Mail Thread Index
- [Full-disclosure] CWEs translation,
Jerome Athias
- [Full-disclosure] XSS in UMP-Sarkozy mailer system,
Jerome Athias
- Re: [Full-disclosure] DoS vulnerabilities in Firefox, Internet Explorer and Opera,
InterN0T Advisories
- [Full-disclosure] MyClientBase v0.12 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities,
Research
- [Full-disclosure] Format Factory - Multiple Buffer Overflow Vulnerabilities [VIDEO],
Research
- [Full-disclosure] China Ministry of Commerce - SQL Injection Vulnerability,
Research
- [Full-disclosure] cIFrex: How to use Regular Expressions in Research,
Maksymilian Arciemowicz
- [Full-disclosure] [ MDVSA-2012:067 ] samba,
security
- [Full-disclosure] [RT-SA-2012-002] php-decoda: Cross-Site Scripting in Video Tags,
RedTeam Pentesting GmbH
- [Full-disclosure] South African Bank "security",
Kerry Adams
- [Full-disclosure] LAN Messenger v1.2.28 - Denial of Service Vulnerability,
Research
- [Full-disclosure] iGuard Security Access Control System Webserver, Cross Site Scripting (XSS),
usman
- [Full-disclosure] [SECURITY] [DSA 2463-1] samba security update,
Moritz Muehlenhoff
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-068 - Node Gallery - Cross Site Request Forgery (CSRF) - Unsupported,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-069 - Addressbook - Multiple vulnerabilities - Unsupported,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-070 - Taxonomy Grid : Catalog - Cross Site Scripting (XSS) - Unsupported,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-071 - Glossify - Cross Site Scripting (XSS) - Unsupported,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-072 - cctags - Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CORE-2012-002 - Drupal core multiple vulnerabilities,
security-news
- [Full-disclosure] LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador),
Fernando Gont
- [Full-disclosure] Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901),
Roee Hay
- [Full-disclosure] Announce: Italian Hacker Game Cracca al Tesoro - Crack A Treasure,
pm
- [Full-disclosure] [SECURITY] [DSA 2464-1] icedove security update,
Moritz Muehlenhoff
- [Full-disclosure] VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues,
VMware Security Team
- Re: [Full-disclosure] DoS vulnerabilities in Firefox, Internet Explorer and Opera,
MustLive
- [Full-disclosure] [SECURITY] [DSA 2462-2] imagemagick regression update,
Moritz Muehlenhoff
- [Full-disclosure] Genium CMS 2012|Q2 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] myCare2x CMS - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] Format Factory v2.95 - Buffer Overflow Vulnerabilities,
Research
- [Full-disclosure] MYRE Real Estate Mobile 2012|2 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] cDc Created Hong Kong Blondes and 'Hacktivism' as a Media Hack,
Wei Honker
- [Full-disclosure] [ MDVSA-2012:069 ] cifs-utils,
security
- [Full-disclosure] [ MDVSA-2012:070 ] samba,
security
- [Full-disclosure] [SECURITY] [DSA 2459-2] quagga security update,
Florian Weimer
- [Full-disclosure] IAA, Redirector and XSS vulnerabilities in WordPress,
MustLive
- [Full-disclosure] [CVE-2012-1990] Kerweb/Kerwin XSS vulnerabilities,
phocean
- [Full-disclosure] Fwd: [cryptography] Apple Legacy filevault barn door...,
Jeffrey Walton
- [Full-disclosure] Ubuntu, Linux Mint, and the Guest Account,
Jeffrey Walton
- [Full-disclosure] vulnerability-lab question,
appliance
- [Full-disclosure] University of Washington Infected with GetMama 3000 files!,
washington_u_getmama
- [Full-disclosure] [OT] New online service to make XSSs easier,
Manu
- [Full-disclosure] c0c0n 2012 CFP - Extended Deadline: May 15, 2012,
c0c0n International Information Security Conference
- [Full-disclosure] [SECURITY] [DSA 2464-2] icedove regression update,
Florian Weimer
- [Full-disclosure] CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities,
CORE Security Technologies Advisories
- [Full-disclosure] Hyperion - Paper about Windows PE run-time encryption,
Levent Kayan
- [Full-disclosure] [CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability,
Code Audit Labs
- [Full-disclosure] CORE-2011-1123: Windows Kernel ReadLayoutFile Heap Overflow,
