Mail Index
- [Full-disclosure] [SECURITY] [DSA 2850-1] libyaml security update
- From: Salvatore Bonaccorso
- [Full-disclosure] Vulnerabilities in Contact Form 7 for WordPress
- [Full-disclosure] CVE-2014-1213 - Denial of Service in Sophos Anti Virus
- [Full-disclosure] CVE-2014-1610 description incorrect
- [Full-disclosure] Bypass the Stop User Enumeration WordPress Plugin
- [Full-disclosure] Router D-Link DIR-100 Multiple Vulnerabilities
- [Full-disclosure] [CVE-2014-1403] DOM XSS in EasyXDM 2.4.18
- [Full-disclosure] MediaWiki <= 1.22.1 PdfHandler Remote Code Execution Exploit (CVE-2014-1610)
- [Full-disclosure] Revision 1 (PoC added): MediaWiki <= 1.22.1 PdfHandler Remote Code Execution Exploit (CVE-2014-1610)
- [Full-disclosure] [SECURITY] [DSA 2851-1] drupal6 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] Jetro Cockpit Secure Browsing vulnerability - remote code execution on all enterprise workstations simultaneously
- [Full-disclosure] pMap v1.10
- [Full-disclosure] Various Vulnerabilities - SiteCore CMS / Mura CMS / Ektron CMS / SmarterMail / Yahoo / Paypal
- [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- [Full-disclosure] [CVE-2014-1836] Arbitrary file deletion in ImpressCMS < 1.3.6 and two XSS issues
- [Full-disclosure] XSS Reflected vulnerabilities in OS of FortiWeb v 5.0.3 (CVE-2013-7181)
- [Full-disclosure] Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability ( CVE-2013-7182)
- [Full-disclosure] [CVE-2014-1860] PHP object insertion / possible RCE in Contao CMS <= 3.2.4
- [Full-disclosure] H2HC 10 - FX Keynote Video is Up
- From: Rodrigo Rubira Branco (BSDaemon)
- Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- From: security curmudgeon
- Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- From: security curmudgeon
- Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- From: security curmudgeon
- Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- Re: [Full-disclosure] [SPAM] Re: Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- Re: [Full-disclosure] [SPAM] Re: Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- [Full-disclosure] CVE-2014-1237 (XSS in i-doit Pro)
- [Full-disclosure] Happy chines new year
- [Full-disclosure] [SECURITY] [DSA 2854-1] mumble security update
- From: Salvatore Bonaccorso
- [Full-disclosure] [SECURITY] [DSA 2855-1] libav security update
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-009 - Tagadelic - Information Disclosure
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-010 Services - Access Bypass and Privilege Escalation
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-011 - Push Notifications - Information Disclosure
- Re: [Full-disclosure] [SPAM] Re: Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- [Full-disclosure] CORE-2014-0001 - Publish-It Buffer Overflow Vulnerability
- From: CORE Advisories Team
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-012- Modal Frame API - Cross Site Scripting (XSS)
- [Full-disclosure] [SECURITY] [DSA 2853-1] horde3 security update
- [Full-disclosure] [ISecAuditors Security Advisories] Multiple reflected XSS vulnerabilities in Atmail WebMail
- From: ISecAuditors Security Advisories
- [Full-disclosure] [CVE-2013-2055] Apache Wicket information disclosure vulnerability
- [Full-disclosure] Core FTP Server Vulnerabilities
- From: Rustein, Fara Denise (LATCO - Buenos Aires)
- Re: [Full-disclosure] [CVE-2014-1860] PHP object insertion / possible RCE in Contao CMS <= 3.2.4
- [Full-disclosure] [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS
- [Full-disclosure] German Telekom Bug Bounty #9 - Code Execution Vulnerability
- [Full-disclosure] German Telekom Bug Bounty #10 - Arbitrary File Upload Vulnerability
- [Full-disclosure] German Telekom Bug Bounty #11 - Remote SQL Injection Vulnerability
- [Full-disclosure] [SECURITY] [DSA 2852-1] libgadu security update
- [Full-disclosure] CVE-2014-1214 - Remote Code Execution in Projoom NovaSFH Plugin
- Re: [Full-disclosure] [CVE-2014-1860] PHP object insertion / possible RCE in Contao CMS <= 3.2.4
- [Full-disclosure] Information on recently-fixed Oracle VM VirtualBox vulnerabilities
- [Full-disclosure] Visa (Europe) XSS Vulnerability
- Re: [Full-disclosure] [CVE-2014-1860] PHP object insertion / possible RCE in Contao CMS <= 3.2.4
- [Full-disclosure] gpEasy v4.3.x CMS - Multiple Web Vulnerabilities
- [Full-disclosure] Facebook Bug Bounty #12 - Client Side Exception Web Vulnerability
- [Full-disclosure] New vulnerabilities in Google Maps plugin for Joomla
- [Full-disclosure] [SECURITY] [DSA 2856-1] libcommons-fileupload-java security update
- [Full-disclosure] Bank of the West security contact?
