Mail Index
- DDIVRT-2011-33 IBM WebSphere Application Server 'help' Servlet Plug-in Bundle Directory Traversal [CVE-2011-1359]
- CVE-2011-3682: 2WIRE-SINGTEL 2701HGV-E/2700HGV-2/2700HG GATEWAY ROUTER MANAGEMENT AND DIAGNOSTIC CONSOLE VULNERABILITY
- IBSng all version Cross-Site Scripting Vulnerability
- [ GLSA 201111-01 ] Chromium, V8: Multiple vulnerabilities
- GDTelcom Speedtest ActiveX Control "FTPDownLoad Class"-ActiveX.dll Remote Denial of Service Vulnerability
- [security bulletin] HPSBMU02712 SSRT100649 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- XSS Vulnerabilities in eFront
- From: Netsparker Advisories
- XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3
- From: Netsparker Advisories
- Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability
- [ MDVSA-2011:162 ] kdelibs4
- Multiple vulnerabilities in Efront
- [ MDVSA-2011:163 ] phpldapadmin
- NGS00042 Technical Advisory: Solaris 11 USB hub class descriptor kernel stack overflow (CVE-2011-2295)
- [ MDVSA-2011:164 ] wireshark
- Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
- ESA-2011-032: EMC Documentum eRoom arbitrary file upload vulnerability.
- CmyDocument Content Management Application - XSS Vulnerabilities
- [security bulletin] HPSBMU02704 SSRT100619 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Denial of Service (DoS)
- ESA-2011-035: RSA, The Security Division of EMC, announces the release of Hotfix 6 with security updates for RSA Key Manager Appliance 2.7 Service Pack 1
- Serendipity Plugin 'Karma Ranking' Multiple Cross-Site Scripting
- [ MDVSA-2011:165 ] php
- [ MDVSA-2011:166 ] php
- Multiple BSD libc/regcomp(3) Multiple Vulnerabilities
- [security bulletin] HPSBOV02470 SSRT080123 rev.1 - HP TCP/IP Services for OpenVMS Running SMTP Server, Remote Denial of Service (DoS)
- [security bulletin] HPSBOV02467 SSRT090152 rev.1 - HP TCP/IP Services for OpenVMS Running POP or IMAP, Remote Unauthorized Access
- [ MDVSA-2011:167 ] gimp
- [SECURITY] [DSA 2334-1] mahara security update
- Malware detection evasion in antivirus software
- [ GLSA 201111-02 ] Oracle JRE/JDK: Multiple vulnerabilities
- [SECURITY] [DSA 2335-1] man2html security update
- [SECURITY] [DSA 2337-1] xen security update
- foofus.net security advisory - Lexmark Multifunction Printer Information Leakage
- [SECURITY] [DSA 2338-1] moodle security update
- TWSL2011-017: Multiple Vulnerabilities in Merethis Centreon
- From: Trustwave Advisories
- [SECURITY] [DSA 2339-1] nss security update
- [SECURITY] [DSA 2336-1] ffmpeg security update
- [SECURITY] [DSA 2340-1] postgresql security update
- Cisco CUCM - Multiple Vulnerabilities
- IPv6 security (slides and training)
- New online security challenge - GotWurzel
- [security bulletin] HPSBHF02706 SSRT100613 rev.1 - HP Integrated Lights-Out iLO2 and iLO3 running SSL/TLS, Denial of Service (DoS), Unauthorized Modification
- osCSS2 "_ID" parameter Local file inclusion
- [SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via Manager app
- OrderSys <= 1.6.4 Sql Injection Vulnerabilities
- From: muuratsalo experimental hack lab
- LabStoRe <= 1.5.4 Sql Injection Vulnerabilities
- From: muuratsalo experimental hack lab
- APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
- From: Apple Product Security
- [CAL-2011-0054]Adobe Shockwave Player Director File Parsing data of rcsl chunk multiple DOS vulnerabilities
- [CAL-2011-0052]Adobe Shockwave Player Director File Parsing PAMM memory corruption vulnerability
- Local file inclusion in VtigerCRM
- LabWiki <= 1.1 Multiple Vulnerabilities
- From: muuratsalo experimental hack lab
- Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0
- Re: LabWiki <= 1.1 Multiple Vulnerabilities
- From: muuratsalo experimental hack lab
- Multiple security vulnerabilities in AShop
- DC4420 - London DEFCON - November 2011 meet - Tuesday 15th November
- [ MDVSA-2011:168 ] apache
- Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2341-1] iceweasel security update
- [ MDVSA-2011:168 ] apache
- [SECURITY] [DSA 2343-1] openssl security update
- [SECURITY] [DSA 2342-1] iceape security update
- Re: Local file inclusion in VtigerCRM