Core Security Advisories Team (fr)
- [Full-disclosure] Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability,
Stefan Schurtz
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] Adobe Shockwave Player Remote Code Execution (CVE-2012-2029),
Rodrigo Rubira Branco (BSDaemon)
- [Full-disclosure] Adobe Shockwave Player Remote Code Execution (CVE-2012-2030),
Rodrigo Rubira Branco (BSDaemon)
- [Full-disclosure] Adobe Shockwave Player Remote Code Execution (CVE-2012-2031),
Rodrigo Rubira Branco (BSDaemon)
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-074 - Contact Forms - Access Bypass,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-075 - Take Control - Cross Site Request Forgery (CSRF),
security-news
- [Full-disclosure] [SECURITY] [DSA 2465-1] php5 security update,
Thijs Kinkhorst
- [Full-disclosure] [SECURITY] [DSA 2466-1] rails security update,
Thijs Kinkhorst
- [Full-disclosure] [SECURITY] [DSA 2467-1] mahara security update,
Thijs Kinkhorst
- [Full-disclosure] [SECURITY] [DSA 2422-2] file regression fix,
Thijs Kinkhorst
- [Full-disclosure] [SECURITY] [DSA 2468-1] libjakarta-poi-java security update,
Florian Weimer
- [Full-disclosure] Breakpoint 2012 Call For Papers,
cfp
- [Full-disclosure] [ MDVSA-2012:068-1 ] php,
security
- [Full-disclosure] [ MDVSA-2012:071 ] php,
security
- [Full-disclosure] [ MDVSA-2012:072 ] roundcubemail,
security
- [Full-disclosure] [Onapsis Research Labs] New SAP Security In-Depth issue: "Our Crown Jewels Online: Attacks on SAP Web Applications",
Onapsis Research Labs
- [Full-disclosure] [SECURITY] [DSA 2469-1] linux-2.6 security update,
dann frazier
- Re: [Full-disclosure] [SECURITY] [DSA 2468-1] libjakarta-poi-java security update,
Yegor Kozlov
- [Full-disclosure] t2'12: Call for Papers 2012 (Helsinki / Finland),
Tomi Tuominen
- [Full-disclosure] [ MDVSA-2012:073 ] openssl,
security
- [Full-disclosure] [SECURITY] [DSA 2670-1] wordpress security update,
Yves-Alexis Perez
- [Full-disclosure] Google Accounts Security Vulnerability,
Michael J. Gray
- [Full-disclosure] GetSimple CMS v3.1 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] Serendipity v1.6 CMS - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] GENU CMS 2012.4 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] Free Reality v3.1-0.6 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] Viscacha Forum CMS v0.8.1.1 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] Proman Xpress v5.0.1 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] Travelon Express CMS v6.2.2 - Multiple Web Vulnerabilities,
Research
- [Full-disclosure] NetBill Billing System v1.2 - Multiple Web Vulnerabilites,
Research
- [Full-disclosure] hidden privilege user in supercomputer NEC Express 58000/1000 series,
Djamshut Saarash
- [Full-disclosure] The Hackers Conference 2012 Call For Papers,
Mohit Kumar
- [Full-disclosure] NETGEAR Exposure of Sensitive Information - Security Advisory,
Lists
- Re: [Full-disclosure] University of Washington Infected with GetMama 3000 files!,
washington_u_getmama
- [Full-disclosure] [SECURITY] [DSA-2471-1] ffmpeg security update,
Moritz Muehlenhoff
- [Full-disclosure] [SECURITY] [DSA 2457-2] New icedove/iceweasel packages fix regression,
Moritz Muehlenhoff
- [Full-disclosure] ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED,
Stefan Kanthak
- [Full-disclosure] [ MDVSA-2012:074 ] ffmpeg,
security
- [Full-disclosure] [ MDVSA-2012:075 ] ffmpeg,
security
- [Full-disclosure] [ MDVSA-2012:076 ] ffmpeg,
security
- [Full-disclosure] Apple Quicktime Memory Corruption (CVE-2012-0671),
Rodrigo Rubira Branco (BSDaemon)
- [Full-disclosure] [SECURITY] [DSA 2472-1] gridengine security update,
Florian Weimer
- [Full-disclosure] Resource Tuner 1.99 Heap Overflow,
Walied Assar
- [Full-disclosure] Trigerring Java code from a SVG image,
Nicolas Grégoire
- [Full-disclosure] SEC-T 2012 CFP and Challenge,
olle
- [Full-disclosure] The story of the Linux kernel 3.x...,
Adam Zabrocki
- [Full-disclosure] struts csrf token bypass,
WooYun
- [Full-disclosure] JW player xss security flaw,
WooYun
- [Full-disclosure] [PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem,
Timo Warns
- [Full-disclosure] Video tutorial: Stack-Based Buffer Overflow,
