Mail Index
- [ MDVSA-2011:079 ] firefox
- [USN-1112-1] Firefox and Xulrunner vulnerabilities
- [USN-1121-1] firefox vulnerabilities
- [SECURITY] [DSA 2227-1] iceape security update
- OSI Security: LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability
- [ MDVSA-2011:081 ] kdenetwork4
- [ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g
- From: ISecAuditors Security Advisories
- [SECURITY] [DSA 2229-1] spip security update
- [SECURITY] [DSA 2230-1] qemu-kvm security update
- [SECURITY] [DSA 2228-1] iceweasel security update
- Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion
- [USN-1123-1] xulrunner-1.9.1 vulnerabilities
- [ MDVSA-2011:080 ] mozilla-thunderbird
- XSS in GOT.MY CLASSMATES
- SQL injection in 4images
- [security bulletin] HPSBMA02661 SSRT100408 rev.2 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
- [USN-1127-1] usb-creator vulnerability
- XSS in DEAL INFORMER
- HTB22967: Multiple SQL Injection in Shutter
- HTB22966: XSS in (e)2 interactive Photo Gallery
- Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv
- TeamSHATTER Security Advisory: XSS in locale parameter on IASTOP_CS_FARM_PAGE.html
- HTB22964: XSS in SelectaPix Image Gallery
- HTB22963: CSRF (Cross-Site Request Forgery) in SelectaPix Image Gallery
- [ MDVSA-2011:082 ] python-feedparser
- HTB22962: Multiple XSS in YaPiG
- [USN-1129-1] Perl vulnerabilities
- Path disclousure in MEGA PORTAL
- XSS in CLASSIFIED ADS
- TeamSHATTER Security Advisory: Oracle Malformed Network Package Spins CPU
- NATO CCD COE's 3rd International Conference on Cyber Conflict . 7-10 June, Tallinn, Estonia.
- Proofpoint Protection Server Cross-Site Scripting Vulnerability - SOS-11-005
- [USN-1128-1] Vino vulnerabilities
- TeamSHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager Service Level component
- CSRF (Cross-Site Request Forgery) in FREELANCER
- [RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances
- From: RedTeam Pentesting GmbH
- Cisco IOS UDP Denial of Service Vulnerability
- [security bulletin] HPSBMA02667 SSRT100464 rev.3 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection
- [RT-SA-2011-004] Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface
- From: RedTeam Pentesting GmbH
- Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
- Announcement - DeepSec 2011 - Call for Papers
- [USN-1126-2] PHP Regressions
- Fwd: [USN-1122-1] Thunderbird vulnerabilities
- t2'11: Call for Papers 2011 (Helsinki / Finland)
- Re: Cisco IOS UDP Denial of Service Vulnerability
- Re: Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
- Cisco Security Response: Cisco IOS Software Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- HTB22968: XSS in PHP Directory Listing Script
- HTB22970: Multiple XSS vulnerabilities in PHPDug
- HTB22973: XSS in AJAX Calendar
- HTB22971: XSRF (CSRF) in PHPDug
- HTB22972: Multiple SQL injection vulnerabilities in PHPDug
- HTB22969: CSRF (Cross-Site Request Forgery) in VCalendar
- [USN-1122-2] Thunderbird vulnerabilities
- PR10-13: Multiple XSS and Authentication flaws within BMC Remedy Knowledge Management
- [USN-1111-1] Linux kernel vulnerabilities
- Silently Pwning Protected-Mode IE9 and Innocent Windows Applications
- Security Advisory: DNS BIND Security Advisory: RRSIG Queries Can Trigger Server Crash When Using Response Policy Zones
- VMSA-2011-0008 VMware vCenter Server and vSphere Client security vulnerabilities
- From: VMware Security Team
- [SECURITY] [DSA 2231-1] otrs2 security update
- [SECURITY] [DSA 2232-1] exim4 security update
- Swiss Cyber Storm 3
- TSSA-2011-02 - Opera : SELECT SIZE Arbitrary null write
- From: Advisories Toucan-System
- TSSA-2011-03 - Perl : multiple functions null pointer dereference uppon parameters injection
- From: Advisories Toucan-System
- Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)
- [security bulletin] HPSBOV02634 SSRT100390 rev.1 - HP OpenVMS running Java, Remote Denial of Service (DoS)
- [security bulletin] HPSBTU02684 SSRT100390 rev.1 - HP Tru64 UNIX running Java, Remote Denial of Service (DoS)
- [security bulletin] HPSBOV02682 SSRT100495 rev.1 - HP OpenVMS running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Modification
- [security bulletin] HPSBOV02670 SSRT100475 rev.1 - HP OpenVMS running SSL, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
