xulrunner vulnerabilities, Jamie Strandboge
• iDefense Security Advisory 04.09.10: VMware VMnc Codec Heap Overflow Vulnerability, iDefense Labs
• [security bulletin] HPSBPI02398 SSRT080166 rev.5 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files, security-alert
• ACROS Security: Local Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-2), ACROS Lists
• ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1), ACROS Lists
• Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems, MustLive
• Vana CMS Remote File Download, info
• Advisory 01/2010: MyBB Password Reset Email BCC: Injection Vulnerability, Stefan Esser
• Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability, Stefan Esser
• Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability, Clear Skies Security
• Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit, dlrow1991
• ZDI-10-071: Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability, ZDI Disclosures
• Unauthenticated Filesystem Access in iomega Home Media Network Hard Drive, fizix610
• ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability, ZDI Disclosures
• ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability, ZDI Disclosures
• ZDI-10-069: Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability, ZDI Disclosures
• Secunia Research: Visualization Library DAT File Parsing Vulnerabilities, Secunia Research
• RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities, wsn1983
• [ MDVSA-2010:070 ] firefox, security
• ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• [ MDVSA-2010:072 ] cups, security
• 60cycleCMS (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability, eidelweiss
• [ MDVSA-2010:071 ] krb5, security
• Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability, Fabien PERIGAUD
• ZDI-10-070: Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability, ZDI Disclosures
• [security bulletin] HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS), security-alert
• [ MDVSA-2010:073-1 ] cups, security
• Ziggurat CMS Multiple Vulnerabilities, info
• [ MDVSA-2010:073 ] cups, security
• VUPEN Security Research - Adobe Acrobat and Reader PNG Data Buffer Overflow Vulnerability, VUPEN Web Research
• VUPEN Security Research - Adobe Acrobat and Reader BMP Data Buffer Overflow Vulnerability, VUPEN Web Research
• [DSecRG-09-053] VMware Remoute Console - format string, Alexandr Polyakov
• [DSECRG-09-049] IBM BladeCenter Management Module - DoS vulnerability, Alexandr Polyakov
• Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability, Cisco Systems Product Security Incident Response Team
• Vulnerability in CB Captcha for Joomla and Mambo, MustLive
  • Re: Vulnerability in CB Captcha for Joomla and Mambo, Susan Bradley
    • Re: Vulnerability in CB Captcha for Joomla and Mambo, James Martin
      • Re: Vulnerability in CB Captcha for Joomla and Mambo, Susan Bradley
    • Re: Vulnerability in CB Captcha for Joomla and Mambo, Matteo Valenza
      • Re: Vulnerability in CB Captcha for Joomla and Mambo, MustLive
  • <Possible follow-ups>
  • Re: Vulnerability in CB Captcha for Joomla and Mambo, nant
  • Re: Vulnerability in CB Captcha for Joomla and Mambo, nant
  • Re: Re: Vulnerability in CB Captcha for Joomla and Mambo, none
  • Re: Vulnerability in CB Captcha for Joomla and Mambo, MustLive
• [CVE-2010-0432] Apache OFBiz Multiple XSS Vulnerabilities, Jacopo Cappellato
• VUPEN Security Research - Adobe Acrobat and Reader JPEG Data Buffer Overflow Vulnerability, VUPEN Web Research
• VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability, VUPEN Web Research
• VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities, VUPEN Web Research
• ZDI-10-072: Cisco Secure Desktop CSDWebInstaller ActiveX Control Remote Code Execution Vulnerability, ZDI Disclosures
• Nucleus CMS v.3.51 (DIR_LIBS) Multiple Vulnerability, eidelweiss
• ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability, ZDI Disclosures
• [USN-928-1] Sudo vulnerability, Jamie Strandboge
