Mail Index

• Thread Index

• [SECURITY] [DSA-2154-1] exim4 security update
  • From: Stefan Fritsch
• VirtueMart eCommerce for Joomla <= 1.1.6 Blind SQL Injection
  • From: Andrea Fabrizi
• CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue
  • From: Jan Lehnardt
• [SECURITY] [DSA-2154-2] exim4 regression fix
  • From: Stefan Fritsch
• [SECURITY] [DSA-2156-1] pcscd security update
  • From: Steve Kemp
• [HITB-Announce] Reminder: HITB2011AMS - Call for Papers closes on the 18th of Feb
  • From: Hafez Kamal
• [SECURITY] [DSA 2155-1] freetype security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 2153-1] linux-2.6 security update
  • From: dann frazier
• ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22803: Path disclosure in Razor CMS
  • From: advisory
• ZDI-11-035: IBM DB2 db2dasrrm validateUser Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [USN-1053-1] Subversion vulnerabilities
  • From: Marc Deslauriers
• ZDI-11-036: IBM DB2 db2dasrrm receiveDASMessage Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22799: Path disclosure in Pluck CMS
  • From: advisory
• [security bulletin] HPSBMA02627 SSRT090246 rev.1 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code
  • From: security-alert
• ZDI-11-037: Symantec IM Manager Administrative Interface IMAdminSchedTask.asp Eval Code Injection Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability
  • From: YGN Ethical Hacker Group
• HTB22804: SQL Injection in Redaxscript
  • From: advisory
• HTB22798: Path disclosure in Pluck CMS
  • From: advisory
• HTB22805: Path disclosure in Redaxscript
  • From: advisory
• Aruba Mobility Controller - multiple advisories: DoS and authentication bypass
  • From: Robbie Gill
• TinyWebGallery: XSS + Directory Traversal
  • From: Yam Mesicka
• [CORE-2010-1001] Cisco WebEx .atp and .wrf Overflow Vulnerabilities
  • From: CORE Security Technologies Advisories
• Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities
  • From: Cisco Systems Product Security Incident Response Team
• fix for Nvidia CUDA drivers security breach
  • From: Massimo Bernaschi
• [USN-1054-1] Linux kernel vulnerabilities
  • From: Kees Cook
• [USN-1055-1] OpenJDK vulnerabilities
  • From: Steve Beattie
• Cisco Security Advisory: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints
  • From: Cisco Systems Product Security Incident Response Team
• HTB22809: SQL Injection in ReOS
  • From: advisory
• HTB22801: Local File Inclusion in Podcast Generator
  • From: advisory
• HTB22800: Path disclosure in Podcast Generator
  • From: advisory
• HTB22808: Local File Inclusion in ReOS
  • From: advisory
• HTB22807: SQL Injection in ReOS
  • From: advisory
• HTB22802: XSS in Podcast Generator
  • From: advisory
• HTB22810: SQL Injection in ReOS
  • From: advisory
• HTB22806: SQL Injection in ReOS
  • From: advisory
• Majordomo2 - Directory Traversal (SMTP/HTTP)
  • From: mike
• WOOT '11 Call for Papers
  • From: Michal Zalewski
• [ MDVSA-2011:020 ] pango
  • From: security
• ZDI-11-039: BMC PATROL Agent Service Daemon BGS_MULTIPLE_READS Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [USN-1058-1] PostgreSQL vulnerability
  • From: Steve Beattie
• [SECURITY] [DSA-2157-1] PostgreSQL security update
  • From: Florian Weimer
• (TAD-2011-001) Vulnerability in HTC Peep: Twitter Credentials Disclosure
  • From: Raul Siles
• [USN-1057-1] Linux kernel vulnerabilities
  • From: Kees Cook
• Re: TinyWebGallery: XSS + Directory Traversal
  • From: tinywebgallery
• [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions
  • From: Mark Thomas
• Troopers11 - Security Conference in Germany
  • From: mozilla
• Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure
  • From: beford
• [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions
  • From: Mark Thomas
• Re: [DSECRG-09-038] Sun Glassfish Woodstock Project - Linked XSS Vulnerability
  • From: simpsoed
• [SECURITY] Oracle JVM bug causes denial of service in Apache Tomcat
  • From: Mark Thomas