- [security bulletin] HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
- PR10-17 Various XSS and information disclosure flaws within KeyFax response management system
- ZDI-11-154: Sybase M-Business Anywhere agSoap.exe password Tag Remote Code Execution Vulnerability
- ZDI-11-155: Sybase M-Business Anywhere Server agd.exe encodeUsername Remote Code Execution Vulnerability
- ZDI-11-156: Sybase M-Business Anywhere agd.exe username Parameter Remote Code Execution Vulnerability
- ZDI-11-157: Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability
- OSI Security: Civica Spydus Library Management System (LMS) - Cross-Site Scripting Vulnerability
- Re: SQL Injection in Pixie
- From: security curmudgeon
- HTB22974: Multiple XSS in Calendarix
- HTB22975: SQL injection in Calendarix
- HTB22976: Multiple XSS (Cross Site Scripting) vulnerabilities in poMMo
- HTB22977: XSRF (CSRF) in poMMo
- ZDI-11-161: HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability
- ZDI-11-160: HP 3COM/H3C Intelligent Management Center img Remote Code Execution Vulnerability
- ZDI-11-164: HP 3COM/H3C Intelligent Management Center tftpserver DATA/ERROR Remote Code Execution Vulnerability
- [SECURITY] [DSA 2235-1] icedove security update
- Apache Struts 2 Multiple Reflected XSS in XWork error pages
- [security bulletin] HPSBGN02680 SSRT100361 rev.1 - HP Intelligent Management Center (IMC), Remote Execution of Arbitrary Code
- ZDI-11-165: HP 3COM/H3C Intelligent Management Center tftpserver opcode_table Remote Code Execution Vulnerability
- ZDI-11-162: HP 3COM/H3C Intelligent Management Center dbman sprintf Remote Code Execution Vulnerability
- [SECURITY] [DSA 2234-1] zodb security update
- [USN-1131-1] Postfix vulnerability
- ZDI-11-159: Mozilla Firefox OBJECT mObserverList Remote Code Execution Vulnerability
- [SECURITY] [DSA 2233-1] postfix security update
- [security bulletin] HPSBMI02632 SSRT100379 rev.1 - HP/Palm webOS, Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized File System Write Access
- ZDI-11-158: Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability
- [Announcement] ClubHACK Magazine Issue 16-May 2011 released
- ZDI-11-166: HP 3COM/H3C Intelligent Management Center imcsyslogdm Remote Code Execution Vulnerability
- CA20110510-01: Security Notice for CA eHealth
- [PRE-SA-2011-04] Heap overflow in EFI partition handling code of the Linux kernel
- ZDI-11-167: Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability
- [security bulletin] HPSBMA02672 SSRT100485 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Local Read and Write Access to Data and Log Files
- ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability
- [USN-1130-1] Exim vulnerability
- [security bulletin] HPSBMA02642 SSRT100415 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
- CORE-2010-1118: Oracle GlassFish Server Administration Console Authentication Bypass
- From: CORE Security Technologies Advisories
- [Bkis] sNews 1.7.1 XSS vulnerability
- HTB22980: XSRF (CSRF) in Open Classifieds
- [security bulletin] HPSBMA02661 SSRT100408 rev.3 - HP SNMP Agents Running on Linux and HP Insight Management Agents Running on Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
- HTB22979: Multiple XSS (Cross Site Scripting) vulnerabilities in Argyle Social
- HTB22978: XSRF (CSRF) in Argyle Social
- CORE-2011-0204: Adobe Audition vulnerability processing malformed session file
- From: CORE Security Technologies Advisories
- [ MDVSA-2011:083 ] wireshark
- [security bulletin] HPSBMA02681 SSRT100493 rev.1 - HP Business Availability Center (BAC) Running on Windows and Solaris, Remote Cross Site Scripting (XSS)
- [Annoucement] ClubHack Magazine - Call for Articles
- [ MDVSA-2011:084 ] apr
- Multiple Vendors libc/fnmatch(3) DoS (incl apache poc)
- [SECURITY] [DSA 2236-1] exim4 security update
- ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability
- [ MDVSA-2011:085 ] libmodplug
- [SECURITY] [DSA 2237-1] apr security update
- [ MDVSA-2011:086 ] polkit
- NSENSE-2011-002: Novell eDirectory/Netware LDAP-SSL daemon
- DC4420 - London DEFCON - May meet - Tuesday 24th May 2011
- Linux Kernel 2.6.38 Remote NULL Pointer Dereference
- [ MDVSA-2011:087 ] vino
- WebTech Conference 2011 Call for Papers
- MalBox Release! A Program Behavior Analysis System!
