Mail Thread Index
- Re: [Full-disclosure] XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf,
MustLive
- [Full-disclosure] Remote command execution in Ruby Gem ldoce 0.0.2,
Larry W. Cashdollar
- [Full-disclosure] Network Weathermap 0.97a - Persistent XSS,
Daniel Ricardo dos Santos
- [Full-disclosure] Aspen 0.8 - Directory Traversal,
Daniel Ricardo dos Santos
- [Full-disclosure] Advisory: PonyOS Security Issues,
John Cartwright
- [Full-disclosure] SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance,
SEC Consult Vulnerability Lab
- [Full-disclosure] Google AD Sync Tool - Exposure of Sensitive Information Vulnerability,
Lists
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-040 - Commerce Skrill (Formerly Moneybookers) - Access bypass,
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass,
security-news
- [Full-disclosure] DoS vulnerability in Adobe Flash Player (BSOD),
MustLive
- [Full-disclosure] [SECURITY] [DSA 2654-1] libxslt security update,
Salvatore Bonaccorso
- [Full-disclosure] Hackersh 0.1 Release Announcement,
Itzik Kotler
- [Full-disclosure] GreHack 2013 - Call For Papers - November 15, Grenoble, France,
F. Duchene
- [Full-disclosure] SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7),
SEC Consult Vulnerability Lab
- [Full-disclosure] [ MDVSA-2013:015-1 ] apache,
security
- [Full-disclosure] [ MDVSA-2013:016 ] apache-mod_security,
security
- [Full-disclosure] [ MDVSA-2013:017 ] arpwatch,
security
- [Full-disclosure] [ MDVSA-2013:018 ] automake,
security
- [Full-disclosure] [SECURITY] [DSA 2657-1] postgresql-8.4 security update,
Giuseppe Iuculano
- [Full-disclosure] [SECURITY] [DSA 2658-1] postgresql-9.1 security update,
Giuseppe Iuculano
- [Full-disclosure] [ MDVSA-2013:019 ] bash,
security
- [Full-disclosure] [ MDVSA-2013:027-1 ] clamav,
security
- [Full-disclosure] [ MDVSA-2013:029 ] apache-mod_security,
security
- [Full-disclosure] [ MDVSA-2013:030 ] arpwatch,
security
- [Full-disclosure] [ MDVSA-2013:031 ] automake,
security
- [Full-disclosure] [ MDVSA-2013:032 ] bash,
security
- [Full-disclosure] [ MDVSA-2013:023-1 ] coreutils,
security
- [Full-disclosure] [ MDVSA-2013:033 ] cronie,
security
- [Full-disclosure] [ MDVSA-2013:034 ] cups,
security
- [Full-disclosure] [ MDVSA-2013:035 ] libexif,
security
- [Full-disclosure] [ MDVSA-2013:036 ] exif,
security
- [Full-disclosure] [ MDVSA-2013:037 ] fetchmail,
security
- [Full-disclosure] [ MDVSA-2013:038 ] freeradius,
security
- [Full-disclosure] [ MDVSA-2013:039 ] freetype2,
security
- [Full-disclosure] [ MDVSA-2013:001-1 ] gnupg,
security
- [Full-disclosure] [ MDVSA-2013:040 ] gnutls,
security
- [Full-disclosure] [ MDVSA-2013:041 ] html2ps,
security
- [Full-disclosure] [ MDVSA-2013:042 ] krb5,
security
- [Full-disclosure] [ MDVSA-2013:043 ] libgssglue,
security
- [Full-disclosure] [ MDVSA-2013:044 ] libjpeg,
security
- [Full-disclosure] [ MDVSA-2013:045 ] libssh,
security
- [Full-disclosure] [ MDVSA-2013:046 ] libtiff,
security
- [Full-disclosure] c0c0n 2013 - Call For Papers and Call For Workshops,
c0c0n International Information Security Conference
- [Full-disclosure] [ MDVSA-2013:055 ] wireshark,
security
- [Full-disclosure] [ MDVSA-2013:048 ] ncpfs,
security
- [Full-disclosure] [ MDVSA-2013:052 ] openssl,
security
- [Full-disclosure] [ MDVSA-2013:049 ] net-snmp,
security
- [Full-disclosure] [ MDVSA-2013:047 ] libxslt,
security
- [Full-disclosure] [ MDVSA-2013:050 ] nss,
security
