Mail Index
- PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities
- Opial CMS v2.0 - Multiple Web Vulnerabilities
- C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
- OWASP 2012 Online Competition with Hacking-Lab
- Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities
- Pritlog v0.821 CMS - Multiple Web Vulnerabilities
- NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow
- NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI
- NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI
- NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM
- NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI
- NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation
- NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM
- McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability
- Call for Paper: 3rd Workshop on Security and Privacy in Social Networks
- Corrections about Squid/McAfee URL Filtering Bypass
- From: Gabriel Menezes Nunes
- [ MDVSA-2012:067 ] samba
- Re: Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities
- LAN Messenger v1.2.28 - Denial of Service Vulnerability
- [security bulletin] HPSBMU02770 SSRT100848 rev.1 - HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (DoS)
- [security bulletin] HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection
- [security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code
- [CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability
- [SECURITY] [DSA 2463-1] samba security update
- Local File Inclusion in PluXml
- [SECURITY] [DSA 2464-1] icedove security update
- VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues
- From: VMware Security Team
- FreeBSD Security Advisory FreeBSD-SA-12:01.openssl
- From: FreeBSD Security Advisories
- Fortinet FortiWeb Web Application Firewall Policy Bypass
- Firefox security bug (proxy-bypass) in current Tor BBs
- From: oLhrrBHQeTr0EmbKwBXa
- LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador)
- Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901)
- SQL Injection and other issues in Micro Technology Services, Inc. Lynx
- [waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page
- [waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template
- Re: DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass
- VMware Backdoor Response Uninitialized Memory Potential VM Break
- [SECURITY] [DSA 2462-2] imagemagick regression update
- Format Factory v2.95 - Buffer Overflow Vulnerabilities
- [ MDVSA-2012:069 ] cifs-utils
- [ MDVSA-2012:070 ] samba
- [SECURITY] [DSA 2459-2] quagga security update
- Format Factory v2.95 - Buffer Overflow Vulnerabilities
- VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break
- APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update
- From: Apple Product Security
- Fwd: [cryptography] Apple Legacy filevault barn door...
- Ubuntu, Linux Mint, and the Guest Account
- Re: [Full-disclosure] Ubuntu, Linux Mint, and the Guest Account
- [security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation
- rssh security announcement
- Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability
- Re: rssh security announcement
- [SECURITY] [DSA 2464-2] icedove regression update
- [security bulletin] HPSBMU02775 SSRT100853 rev.2 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation
- Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)
- From: Rodrigo Rubira Branco \(BSDaemon\)
- Adobe Shockwave Player Remote Code Execution (CVE-2012-2030)
- From: Rodrigo Rubira Branco \(BSDaemon\)
- Adobe Shockwave Player Remote Code Execution (CVE-2012-2031)
- From: Rodrigo Rubira Branco \(BSDaemon\)
- [SECURITY] [DSA 2465-1] php5 security update
- [SECURITY] [DSA 2466-1] rails security update
- Re: rssh security announcement
- [SECURITY] [DSA 2467-1] mahara security update
- [SECURITY] [DSA 2422-2] file regression fix
- [SECURITY] [DSA 2468-1] libjakarta-poi-java security update
- APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002
- From: Apple Product Security
- APPLE-SA-2012-05-09-2 Safari 5.1.7
- From: Apple Product Security
- Drupal 7.14 <= Full Path Disclosure Vulnerability
- Drupal 7.14 <= Full Path Disclosure Vulnerability (Update)
- [ MDVSA-2012:068-1 ] php
- Re: Drupal 7.14 <= Full Path Disclosure Vulnerability
- [ MDVSA-2012:071 ] php
- [ MDVSA-2012:072 ] roundcubemail
- [SECURITY] [DSA 2469-1] linux-2.6 security update
- Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability
- ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities
- CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- Multiple vulnerabilities in OrangeHRM
- Cross-Site Scripting (XSS) in Pivotx
- t2'12: Call for Papers 2012 (Helsinki / Finland)
- b2ePMS 1.0 Authentication Bypass Vulnerability
- [SECURITY] [DSA 2670-1] wordpress security update
- Universal Reader Filename Denial Of Service Vulnerability
- Liferay users can assign themselves to organizations, leading to possible privilege escalation
- [SECURITY] [DSA-2471-1] ffmpeg security update
- [SECURITY] [DSA 2457-2] New icedove/iceweasel packages fix regression
- [ MDVSA-2012:073 ] openssl
- [ MDVSA-2012:074 ] ffmpeg
- [ MDVSA-2012:076 ] ffmpeg
- Re: rssh security announcement
- Trigerring Java code from a SVG image
- ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED
- NETGEAR Exposure of Sensitive Information - Security Advisory - SOS-12-005
- APPLE-SA-2012-05-14-1 Flashback Removal Security Update
- From: Apple Product Security
- APPLE-SA-2012-05-14-2 Leopard Security Update 2012-003
- From: Apple Product Security
- Multiple xss issues in Liferay
- Guests can view names and emailadresses of all Liferay users in liferay 6.1
- Liferay 6.1 can be compromised without having an account on the portal
- [ MDVSA-2012:075 ] ffmpeg
- Liferay 6.1 json webservices are subject to cross-site request forgery attacks
- APPLE-SA-2012-05-15-1 QuickTime 7.7.2
- From: Apple Product Security
- Apple Quicktime Memory Corruption (CVE-2012-0671)
- From: Rodrigo Rubira Branco \(BSDaemon\)
- [SECURITY] [DSA 2472-1] gridengine security update
- Re: Trigerring Java code from a SVG image
- CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object
- CVE-2012-2149 OpenOffice.org memory overwrite vulnerability
- CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0
- The story of the Linux kernel 3.x...
