Mail Thread Index

• Date Index

• NetCat CMS v5.0.1 - Multiple Web Vulnerabilities, Vulnerability Lab
• PrestaShop <= 1.5.1 Persistent XSS, David Sopas
• PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities, Vulnerability Lab
• VaM Shop v1.69 - Multiple Web Vulnerabilities, Vulnerability Lab
• Medium risk security flaws in Konqueror, Tim Brown
• XSS in dokeos 2.1.1, marcelavbx
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability, Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 2570-1] openoffice.org security update, Yves-Alexis Perez
• Re: [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE], osoriojr
• [ MDVSA-2012:169 ] java-1.6.0-openjdk, security
• APPLE-SA-2012-11-01-1 iOS 6.0.1, Apple Product Security
• APPLE-SA-2012-11-01-2 Safari 6.0.2, Apple Product Security
• [security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data, security-alert
• [security bulletin] HPSBMU02815 SSRT100715 rev.4 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution, security-alert
• Re: [Full-disclosure] XSS, LFI and SQL Injection Vulnerabilities in Achievo, Henri Salo
• [security bulletin] HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities, security-alert
• [CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability, n0b0d13s
• [ MDVSA-2012:170 ] firefox, security
• [SECURITY] [DSA 2571-1] libproxy security update, Raphael Geissert
• [SECURITY] [DSA 2572-1] iceape security update, Thijs Kinkhorst
• PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls, research
• Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client, Stefan Kanthak
• iCompel Digital Signage risks, Chris S
• XSS in answer my question plugin, marcelavbx
• VideoLAN VLC Media Player <= 2.0.4 Crash Bug, bingxuefenggu
• [CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability, machuanlei
• Multiple Vulnerabilities in LibreOffice, advisory
• SQL Injection Vulnerability in OrangeHRM, advisory
• multiple critical vulnerabilities in sophos products, Tavis Ormandy
• Wisecracker 1.0 - A high performance distributed cryptanalysis framework, Vikas N Kumar
  • Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework, Jann Horn
    • Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework, Vikas N Kumar
• [security bulletin] HPSBHF02699 SSRT100592 rev.2 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure, security-alert
• Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0, Stefan Kanthak
• Sql injection in AJAX post Search wordpress plugin, marcelavbx
• Cross-Site Request Forgery (CSRF) in CMS Made Simple, advisory
• Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability, Cisco Systems Product Security Incident Response Team
• APPLE-SA-2012-11-07-1 QuickTime 7.7.3, Apple Product Security
• Vulnerability Report on AWCM 2.2, Sooel Postman
• Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities, Cisco Systems Product Security Incident Response Team
• [ MDVSA-2012:171 ] icedtea-web, security
• [SECURITY] [DSA 2573-1] radsecproxy security update, Luciano Bello
• BananaDance Wiki b2.2 - Multiple Web Vulnerabilities, Vulnerability Lab
• [DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities, DefenseCode
• Eventy CMS v1.8 Plus - Multiple Web Vulnerablities, Vulnerability Lab
• Weak password encryption on Huawei products, roberto . paleari
• [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection, Tim Brown
  • Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection, Tim Brown
    • Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection, Jan Lieskovsky
      • Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection, Michal Ambroz
• Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities, Vulnerability Lab
• ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities, Security Alert
• Reflective XSS in uk cookie plugin, nauty . me04
• 0-day vulnerabilities in Call of Duty MW3 and CryEngine 3, ReVuln
• Multiple vulnerabilities in BabyGekko, advisory
• Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12, LpSolit
• iDev Rentals v1.0 - Multiple Web Vulnerabilities, Vulnerability Lab
• SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability, SEC Consult Vulnerability Lab
• [CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air, cjlacayo
• [SECURITY] [DSA 2574-1] typo3-src security update, Florian Weimer
• DC4420 - London DEFCON - November meet - Tuesday 20th November, alien DC4420
• [SE-2012-01] Security vulnerabilities in Java SE (details released), Security Explorations
  • Re: [SE-2012-01] Security vulnerabilities in Java SE (details released), Security Explorations
• Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability, YGN Ethical Hacker Group
• [SECURITY] [DSA 2575-1] tiff security update, Nico Golde
• [ MDVSA-2012:172 ] libproxy, security
• Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local), Vulnerability Lab
• Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites, Vulnerability Lab
• CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers, Jakob Lell
  • Message not available
    • Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers, Jakob Lell
• n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS, security
  • <Possible follow-ups>
  • n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS, security
• [security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information, security-alert
• SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities, Vulnerability Lab
• OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures, roman . fiedler
• FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |=, Matan Azugi
• Wordpress Facebook Survey v1 - SQL Injection Vulnerability, Vulnerability Lab
• ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities, Vulnerability Lab
• Multiple vulnerabilities in dotProject, advisory
• [ MDVSA-2012:173 ] firefox, security
• [slackware-security] mozilla-firefox (SSA:2012-326-02), Slackware Security Team
• [slackware-security] seamonkey (SSA:2012-326-01), Slackware Security Team
• [slackware-security] mozilla-thunderbird (SSA:2012-326-03), Slackware Security Team
• [ MDVSA-2012:174 ] libtiff, security
• FreeBSD Security Advisory FreeBSD-SA-12:06.bind, FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd, FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-12:08.linux, FreeBSD Security Advisories
• XSS Vulnerability in Simple Slider Wordpress Plugin, nauty . me04
• Twitter App 5.0 vulnerable to eavesdropping, Carlos Reventlov
• [SECURITY] [DSA 2576-1] trousers security update, Yves-Alexis Perez
• [oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision, Andrea Barisani
• VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability, VUPEN Security Research
• ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities, Security Alert
• ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities , Security Alert
• [DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities, DefenseCode
• Forescout NAC (Network Access Control) multiple vulnerabilities, Joseph Sheridan
• [SE-2011-01] Additional materials released for SAT TV research, Security Explorations
• [SECURITY] [DSA 2578-1] rssh security update, Yves-Alexis Perez
• Re: rssh security announcement, Derek Martin
  • Re: rssh security announcement, Russ Allbery
  • Re: rssh security announcement, Nico Kadel-Garcia
    • Re: rssh security announcement, Russ Allbery
• [ MDVSA-2012:175 ] libssh, security
• Oracle Exadata leaf switch logins, larry0
• ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL, nauty . me04
• Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability, nauty . me04
• Safend Data Protector Multiple Vulnerabilities, Joseph Sheridan
• VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability, VUPEN Security Research
• APPLE-SA-2012-11-29-1 Apple TV 5.1.1, Apple Product Security