Mail Thread Index
- PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities,
ariosrandy
- Opial CMS v2.0 - Multiple Web Vulnerabilities,
Research
- C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability,
Research
- OWASP 2012 Online Competition with Hacking-Lab,
Ivan Buetler
- Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities,
Amir
- Pritlog v0.821 CMS - Multiple Web Vulnerabilities,
Research
- NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow,
Research@NGSSecure
- NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI,
Research@NGSSecure
- NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI,
Research@NGSSecure
- NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM,
Research@NGSSecure
- NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI,
Research@NGSSecure
- NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation,
Research@NGSSecure
- NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM,
Research@NGSSecure
- McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability,
nospam
- Call for Paper: 3rd Workshop on Security and Privacy in Social Networks,
asemailing
- Corrections about Squid/McAfee URL Filtering Bypass,
Gabriel Menezes Nunes
- [ MDVSA-2012:067 ] samba,
security
- LAN Messenger v1.2.28 - Denial of Service Vulnerability,
Research
- [security bulletin] HPSBMU02770 SSRT100848 rev.1 - HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (DoS),
security-alert
- [security bulletin] HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection,
security-alert
- [security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code,
security-alert
- [CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability,
n0b0d13s
- [SECURITY] [DSA 2463-1] samba security update,
Moritz Muehlenhoff
- Local File Inclusion in PluXml,
advisory
- [SECURITY] [DSA 2464-1] icedove security update,
Moritz Muehlenhoff
- VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues,
VMware Security Team
- FreeBSD Security Advisory FreeBSD-SA-12:01.openssl,
FreeBSD Security Advisories
- Fortinet FortiWeb Web Application Firewall Policy Bypass,
Geffrey Velasquez
- Firefox security bug (proxy-bypass) in current Tor BBs,
oLhrrBHQeTr0EmbKwBXa
- LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador),
Fernando Gont
- Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901),
Roee Hay
- SQL Injection and other issues in Micro Technology Services, Inc. Lynx,
bede
- [waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page,
come2waraxe
- [waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template,
come2waraxe
- Re: DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass,
brian . radovich
- VMware Backdoor Response Uninitialized Memory Potential VM Break,
ds . adv . pub
- [SECURITY] [DSA 2462-2] imagemagick regression update,
Moritz Muehlenhoff
- Format Factory v2.95 - Buffer Overflow Vulnerabilities,
Research
- [ MDVSA-2012:069 ] cifs-utils,
security
- [ MDVSA-2012:070 ] samba,
security
- [SECURITY] [DSA 2459-2] quagga security update,
Florian Weimer
- VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break,
ds . adv . pub
- APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update,
Apple Product Security
- Fwd: [cryptography] Apple Legacy filevault barn door...,
Jeffrey Walton
- Ubuntu, Linux Mint, and the Guest Account,
Jeffrey Walton
- [security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation,
security-alert
- rssh security announcement,
Derek Martin
- Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability,
security
- [SECURITY] [DSA 2464-2] icedove regression update,
Florian Weimer
- [security bulletin] HPSBMU02775 SSRT100853 rev.2 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation,
security-alert
- Adobe Shockwave Player Remote Code Execution (CVE-2012-2029),
Rodrigo Rubira Branco \(BSDaemon\)
- Adobe Shockwave Player Remote Code Execution (CVE-2012-2030),
Rodrigo Rubira Branco \(BSDaemon\)
- Adobe Shockwave Player Remote Code Execution (CVE-2012-2031),
Rodrigo Rubira Branco \(BSDaemon\)
- [SECURITY] [DSA 2465-1] php5 security update,
Thijs Kinkhorst
- [SECURITY] [DSA 2466-1] rails security update,
Thijs Kinkhorst
- [SECURITY] [DSA 2467-1] mahara security update,
Thijs Kinkhorst
- [SECURITY] [DSA 2422-2] file regression fix,
Thijs Kinkhorst
- [SECURITY] [DSA 2468-1] libjakarta-poi-java security update,
Florian Weimer
- APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002,
Apple Product Security
- APPLE-SA-2012-05-09-2 Safari 5.1.7,
Apple Product Security
- Drupal 7.14 <= Full Path Disclosure Vulnerability,
pereira
- Drupal 7.14 <= Full Path Disclosure Vulnerability (Update),
pereira
- [ MDVSA-2012:068-1 ] php,
security
- [ MDVSA-2012:071 ] php,
security
- [ MDVSA-2012:072 ] roundcubemail,
security
- [SECURITY] [DSA 2469-1] linux-2.6 security update,
dann frazier
- Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability,
nospam
- ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities,
Security_Alert
- CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities,
CORE Security Technologies Advisories
- Multiple vulnerabilities in OrangeHRM,
advisory
- Cross-Site Scripting (XSS) in Pivotx,
advisory
- t2'12: Call for Papers 2012 (Helsinki / Finland),
Tomi Tuominen
- b2ePMS 1.0 Authentication Bypass Vulnerability,
pereira
- [SECURITY] [DSA 2670-1] wordpress security update,
Yves-Alexis Perez
- Universal Reader Filename Denial Of Service Vulnerability,
demonalex