- [PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem
- FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability
- [SECURITY] [DSA 2473-1] openoffice.org security update
- [ MDVSA-2012:077 ] imagemagick
- [ MDVSA-2012:078 ] imagemagick
- [security bulletin] HPSBUX02777 SSRT100854 rev.1 - HP-UX Running Java JRE and JDK, Remote Denial
- [security bulletin] HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of
- DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection
- [SECURITY] [DSA 2474-1] ikiwiki security update
- Re: [oss-security] CVE Request: Planeshift buffer overflow
- [security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized
- [SECURITY] [DSA 2475-1] openssl security update
- Re: [oss-security] CVE Request: Planeshift buffer overflow
- Re: [oss-security] CVE Request: Planeshift buffer overflow
- H2HC Brazil 9th Edition - Call for Papers
- From: Rodrigo Rubira Branco \(BSDaemon\)
- SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149
- From: SEC Consult Vulnerability Lab
- New Open Source Web Application Vulnerability Scanner Available
- [ MDVSA-2012:079 ] sudo
- Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012)
- [SECURITY] [DSA 2476-1] pidgin-otr security update
- Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access
- From: YGN Ethical Hacker Group
- Acuity CMS 2.6.x <= Arbitrary File Upload
- From: YGN Ethical Hacker Group
- PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
- [SECURITY] [DSA 2477-1] sympa security update
- [Announcement] CHMag's Issue 28, May 2012 Released
- DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012
- Tftpd32 DHCP Server Denial Of Service Vulnerability
- ESA-2012-020: EMC AutoStart Multiple Buffer Overflow Vulnerabilities
- IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc...
- [ MDVSA-2012:080 ] wireshark
- [SECURITY] [DSA 2478-1] sudo security update
- [SECURITY] [DSA 2479-1] libxml2 security update
- [ MDVSA-2012:081 ] firefox
- [SECURITY] [DSA 2480-1] request-tracker3.8 security update
- Multiple XSS in pragmaMx
- Multiple vulnerabilities in Pligg CMS
- Multiple vulnerabilities in LogAnalyzer
- [CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability
- GreHack 2012 - Call For Papers (Grenoble, France)
- CFP: Hacktivity 2012, October 12-13, Budapest, Hungary
- Kingcopes AthCon 2012 Slides & Notes
- Tftpd32 DNS Server Denial Of Service Vulnerability
- WinRadius Server Denial Of Service Vulnerability
- [SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released)
- From: Security Explorations
- [ MDVSA-2012:082 ] pidgin
- [ MDVSA-2012:083 ] util-linux
- [ MDVSA-2012:084 ] ncpfs
- DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass
- [SECURITY] [DSA 2480-2] request-tracker3.8 regression update
- [ MDVSA-2012:085 ] tomcat5
- Mapserver for Windows (MS4W) Remote Code Execution
- AST-2012-007: Remote crash vulnerability in IAX2 channel driver.
- From: Asterisk Security Team
- AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability
- From: Asterisk Security Team
- Re: Progress Webspeed exploit for all releases
- 2 Buffer Overflows in Wireless Manager Sony VAIO
- FreeBSD Security Advisory FreeBSD-SA-12:01.openssl
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-12:02.crypt
- From: FreeBSD Security Advisories
- Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- things you can do with downloads
Mail converted by MHonArc