Mail Thread Index
[FD] CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities,
Jing Wang
[FD] Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384,
Onur Yilmaz
[FD] Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you,
Stefan Kanthak
[FD] SQL injection vulnerabilities in zerocms <= v.1.3.3,
Steffen Rösemann
[FD] iTunes 12.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...,
Stefan Kanthak
Message not available
[FD] CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability,
Alex Haynes
[FD] Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities,
ITAS TEAM
[FD] CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Security Vulnerabilities,
Jing Wang
[FD] About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities,
Jing Wang
[FD] [Call For Papers] BSides Knoxville, TN - May 15th 2015,
Adam Caudill
[FD] Maldrone for drones.,
Rahul Sasi
[FD] My Little Forum Multiple XSS Security Vulnerabilities,
Jing Wang
[FD] MSA-2015-02: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass,
Advisories
[FD] Capstone disassembly engine 3.0.1 released!,
Nguyen Anh Quynh
[FD] SQL injection vulnerability in Pragyan CMS v.3.0,
Steffen Rösemann
[FD] CFP: Extended submission deadline:: ISSRMET2015 Dubai,
Hazel Ann
[FD] Very Important Info About "Major Internet Explorer Vulnerability - NOT Patched",
David Leo
[FD] LG On Screen Phone authentication bypass (CVE-2014-8757),
Imre Rad
[FD] Responder Windows Version,
laurent gaffie
[FD] Multiple CSRF vulnerabilities in eFront v. 3.6.15.2 (CE),
Steffen Rösemann
[FD] [RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page,
RedTeam Pentesting GmbH
[FD] Barracuda Cloud Series - Filter Bypass Vulnerability (ID 731),
Vulnerability Lab
[FD] Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability,
Vulnerability Lab
[FD] BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability,
Vulnerability Lab
[FD] Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability,
Vulnerability Lab
[FD] T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll),
Vulnerability Lab
[FD] Radexscript CMS 2.2.0 - SQL Injection vulnerability,
ITAS Team
[FD] MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC,
Samandeep Singh
[FD] CVE-2014-6412 - WordPress (all versions) lacks CSPRNG,
Scott Arciszewski
[FD] [ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft),
Stefan Kanthak
[FD] Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii),
Jonathan Brossard
[FD] eTouch SamePage v4.4.0.0.239 multiple vulnerabilities,
Brandon Perry
[FD] CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities,
Jing Wang
[FD] CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities,
Jing Wang
[FD] Followup on CVE-2014-6412,
Scott Arciszewski
[FD] Vanilla forum Stored XSS on any private message / thread post,
W S
[FD] NetGear WNDR Authentication Bypass / Information Disclosure,
Peter Adkins
[FD] Reflecting XSS vulnerabitlies, unrestricted file upload and underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version),
Steffen Rösemann
[FD] CVE-2015-1574 - Google Email App 4.2.2 remote denial of service,
Hector Marco
[FD] CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four,
Hector Marco
[FD] HumHub .htaccess file upload vulnerability and remote code execution,
A. W.
[FD] Siemens SIMATIC TIA Portal (Step 7/WinCC) fixes,
SCADA StrangeLove
[FD] Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability,
Vulnerability Lab
[FD] [RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite,
RedTeam Pentesting GmbH
[FD] Agora Marketplace CSRF to Steal Bitcoins (agorahooawayyfoe.onion),
agoraagoraagora
[FD] Bug in TradeWinds,
Juan Martinez
[FD] DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities,
Jing Wang
[FD] DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities,
Jing Wang
[FD] DLGuard SQL Injection Security Vulnerabilities,
Jing Wang
[FD] CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities,
Jing Wang
[FD] Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilities,
Rehan Ahmed
[FD] [CVE-REQUEST] Multiple vulnerabilities on GLPI,
Stiehl
[FD] PHP Code Execution in jui_filter_rules Parsing Library,
Timo Schmid
[FD] Reflecting XSS- and SQL injection-vulnerabilities in the administrative backend of Piwigo <= v. 2.7.3,
Steffen Rösemann
[FD] Reflected File Download in AOL Search Website,
Ricardo Iramar dos Santos
[FD] WooCommerce WordPress plugin 2.2.10 Reflected XSS,
Eric Flokstra
[FD] Easy Social Icons WordPress plugin v1.2.2 Persistent XSS and CSRF,
Eric Flokstra
[FD] New version of Hyperion PE runtime encrypter,
Levon Kayan
[FD] VLC for Android beta crash,
Paweł
[FD] Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities,
Praveen D
[FD] Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames),
Stefan Kanthak
[FD] iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...,
Stefan Kanthak
[FD] Multiple stored XSS-vulnerabilities in MyBB v. 1.8.3,
Steffen Rösemann
[FD] Multiple SQLi-, stored/reflected XSS- and CSRF-vulnerabilities in phpBugTracker v. 1.6.0,
Steffen Rösemann
[FD] Use After Free Vulnerability in unserialize() with DateTime* [CVE-2015-0273],
Taoguang Chen
[FD] Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone,
Taoguang Chen
[FD] xaviershay-dm-rails v0.10.3.8 mysql credential exposure,
Larry W. Cashdollar
[FD] Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation,
Stefan Kanthak
[FD] Fwd: Apple OS X: Don't trust, and don't prompt to trust certificates,
Douglas Held
[FD] ECommerce-Shopping Cart Zeuscart v. 4: Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities,
Steffen Rösemann
[FD] WESP SDK multiple Remote Code Execution Vulnerabilities,
Praveen D
[FD] [Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench,
Onapsis Research Labs
[FD] [Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA,
Onapsis Research Labs
[FD] [Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA,
Onapsis Research Labs
[FD] [Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA,
Onapsis Research Labs
[FD] [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA,
Onapsis Research Labs
[FD] DSS TFTP 1.0 Server - Path Traversal Vulnerability,
Vulnerability Lab
[FD] Data Source: Scopus CMS - SQL Injection Web Vulnerability,
Vulnerability Lab
[FD] Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities,
Vulnerability Lab
[FD] SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home,
SEC Consult Vulnerability Lab
[FD] Swiss File Knife v1.7.4 HTTP - Buffer Overflow Vulnerability,
Vulnerability Lab
Mail converted by MHonArc