• [SECURITY] [DSA 2033-1] New ejabberd packages fix denial of service, Sébastien Delafond
• [USN-929-1] irssi vulnerabilities, Jamie Strandboge
• [ MDVSA-2010:074 ] kdebase, security
• Hackproofing Oracle Financials 11i & R12, Joxean Koret
• [USN-890-6] CMake vulnerabilities, Jamie Strandboge
• [ MDVSA-2010:075 ] openoffice.org, security
• [ MDVSA-2010:080 ] brltty, security
• [SECURITY] [DSA 2036-1] New jasper packages fix denial of service, Thijs Kinkhorst
• [ MDVSA-2010:076 ] openssl, security
• WinMount MOU File Handling Overflow Vulnerability, lilf
• Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability, Secunia Research
• [ MDVSA-2010:081 ] apache-mod_auth_shadow, security
• [SECURITY] [DSA 2037-1] New kdm packages fix privilege escalation, Thijs Kinkhorst
• Secunia Research: e107 Content Management Plugin Script Insertion Vulnerability, Secunia Research
• [Suspected Spam]New vulnerabilities in CMS SiteLogic, MustLive
  • Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic, Salvatore Fresta aka Drosophila
    • Re: New vulnerabilities in CMS SiteLogic, MustLive
      • Message not available
        • New vulnerabilities in CMS SiteLogic, Salvatore Fresta aka Drosophila
• [SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities, Thijs Kinkhorst
• [SECURITY] [DSA-2035-1] New apache2 packages fix several issues, Stefan Fritsch
• [ MDVSA-2010:078 ] sudo, security
• CompleteFTP v3.3.0 - Remote Memory Consumption DoS, Mehdi Mahdjoub [SYSDREAM]
• iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability, iDefense Labs
• [ MDVSA-2010:077 ] nss_db, security
• iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Integer Overflow Vulnerability, iDefense Labs
• [ MDVSA-2010:079 ] irssi, security
• [SECURITY] [DSA 2038-1] New pidgin packages fix denial of service, Thijs Kinkhorst
• [ MDVSA-2010:082 ] clamav, security
• sudoedit local privilege escalation through PATH manipulation, Agazzini Maurizio
  • Re: sudoedit local privilege escalation through PATH manipulation, Ansgar Wiechers
    • Re: sudoedit local privilege escalation through PATH manipulation, Agazzini Maurizio
• [ MDVSA-2010:076-1 ] openssl, security
• CSRF in e107, advisory
• MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC, Tom Yu
• Vbulletin - Two-Step External Link XSS, edgard . chammas
• [USN-931-1] FFmpeg vulnerabilities, Marc Deslauriers
• [ MDVSA-2010:083 ] emacs, security
• IP address spoofing in e107, advisory
• [USN-932-1] KDM vulnerability, Jamie Strandboge
• [ MDVSA-2010:070-1 ] firefox, security
• [USN-929-2] irssi regression, Jamie Strandboge
• [security bulletin] HPSBUX02517 SSRT100058 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS), security-alert
• [security bulletin] HPSBUX02518 SSRT100051 rev.1 - HP-UX, Local Denial of Service (DoS), security-alert
• [#OUF-273299]: AVTECH Software (AVC781Viewer.dll) ActiveX Multiple Remote Vulnerabilities, sinner
• [security bulletin] HPSBMA02491 SSRT100060 rev.1 - HP Operations Manager for Windows, Remote Execution of Arbitrary Code, security-alert
• [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access, security-alert
  • <Possible follow-ups>
  • [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access, Morris, John R. (SSRT)
• CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop, CORE Security Technologies Advisories
• Call for participation -- Eth0:2010 Summer, Mark Janssen
• Secunia Research: imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error, Secunia Research
• Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability, Cisco Systems Product Security Incident Response Team
• ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability, ZDI Disclosures
• London DEFCON April meet - DC4420 - Wed 28th April 2010, Major Malfunction
• [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability, Mark Thomas
• [security bulletin] HPSBMA02494 SSRT090168 rev.1 - HP Virtual Machine Manager (VMM) for Windows, Remote Unauthorized Access, Privilege Elevation, security-alert
