Mail Index

• Thread Index

• [Full-disclosure] [SECURITY] [DSA 2807-1] links2 security update
  • From: Moritz Muehlenhoff
• Re: [Full-disclosure] Seems like Coinbase Security Team doesn't know how their cookie works
  • From: Jeffrey Walton
• [Full-disclosure] Day of bugs in WordPress 3
  • From: MustLive
• [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1
  • From: MustLive
• Re: [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1
  • From: Ryan Dewhurst
• [Full-disclosure] TouchID and !simple passcodes
  • From: Brandon Perry
• Re: [Full-disclosure] Day of bugs in WordPress 3
  • From: Zenny
• Re: [Full-disclosure] Seems like Coinbase Security Team doesn't know how their cookie works
  • From: Marc Nimmerrichter
• [Full-disclosure] PHDays IV Call for Papers is Open
  • From: PHD
• [Full-disclosure] Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] (no subject)
  • From: Ciaran McNally
• [Full-disclosure] [ANN] Struts 2.3.15.3 GA release available - security fix
  • From: Lukasz Lenart
• [Full-disclosure] [CVE-2013-4295] Apache Shindig information disclosure vulnerability
  • From: Ryan Baxter
• [Full-disclosure] NEW VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities
  • From: "VMware Security Response Center"
• [Full-disclosure] [CVE-2013-5702] Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities
  • From: Julien Ahrens
• [Full-disclosure] CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass
  • From: CORE Advisories Team
• Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 13): surprising and inconsistent behaviour, sloppy coding, sloppy QA, sloppy documentation
  • From: Stefan Kanthak
• [Full-disclosure] Defense in depth -- the Microsoft way (part 13): surprising and inconsistent behaviour, sloppy coding, sloppy QA, sloppy documentation
  • From: Stefan Kanthak
• [Full-disclosure] D-Link DIR-XXX remote root access exploit.
  • From: ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
• [Full-disclosure] FBTest remote command execution.
  • From: ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
• [Full-disclosure] Multiple issues in OpenSSL - BN (multiprecision integer arithmetics).
  • From: ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
• [Full-disclosure] Command injection vulnerability in Ruby Gem sprout 0.7.246
  • From: Larry W. Cashdollar
• Re: [Full-disclosure] Multiple issues in OpenSSL - BN (multiprecision integer arithmetics).
  • From: coderman
• [Full-disclosure] CarolinaCon-10 / 2014 - Call for Presenters/Speakers
  • From: Vic Vandal
• Re: [Full-disclosure] CVE-2013-6271 Remove Android Device Lock - App published
  • From: Curesec Research Team
• [Full-disclosure] [SECURITY] [DSA 2808-1] openjpeg security update
  • From: Raphael Geissert
• [Full-disclosure] [CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue
  • From: Fran
• [Full-disclosure] Tftpd32 Client Side Format String Vulnerability
  • From: Rustein, Fara Denise (LATCO - Buenos Aires)
• [Full-disclosure] DAVOSET v.1.1.4
  • From: MustLive
• [Full-disclosure] NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation
  • From: "VMware Security Response Center"
• [Full-disclosure] McAfee Email Gateway multiple vulns
  • From: Brandon Perry
• [Full-disclosure] Any not annoying help welcome
  • From: ICSS Security
• Re: [Full-disclosure] Any not annoying help welcome
  • From: ICSS Security
• Re: [Full-disclosure] Any not annoying help welcome
  • From: adam
• Re: [Full-disclosure] Any not annoying help welcome
  • From: Michael von Dach
• [Full-disclosure] Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• Re: [Full-disclosure] Any not annoying help welcome
  • From: Christopher Dreher
• [Full-disclosure] [SECURITY] [DSA 2809-1] ruby1.8 security update
  • From: Salvatore Bonaccorso
• [Full-disclosure] [SECURITY] [DSA 2810-1] ruby1.9.1 security update
  • From: Salvatore Bonaccorso
• Re: [Full-disclosure] DAVOSET v.1.1.4
  • From: MustLive
• [Full-disclosure] [Security-news] SA-CONTRIB-2013-097 - OG Features - Access bypass
  • From: security-news
• [Full-disclosure] CFP RootedCON 2014
  • From: Omar Benbouazza
• [Full-disclosure] Reflected XSS Attacks XSS vulnerabilities in NagiosQL 3.2.0 Servicepack 2 (CVE: CVE-2013-6039)
  • From: William Costa
• Re: [Full-disclosure] Any not annoying help welcome