Juan Sacco
- [Full-disclosure] CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object,
Rob Weir
- [Full-disclosure] CVE-2012-2149 OpenOffice.org memory overwrite vulnerability,
Rob Weir
- [Full-disclosure] CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0,
Rob Weir
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-076 - Ubercart Product Keys Access Bypass,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-77 - Advertisement - Cross Site Scripting & Information Disclosure,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-078 - Smart Breadcrumb - Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-080 - Hostmaster (Aegir) - Access Bypass and Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-079 - Post Affiliate Pro - Cross Site Scripting (XSS) and Access Bypass - Unsupported,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-081 - Aberdeen - Cross Site Scripting,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-082 - Zen - Cross Site Scripting,
security-news
- [Full-disclosure] [SECURITY] [DSA 2473-1] openoffice.org security update,
Florian Weimer
- [Full-disclosure] [ MDVSA-2012:077 ] imagemagick,
security
- [Full-disclosure] DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection,
ddivulnalert
- [Full-disclosure] [SECURITY] [DSA 2474-1] ikiwiki security update,
Raphael Geissert
- [Full-disclosure] New Open Source Web Application Vulnerability Scanner Available,
Dermot Blair
- [Full-disclosure] Security BSidesDetroit,
Kyle Creyts
- [Full-disclosure] [ MDVSA-2012:078 ] imagemagick,
security
- [Full-disclosure] Vulnerability in is Dopewars,
Григорий Братислава
- [Full-disclosure] LinkedIn CSRF: Login Brute Force,
Fernando A. Lagos B.
- [Full-disclosure] Resource Hacker Heap Overflow,
Walied Assar
- [Full-disclosure] [SECURITY] [DSA 2475-1] openssl security update,
Raphael Geissert
- [Full-disclosure] Vulnerabilities on Cryptographp,
Lu33Y
- [Full-disclosure] SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149,
SEC Consult Vulnerability Lab
- [Full-disclosure] H2HC Brazil 9th Edition - Call for Papers,
Rodrigo Rubira Branco (BSDaemon)
- [Full-disclosure] Checking out backdoor shells,
Adam Behnke
- [Full-disclosure] FW: Curso online - Profesional pentesting - Promocion ( 25% de descuento ),
Thor (Hammer of God)
- [Full-disclosure] [SECURITY] [DSA 2476-1] pidgin-otr security update,
Jonathan Wiltshire
- [Full-disclosure] Acuity CMS 2.6.x <= Arbitrary File Upload,
YGN Ethical Hacker Group
- [Full-disclosure] Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access,
YGN Ethical Hacker Group
- [Full-disclosure] php code reviewer(php source code auditing tool),
Rain Liu
- [Full-disclosure] PE Explorer Heap Overflow Vulnerability,
Walied Assar
- [Full-disclosure] Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012),
Call for papers
- [Full-disclosure] [SECURITY] [DSA 2477-1] sympa security update,
Florian Weimer
- [Full-disclosure] New XSS vulnerability in Yandex.Server,
MustLive
- [Full-disclosure] [Announcement] ClubHack Magazine Issue 28, May 2012 Released,
Abhijeet Patil
- [Full-disclosure] DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012,
Major Malfunction
- [Full-disclosure] [ MDVSA-2012:079 ] sudo,
security
- [Full-disclosure] Failure to restrict access,
Fernando Andina
- [Full-disclosure] IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc...,
Fernando Gont
- [Full-disclosure] session stealing in mod_auth_openid - CVE-2012-2760,
ptr
- [Full-disclosure] [ MDVSA-2012:080 ] wireshark,
security
- [Full-disclosure] [SECURITY] [DSA 2478-1] sudo security update,
Moritz Muehlenhoff
- Re: [Full-disclosure] Certificacion - Profesional Pentester,
Thor (Hammer of God)
- [Full-disclosure] [SECURITY] [DSA 2479-1] libxml2 security update,
Moritz Muehlenhoff
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-083 - Taxonomy List - Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-084 - Search API - Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-085 - BrowserID - Multiple Vulnerabilities,
security-news
- [Full-disclosure] [CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability,
Stefan Bodewig
- [Full-disclosure] Kingcopes AthCon 2012 Slides & Notes,
HI-TECH .