- [Full-disclosure] [ MDVSA-2013:054 ] sudo,
security
- [Full-disclosure] [ MDVSA-2013:053 ] proftpd,
security
- [Full-disclosure] [ MDVSA-2013:051 ] openssh,
security
- [Full-disclosure] [Slightly OT] "Summerschool at the NSA" - a screenplay where the NSA gets pwned by two Hollywood actresses (100% non-violently ; WiP),
Shlomi Fish
- [Full-disclosure] [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9,
ISecAuditors Security Advisories
- [Full-disclosure] Last Mile: SECURWARE 2013 || August 25 - 31, 2013 - Barcelona, Spain,
Cristina Pascual
- [Full-disclosure] Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable,
Ing. Michael F. Schratt, MSc
- [Full-disclosure] Hackito Ergo Sum 2013 – Call For Paper – HES2013 CFP,
choukoumoun
- [Full-disclosure] [ MDVSA-2013:056 ] libxml2,
security
- [Full-disclosure] SEC Consult 20130408-0 :: Nitro Pro 8 - Insecure Library Loading Allows Remote Code Execution (DLL Hijacking),
SEC Consult Vulnerability Lab
- [Full-disclosure] [ MDVSA-2013:057 ] xinetd,
security
- [Full-disclosure] APT1: technical backstage,
rootbsd
- [Full-disclosure] [ MDVSA-2013:058 ] bind,
security
- [Full-disclosure] [ MDVSA-2013:059 ] dhcp,
security
- [Full-disclosure] [ MDVSA-2013:060 ] accountsservice,
security
- [Full-disclosure] [ MDVSA-2013:061 ] awstats,
security
- [Full-disclosure] [ MDVSA-2013:062 ] backuppc,
security
- [Full-disclosure] [ MDVSA-2013:063 ] bip,
security
- [Full-disclosure] [ MDVSA-2013:064 ] bogofilter,
security
- [Full-disclosure] [ MDVSA-2013:065 ] boost,
security
- [Full-disclosure] [ MDVSA-2013:066 ] bugzilla,
security
- [Full-disclosure] [ MDVSA-2013:067 ] couchdb,
security
- [Full-disclosure] [ MDVSA-2013:068 ] courier-authlib,
security
- [Full-disclosure] [ MDVSA-2013:069 ] cups-pk-helper,
security
- [Full-disclosure] [ MDVSA-2013:070 ] dbus,
security
- [Full-disclosure] [ MDVSA-2013:071 ] dbus-glib,
security
- [Full-disclosure] [ MDVSA-2013:072 ] dnsmasq,
security
- [Full-disclosure] Poshing the Hashes,
Nikhil Mittal
- [Full-disclosure] GitHub Login Cookie Failure,
Chris Roussel
- [Full-disclosure] [ MDVSA-2013:073 ] dokuwiki,
security
- [Full-disclosure] [ MDVSA-2013:074 ] drupal,
security
- [Full-disclosure] [ MDVSA-2013:075 ] elinks,
security
- [Full-disclosure] XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress,
MustLive
- [Full-disclosure] XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress,
MustLive
- [Full-disclosure] [ MDVSA-2013:076 ] emacs,
security
- [Full-disclosure] [ MDVSA-2013:077 ] ettercap,
security
- [Full-disclosure] [ MDVSA-2013:078 ] fail2ban,
security
- [Full-disclosure] [ MDVSA-2013:079 ] ffmpeg,
security
- [Full-disclosure] [ MDVSA-2013:080 ] ganglia,
security
- [Full-disclosure] [ MDVSA-2013:081 ] gegl,
security
- [Full-disclosure] [ MDVSA-2013:082 ] gimp,
security
- [Full-disclosure] [ MDVSA-2013:083 ] glib2.0,
security
- [Full-disclosure] [ MDVSA-2013:084 ] gnome-keyring,
security
- [Full-disclosure] SVN extractor for Web Application Pentesters,
Anant Shrivastava
- [Full-disclosure] [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7,
Janek Vind
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] [ MDVSA-2013:085 ] groff,
security
- [Full-disclosure] [ MDVSA-2013:086 ] groff,
security
- [Full-disclosure] Remote Command Injection Ruby Gem Karteek Docsplit 0.5.4,
Larry W. Cashdollar
- [Full-disclosure] [ MDVSA-2013:087 ] firefox,
security
- [Full-disclosure] [ MDVSA-2013:088 ] hplip,