  • From: Mr OverBlue
• [Full-disclosure] Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability
  • From: Vulnerability Lab
• [Full-disclosure] Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] NEW VMSA-2013-0015 VMware ESX updates to third party libraries
  • From: Edward Hawkins
• [Full-disclosure] [CVE-2013-6985]SQL Injection Vulnerability In Enorth Webpublisher CMS
  • From: xin.wang
• [Full-disclosure] China's tool of the year
  • From: silence_is_best
• [Full-disclosure] [CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin
  • From: Christian Catalano
• Re: [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1
  • From: MustLive
• [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
  • From: Daniel Wood
• [Full-disclosure] [SECURITY] [DSA 2811-1] chromium-browser security update
  • From: Michael Gilbert
• [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1
  • From: MustLive
• [Full-disclosure] Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability
  • From: Vulnerability Lab
• [Full-disclosure] Print n Share v5.5 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] [SECURITY] [DSA 2812-1] samba security update
  • From: Moritz Muehlenhoff
• [Full-disclosure] Vulnerabilities in Apache Solr < 4.6.0
  • From: Nicolas Grégoire
• Re: [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1
  • From: Julius Kivimäki
• Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
  • From: Anonymous
• [Full-disclosure] [SECURITY] [DSA 2813-1] gimp security update
  • From: Moritz Muehlenhoff
• [Full-disclosure] [SECURITY] [DSA 2814-1] varnish security update
  • From: Salvatore Bonaccorso
• [Full-disclosure] [SECURITY] [DSA 2815-1] munin security update
  • From: Salvatore Bonaccorso
• [Full-disclosure] Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities
  • From: Vulnerability Lab
• Re: [Full-disclosure] Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability #full
  • From: Vulnerability Lab
• [Full-disclosure] Owning Render Farms via NVIDIA mental ray
  • From: ReVuln
• [Full-disclosure] CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability
  • From: CORE Advisories Team
• [Full-disclosure] Android Fragment Injection vulnerability
  • From: Roee Hay
• Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
  • From: Sean Lynch
• [Full-disclosure] Adobe Flash Player and Shockwave Player security updates
  • From: Osama Alrashid
• [Full-disclosure] Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] [Onapsis Research Labs] New SAP Security In-Depth issue: "Transport Management System: Highway to Production"
  • From: Onapsis Research Labs
• [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Stefan Schurtz
• [Full-disclosure] CORE-2013-0807 - Divide Error in Windows Kernel
  • From: CORE Advisories Team
• [Full-disclosure] SOJOBO-ADV-13-05: Vtiger 5.4.0 Reflected Cross Site Scripting
  • From: advisories
• [Full-disclosure] List Charter
  • From: John Cartwright
• Re: [Full-disclosure] CORE-2013-0807 - Divide Error in Windows Kernel
  • From: CORE Advisories Team
• [Full-disclosure] Microsoft PhotoStory - CS Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [Full-disclosure] Microsoft Yammer - Persistent Profile Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities
  • From: Vulnerability Lab
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Jann Horn
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Stefan Schurtz
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Michal Zalewski
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Jann Horn
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Michal Zalewski
• [Full-disclosure] Command injection in Ruby Gem Webbynode 1.0.5.3
  • From: Larry W. Cashdollar
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Jann Horn
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Michal Zalewski
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Jann Horn
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Michal Zalewski
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Jann Horn
• Re: [Full-disclosure] Clickjacking (?) on Facebook.com (Question)
  • From: Nahuel Grisolía
• [Full-disclosure] Ditto Forensic FieldStation, multiple vulnerabilities
  • From: Martin Wundram
• [Full-disclosure] [SECURITY] [DSA 2816-1] php5 security update
  • From: Thijs Kinkhorst
