Mail Thread Index
- Buffalo TeraStation TS-Series multiple vulnerabilities,
Andrea Fabrizi
- CFP Observe. Hack. Make.,
Walter Belgers
- OWASP Zed Attack Proxy 2.0.0,
psiinon
- marc4dasm - Atmel MARC microprocessor disassembler published,
Adam Laurie
- [security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS),
security-alert
- DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability,
DefenseCode
- Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images,
Major Malfunction
- ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities,
Security Alert
- [HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions,
Hafez Kamal
- Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install,
larry0
- [ MDVSA-2013:006 ] freetype2,
security
- FreeBSD 9.1 ftpd Remote Denial of Service,
max
- [security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS),
security-alert
- DC++ 0.802 and below incorrectly registers URI schemes in Windows,
ullner
- APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12,
Apple Product Security
- [SECURITY] [DSA 2614-1] libupnp security update,
Yves-Alexis Perez
- [SECURITY] [DSA 2615-1] libupnp4 security update,
Yves-Alexis Perez
- [SECURITY] [DSA 2617-1] samba security update,
Luciano Bello
- [SECURITY] [DSA 2616-1] nagios3 security update,
Jonathan Wiltshire
- Directory Traversal - EasyITSP <= 2.0.7,
Michał Błaszczak
- NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation,
NCC Group Research
- NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation,
NCC Group Research
- [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU,
Security Explorations
- [IMF 2013] Call for Participation,
Oliver Goebel
- Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B),
devnull
- Free Monthly Websites v2.0 - Multiple Web Vulnerabilities,
Vulnerability Lab
- 0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities,
Vulnerability Lab
- APPLE-SA-2013-02-04-1 OS X Server v2.2.1,
Apple Product Security
- [ MDVSA-2013:007 ] mysql,
security
- [security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code,
security-alert
- [MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing,
research
- CVE-2012-6451 Authentication Bypass in LOREX IP Cameras,
doylej . ia
- [PT-2012-53] Privilege Gaining in DataLife Engine,
noreply
- Multiple Vulnerabilities in Linksys E1500/E2500,
devnull
- [CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF,
hip
- SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin,
advisory
- Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin,
advisory
- [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability,
Egidio Romano
- [ MDVSA-2013:008 ] mysql,
security
- DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up,
DefenseCode
- Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability,
Cisco Systems Product Security Incident Response Team
- [CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏,
hip
- DIMVA 2013 - Extended deadline for paper submission: February 17, 2013!,
Collin Mulliner
- [SECURITY] [DSA 2618-1] ircd-hybrid security update,
Luciano Bello
- [slackware-security] curl (SSA:2013-038-01),
Slackware Security Team
- Mathematica9.0.1 on Linux /tmp/MathLink vulnerability,
paul . szabo
- [ MDVSA-2013:009 ] libssh,
security
- [SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2612-2] ircd-ratbox update,
Moritz Muehlenhoff
- [ MDVSA-2013:010 ] java-1.6.0-openjdk,
security
- Multiple Vulnerabilities in Linksys WRT160Nv2,
devnull
- Multiple Vulnerabilities in Linksys WAG200G,
devnull
- Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack,
Adam Laurie
- I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution,
aeon . s . flux
- [slackware-security] openssl (SSA:2013-042-01),
Slackware Security Team
- Simple password obfuscation in Enterprise Architect,
Diening, Holm
- [SECURITY] [DSA 2620-1] rails security update,
Florian Weimer
- [ MDVSA-2013:011 ] samba,
security
- [SECURITY] [DSA 2622-1] polarssl security update,
Thijs Kinkhorst
- Multiple Vulnerabilities in OpenPLI,
devnull
- [SECURITY] [DSA 2621-1] openssl security update,
Thijs Kinkhorst
- CA20130213-01: Security Notice for CA ControlMinder,
Kotas, Kevin J
- Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities,
Vulnerability Lab
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability,
Vulnerability Lab
- [slackware-security] pidgin (SSA:2013-044-01),
Slackware Security Team
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage,
noreply
- [security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution,
security-alert
- Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND,
devnull
- Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg,
devnull
- [SECURITY] [DSA 2623-1] openconnect security update,
Florian Weimer