- Re: foofus.net security advisory - Lexmark Multifunction Printer Information Leakage
- [security bulletin] HPSBMU02708 SSRT100633 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)
- [security bulletin] HPSBMA02659 SSRT100440 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
- XSS vulnerability in Joomla 1.6.3
- From: Netsparker Advisories
- Re: Re: foofus.net security advisory - Lexmark Multifunction Printer Information Leakage
- [security bulletin] HPSBMU02714 SSRT100244 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information
- APPLE-SA-2011-11-10-1 iOS 5.0.1 Software Update
- From: Apple Product Security
- CORE-2011-0919: Apple OS X Sandbox Predefined Profiles Bypass
- From: CORE Security Technologies Advisories
- APPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station (802.11n) Firmware 7.6
- From: Apple Product Security
- iGuard Biometric Access Control - Multiple Vulnerabilities
- From: research@xxxxxxxxxxxxxxxxxxxxx
- [ MDVSA-2011:170 ] java-1.6.0-openjdk
- [security bulletin] HPSBST02722 SSRT100279 rev.1 - HP StorageWorks P4000 Virtual SAN Appliance, Execution of Arbitrary Code
- [SECURITY] [DSA 2344-1] python-django-piston security update
- [security bulletin] HPSBHF02721 SSRT100605 rev.1 - HP Directories Support for ProLiant Management Processors for Integrated Lights-Out iLO2 and iLO3, Unauthorized Access
- [ GLSA 201111-03 ] OpenTTD: Multiple vulnerabilities
- [FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities
- From: Jose Carlos de Arriba
- [ GLSA 201111-04 ] phpDocumentor: Function call injection
- [Announcement] ClubHack Mag Issue 22- Nov 2011 Released
- [ MDVSA-2011:172 ] libreoffice
- Wordpress Zingiri Web Shop Plugin <= 2.2.3 Remote Code Execution Vulnerability
- [Announcement] ClubHack 2011 Hacking and Security Conference
- [ MDVSA-2011:173 ] openssl0.9.8
- [ MDVSA-2011:171 ] networkmanager
- [ MDVSA-2011:174 ] graphite2
- APPLE-SA-2011-11-14-1 iTunes 10.5.1
- From: Apple Product Security
- [ MDVSA-2011:175 ] poppler
- [SECURITY] [DSA 2346-1] proftpd-dfsg security update
- FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution Vulnerability
- wordpress Flexible Custom Post Type plugin Xss Vulnerabilities
- [security bulletin] HPSBOV02470 SSRT080123 rev.2 - HP TCP/IP Services for OpenVMS Running SMTP Server, Remote Denial of Service (DoS)
- ZDI-11-329 : InduSoft WebStudio CEServer Operation 0x15 Remote Code Execution Vulnerability
- [SECURITY] [DSA 2346-2] proftpd-dfsg regression fix
- ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability
- [SECURITY] [DSA 2347-1] bind9 security update
- wordpress Flexible Custom Post Type plugin Xss Vulnerabilities
- CA20111116-01: Security Notice for CA Directory
- [ MDVSA-2011:176 ] bind
- Secunia Research: DVR Remote ActiveX Control DVRobot Library Loading Vulnerability
- Tiki Wiki CMS Groupware Multiple XSS vulnerabilities
- [DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS
- [DSECRG-11-031] SAP RFC EPS_DELETE_FILE - Authorisation bypass, smbrelay
- [DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose
- [DSECRG-11-034] SAP NetWeaver J2EE MeSync – information disclose
- [DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS
- [DSECRG-11-037] SAP BW Doc - Multiple XSS
- [DSECRG-11-038] SAP RSTXSCRP report - smb relay vulnerability
- [DSECRG-11-039] SAP NetWeaver TH_GREP module - Code injection vulnerability (NEW)
- [DSECRG-11-040] SAP NetWeaver SPML - XML CSRF user creation
- [DSECRG-11-041] SAP NetWeaver - Authentication bypass (Verb Tampering)
- [DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability
- Multiple vulnerabilities in webERP
- Cross-Site Scripting Vuln in Zoho ManageEngine ADSelfServicePlus
- VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
- From: VMware Security Team
- [ MDVSA-2011:176-1 ] bind
- [ MDVSA-2011:176-2 ] bind
- Blogs manager <= 1.101 SQL Injection Vulnerability
- From: muuratsalo experimental hack lab
- Valid tiny-erp <= 1.6 SQL Injection Vulnerability
- From: muuratsalo experimental hack lab
- Freelancer calendar <= 1.01 SQL Injection Vulnerability
- From: muuratsalo experimental hack lab