- From: Kristian Erik Hermansen
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] extension for Firefox to force HTTPS always?
- From: Kristian Erik Hermansen
- [Full-disclosure] [SECURITY] [DSA 2857-1] libspring-java security update
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Bank of the West security contact?
- [Full-disclosure] Fwd: Re: Bank of the West security contact?
- [Full-disclosure] Fwd: Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering
- [Full-disclosure] Fwd: Fwd: Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering
- Re: [Full-disclosure] Bank of the West security contact?
- Re: [Full-disclosure] Fwd: Re: Bank of the West security contact?
- Re: [Full-disclosure] [CVE-2014-1860] PHP object insertion / possible RCE in Contao CMS <= 3.2.4
- Re: [Full-disclosure] Fwd: Re: Bank of the West security contact?
- Re: [Full-disclosure] Fwd: Re: Bank of the West security contact?
- Re: [Full-disclosure] Fwd: Re: Bank of the West security contact?
- Re: [Full-disclosure] Fwd: Re: Bank of the West security contact?
- [Full-disclosure] DoS via tables corruption in WordPress
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] [SECURITY] [DSA 2858-1] iceweasel security update
- [Full-disclosure] OT 11.Feb.2014 declared 'The Day we Fight Back' against NSA et al
- Re: [Full-disclosure] OT 11.Feb.2014 declared 'The Day we Fight Back' against NSA et al
- Re: [Full-disclosure] OT 11.Feb.2014 declared 'The Day we Fight Back' against NSA et al
- [Full-disclosure] [SECURITY] [DSA 2859-1] pidgin security update
- [Full-disclosure] Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]
- From: Rustein, Fara Denise (LATCO - Buenos Aires)
- [Full-disclosure] TWSL2014-003: Blind SQL Injection Vulnerability in Tableau Server
- From: Trustwave Advisories
- [Full-disclosure] Reflected XSS Attacks vulnerabilities in Symantec WEB Gateway 5.1.1.24 (CVE-2013-5013)
- [Full-disclosure] WiFi Camera Roll v1.2 iOS - Multiple Web Vulnerabilities
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] Freepbx , php code execution exploit
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] [ MDVSA-2014:025 ] pidgin
- [Full-disclosure] 0x07 SEC-T.org 2014 CALL FOR PAPERS Process Start
- [Full-disclosure] [SECURITY] [DSA 2860-1] parcimonie security update
- From: Salvatore Bonaccorso
- [Full-disclosure] [Call for Papers] (And Call for Mentors) Proving Ground Speaker Development Program
- [Full-disclosure] [SECURITY] [DSA 2850-2] libyaml regression update
- From: Salvatore Bonaccorso
- [Full-disclosure] Multiple vulnerabilities in NETGEAR N300 WIRELESS ADSL2+ MODEM ROUTER DGN2200
- From: Horton, Andrew (AU Melbourne)
- [Full-disclosure] Barracuda Load Balancer Remote Authenticated Root
- [Full-disclosure] Work Practices of Cyber Security Professionals
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities
- [Full-disclosure] [Benchmark 2014] WAVSEP Vulnerability Scanner Benchmark 2013/2014
- [Full-disclosure] List Charter
- Re: [Full-disclosure] Freepbx , php code execution exploit
- [Full-disclosure] Reflected XSS Attacks vulnerabilities in DELL SonicWALL Universal Management Suite v7.1 (CVE-2014-0332)
- [Full-disclosure] [ MDVSA-2014:026 ] openldap
- Re: [Full-disclosure] DoS via tables corruption in WordPress (Timothy Goddard)
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] CVE-2014-1221 - Local Code Execution in Dameware Mini Remote Control
- From: Portcullis Advisories
- [Full-disclosure] CVE-2014-1219 - Unauthenticated Privilege Escalation in CA 2E Web Option
- From: Portcullis Advisories