• [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Pedro Luis Karrasquillo
• [Full-disclosure] Multiple vulnerabilities in SMF forum software
  • From: Jakob Lell
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Mikhail A. Utin
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Georgi Guninski
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Georgi Guninski
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: imipak
• [Full-disclosure] Microsoft Online, Office & Cloud - Persistent Encoding Vulnerabilities
  • From: Vulnerability Lab
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Gary Baribault
• [Full-disclosure] DC4420 - DefCon London: Christmas Social (= no talks), Tuesday 17th December 2013
  • From: Tony Naggs
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Georgi Guninski
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Gary Baribault
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Jeffrey Walton
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Gary Baribault
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Gary Baribault
• [Full-disclosure] Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability
  • From: Stefan Esser
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Gary Baribault
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Gary Baribault
• [Full-disclosure] RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e
  • From: coderman
• [Full-disclosure] cryptographic flaws in IBM SPSS data file encryption
  • From: Ben Pfaff
• [Full-disclosure] [SECURITY] [DSA 2817-1] libtar security update
  • From: Luciano Bello
• [Full-disclosure] Securely Download Google Chrome Offline Installer
  • From: Dieyu
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: silence_is_best
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Jasper Kips
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Paul Ammann
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Jordon Bedwell
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Jordon Bedwell
• [Full-disclosure] E-mail Hacking - Hacker Highschool
  • From: Pete Herzog
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Jordon Bedwell
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: amani
• [Full-disclosure] Call for Papers -YSTS 8 - Information Security Conference, Brazil
  • From: Luiz Eduardo
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Dieyu
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Pedro Luis Karrasquillo
• Re: [Full-disclosure] RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e
  • From: coderman
• Re: [Full-disclosure] RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e
  • From: coderman
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Microsoft Security Response Center
• [Full-disclosure] Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line
  • From: Larry W. Cashdollar
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Jordon Bedwell
• Re: [Full-disclosure] <b>Where are you guys standing re: the (full) disclosure question?</b>
  • From: Jasper Kips
• Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
  • From: Pedro Luis Karrasquillo
• [Full-disclosure] iscripts autohoster , multiple vulns / php code injection exploit
  • From: 0u7 5m4r7
• [Full-disclosure] Iscripts multicart , multiple vulns
  • From: 0u7 5m4r7
• [Full-disclosure] Iscripts supportdesk 4.x , Multiple vulns / Sql injection exploit
  • From: 0u7 5m4r7
• [Full-disclosure] Buxalert PTC , multiple vulns / SQL injection Exploit
  • From: 0u7 5m4r7
• [Full-disclosure] Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] Solaris Recommended Patch Cluster 6/19 local root on x86
  • From: Larry W. Cashdollar
• Re: [Full-disclosure] WordPress OptimizePress Theme - File Upload Vulnerability
  • From: Kurt Seifried
• [Full-disclosure] Traidnt up 3 , Admin info reset exploit
  • From: 0u7 5m4r7
• [Full-disclosure] Arabportal 2.x , Sql injection / Password reset exploit
  • From: 0u7 5m4r7
• [Full-disclosure] Kaspersky Internet Security - fake av.
  • From: vx Indy
• [Full-disclosure] [SECURITY] [DSA 2818-1] mysql-5.5 security update
  • From: Salvatore Bonaccorso
• [Full-disclosure] [SECURITY] [DSA 2819-1] End-of-life announcement for iceape
  • From: Moritz Muehlenhoff
• Re: [Full-disclosure] Kaspersky Internet Security - fake av.