security
- [Full-disclosure] [ MDVSA-2013:089 ] icclib,
security
- [Full-disclosure] [ MDVSA-2013:090 ] argyllcms,
security
- [Full-disclosure] [ MDVSA-2013:091 ] icecast,
security
- [Full-disclosure] [ MDVSA-2013:092 ] imagemagick,
security
- [Full-disclosure] [ MDVSA-2013:093 ] ircd-hybrid,
security
- [Full-disclosure] [ MDVSA-2013:094 ] jakarta-poi,
security
- [Full-disclosure] [ MDVSA-2013:095 ] java-1.7.0-openjdk,
security
- [Full-disclosure] [ MDVSA-2013:096 ] keepalived,
security
- [Full-disclosure] [ MDVSA-2013:097 ] libotr,
security
- [Full-disclosure] [ MDVSA-2013:098 ] libupnp,
security
- [Full-disclosure] [ MDVSA-2013:099 ] libytnef,
security
- [Full-disclosure] [ MDVSA-2013:100 ] lighttpd,
security
- [Full-disclosure] [ MDVSA-2013:101 ] lynx,
security
- [Full-disclosure] [ MDVSA-2013:102 ] mariadb,
security
- [Full-disclosure] [ MDVSA-2013:104 ] mosh,
security
- [Full-disclosure] [ MDVSA-2013:103 ] mesa,
security
- [Full-disclosure] [ MDVSA-2013:105 ] munin,
security
- [Full-disclosure] [ MDVSA-2013:106 ] nss-pam-ldapd,
security
- [Full-disclosure] [ MDVSA-2013:107 ] ocaml-xml-light,
security
- [Full-disclosure] [ MDVSA-2013:108 ] openconnect,
security
- [Full-disclosure] [ MDVSA-2013:109 ] open-iscsi,
security
- [Full-disclosure] [ MDVSA-2013:110 ] openjpeg,
security
- [Full-disclosure] [ MDVSA-2013:111 ] openslp,
security
- [Full-disclosure] [ MDVSA-2013:112 ] otrs,
security
- [Full-disclosure] DoS vulnerability in Internet Explorer (access violation),
MustLive
- [Full-disclosure] DeepSec 2013 - Call for Papers,
DeepSec Conference
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Cisco Prime Network Control Systems Database Default Credentials Vulnerability,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [SECURITY] [DSA 2659-1] libapache-mod-security security update,
Salvatore Bonaccorso
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-042 - RESTful Web Services (RESTWS) - Denial of Service,
security-news
- [Full-disclosure] [ MDVSA-2013:123 ] rpmdevtools,
security
- [Full-disclosure] [ MDVSA-2013:121 ] qemu,
security
- [Full-disclosure] [ MDVSA-2013:135 ] vte,
security
- [Full-disclosure] [ MDVSA-2013:126 ] snack,
security
- [Full-disclosure] [ MDVSA-2013:132 ] tor,
security
- [Full-disclosure] [ MDVSA-2013:118 ] python-feedparser,
security
- [Full-disclosure] [ MDVSA-2013:122 ] quagga,
security
- [Full-disclosure] [ MDVSA-2013:138 ] x11-driver-video-qxl,
security
- [Full-disclosure] [ MDVSA-2013:137 ] wordpress,
security
- [Full-disclosure] [ MDVSA-2013:120 ] python-pycrypto,
security
- [Full-disclosure] [ MDVSA-2013:117 ] python,
security
- [Full-disclosure] [ MDVSA-2013:133 ] usbmuxd,
security
- [Full-disclosure] [ MDVSA-2013:131 ] taglib,
security
- [Full-disclosure] [ MDVSA-2013:128 ] squashfs-tools,
security
- [Full-disclosure] [ MDVSA-2013:130 ] stunnel,
security
- [Full-disclosure] [ MDVSA-2013:119 ] python-httplib2,
security
- [Full-disclosure] [ MDVSA-2013:139 ] x11-server,
security
- [Full-disclosure] [ MDVSA-2013:129 ] squid,
security
- [Full-disclosure] [ MDVSA-2013:140 ] asterisk,
security
- [Full-disclosure] [ MDVSA-2013:113 ] perl,
security
- [Full-disclosure] [MDVSA-2013:11X ] ENTIRE OS,
Stefan Jon Silverman
- [Full-disclosure] MacOSX 10.8.3 ftpd Remote Resource Exhaustion,
[CXSEC]
- [Full-disclosure] Exploiting sibling domains cookie isolation policy to DoS CDN users,
Jan Wrobel
- [Full-disclosure] Allegro.pl XSS [0-day],
