Mail Index
- Buffalo TeraStation TS-Series multiple vulnerabilities
- CFP Observe. Hack. Make.
- OWASP Zed Attack Proxy 2.0.0
- marc4dasm - Atmel MARC microprocessor disassembler published
- [security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS)
- DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability
- Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images
- ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities
- [HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions
- Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install
- [ MDVSA-2013:006 ] freetype2
- FreeBSD 9.1 ftpd Remote Denial of Service
- [security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)
- DC++ 0.802 and below incorrectly registers URI schemes in Windows
- APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12
- From: Apple Product Security
- [SECURITY] [DSA 2614-1] libupnp security update
- [SECURITY] [DSA 2615-1] libupnp4 security update
- [SECURITY] [DSA 2617-1] samba security update
- [SECURITY] [DSA 2616-1] nagios3 security update
- Directory Traversal - EasyITSP <= 2.0.7
- NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation
- NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation
- [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU
- From: Security Explorations
- [IMF 2013] Call for Participation
- Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B)
- Free Monthly Websites v2.0 - Multiple Web Vulnerabilities
- 0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities
- APPLE-SA-2013-02-04-1 OS X Server v2.2.1
- From: Apple Product Security
- Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU
- From: Security Explorations
- [ MDVSA-2013:007 ] mysql
- [security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code
- [MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing
- CVE-2012-6451 Authentication Bypass in LOREX IP Cameras
- [PT-2012-53] Privilege Gaining in DataLife Engine
- Multiple Vulnerabilities in Linksys E1500/E2500
- [CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF
- SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin
- Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin
- [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
- [ MDVSA-2013:008 ] mysql
- DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up
- Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏
- DIMVA 2013 - Extended deadline for paper submission: February 17, 2013!
- [SECURITY] [DSA 2618-1] ircd-hybrid security update
- [slackware-security] curl (SSA:2013-038-01)
- From: Slackware Security Team
- Mathematica9.0.1 on Linux /tmp/MathLink vulnerability
- [ MDVSA-2013:009 ] libssh
- [SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update
- [SECURITY] [DSA 2612-2] ircd-ratbox update
- [ MDVSA-2013:010 ] java-1.6.0-openjdk
- Multiple Vulnerabilities in Linksys WRT160Nv2
- Multiple Vulnerabilities in Linksys WAG200G
- Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
- I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution
- [slackware-security] openssl (SSA:2013-042-01)
- From: Slackware Security Team
- Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
- Simple password obfuscation in Enterprise Architect
- [SECURITY] [DSA 2620-1] rails security update
- [ MDVSA-2013:011 ] samba
- [SECURITY] [DSA 2622-1] polarssl security update
- Multiple Vulnerabilities in OpenPLI
- [SECURITY] [DSA 2621-1] openssl security update
- CA20130213-01: Security Notice for CA ControlMinder
- Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability
- [slackware-security] pidgin (SSA:2013-044-01)
- From: Slackware Security Team
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage
- [security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution
- Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND
- Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg
- [SECURITY] [DSA 2623-1] openconnect security update
- [IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption
- Re: CFP: InfoSec Southwest 2013
- [ MDVSA-2013:012 ] postgresql
- Empirum Password Obfuscation Design Flaw
- CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- SI6 Networks IPv6 Toolkit v1.3 released!
- [SECURITY] [DSA 2624-1] ffmpeg security update
- [SECURITY] [DSA 2625-1] wireshark security update
- Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit)
- [SECURITY] [DSA 2626-1] lighttpd security update
- [SECURITY] [DSA 2627-1] nginx security update
- Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable
- Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit)
- Multiple Vulnerabilities in Netgear DGN2200B
- [IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow
- PHP-Fusion 7.02.05 SQL Injection
- From: Krzysztof Katowicz-Kowalewski
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage
- From: Timo Juhani Lindfors
- [SECURITY] [DSA 2628-1] nss-pam-ldapd security update
- Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability
- Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-13:01.bind
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:02.libc
- From: FreeBSD Security Advisories
- Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro.
- SQLi found in Kodak Insite
- APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13
- From: Apple Product Security
- [slackware-security] mozilla-firefox (SSA:2013-050-01)
- From: Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-050-02)
- From: Slackware Security Team
- Multiple Cross-Site Scripting (XSS) in glFusion
- Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WorldClient Username Enumeration Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon Email Body HTML/JS Injection Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability
- From: demetris papapetrou
- Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability
- From: demetris papapetrou
- [ MDVSA-2013:013 ] squid
- [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏
- [SECURITY] [DSA 2630-1] postgresql-8.4 security update
- [security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS)
- TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751)
- TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137)
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability
- MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities
- Re: Alt-N MDaemon Email Body HTML/JS Injection Vulnerability
- Paper - Hiding Data in Hard-drive Service Areas
- TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352)
- TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220)
- TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372)
- TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373)
- CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement
- OSEC-2013-01: nagios metacharacter filtering omission
- TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355)
- Samsung Galaxy S3 partial screen-lock bypass
- [ MDVSA-2013:014 ] java-1.6.0-openjdk
- [SECURITY] [DSA 2631-1] squid3 security update
- From: Salvatore Bonaccorso
- NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France
- [SE-2012-01] New security issues affecting Oracle's Java SE 7u15
- From: Security Explorations
- DC4420 - London DEFCON Tuesday 26th Feb 2013
- VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability
- From: VUPEN Security Research
- [SECURITY] [DSA 2629-1] openjpeg security update
- [Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-002] SAP SDM Denial of Service
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection
- From: Onapsis Research Labs
- [Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection
- From: Onapsis Research Labs
- Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities
- [IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability
- Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4
- CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland
- [slackware-security] seamonkey (SSA:2013-056-01)
- From: Slackware Security Team
- [SECURITY] [DSA 2632-1] linux-2.6 security update
- [ MDVSA-2013:015 ] apache
- Denial of Service vulnerability in War FTP Daemon 1.82
- [SECURITY] [DSA 2633-1] fusionforge security update
- [SECURITY] [DSA 2634-1] python-django security update
Mail converted by MHonArc