• [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability
  • From: Mark Thomas
• [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability
  • From: Mark Thomas
• [ MDVSA-2011:021 ] postgresql
  • From: security
• Re: Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure
  • From: info
• ZDI-11-043: Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22811: XSS vulnerability in UMI.CMS
  • From: advisory
• HTB22816: XSS vulnerability in ViArt Shop
  • From: advisory
• ZDI-11-044: Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-041: Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-045: IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-046: IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-040: Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22814: XSS vulnerability in ViArt Shop
  • From: advisory
• HTB22815: XSS vulnerability in ViArt Shop
  • From: advisory
• ZDI-11-047: IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-048: IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• R7-0038: Check Point Endpoint Security Server Information Disclosure
  • From: HD Moore
• ZDI-11-049: IBM Lotus Domino SMTP Multiple Filename Arguments Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities
  • From: HD Moore
• ZDI-11-050: IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-051: IBM Lotus Notes cai URI Handler Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-052: Lotus Domino Server diiop Client Request Operation Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-053: Lotus Domino Server diiop getEnvironmentString Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22819: XSS vulnerability in WebAsyst Shop-Script
  • From: advisory
• ZDI-11-054: Hewlett-Packard Data Protector Client EXEC_CMD omni_chk_ds.sh Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22813: XSS vulnerability in UMI.CMS
  • From: advisory
• VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
  • From: VMware Security Team
• HTB22817: XSS vulnerability in WebAsyst Shop-Script
  • From: advisory
• ESA-2011-004: EMC Replication Manager remote code execution vulnerability
  • From: Security_Alert
• Re: Microsoft Terminal Services vulnerable to MITM-attacks.
  • From: sam . vaughey
• ZDI-11-055: Hewlett-Packard Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [ MDVSA-2011:023 ] proftpd
  • From: security
• Data Encryption Systems - DESLock+ - Local Kernel Code Execution/Denial of Service
  • From: Digit Security Research
• [USN-1059-1] Dovecot vulnerabilities
  • From: Marc Deslauriers
• ZDI-11-056: Hewlett-Packard Data Protector Client EXEC_SETUP Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22812: XSRF (CSRF) in UMI.CMS
  • From: advisory
• ZDI-11-057: Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability
  • From: ZDI Disclosures
• ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability
  • From: ZDI Disclosures
• ZDI-11-058: SCO Openserver IMAP Daemon Long Verb Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability
  • From: ZDI Disclosures
• ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability
  • From: ZDI Disclosures
• ZDI-11-042: Microsoft Office Excel Axis Properties Record Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• DC4420 - London DEFCON - February meet - Tuesday 22nd February 2011
  • From: Major Malfunction
• rPSA-2011-0010-1 kernel
  • From: rPath Update Announcements
• ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [security bulletin] HPSBST02630 SSRT1000385 rev.1 - HP StorageWorks X9000 Network Storage Systems, Remote Unauthenticated Access
  • From: security-alert
• HTB22818: Stored XSS vulnerability in WebAsyst Shop-Script
  • From: advisory
• [security bulletin] HPSBMA02629 SSRT100381 rev.1 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF)
  • From: security-alert
• MITKRB5-SA-2011-001 kpropd denial of service [CVE-2010-4022]
  • From: Tom Yu
• iDefense Security Advisory 02.08.11: Microsoft Windows Picture and Fax Viewer Library
  • From: labs-no-reply
• MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
  • From: Tom Yu
• ZDI-11-066: Adobe Acrobat Reader U3D Texture .iff RLE Decompression Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-065: Adobe Reader Controlled memset Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [ MDVSA-2011:024 ] krb5
  • From: security
• ZDI-11-067: Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• CVE-2010-4435 - Multiple Vendor Calendar Manager Remote Code Execution
  • From: Rodrigo Rubira Branco (BSDaemon)
• ZDI-11-068: Adobe Acrobat Reader U3D Texture bmp RLE Decompression Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-069: Adobe Acrobat Reader U3D Texture psd RLE Decompression Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-071: Adobe Reader BMP RLE_8 Decompression Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-072: Adobe Reader BMP ColorData Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-074: Adobe Reader u3d Parent Node Count Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-075: Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-076: RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• iDefense Security Advisory 02.08.11: Adobe Reader and Acrobat JP2K Invalid Indexing Vulnerability
  • From: labs-no-reply
• ZDI-11-077: Adobe Acrobat Reader U3D Texture Parser ILBM Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [HITB-Announce] HITB Magazine Issue 005 Released
  • From: Hafez Kamal
• iDefense Security Advisory 02.08.11: Adobe Shockwave Player Memory Corruption Vulnerability
  • From: labs-no-reply
• ZDI-11-078: Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-079: Adobe Shockwave Player 0xFFFFFF45 Record Count Element Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-080: Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-081: Adobe Flash Player Point Object Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• iDefense Security Advisory 02.08.11: Adobe Flash Player ActionScript Integer Overflow Vulnerability
  • From: labs-no-reply
• iDefense Security Advisory 02.08.11: Adobe Flash Player ActionScript Memory Corruption Vulnerability
  • From: labs-no-reply
• CGI:IRC XSS issue (CVE-2011-0050)
  • From: David Leadbeater
• Re: Microsoft Terminal Services vulnerable to MITM-attacks.
  • From: Ansgar Wiechers
• RE: Microsoft Terminal Services vulnerable to MITM-attacks.
  • From: Jim Harrison
• TPTI-11-03: Adobe Shockwave Font Xtra String Decoding Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• TPTI-11-04: Adobe Shockwave GIF Logical Screen Descriptor Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• TPTI-11-02: Adobe Shockwave TextXtra Invalid Seek Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• SourceBans Version 1.4.7 XSS
  • From: null
• TPTI-11-01: Adobe Shockwave dirapi.dll IFWV Trusted Offset Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [SECURITY] CVE-2010-3449: Apache Continuum CSRF vulnerability
  • From: Brett Porter
• Linksys WAP610N Unauthenticated Root Consle
  • From: Matteo Ignaccolo
• [SECURITY] [DSA-2158-1] cgiirc security update
  • From: Steve Kemp
• [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability
  • From: Brett Porter
• RE: Microsoft Terminal Services vulnerable to MITM-attacks.
  • From: Ziots, Edward
• [USN-1060-1] Exim vulnerabilities
  • From: Marc Deslauriers
• CORE-2011-0103 - ZOHO ManageEngine ADSelfService multiple vulnerabilities
  • From: CORE Security Technologies Advisories
• VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
  • From: VMware Security team
• VUPEN Security Research - Adobe Shockwave DIRAPI LCTX Chunck Memory Corruption Vulnerability (APSB11-01)
  • From: VUPEN Security Research
• HTB22852: SQL Injection in WP Forum Server wordpress plugin
  • From: advisory
• [SECURITY] [DSA 2159-1] vlc security update
  • From: Moritz Muehlenhoff
• ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader
  • From: ACROS Security Lists
• HTB22851: SQL Injection in WP Forum Server wordpress plugin
  • From: advisory