- [Full-disclosure] [ MDVSA-2012:081 ] firefox,
security
- [Full-disclosure] CVE-2012-2216 - Social Engine Multiples Vulnerabilities (XSS and CSRF),
Tiago Natel de Moura
- [Full-disclosure] VMDK Has Left the Building . Some Nasty Attacks Against VMware vSphere 5 Based Cloud Infrastructures,
Enno Rey
- [Full-disclosure] [SECURITY] [DSA 2480-1] request-tracker3.8 security update,
Moritz Muehlenhoff
- [Full-disclosure] ResEdit Buffer Overflow Vulnerabilities,
Walied Assar
- [Full-disclosure] Malware.lu - analysis and pownage of hespesnet botnet,
rootbsd
- [Full-disclosure] CFP: Hacktivity 2012, October 12-13, Budapest, Hungary,
Attila Bartfai
- [Full-disclosure] GreHack 2012 - Call For Papers (CFP),
Fabien DUCHENE
- [Full-disclosure] Info about attack trees,
Federico De Meo
- [Full-disclosure] New tool: Hyperion - A runtime encrypter for 32-bit PE files,
Levent Kayan
- [Full-disclosure] ekoparty sercurity conference 2012 CFP is now OPEN!,
Juan Pablo Daniel
- [Full-disclosure] About IBM,
MustLive
- [Full-disclosure] Crash when FILEOPEN particular .rtf,
Carlo Di Dato
- Re: [Full-disclosure] Full-Disclosure Digest, Vol 87, Issue 36,
David O'Callaghan
- [Full-disclosure] Flame= cyberwar,
Peter Dawson
- [Full-disclosure] [ MDVSA-2012:082 ] pidgin,
security
- [Full-disclosure] Fw: Info about attack trees,
Jerry dePriest
- [Full-disclosure] [SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released),
Security Explorations
- Re: [Full-disclosure] WHMCS 0day,
Dex
- [Full-disclosure] NSA Cyber security program [ maybe off-topic ],
Pablo
- [Full-disclosure] [ MDVSA-2012:083 ] util-linux,
security
- [Full-disclosure] [ MDVSA-2012:084 ] ncpfs,
security
- [Full-disclosure] [SECURITY] [DSA 2480-2] request-tracker3.8 regression update,
Florian Weimer
- [Full-disclosure] DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass,
ddivulnalert
- [Full-disclosure] AST-2012-007: Remote crash vulnerability in IAX2 channel driver.,
Asterisk Security Team
- [Full-disclosure] AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability,
Asterisk Security Team
- [Full-disclosure] Decrypting encrypted iPhone backups,
Adam Behnke
- [Full-disclosure] [ MDVSA-2012:085 ] tomcat5,
security
- [Full-disclosure] Context IS Advisory - .NET 1.0 through .NET 4 Remote Code Execution,
Context IS - Disclosure
- [Full-disclosure] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-086 - Amadou - Cross Site Scripting,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-087 - Comment Moderation - Cross Site Request Forgery,
security-news
- [Full-disclosure] things you can do with downloads,
Michal Zalewski
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-088 - Mobile Tools - Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-090 - File depot - Session Management Vulnerability,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-089 - Counter - SQL Injection (unsupported),
security-news
- [Full-disclosure] [ MDVSA-2012:086 ] acpid,
security
- [Full-disclosure] imagine ..,
RandallM
Mail converted by MHonArc