• Security-Assessment.com WhitePaper/Addendum: Cross Context Scripting with Firefox & Exploiting Cross Context Scripting vulnerabilities in Firefox, Roberto Suggi Liverani
• CfP: GameSec 2010 - Deadline is 3 weeks away!, Albert Levi
• [security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access, security-alert
• Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability, th_decoder
• Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability, th_decoder
• [security bulletin] HPSBUX02519 SSRT100004 rev.1 - HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses, security-alert
• Apache ActiveMQ is prone to source code disclosure vulnerability., research
• Vulnerabilities in NovaBoard, MustLive
  • Re: Vulnerabilities in NovaBoard, terry white
• XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp, michael . mueller
• [HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials, Hafez Kamal
• IWD Group SQL Injection Vulnerabilities, md . r00t . defacer
• [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!, Hafez Kamal
• In-portal 5.0.3 Remote Arbitrary File Upload Exploit, eidelweiss
• Vulnerability in Referer for DataLife Engine, MustLive
• ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerability, ZDI Disclosures
• [ MDVSA-2010:071 ] mozilla-thunderbird, security
• [SECURITY] [DSA 2039-1] New cacti packages fix missing input sanitising, Thijs Kinkhorst
• hashdays 2010 - Call for Papers (#days CFP), hashdays CFP
• t2'10: Call for Papers 2010 (Helsinki / Finland), Tomi Tuominen
• A XSS in User_ChkLogin.asp of PowerEasy 2006, lis cker
• [USN-931-2] FFmpeg regression, Marc Deslauriers
• SmodCMS 'config.php' Arbitrary File Upload Vulnerability, eidelweiss
• phpegasus 'config.php' Arbitrary File Upload Vulnerability, eidelweiss
• NovaStor NovaNet <= 13.0 issues, mu-b
• Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability, eidelweiss
• Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses), wborskey
  • Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses), Paul Schmehl
• Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses), r . st
  • Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses), Dominik George
• Conference on Cyber Conflict: speakers selected!, k g
• XSS vulnerability in Zikula Application Framework, advisory
  • <Possible follow-ups>
  • XSS vulnerability in Zikula Application Framework, advisory
• [SECURITY] [DSA 2021-2] New spamass-milter packages fix regression, Giuseppe Iuculano
• [security bulletin] HPSBMA02488 SSRT100013 rev.2 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure, security-alert
• [security bulletin] HPSBMA02525 SSRT100083 rev.1 - HP System Insight Manager Running on HP-UX, Linux, and Windows , Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Privilege Elevation, security-alert
• [ MDVSA-2010:084 ] java-1.6.0-openjdk, security
• Fun with FORTIFY_SOURCE, Dan Rosenberg
• STP mitm attack idea, Przemyslaw Borkowski
  • Re: STP mitm attack idea, Jann Horn
    • Re: STP mitm attack idea, news
      • Re: STP mitm attack idea, Joel Maslak
        • Re: STP mitm attack idea, Jean-Christophe Baptiste
  • Re: STP mitm attack idea, wlet
  • RE: STP mitm attack idea, Stefan Laudat
  • <Possible follow-ups>
  • Re: STP mitm attack idea, Jason T. Masker
    • Re: STP mitm attack idea, Ivan Jager
• Adobe viewer plugin can be made to crash IE or FF, Angus Mann
• XSS in Microsoft SharePoint Server 2007, advisory
• ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability, ZDI Disclosures
• [ MDVSA-2010:078-1 ] sudo, security
• [ MDVSA-2010:085 ] pidgin, security
• [ MDVSA-2009:332-1 ] gimp, security
• [USN-933-1] PostgreSQL vulnerability, Jamie Strandboge
• CONFidence 2010, 25-26th May - Call For Participation, Andrzej Targosz
• [ MDVSA-2010:087 ] poppler, security
• Apache ActiveMQ XSS Vulnerability, arun . gnyan
• Vulnerabilities in CCMS, MustLive
• vBulletin - Insecure Custom BBCode Tags, advisories
• [ MDVSA-2010:086 ] kdegraphics, security