- [Full-disclosure] yahoo open redirect vulnerability full disclosur
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] [ MDVSA-2014:027 ] php
- [Full-disclosure] Ebay, Inc Bug Bounty - GoStoreGo Administrative Authentication Bypass to all online stores
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-014 - Webform Validation - Cross Site Scripting (XSS)
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-013- Chaos tool suite (ctools) - Access Bypass
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-015 - FileField - Access Bypass
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-016 - Mayo Theme - XSS Vulnerability
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-017- Image Resize Filter - Denial of Service (DOS)
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-020 - Drupal Commons - Cross Site Scripting (XSS)
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-018 - Webform - Cross Site Scripting (XSS)
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-019 - Easy Social - Cross Site Scripting (XSS)
- [Full-disclosure] [ MDVSA-2014:028 ] mariadb
- [Full-disclosure] [ MDVSA-2014:029 ] mysql
- [Full-disclosure] DAVOSET v.1.1.7
- [Full-disclosure] [ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com)
- From: ISecAuditors Security Advisories
- [Full-disclosure] Critical security flaws in Nagios NRPE client/server crypto
- [Full-disclosure] CVE-2012-2627 not *really* fixed
- Re: [Full-disclosure] yahoo open redirect vulnerability full disclosur
- Re: [Full-disclosure] CVE-2014-1219 - Unauthenticated Privilege Escalation in CA 2E Web Option
- [Full-disclosure] [ MDVSA-2014:031 ] drupal
- [Full-disclosure] [ MDVSA-2014:032 ] flite
- [Full-disclosure] [ MDVSA-2014:033 ] socat
- [Full-disclosure] [ MDVSA-2014:034 ] yaml
- [Full-disclosure] CVE-2013-1643 - Unauthorised Access To Other Users Email Messages in Symantec PGP Universal Web Messenger
- From: Portcullis Advisories
- [Full-disclosure] CVE-2014-1220 - Disclosure Of Database Credentials in IT2 Workstation
- From: Portcullis Advisories
- [Full-disclosure] Office Assistant Pro v2.2.2 iOS - File Include Vulnerability
- [Full-disclosure] mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities
- [Full-disclosure] File Hub v1.9.1 iOS - Multiple Web Vulnerabilities
- [Full-disclosure] XSS and CS vulnerabilities in DSMS
- [Full-disclosure] [SECURITY] [DSA 2861-1] file security update
- From: Salvatore Bonaccorso
- [Full-disclosure] Shopify (Bug Bounty) - XML External Entity Vulnerability
- [Full-disclosure] [SECURITY] [DSA 2862-1] chromium-browser security update
- [Full-disclosure] SQL Injection i-doit Pro (CVE-2014-1597)
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] [ MDVSA-2014:035 ] libpng
- [Full-disclosure] My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities
- [Full-disclosure] Recon 2014 Call For Papers - June 27-29, 2014 - Montreal, Quebec
- [Full-disclosure] [ MDVSA-2014:036 ] varnish
- [Full-disclosure] [ MDVSA-2014:037 ] ffmpeg
- [Full-disclosure] [ MDVSA-2014:038 ] kernel
- Re: [Full-disclosure] CVE-2013-1643 - Unauthorised Access To Other Users Email Messages in Symantec PGP Universal Web Messenger
- [Full-disclosure] My experiences with the GiftCards.com Bug Bounty Program
- [Full-disclosure] SEC Consult SA-20140218-0 :: Multiple critical vulnerabilities in Symantec Endpoint Protection
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] [WooYun-2014-00049] Mac osx & ios Kernel Module Uninitialization
- [Full-disclosure] RootedArena 2014: Information
- Re: [Full-disclosure] 0x07 SEC-T.org 2014 CALL FOR PAPERS Process Start NEW CONFERENCE DATES!