- [IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption,
Inshell Security
- Re: CFP: InfoSec Southwest 2013,
Tod Beardsley
- [ MDVSA-2013:012 ] postgresql,
security
- Empirum Password Obfuscation Design Flaw,
otr
- CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities,
CORE Security Technologies Advisories
- SI6 Networks IPv6 Toolkit v1.3 released!,
Fernando Gont
- [SECURITY] [DSA 2624-1] ffmpeg security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2625-1] wireshark security update,
Moritz Muehlenhoff
- Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit),
Fernando Gont
- [SECURITY] [DSA 2626-1] lighttpd security update,
Thijs Kinkhorst
- [SECURITY] [DSA 2627-1] nginx security update,
Thijs Kinkhorst
- Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable,
Adam Laurie
- Multiple Vulnerabilities in Netgear DGN2200B,
devnull
- [IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow,
Inshell Security
- PHP-Fusion 7.02.05 SQL Injection,
Krzysztof Katowicz-Kowalewski
- [SECURITY] [DSA 2628-1] nss-pam-ldapd security update,
Moritz Muehlenhoff
- Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability,
nauty . me04
- Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability,
nauty . me04
- FreeBSD Security Advisory FreeBSD-SA-13:01.bind,
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:02.libc,
FreeBSD Security Advisories
- Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro.,
George Clark
- SQLi found in Kodak Insite,
robert
- APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13,
Apple Product Security
- [slackware-security] mozilla-firefox (SSA:2013-050-01),
Slackware Security Team
- [slackware-security] mozilla-thunderbird (SSA:2013-050-02),
Slackware Security Team
- Multiple Cross-Site Scripting (XSS) in glFusion,
advisory
- Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WorldClient Username Enumeration Vulnerability,
demetris papapetrou
- Alt-N MDaemon Email Body HTML/JS Injection Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability,
demetris papapetrou
- Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability,
demetris papapetrou
- [ MDVSA-2013:013 ] squid,
security
- [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏,
hip
- [SECURITY] [DSA 2630-1] postgresql-8.4 security update,
Moritz Muehlenhoff
- [security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS),
security-alert
- TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751),
Shatter
- TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137),
Shatter
- MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities,
Vulnerability Lab
- Paper - Hiding Data in Hard-drive Service Areas,
Ariel Berkman
- TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352),
Shatter
- TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220),
Shatter
- TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372),
Shatter
- TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358),
Shatter
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373),
Shatter
- CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement,
Kurt Seifried
- OSEC-2013-01: nagios metacharacter filtering omission,
Rudolph Pereira
- TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355),
Shatter
- Samsung Galaxy S3 partial screen-lock bypass,
ukpentestinfo
- [ MDVSA-2013:014 ] java-1.6.0-openjdk,
security
- [SECURITY] [DSA 2631-1] squid3 security update,
Salvatore Bonaccorso
- NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France,
Jonathan Brossard
- [SE-2012-01] New security issues affecting Oracle's Java SE 7u15,
Security Explorations
- DC4420 - London DEFCON Tuesday 26th Feb 2013,
Major Malfunction
- VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability,
VUPEN Security Research
- [SECURITY] [DSA 2629-1] openjpeg security update,
Michael Gilbert
- [Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-002] SAP SDM Denial of Service,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection,
Onapsis Research Labs
- [Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection,
Onapsis Research Labs
- Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities,
Vulnerability Lab
- [IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability,
Inshell Security
- Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4,
Olivier Lamy
- CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland,
Andrzej Targosz
- [slackware-security] seamonkey (SSA:2013-056-01),
Slackware Security Team
- [SECURITY] [DSA 2632-1] linux-2.6 security update,
dann frazier
- [ MDVSA-2013:015 ] apache,
security
- Denial of Service vulnerability in War FTP Daemon 1.82,
Jarle Aase
- [SECURITY] [DSA 2633-1] fusionforge security update,
Yves-Alexis Perez
- [SECURITY] [DSA 2634-1] python-django security update,
Nico Golde
Mail converted by MHonArc