- [ MDVSA-2011:088 ] mplayer
- PR10-15: Multiple XSS flaws within Mitel's AWC (Mitel Audio and Web Conferencing)
- [ MDVSA-2011:089 ] mplayer
- Vulnerable and completely outdated 3rd party ZIP code in FastStone image viewer
- [USN-1132-1] apturl vulnerability
- ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability
- [ MDVSA-2011:090 ] postfix
- [SECURITY] CVE-2011-1582 Apache Tomcat security constraint bypass
- HTB22981: Multiple XSS (Cross Site Scripting) vulnerabilities in PHP Calendar Basic
- Ruxcon 2011 Call For Papers
- CVE-2010-0217 - Zeacom Chat Server JSESSIONID weak SessionID Vulnerability
- [ MDVSA-2011:092 ] perl-IO-Socket-SSL
- XSS vulnerability in TWiki < 5.0.2
- From: Netsparker Advisories
- DOMinator - The DOMXss Analyzer Tool - is finally public
- [ MDVSA-2011:093 ] gnome-screensaver
- Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
- Apache Struts 2, XWork, OpenSymphony WebWork Java Class Path Information Disclosure
- [ MDVSA-2011:094 ] pure-ftpd
- RE: CA20110420-02: Security Notice for CA Output Management Web Viewer
- Ubuntu Security Notice publication update
- [SECURITY] [DSA 2238-1] vino security update
- [ MDVSA-2011:095 ] apr
- PHPCaptcha / Securimage 2.0.2 - Authentication Bypass - SOS-11-007
- Session hacking via authentication cookie on Oracle CRM on Demand
- PR10-11: Multiple XSS injection vulnerabilities and a offsite redirection flaw within HP System Management Homepage (Insight Manager)
- NGS00054 Patch Notification: Lumension Device Control (formerly Sanctuary) remote memory corruption
- [ MDVSA-2011:096 ] python
- Bypassing Cisco's ICMPv6 Router Advertisement Guard feature
- HTB22995: XSS in Ajax Chat
- [ MDVSA-2011:098 ] ruby
- [ MDVSA-2011:099 ] libzip
- [SECURITY] [DSA 2237-2] apr security update
- NNT Change Tracker - Hard-Coded Encryption Key
- [ MDVSA-2011:100 ] cyrus-imapd
- HTB22987: Multiple XSS in phpScheduleIt
- [ MDVSA-2011:097 ] ruby
- Gadu-Gadu 0-Day Remote Code Execution
- HTB22986: SQL injection in ExtCalendar 2
- [ MDVSA-2011:095-1 ] apr
- [SECURITY] [DSA 2239-1] libmojolicious-perl security update
- E-mail address spoofing with RLO
- VUPEN Security Research - 7T Interactive Graphical SCADA System (IGSS) Remote Memory Corruption
- From: VUPEN Security Research
- CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow
- From: CORE Security Technologies Advisories
- Remote Password Disclosure Vulnerability in RXS-3211 IP Camera + others
- The Anatomy of COM Server-Based Binary Planting Exploits
- From: ACROS Security Lists
- [SECURITY] [DSA 2240-1] linux-2.6 security update
- [SECURITY] [DSA 2241-1] qemu-kvm security update
- Cisco Security Advisory: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 05.24.11: IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow
- iDefense Security Advisory 05.24.11: IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow
- Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 05.24.11: IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow
- iDefense Security Advisory 05.24.11: IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow
- Talsoft S.R.L. Security Advisory - WordPress User IDs and User Names Disclosure
- [ MDVSA-2011:101 ] dovecot
- [SECURITY] [DSA 2242-1] cyrus-imapd-2.2 security update
- [CVE-REQUEST] Plone XSS and permission errors
- [SECURITY] CVE-2011-1026: Apache Archiva Multiple CSRF vulnerability
- [SECURITY] CVE-2011-1077: Apache Archiva Multiple XSS vulnerability
- Viewpoint: Security implications of IPv6
- [SECURITY] [DSA 2243-1] unbound security update
- [ MDVSA-2011:102 ] rdesktop
- [ MDVSA-2011:103 ] gimp
- CFP for ekoparty 2011 is now OPEN! [Buenos Aires, Argentina]
- From: eko security conference
- FreeBSD Security Advisory FreeBSD-SA-11:02.bind
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 2244-1] bind9 security update
- [SECURITY] [DSA 2246-1] mahara security update
- [SECURITY] [DSA 2245-1] chromium-browser security update
- [CVE-2011-1026] Apache Archiva Multiple CSRF vulnerabilities
- From: Walikar Riyaz Ahemed Dawalmalik
- Paranoia 2011: Call for papers
- Cross-Site Scripting vulnerability in Serendipity Plugin "serendipity_event_freetag"
- [CVE-2011-1077] Apache Archiva Multiple XSS vulnerabilities
- From: Walikar Riyaz Ahemed Dawalmalik
Mail converted by MHonArc