Kacper Szczesniak
- [Full-disclosure] Remote command injection in Ruby Gem kelredd-pruview 0.3.8,
Larry W. Cashdollar
- [Full-disclosure] [ MDVSA-2013:125 ] sleuthkit,
security
- [Full-disclosure] [ MDVSA-2013:134 ] viewvc,
security
- [Full-disclosure] [ MDVSA-2013:114 ] php,
security
- [Full-disclosure] [ MDVSA-2013:127 ] socat,
security
- [Full-disclosure] [ MDVSA-2013:124 ] ruby,
security
- [Full-disclosure] [ MDVSA-2013:116 ] pixman,
security
- [Full-disclosure] [ MDVSA-2013:141 ] libxslt,
security
- [Full-disclosure] [ MDVSA-2013:115 ] php-ZendFramework,
security
- [Full-disclosure] [ MDVSA-2013:136 ] weechat,
security
- [Full-disclosure] [ MDVSA-2013:142 ] postgresql,
security
- [Full-disclosure] XSS and CS vulnerabilities in Dotclear,
MustLive
- [Full-disclosure] Vulnerabilities in AI-Bolit,
MustLive
- [Full-disclosure] RAT list,
Antonio Leiva
- [Full-disclosure] [ MDVSA-2013:143 ] poppler,
security
- [Full-disclosure] Remote command injection md2pdf ruby gem,
Larry W. Cashdollar
- [Full-disclosure] DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal,
ddivulnalert
- [Full-disclosure] [ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution,
ESNC Security
- [Full-disclosure] [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control,
ESNC Security
- [Full-disclosure] [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services,
ESNC Security
- [Full-disclosure] Oppida/NoSuchCon challenge has been released,
NoSuchCon
- [Full-disclosure] [ MDVSA-2013:144 ] phpmyadmin,
security
- [Full-disclosure] [SE-2012-01] Details of issues fixed by Java SE 7 Update 21,
Security Explorations
- [Full-disclosure] ZPanel arbitrary code execution + root escalation vulnerability,
Sven Slootweg
- [Full-disclosure] SI6 Networks' IPv6 Toolkit v1.3.4 released!,
Fernando Gont
- Re: [Full-disclosure] ZPanel arbitrary code execution + root escalation vulnerability,
Dex
- [Full-disclosure] SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey,
SEC Consult Vulnerability Lab
- [Full-disclosure] SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption,
SEC Consult Vulnerability Lab
- [Full-disclosure] SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server,
SEC Consult Vulnerability Lab
- [Full-disclosure] Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-043 - MP3 Player - Cross Site Scripting (XSS),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request Forgery (CSRF),
security-news
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-045 - Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) - Access bypass,
security-news
- [Full-disclosure] [SECURITY] [DSA 2661-1] xorg-server security update,
Yves-Alexis Perez
- [Full-disclosure] DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013,
Major Malfunction
- [Full-disclosure] Fwd: CVE-2013-2504 : Matrix42 Service Desk XSS,
43z sec
- [Full-disclosure] [SECURITY] [DSA 2662-1] xen security update,
Salvatore Bonaccorso
- [Full-disclosure] TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation,
Trustwave Advisories
- Re: [Full-disclosure] SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption,
SEC Consult Vulnerability Lab
- [Full-disclosure] [ MDVSA-2013:145 ] java-1.6.0-openjdk,
security
- [Full-disclosure] [ MDVSA-2013:146 ] icedtea-web,
security
- [Full-disclosure] [ MDVSA-2013:147 ] libarchive,
security
- Re: [Full-disclosure] VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555),
paul . szabo