- Liferay users can assign themselves to organizations, leading to possible privilege escalation,
Jelmer Kuperus
- [SECURITY] [DSA-2471-1] ffmpeg security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2457-2] New icedove/iceweasel packages fix regression,
Moritz Muehlenhoff
- [ MDVSA-2012:073 ] openssl,
security
- [ MDVSA-2012:074 ] ffmpeg,
security
- [ MDVSA-2012:076 ] ffmpeg,
security
- Trigerring Java code from a SVG image,
Nicolas Grégoire
- ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED,
Stefan Kanthak
- NETGEAR Exposure of Sensitive Information - Security Advisory - SOS-12-005,
Lists
- APPLE-SA-2012-05-14-1 Flashback Removal Security Update,
Apple Product Security
- APPLE-SA-2012-05-14-2 Leopard Security Update 2012-003,
Apple Product Security
- Multiple xss issues in Liferay,
Jelmer Kuperus
- Guests can view names and emailadresses of all Liferay users in liferay 6.1,
Jelmer Kuperus
- Liferay 6.1 can be compromised without having an account on the portal,
Jelmer Kuperus
- [ MDVSA-2012:075 ] ffmpeg,
security
- Liferay 6.1 json webservices are subject to cross-site request forgery attacks,
Jelmer Kuperus
- APPLE-SA-2012-05-15-1 QuickTime 7.7.2,
Apple Product Security
- Apple Quicktime Memory Corruption (CVE-2012-0671),
Rodrigo Rubira Branco \(BSDaemon\)
- [SECURITY] [DSA 2472-1] gridengine security update,
Florian Weimer
- CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object,
Rob Weir
- CVE-2012-2149 OpenOffice.org memory overwrite vulnerability,
Rob Weir
- CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0,
Rob Weir
- The story of the Linux kernel 3.x...,
pi3
- [PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem,
Timo Warns
- FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability,
demonalex
- [SECURITY] [DSA 2473-1] openoffice.org security update,
Florian Weimer
- [ MDVSA-2012:077 ] imagemagick,
security
- [ MDVSA-2012:078 ] imagemagick,
security
- [security bulletin] HPSBUX02777 SSRT100854 rev.1 - HP-UX Running Java JRE and JDK, Remote Denial,
security-alert
- [security bulletin] HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of,
security-alert
- DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection,
ddivulnalert
- [SECURITY] [DSA 2474-1] ikiwiki security update,
Raphael Geissert
- Re: [oss-security] CVE Request: Planeshift buffer overflow,
Kurt Seifried
- [security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized,
security-alert
- [SECURITY] [DSA 2475-1] openssl security update,
Raphael Geissert
- H2HC Brazil 9th Edition - Call for Papers,
Rodrigo Rubira Branco \(BSDaemon\)
- SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149,
SEC Consult Vulnerability Lab
- New Open Source Web Application Vulnerability Scanner Available,
webvulscan
- [ MDVSA-2012:079 ] sudo,
security
- Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012),
Call for papers
- [SECURITY] [DSA 2476-1] pidgin-otr security update,
Jonathan Wiltshire
- Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access,
YGN Ethical Hacker Group
- Acuity CMS 2.6.x <= Arbitrary File Upload,
YGN Ethical Hacker Group
- PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version,
admin
- [SECURITY] [DSA 2477-1] sympa security update,
Florian Weimer
- [Announcement] CHMag's Issue 28, May 2012 Released,
abhijeet
- DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012,
Major Malfunction
- Tftpd32 DHCP Server Denial Of Service Vulnerability,
demonalex
- ESA-2012-020: EMC AutoStart Multiple Buffer Overflow Vulnerabilities,
Security_Alert
- IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc...,
Fernando Gont
- [ MDVSA-2012:080 ] wireshark,
security
- [SECURITY] [DSA 2478-1] sudo security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2479-1] libxml2 security update,
Moritz Muehlenhoff
- [ MDVSA-2012:081 ] firefox,
security
- [SECURITY] [DSA 2480-1] request-tracker3.8 security update,
Moritz Muehlenhoff
- Multiple XSS in pragmaMx,
advisory
- Multiple vulnerabilities in Pligg CMS,
advisory
- Multiple vulnerabilities in LogAnalyzer,
Filippo Cavallarin
- [CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability,
Stefan Bodewig
- GreHack 2012 - Call For Papers (Grenoble, France),
Fabien DUCHENE
- CFP: Hacktivity 2012, October 12-13, Budapest, Hungary,
Attila Bartfai
- Kingcopes AthCon 2012 Slides & Notes,
HI-TECH .
- Tftpd32 DNS Server Denial Of Service Vulnerability,
demonalex
- WinRadius Server Denial Of Service Vulnerability,
demonalex
- [SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released),
Security Explorations
- [ MDVSA-2012:082 ] pidgin,
security
- [ MDVSA-2012:083 ] util-linux,
security
- [ MDVSA-2012:084 ] ncpfs,
security
- DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass,
ddivulnalert
- [SECURITY] [DSA 2480-2] request-tracker3.8 regression update,
Florian Weimer
- [ MDVSA-2012:085 ] tomcat5,
security
- Mapserver for Windows (MS4W) Remote Code Execution,
bruk0ut . sec
- AST-2012-007: Remote crash vulnerability in IAX2 channel driver.,
Asterisk Security Team
- AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability,
Asterisk Security Team
- Re: Progress Webspeed exploit for all releases,
Eelko Neven
- 2 Buffer Overflows in Wireless Manager Sony VAIO,
advisory
- FreeBSD Security Advisory FreeBSD-SA-12:02.crypt,
FreeBSD Security Advisories
- Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- things you can do with downloads,
Michal Zalewski
Mail converted by MHonArc