• VUPEN Security Research - Microsoft Internet Explorer "mshtml.dll" Dangling Pointer Vulnerability (CVE-2011-0036)
  • From: VUPEN Security Research
• [SECURITY] [DSA 2160-1] tomcat6 security update
  • From: Moritz Muehlenhoff
• HTB22820: SQL Injection in RunCMS
  • From: advisory
• [ MDVSA-2011:026 ] phpmyadmin
  • From: security
• HTB22821: Path disclosure in RunCMS
  • From: advisory
• HTB22822: XSS vulnerability in RunCMS
  • From: advisory
• Kunena SQL Injection Vulnerability & Information Leakage
  • From: Red Matter
• VUPEN Security Research - Microsoft Windows Shell Graphics BMP "width" Integer Overflow Vulnerability
  • From: VUPEN Security Research
• VUPEN Security Research - Microsoft Windows Shell Graphics BMP "height" Integer Overflow Vulnerability
  • From: VUPEN Security Research
• ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player
  • From: ACROS Security Lists
• VUPEN Security Research - Microsoft Windows Shell Graphics biCompression Buffer Overflow Vulnerability
  • From: VUPEN Security Research
• [USN-1061-1] iTALC vulnerability
  • From: Kees Cook
• [SECURITY] [DSA 2161-1] OpenJDK security update
  • From: Florian Weimer
• [SECURITY] [DSA 2163-1] python-django security update
  • From: Nico Golde
• [SECURITY] [DSA 2162-1] openssl security update
  • From: Nico Golde
• [ MDVSA-2011:027 ] openoffice.org
  • From: security
• [SECURITY] [DSA 2161-2] OpenJDK security update
  • From: Florian Weimer
• [USN-1063-1] QEMU vulnerability
  • From: Kees Cook
• [USN-1062-1] Kerberos vulnerabilities
  • From: Steve Beattie
• Re: Linksys WAP610N Unauthenticated Root Console
  • From: Matteo Ignaccolo
• HTB22831: XSS vulnerability in Gollos
  • From: advisory
• HTB22832: Path disclosure in ArtGK CMS
  • From: advisory
• HTB22830: Multiple XSS vulnerabilities in Gollos
  • From: advisory
• HTB22833: Information Disclosure in Arctic Fox CMS
  • From: advisory
• HTB22826: Multiple XSS vulnerabilities in Wikipad
  • From: advisory
• HTB22828: Multiple XSS vulnerabilities in Photopad
  • From: advisory
• HTB22824: SQL Injection in Seo Panel
  • From: advisory
• HTB22823: SQL Injection in Seo Panel
  • From: advisory
• [ MDVSA-2011:028 ] openssl
  • From: security
• HTB22829: Path disclosure in Xaraya
  • From: advisory
• HTB22827: File Content Disclosure in Wikipad
  • From: advisory
• HTB22825: SQL Injection in Seo Panel
  • From: advisory
• Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability
  • From: robkraus
• Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities
  • From: robkraus
• ZDI-11-082: Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability
  • From: ZDI Disclosures
• [SECURITY] CVE-2011-0533: Apache Archiva cross-site scripting vulnerability
  • From: Brett Porter
• ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-084: Oracle Java Unsigned Applet Applet2ClassLoader Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• Gain Windows Domain Admin Privileges - Online Challenge
  • From: Ivan Buetler
• [USN-1065-1] shadow vulnerability
  • From: Kees Cook
• [SECURITY] [DSA 2165-1] ffmpeg-debian security update
  • From: Luciano Bello
• [USN-1064-1] OpenSSL vulnerability
  • From: Steve Beattie
• ZDI-11-083: Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• [SECURITY] [DSA 2164-1] shadow security update
  • From: Nico Golde
• [SECURITY] [DSA 2166-1] chromium-browser security update
  • From: Giuseppe Iuculano
• ZDI-11-086: Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 2167-1] phpmyadmin security update
  • From: Thijs Kinkhorst
• [SECURITY] [DSA 2168-1] openafs security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 2169-1] telepathy-gabble security update
  • From: Nico Golde
• PHP 5.3.5 grapheme_extract() NULL Pointer Dereference
  • From: cxib
• ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22836: Path disclosure in Coppermine
  • From: advisory
• HTB22835: DoS (Denial of Service) Risk in FlatnuX
  • From: advisory
• HTB22834: Path disclosure in FlatnuX
  • From: advisory
