Mail Index
- [SECURITY] [DSA 2505-1] zendframework security update
- Basilic RCE bug
- IBM Edge Components Caching Proxy XSS Followup
- Sun iPlanet Error Page Link Injection
- IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure
- Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI
- [ MDVSA-2012:096-1 ] python
- [security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- [security bulletin] HPSBMU02783 SSRT100806 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)
- NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection
- NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection
- NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS
- NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation
- Malicious Code Execution in PCI Expansion ROM
- [IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability
- [SECURITY] [DSA 2506-1] libapache-mod-security security update
- Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium)
- [security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
- [ MDVSA-2012:101 ] libtiff
- [CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution
- Cyberoam advisory
- From XSLT code execution to Meterpreter shells
- plow 0.0.5 <= Buffer Overflow Vulnerability
- Forum Oxalis 0.1.2 <= SQL Injection Vulnerability
- Vulnerable Microsoft VC++ 2005 runtime libraries in "Microsoft Live Meeting 2007 Client" installed in private location
- Blind SQL Injection in Webmatic
- Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July
- Wordpress (editormonkey) Arbitrary File Upload Vulnerability
- [SECURITY] [DSA 2507-1] openjdk-6 security update
- IIS Short File/Folder Name Disclosure by using tilde ~ character
- .Net Framework Tilde Character DoS
- .Net Framework Tilde Character DoS - Sorry, exploit-db link corrected
- Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites
- GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites
- Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities
- Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities
- ESA-2012-026: RSA Access Manager Session Replay Vulnerability
- CLscript CMS v3.0 - Multiple Web Vulnerabilities
- ClubHack2012 CFP Open Now
- IPv6 security tools released
- [security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- [ MDVSA-2012:102 ] krb5
- Re: Basilic RCE bug
- [SECURITY] [DSA 2509-1] pidgin security update
- AST-2012-010: Possible resource leak on uncompleted re-invite transactions
- From: Asterisk Security Team
- AST-2012-011: Remote crash vulnerability in voice mail application
- From: Asterisk Security Team
- [SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability
- From: Bertrand Delacretaz
- BookNux 0.2 <= Multiple Vulnerabilities
- [CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability
- BookNux 0.2 <= Multiple Vulnerabilities
- Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012)
- Checkpoint Abra - Vulnerabilities
- Re: plow 0.0.5 <= Buffer Overflow Vulnerability
- GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France)
- [security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code
- Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability
- Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability
- Multiple Cross-Site Scripting (XSS) in Kajona
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager
- From: Cisco Systems Product Security Incident Response Team
- ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability
- ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities
- [ MDVSA-2012:103 ] automake
- [ MDVSA-2012:104 ] openjpeg
- [ MDVSA-2012:105 ] pidgin
- TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities
- Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities
- Funeral Script PHP - Multiple Web Vulnerabilites
- PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities
- Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities
- ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability
- ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability
- ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability
- ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability
- ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability
- ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability
- ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability
- ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability
- ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability
- ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability
- ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability
- ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability
- [SECURITY] [DSA 2511-1] puppet security update
- [SECURITY] [DSA 2512-1] mono security update
- security advisory: AirDroid 1.0.4 beta
- [SECURITY] [DSA 2510-1] extplorer security update
- [ MDVSA-2012:106 ] libexif
- [ MDVSA-2012:107 ] exif
- [security bulletin] HPSBMU02796 SSRT100594 rev.2 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code
- [slackware-security] pidgin (SSA:2012-195-02)
- From: Slackware Security Team
- [slackware-security] php (SSA:2012-195-01)
- From: Slackware Security Team
- Google Chrome 19 metro_driver.dll mishandling
- Event Calendar PHP 1.2 - Multiple Web Vulnerabilites
- VamCart v0.9 CMS - Multiple Web Vulnerabilities
- SMF Board v2.0.2 - Multiple Web Vulnerabilities
- PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities
- Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability
- MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
- WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
- CakePHP 2.x-2.2.0-RC2 XXE Injection
- libexif project security advisory July 12, 2012
- [security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification
- 0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability
- CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow
- From: CORE Security Technologies Advisories
- Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
- Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
- From: Thor \(Hammer of God\)
- DC4420 - London DEFCON - July meet - Tuesday July 17th 2012
- AVAVoIP v1.5.12 - Multiple Web Vulnerabilities
- KeyPass Password Safe v1.22 - Software Filter Vulnerability
- DomsHttpd 1.0 <= Remote Denial Of Service
- Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow
- [PT-2012-23] SQL Injection in Dr.Web Anti-virus
- [security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS)
- [security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS)
- [SECURITY] [DSA 2514-1] iceweasel security update
- [slackware-security] mozilla-firefox (SSA:2012-200-02)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2012-200-03)
- From: Slackware Security Team
- [slackware-security] seamonkey (SSA:2012-200-04)
- From: Slackware Security Team
- [slackware-security] libexif (SSA:2012-200-01)
- From: Slackware Security Team
- ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability
- ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability
- GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France)
- [SECURITY] [DSA 2515-1] nsd3 security update
- [Announcement] ClubHack Magazine's July 2012 Issue Released
- [ MDVSA-2012:108 ] php
- POC2012 Call for Paper
- NESSUS ANDROID APP - stores login info in plain text
- CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass
- Free Web App Security Challenges - Hackademics Project
- Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
- [SECURITY] [DSA 2508-1] kfreebsd-8 security update
- file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install.
- [ MDVSA-2012:109 ] libxslt
- Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
- [ MDVSA-2012:110 ] mozilla
- Android DNS poisoning: Randomness gone bad (CVE-2012-2808)
- [slackware-security] libpng (SSA:2012-206-01)
- From: Slackware Security Team
- APPLE-SA-2012-07-25-1 Safari 6.0
- From: Apple Product Security
- [ MDVSA-2012:111 ] libgdata
- Cross-Site Scripting (XSS) in Redaxo
- [security bulletin] HPSBUX02789 SSRT100824 rev.3 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges
- [security bulletin] HPSBUX02795 SSRT100878 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
- APPLE-SA-2012-07-25-2 Xcode 4.4
- From: Apple Product Security
- tekno.Portal 0.1b - SQLi Vulnerability in "anket.php"
- [ MDVSA-2012:112 ] perl-DBD-Pg
- [SECURITY] [DSA 2516-1] isc-dhcp security update
- [ MDVSA-2012:113 ] arpwatch
- [ MDVSA-2012:114 ] apache-mod_auth_openid
- [ MDVSA-2012:115 ] dhcp
- [ MDVSA-2012:116 ] dhcp
- [ MDVSA-2012:117 ] python-pycrypto
- Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10
- [ MDVSA-2012:118 ] apache-mod_security
- [slackware-security] bind (SSA:2012-209-01)
- From: Slackware Security Team
- [ MDVSA-2012:119 ] bind
- [ MDVSA-2012:110-1 ] mozilla
- TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer
- From: Trustwave Advisories
- Spark IM Client Local Password Decryption
- ocPortal 7.1.5 <= | Open URL Redirection Vulnerability
- From: YGN Ethical Hacker Group
- Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability
- Dr. Web Control Center Admin UI Remote Script Code Injection
- DataWatch Monarch BI v5.1 admin section reflected cross-site scripting
- DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting
- DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting
- DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection
- DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection
- TEMENOS T24 R07.03 Reflected Cross-Site Scripting
- TEMENOS T24 R07.03 Authentication Bypass
- [SECURITY] [DSA 2517-1] bind9 security update
Mail converted by MHonArc