  • From: iPwn
• [Full-disclosure] OpenText Exceed On Demand 8 multiple vulnerabilities
  • From: Krzysztof Kotowicz
• [Full-disclosure] Information Leakage and Backdoor vulnerabilities in WordPress
  • From: MustLive
• [Full-disclosure] Release: Faraday Penetration Test IDE
  • From: Francisco Amato
• [Full-disclosure] FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] BodyHacking Convention 2014
  • From: I)ruid
• [Full-disclosure] AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message
  • From: Asterisk Security Team
• [Full-disclosure] AST-2013-007: Asterisk Manager User Dialplan Permission Escalation
  • From: Asterisk Security Team
• [Full-disclosure] QuickHeal AntiVirus 7.0.0.1 - Stack Overflow Vulnerability
  • From: Vulnerability Lab
• Re: [Full-disclosure] RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e
  • From: coderman
• [Full-disclosure] [SECURITY] [DSA 2820-1] nspr security update
  • From: Raphael Geissert
• Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
  • From: Fyodor
• [Full-disclosure] CSRF, DoS and IL vulnerabilities in WordPress
  • From: MustLive
• Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
  • From: William Scott Lockwood III
• [Full-disclosure] [ MDVSA-2013:288 ] subversion
  • From: security
• [Full-disclosure] [ MDVSA-2013:287-1 ] drupal
  • From: security
• Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
  • From: coderman
• [Full-disclosure] CORE-2013-0903 - RealPlayer Heap-based Buffer Overflow Vulnerability
  • From: CORE Advisories Team
• [Full-disclosure] Fw: xss
  • From: VMw4r3
• [Full-disclosure] Capstone 1.0 disassembly framework release!
  • From: Nguyen Anh Quynh
• [Full-disclosure] [ MDVSA-2013:289 ] owncloud
  • From: security
• [Full-disclosure] [ MDVSA-2013:291 ] kernel
  • From: security
• [Full-disclosure] [ MDVSA-2013:291 ] kernel
  • From: security
• [Full-disclosure] [ MDVSA-2013:290 ] mediawiki
  • From: security
• [Full-disclosure] phrack.org being spammed
  • From: Yvan Janssens
• [Full-disclosure] InfoSec Southwest 2014 CFP now open!
  • From: ISSW CFP
• [Full-disclosure] [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms
  • From: Christian Catalano
• Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application
  • From: Daniel Wood
• [Full-disclosure] [ MDVSA-2013:292 ] links
  • From: security
• [Full-disclosure] [ MDVSA-2013:293 ] gimp
  • From: security
• [Full-disclosure] [ MDVSA-2013:294 ] gimp
  • From: security
• [Full-disclosure] [SECURITY] [DSA 2822-1] xorg-server security update
  • From: Moritz Muehlenhoff
• [Full-disclosure] [SECURITY] [DSA 2823-1] pixman security update
  • From: Moritz Muehlenhoff
• [Full-disclosure] [Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability
  • From: security-news
• [Full-disclosure] [SECURITY] [DSA 2821-1] gnupg security update
  • From: Thijs Kinkhorst
• [Full-disclosure] XSS in HP Operations Orchestration Central version 9.06
  • From: Bart Leppens
• [Full-disclosure] Apache Santuario security advisory CVE-2013-4517 released
  • From: Colm O hEigeartaigh
• Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering
  • From: Mikhail A. Utin
• [Full-disclosure] [ MDVSA-2013:295 ] gnupg
  • From: security
• [Full-disclosure] [SECURITY] [DSA 2824-1] curl security update
  • From: Salvatore Bonaccorso
• [Full-disclosure] Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities
  • From: Vulnerability Lab
• [Full-disclosure] URL Redirector Abuse and XSS vulnerabilities in WordPress
  • From: MustLive
• Re: [Full-disclosure] MS13-102: NtConnectPort() LPC
  • From: yuange
• [Full-disclosure] [REVIVE-SA-2013-001] Revive Adserver 3.0.2 fixes SQL injection vulnerability
  • From: Matteo Beccati
• [Full-disclosure] Synology DSM multiple directory traversal
  • From: Andrea Fabrizi
• Re: [Full-disclosure] RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e
  • From: coderman
• [Full-disclosure] [ MDVSA-2013:296 ] wireshark
  • From: security
• [Full-disclosure] [ MDVSA-2013:297 ] munin
  • From: security
• [Full-disclosure] [SECURITY] [DSA 2825-1] wireshark security update
  • From: Moritz Muehlenhoff
• [Full-disclosure] [ MDVSA-2013:298 ] php
  • From: security
• [Full-disclosure] WinAppDbg 1.5 is out!
