Mail Thread Index
- [FD] mDNS VU#550620,
dirt diggler
- [FD] Vulnerability in site leads to source code dump,
Johnny Five
- [FD] Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8,
Larry W. Cashdollar
- [FD] Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17,
Larry W. Cashdollar
- Re: [FD] [Tool] SPARTA 1.0 BETA,
Antonio Quina
- [FD] Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936),
Tod Beardsley
- [FD] NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE,
VMware Security Response Center
- [FD] Wordpress plugin Simple Ads Manager - SQL Injection,
ITAS Team
- [FD] Multiple SQL Injection,
ITAS Team
- [FD] Wordpress plugin Simple Ads Manager - Arbitrary File Upload,
ITAS Team
- [FD] Wordpress plugin Simple Ads Manager - Information Disclosure,
ITAS Team
- [FD] ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities,
Jing Wang
- [FD] 6kbbs v8.0 SQL Injection Security Vulnerabilities,
Jing Wang
- [FD] 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities,
Jing Wang
- [FD] 6kbbs v8.0 XSS (Cross-site Scripting) Security Vulnerabilities,
Jing Wang
- [FD] Proverbs Web Calendar 2.1.2 XSS (Cross-site Scripting) Security Vulnerabilities,
Jing Wang
- [FD] phpSFP - Schedule Facebook Posts 1.5.6 Pre-auth SQL Injection (0-day),
Pichaya Morimoto
- [FD] Reflected Cross-Site Scripting vulnerability in asdoc generated documentation,
Securify B.V.
- [FD] SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows,
SEC Consult Vulnerability Lab
- [FD] Network Solutions Webmail - A tale about chained web vulnerabilities,
Cristiano Maruti
- [FD] [Tool] nsec3map v0.3 - DNSSEC Zone Enumerator,
An Onion
- [FD] SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035),
SEC Consult Vulnerability Lab
- [FD] Fusion Engage v1.0.5 (WordPress Plugin) Local File Disclosure,
Why Know
- [FD] Hidden backdoor API to root privileges in Apple OS X,
Jeffrey Walton
- [FD] OrangeHRM Blind SQL Injection & XSS Vulnerabilities,
Rehan Ahmed
- [FD] Safari iOS/OS X/Windows cookie access vulnerability,
Jouko Pynnonen
- [FD] several issues in SQLite (+ catching up on several other bugs),
Michal Zalewski
- [FD] whitepaper: Identifier based XSSI attacks,
Takeshi Terada
- [FD] Problems in automatic crash analysis frameworks,
Tavis Ormandy
- [FD] Opoint Media Intelligence Unvalidated Redirects and Forwards (URL Redirection) Security Vulnerabilities,
Jing Wang
- [FD] NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities,
Jing Wang
- [FD] NetCat CMS 3.12 HTML Injection Security Vulnerabilities,
Jing Wang
- [FD] Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities,
Jing Wang
- [FD] Comsenz SupeSite CMS 7.0 Stored XSS (Cross-site Scripting) Security Vulnerabilities,
Jing Wang
- [FD] Arbitary Code Execution in Apache Spark Cluster,
Akhil Das
- [FD] [Tool/API] desenmascara.me - Fingerprinting and assessing the web security awareness of websites,
Emilio Casbas
- [FD] Huawei SEQ Analyst - XML External Entity Injection (XXE),
Uğur Cihan KOÇ
- [FD] Huawei SEQ Analyst - Multiple Reflected Cross Site Scripting (XSS),
Uğur Cihan KOÇ
- [FD] CSRF and stored XSS in WordPress Content Slide allow an attacker to have full admin privileges (WordPress plugin),
dxw Security
- [FD] Reflected XSS in Citizen Space allows attackers to view sensitive information of the attacker’s choosing (WordPress plugin),
dxw Security
- [FD] Open Litespeed Use After Free Vulnerability,
Denis Andzakovic
- [FD] SQL Injection, XSS and FPD vulnerabilities Nodes Studio CMS,
MustLive
- [FD] CVE-2014-5370 - Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet,
Portcullis Advisories
- [FD] CVE-2014-7954 MTP path traversal vulnerability in Android,
Imre RAD
- [FD] CVE-2014-7951 adb backup archive path traversal file overwrite,
Imre RAD
- [FD] CVE-2014-7953 Android backup agent code execution,
Imre RAD
- [FD] Laravel - PHP Object Injection - 4.1, 4.2, 5.0, master,
Scott Arciszewski
- [FD] Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability,
Vulnerability Lab
- [FD] Mobile Drive HD v1.8 - File Include Web Vulnerability,
Vulnerability Lab
- [FD] Photo Manager Pro v4.4.0 iOS - File Include Vulnerability,
Vulnerability Lab
- [FD] Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability,
Vulnerability Lab
- [FD] Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability,
Vulnerability Lab
- [FD] Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability,
Vulnerability Lab
- [FD] Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability,
Vulnerability Lab
- [FD] PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities,
Vulnerability Lab
- [FD] Linux ASLR mmap weakness: Reducing entropy by half,
Hector Marco-Gisbert
- [FD] AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%,
Hector Marco-Gisbert
- [FD] Netgear WNR2000v4 Multiple Vulnerabilities,
endeavor
- [FD] Google Analytics by Yoast stored XSS #2,
Jouko Pynnonen
- [FD] Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability,
Vulnerability Lab
- [FD] iPassword Manager v2.6 iOS - Persistent Vulnerabilities,
Vulnerability Lab
- [FD] Android 0-day vulnerability - Drive by download,
ma sh
- [FD] HomeAdvisor Bug Bounty #1 - Filter Bypass & Client Side Exception Handling Vulnerability,
Vulnerability Lab
- [FD] CVE-2015-0984 SCADA - Gaining remote shell on Honeywell Falcon XLWEB,
Martin Jartelius
- [FD] Magento Unauthenticated RCE,
Shahar Tal
- [FD] Socrata Bug Bounty #1 - Persistent Encoding Vulnerability,
Vulnerability Lab
- [FD] [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow,
朱东海
- [FD] Surveillance system used for censorship in Europe - Censorship attack combines packet injection and Heartbleed,
Doug
- [FD] WordPress 4.2 stored XSS,
Jouko Pynnonen
- [FD] #WorldPenguinDay or this cant be right, can it?,
PIN
- [FD] XSS and CSRF vulnerabilities in ASUS RT-G32,
MustLive
- [FD] [CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities,
CORE Advisories Team
- [FD] [Additional vectors] Multiple vulnerabilities in Untangle NGFW 9-11,
Calum Hutton
- [FD] SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] PayPal Inc Bug Bounty #114 - JDWP Remote Code Execution Vulnerability,
Vulnerability Lab
- [FD] Wing FTP Server Admin 4.4.5 CSRF & XSS Vulnerabilties,
John Page
- [FD] Stored XSS in ebay messages,
Jaanus
- [FD] libarchive - Out of bounds read using malformed cpio archive,
Paris Zoumpouloglou
- [FD] CVE-ID 2015-1188: Swisscom DSL Router Centro Grande (ADB),
csirt
- [FD] Type Confusion Infoleak Vulnerability in unserialize() with SoapFault,
Taoguang Chen
- [FD] Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception,
Taoguang Chen
- [FD] TestDisk 6.14 Check_OS2MB Stack Buffer Overflow,
Denis Andzakovic
- [FD] SevDesk v1.1 iOS - Persistent Dashboard Vulnerability,
Vulnerability Lab
Mail converted by MHonArc