- [Full-disclosure] [ MDVSA-2014:039 ] libgadu
- [Full-disclosure] [ MDVSA-2014:040 ] puppet
- [Full-disclosure] Three vulnerabilities in BP Group Documents 1.2.1 (WordPress plugin)
- [Full-disclosure] Directory traversal in NextGEN Gallery 2.0.0 (WordPress plugin)
- [Full-disclosure] CVE-2014-1215 - Local Code Execution in CoreFTP Core FTP Server
- From: Portcullis Advisories
- [Full-disclosure] [SECURITY] [DSA 2863-1] libtar security update
- [Full-disclosure] CA20140218-01: Security Notice for CA 2E Web Option
- [Full-disclosure] Sinopec Ltd. (XSS) Web App Vulnerabilities
- [Full-disclosure] CISCO Systems Inc. Security Report, Web App Vulnerabilities (XSS)
- [Full-disclosure] [ MDVSA-2014:041 ] python
- [Full-disclosure] [ MDVSA-2014:042 ] tomcat6
- [Full-disclosure] Barracuda Message Archiver 650 - Persistent Web Vulnerability
- [Full-disclosure] [ MDVSA-2014:043 ] gnutls
- [Full-disclosure] Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IPS Software
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Cisco UCS Director Default Credentials Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] A question for the list - WordPress plugin inspections
- [Full-disclosure] VideoCharge Studio v2.12.3.685 cc.dll CHTTPResponse::GetHttpResponse() Buffer Overflow Remote Code Execution
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-021 - Maestro - Cross Site Scripting (XSS)
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-022 - Slickgrid - Access bypass
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- [Full-disclosure] [ MDVSA-2014:044 ] zarafa
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- [Full-disclosure] GrrCON 2014 CFP
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- [Full-disclosure] CVE-2014-0053 Information Disclosure when using Grails
- From: Pivotal Security Team
- [Full-disclosure] RC Trojan 1.1d (Undetected)
- [Full-disclosure] [HITB-Announce] Haxpo CFP
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- Re: [Full-disclosure] RC Trojan 1.1d (Undetected)
- From: Źmicier Januszkiewicz
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- [Full-disclosure] [CVE-2014-2027] PHP objection insertion / arbitrary file deletion / possible RCE in egroupware <= 1.8.005
- Re: [Full-disclosure] A question for the list - WordPress plugin inspections
- [Full-disclosure] Barracuda Bug Bounty #30 Firewall - Multiple Persistent Web Vulnerabilities
- [Full-disclosure] [ MDVSA-2014:045 ] libtar
- Re: [Full-disclosure] RC Trojan 1.1d (Undetected)
- [Full-disclosure] [SECURITY] [DSA 2864-1] postgresql-8.4 security update
- [Full-disclosure] [SECURITY] [DSA 2865-1] postgresql-9.1 security update
- [Full-disclosure] [OT] pls ignore
- Re: [Full-disclosure] [OT] pls ignore
- [Full-disclosure] DC4420 meeting Tuesday, 25th February 2014
- [Full-disclosure] Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability
- [Full-disclosure] [ MDVSA-2014:046 ] phpmyadmin
- [Full-disclosure] CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability
- [Full-disclosure] 44CON 2014 September 11th - 12th CFP
- [Full-disclosure] [ MDVSA-2014:047 ] postgresql
- [Full-disclosure] Google XXE Vulnerability
- Re: [Full-disclosure] DoS via tables corruption in WordPress
- [Full-disclosure] CVE-2014-1223 - Cross-site Scripting in Telligent Evolution
- From: Portcullis Advisories
- [Full-disclosure] [CVE-2014-2069] 'eshtery CMS' allows remote attackers to read arbitrary files
- [Full-disclosure] ASUS router drive-by code execution via XSS and authentication bypass
- Re: [Full-disclosure] [OT] pls ignore
- [Full-disclosure] temporary file creation vulnerability in Redis