  • From: Mario Vilas
• [Full-disclosure] Fwd: NS1 ssh bad attempts
  • From: Gary Baribault
• [Full-disclosure] [ MDVSA-2013:299 ] samba
  • From: security
• [Full-disclosure] Practical malleability attack against CBC-Encrypted LUKS partitions
  • From: Jakob Lell
• Re: [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1
  • From: MustLive
• [Full-disclosure] NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX
  • From: "VMware Security Response Center"
• [Full-disclosure] [ MDVSA-2013:300 ] asterisk
  • From: security
• [Full-disclosure] [ MDVSA-2013:301 ] nss
  • From: security
• [Full-disclosure] Security by destruction
  • From: Jerome Athias
• [Full-disclosure] Vulnerabilities in Dewplayer
  • From: MustLive
• [Full-disclosure] Merry Christmas and all the best in the new year
  • From: Georgi Guninski
• Re: [Full-disclosure] Fwd: NS1 ssh bad attempts
  • From: silence_is_best
• [Full-disclosure] CVSphoto.com Stores Passwords Unhashed
  • From: Alex Buie
• [Full-disclosure] [SECURITY] [DSA 2826-1] denyhosts security update
  • From: Yves-Alexis Perez
• [Full-disclosure] [SECURITY] [DSA 2827-1] libcommons-fileupload-java security update
  • From: Salvatore Bonaccorso
• Re: [Full-disclosure] Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1
  • From: Valdis . Kletnieks
• [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: joernchen
• Re: [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: Henri Salo
• Re: [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: PsychoBilly
• [Full-disclosure] [ MDVSA-2013:302 ] pixman
  • From: security
• [Full-disclosure] RBS Change v3.6.8 XSS Vulnerability
  • From: metropolis haxor
• [Full-disclosure] [Wooyun]Amazon elasticbeanstalk code execution
  • From: Wooyun.org
• [Full-disclosure] [Wooyun] Safari for windows PhishingAlert bypass vuln
  • From: Wooyun.org
• [Full-disclosure] [CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability
  • From: arno
• Re: [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: Brandon Perry
• Re: [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: Gage Bystrom
• [Full-disclosure] Vulnerabilities in plugins for WordPress, Joomla and Plone with Dewplayer
  • From: MustLive
• [Full-disclosure] SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection
  • From: SEC Consult Vulnerability Lab
• Re: [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: Henri Salo
• [Full-disclosure] [SECURITY] [DSA 2828-1] drupal6 security update
  • From: Salvatore Bonaccorso
• [Full-disclosure] [SECURITY] [DSA 2829-1] hplip security update
  • From: Moritz Muehlenhoff
• [Full-disclosure] CALL FOR PAPERS - Hackers 2 Hackers Conference 11th edition
  • From: Rodrigo Rubira Branco (BSDaemon)
• [Full-disclosure] vm86 syscall kernel-panic and some more goodies waiting to be analyzed
  • From: halfdog
• [Full-disclosure] 30c3: The Year in Crypto default engines loaded in openssl-1.x through openssl-1.0.1e]
  • From: coderman
• Re: [Full-disclosure] Happy Holidays / Xmas Advisory
  • From: Matthew Gow
• Re: [Full-disclosure] vm86 syscall kernel-panic and some more goodies waiting to be analyzed
  • From: halfdog
• [Full-disclosure] [SECURITY] [DSA 2830-1] ruby-i18n security update
  • From: Florian Weimer