- Re: [Full-disclosure] VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555),
Joxean Koret
- [Full-disclosure] [SECURITY] [DSA 2660-1] curl security update,
Salvatore Bonaccorso
- [Full-disclosure] Multiple vulnerabilities in Colormix theme for WordPress,
MustLive
- [Full-disclosure] reasonable return on investment; better investments in security [was Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555)],
coderman
- [Full-disclosure] Vulnerabilities in jPlayer,
MustLive
- [Full-disclosure] [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE,
Security Explorations
- [Full-disclosure] 44Café Tuesday 23rd April, Earls Court London - What to expect,
Steve
- [Full-disclosure] Coliseum101 - Security Conferences Calendar,
Nahuel Grisolia
- [Full-disclosure] NoSuchCon 2013, Paris (France), May 15th-17 th,
NoSuchCon
- [Full-disclosure] How do I contact Vodafone Security?,
Jann Horn
- [Full-disclosure] 0day Vulnerability in VLC (this is my first release of the vuln anywhere),
jay van
- [Full-disclosure] [ MDVSA-2013:148 ] roundcubemail,
security
- [Full-disclosure] [ MDVSA-2013:149 ] roundcubemail,
security
- [Full-disclosure] [ MDVSA-2013:150 ] mysql,
security
- [Full-disclosure] Vulnerabilities in multiple plugins for WordPress with jPlayer,
MustLive
- [Full-disclosure] [SECURITY] [DSA 2663-1] tinc security update,
Yves-Alexis Perez
- [Full-disclosure] [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver,
ESNC Security
- [Full-disclosure] hornbill supportworks SQL injection,
research
- [Full-disclosure] Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product,
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Vulnerabilities in multiple themes for WordPress with jPlayer,
MustLive
- [Full-disclosure] Apache CloudStack Security Advisory: Multiple vulnerabilities in Apache CloudStack,
John Kinsella
- [Full-disclosure] [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin,
Janek Vind
- [Full-disclosure] BSidesCLT Call for Presenters,
Bsides Charlotte
- [Full-disclosure] Fwd: Module import security issue,
Jen Savage
- [Full-disclosure] Hacking IPv6 networks training (slideware, upcoming trainings, etc.),
Fernando Gont
- [Full-disclosure] [ MDVSA-2013:151 ] curl,
security
- [Full-disclosure] [ MDVSA-2013:152 ] subversion,
security
- [Full-disclosure] [ MDVSA-2013:153 ] subversion,
security
- [Full-disclosure] WPS Office Wpsio.dll Stack Buffer Overflow Vulnerability,
zhangjiantao
- [Full-disclosure] BF and IA vulnerabilities in IBM Lotus Domino,
MustLive
- [Full-disclosure] [ MDVSA-2013:154 ] util-linux,
security
- [Full-disclosure] [ MDVSA-2013:155 ] fuse,
security
- [Full-disclosure] [ MDVSA-2013:156 ] apache-mod_security,
security
- [Full-disclosure] CORE-2013-0301 - Vivotek IP Cameras Multiple Vulnerabilities,
CORE Security Technologies Advisories
- [Full-disclosure] CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities,
CORE Security Technologies Advisories
- [Full-disclosure] PayPal Bug Bounty #45 BillSafe - Remote Auth Bypass Session Web Vulnerability,
Vulnerability Lab
- [Full-disclosure] Updated - CA20130213-01: Security Notice for CA ControlMinder,
Kotas, Kevin J
- [Full-disclosure] WowzaMediaServer StorageDir escape (regression),
Michal J.
- [Full-disclosure] WowzaMediaServer SecureToken bypass (and worse),
Michal J.
- [Full-disclosure] [ MDVSA-2013:157 ] krb5,
security
- [Full-disclosure] [ MDVSA-2013:158 ] krb5,
security
Mail converted by MHonArc