- [Full-disclosure] [SECURITY] [DSA 2866-1] gnutls26 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] Apple SSL fail
- Re: [Full-disclosure] Apple SSL fail
- Re: [Full-disclosure] [OT] pls ignore
- Re: [Full-disclosure] [OT] pls ignore
- [Full-disclosure] Multiple vulnerabilities in JoomLeague for Joomla
- [Full-disclosure] [SECURITY] [DSA 2867-1] otrs2 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] Persistent XSS in Media File Renamer V1.7.0 wordpress plugin
- From: Larry W. Cashdollar
- Re: [Full-disclosure] [SECURITY] [DSA 2867-1] otrs2 security update
- Re: [Full-disclosure] [OT] pls ignore
- [Full-disclosure] Freepbx 2.x , Command Execution vuln
- [Full-disclosure] Barracuda Networks Bug Bounty #35 - Persistent Web Vulnerability
- [Full-disclosure] JORJWEB Ltda (all versions) - SQL Injection Vulnerability
- [Full-disclosure] WiFiles HD v1.3 iOS - File Include Web Vulnerability
- Re: [Full-disclosure] Freepbx 2.x , Command Execution vuln
- [Full-disclosure] [SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled
- [Full-disclosure] [SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service)
- [Full-disclosure] [SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure)
- [Full-disclosure] [SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications
- [Full-disclosure] Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities
- [Full-disclosure] Private Camera Pro v5.0 iOS - Multiple Web Vulnerabilities
- [Full-disclosure] [RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard
- From: RedTeam Pentesting GmbH
- [Full-disclosure] MS 2k8 DNS server trivial DDoS contributor
- From: Pedro Luis Karrasquillo
- Re: [Full-disclosure] MS 2k8 DNS server trivial DDoS contributor
- [Full-disclosure] Hacking in Schools
- [Full-disclosure] Multiple vulnerabilities in Joomla-Base
- Re: [Full-disclosure] Hacking in Schools
- Re: [Full-disclosure] Hacking in Schools
- Re: [Full-disclosure] Hacking in Schools
- [Full-disclosure] Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability
- [Full-disclosure] Cisco Security Advisory: Cisco Prime Infrastructure Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-023 - Project Issue File Review - XSS
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-025 - Open Omega - Access Bypass
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-024 - Content Lock - CSRF
- [Full-disclosure] Microsoft DNS server unwitting DDoS contributor
- From: Pedro Luis Karrasquillo
- Re: [Full-disclosure] Hacking in Schools
- [Full-disclosure] British Sky Broadcasting Corporation - Web App vulnerabilities (XSS)
- Re: [Full-disclosure] Hacking in Schools
- Re: [Full-disclosure] Hacking in Schools
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-026 - Mime Mail - Access bypass
- [Full-disclosure] Barracuda Networks Backup Appliance Application - Persistent Web Vulnerability
- [Full-disclosure] SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System)
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] Bluetooth Photo Share Pro v2.0 iOS - Multiple Vulnerabilities
- [Full-disclosure] Telekom Bug Bounty #12 - File Include Web Vulnerability
- [Full-disclosure] Update: CVE-2014-0053 Information Disclosure when using Grails
- From: Pivotal Security Team
- [Full-disclosure] Web App Sec: (AT&T Corporation) former American Telecommunication & Telegraph Vulnerabilities (Cross-Site Scripting / OWASP Top 10)
- [Full-disclosure] SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] Whonix Anonymous Operating System Version 8 Released!
- [Full-disclosure] Microsoft Office 365 Outlook - Filter Bypass & Persistent Editor Vulnerability
Mail converted by MHonArc