- wordpress Lanoba Social Plugin Xss Vulnerabilities
- [SECURITY] [DSA 2349-1] spip security update
- Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution Vulnerability
- [ GLSA 201111-05 ] Chromium, V8: Multiple vulnerabilities
- [ GLSA 201111-06 ] MaraDNS: Arbitrary code execution
- [ GLSA 201111-07 ] TinTin++: Multiple vulnerabilities
- [ GLSA 201111-08 ] radvd: Multiple vulnerabilities
- [ GLSA 201111-09 ] Perl Safe module: Arbitrary Perl code injection
- [ GLSA 201111-10 ] Evince: Multiple vulnerabilities
- [ GLSA 201111-11 ] GNU Tar: User-assisted execution of arbitrary code
- [SECURITY] [DSA 2350-1] freetype security update
- [SECURITY] [DSA 2348-1] systemtap security update
- Implications of IPv6 on network firewalls
- Wordpress advanced-text-widget Plugin Vulnerabilities
- Wordpress adminimize Plugin Vulnerabilities
- Re: Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0
- Re: wordpress Lanoba Social Plugin Xss Vulnerabilities
- [SECURITY] [DSA 2351-1] wireshark security update
- Wordpress alert-before-your-post Plugin Cross-Site Scripting Vulnerabilities
- OWASP Academy Portal - FREE OWASP TOP 10 security challenges with Hacking-Lab
- Re: XSS in Tiki Wiki CMS Groupware
- Re: jara 1.6 sql injection vulnerability
- [security bulletin] HPSBMU02726 SSRT100685 rev.1 - HP Operations Agent and Performance Agent for AIX, HP-UX, Linux, and Solaris, Local Unauthorized Access
- [SECURITY] [DSA 2352-1] puppet security update
- Multiple vulnerabilities in Dolibarr
- NGS00144 Patch Notification: FFmpeg Libavcodec buffer overflow remote code execution
- NGS00145 Patch Notification: FFmpeg Libavcodec out of bounds write remote code execution
- NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution
- Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities
- Wordpress enable-latex plugin Remote File Include Vulnerabilities
- Wordpress meenews 5.1 plugin Cross-Site Scripting Vulnerabilities
- Wordpress clickdesk-live-support-chat plugin Cross-Site Scripting Vulnerabilities
- PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability
- Debut issue of Web App Pentesting Magazine - Free Download!
- TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181
- [ MDVSA-2011:177 ] freetype2
- [security bulletin] HPSBUX02724 SSRT100650 rev.2 - HP-UX Running System Administration Manager (SAM), Local Increase in Privilege
- [security bulletin] HPSBUX02725 SSRT100627 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Authentication Bypass, Cross-Site Scripting (XSS), Unauthorized Access, Denial of Service (DoS)
- [SECURITY] [DSA 2353-1] ldns security update
- 0A29-11-1 : Cross-Site Scripting vulnerabilities in HP Network Node Manager i 9.10
- [ MDVSA-2011:178 ] glibc
- [ MDVSA-2011:179 ] glibc
- Wordpress skysa-official plugin Cross-Site Scripting Vulnerabilities
- Vulnerabilities in Siemens SIMATIC WinCC flexible 2008 SP2
- Vulnerabilities in Siemens Automation License Manager
- [ MDVSA-2011:180 ] php-suhosin
- ZDI-11-331 : RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
- ZDI-11-336 : RealNetworks RealPlayer Invalid Codec Name Remote Code Execution Vulnerability
- ZDI-11-338 : RealNetworks RealPlayer IVR MLTI Chunk Length Parsing Remote Code Execution Vulnerability
- ZDI-11-335 : RealNetworks RealPlayer RV10 Sample Height Parsing Remote Code Execution Vulnerability
- ZDI-11-337 : RealNetworks RealPlayer RV30 Uninitialized Index Value Remote Code Execution Vulnerability
- ZDI-11-332 : RealNetworks RealPlayer Malformed AAC File Parsing Remote Code Execution Vulnerability
- ZDI-11-334 : RealNetworks RealPlayer genr Sample Size Parsing Remote Code Execution Vulnerability
- ZDI-11-333 : RealNetworks RealPlayer ATRC Code Data Parsing Remote Code Execution Vulnerability
- MVSA-11-013 - EllisLab xss_clean Filter Bypass - ExpressionEngine and CodeIgniter
- Security-Assessment.com Release: Hacking Hollywood Slides, Advisories and Exploits
- Oxide M0N0X1D3 HTTP Server Directory Traversal Vulnerability
- Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities
- Vulnerabilities in 3S CoDeSys 3.4 SP4 Patch 2
Mail converted by MHonArc