• [USN-1066-1] Django vulnerabilities
  • From: Jamie Strandboge
• Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference
  • From: Marcin Orlowski
• [USN-1067-1] Telepathy Gabble vulnerability
  • From: Jamie Strandboge
• [ MDVSA-2011:029 ] kernel
  • From: security
• www.eVuln.com : "wsnuser" Cookie SQL Injection vulnerability in WSN Guest
  • From: bt
• Re: DC4420 - London DEFCON - February meet - Tuesday 22nd February 2011
  • From: Major Malfunction
• ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• Privacy, Security, Trust (PST 2011) - Call for Papers
  • From: Serguei A. Mokhov on behalf of PST-11
• [ MDVSA-2011:031 ] python-django
  • From: security
• [SECURITY] [DSA 2170-1] mailman security update
  • From: Thijs Kinkhorst
• [ MDVSA-2011:032 ] eclipse
  • From: security
• www.eVuln.com : "time" SQL Injection vulnerability in WSN Guest
  • From: bt
• Domino Sametime Multiple Reflected Cross-Site Scripting
  • From: david . daly
• [security bulletin] HPSBUX02628 SSRT090183 rev.1 - HP-UX Running CDE Calendar Manager, Remote Execution of Arbitrary Code
  • From: security-alert
• [ MDVSA-2011:033 ] awstats
  • From: security
• [ MDVSA-2011:030 ] tomcat5
  • From: security
• [SECURITY] [DSA 2171-1] asterisk security update
  • From: Moritz Muehlenhoff
• [ MDVSA-2011:034 ] banshee
  • From: security
• HTB22842: Path disclosure in Comment Rating wordpress plugin
  • From: advisory
• HTB22843: Path disclosure in GD Star Rating wordpress plugin
  • From: advisory
• AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code
  • From: Asterisk Security Team
• Re: Domino Sametime Multiple Reflected Cross-Site Scripting
  • From: barkley
• HTB22845: SQL Injection in cdnvote wordpress plugin
  • From: advisory
• HTB22844: XSS in GD Star Rating wordpress plugin
  • From: advisory
• [ MDVSA-2011:035 ] tomboy
  • From: security
• HTB22841: SQL Injection in Comment Rating wordpress plugin
  • From: advisory
• HTB22840: Path disclosure in Starbox Voting wordpress plugin
  • From: advisory
• [USN-1068-1] Aptdaemon vulnerability
  • From: Marc Deslauriers
• HTB22838: Path disclosure in Vote It Up wordpress plugin
  • From: advisory
• HTB22839: SQL Injection in Z-Vote wordpress plugin
  • From: advisory
• Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability
  • From: YGN Ethical Hacker Group
• [USN-1069-1] Mailman vulnerabilities
  • From: Marc Deslauriers
• [SECURITY] [DSA 2172-1] moodle security update
  • From: Moritz Muehlenhoff
• [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables
  • From: Timo Warns
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
  • From: Cisco Systems Product Security Incident Response Team
• [ MDVSA-2011:036 ] mailman
  • From: security
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager
  • From: Cisco Systems Product Security Incident Response Team
• [USN-1070-1] Bind vulnerability
  • From: Marc Deslauriers
• ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• WordPress Uploadify Plugin 1.0 Remote File Upload
  • From: Leonardo Rota Botelho
• ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability
  • From: ZDI Disclosures
• HTB22846: SQL Injection in IWantOneButton wordpress plugin
  • From: advisory
• HTB22847: XSS in IWantOneButton wordpress plugin
  • From: advisory
• HTB22850: SQL Injection in WP Forum Server wordpress plugin
  • From: advisory
• HTB22851: SQL Injection in WP Forum Server wordpress plugin
  • From: advisory
• [ MDVSA-2011:037 ] avahi
  • From: security
• CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System
  • From: Williams, James K
• Linksys Cisco Wag120N CSRF Vulnerability
  • From: irancrash
• prestashop vuln: sql injection submitted to bugtraq@xxxxxxxxxxxxxxxxx
  • From: Antonio S.M
• [BMSA-2011-01] Insecure secure cookie in web.go
  • From: Nam Nguyen
• DoS Condition with Altigen VoIP Phone Systems
  • From: Patrick Kelley
• Re: Linksys Cisco Wag120N CSRF Vulnerability
  • From: tadeu1
• [USN-1071-1] Linux kernel vulnerabilities
  • From: Marc Deslauriers