Mail Index
- [FD] Mysterious CVE-2008-568 (Solaris)
- [FD] Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015)
- [FD] IKE Aggressive Mode Downgrade Attack?
- [FD] OS X 0day - works on latest verz
- Re: [FD] #WorldPenguinDay or this cant be right, can it?
- Re: [FD] Mysterious CVE-2008-568 (Solaris)
- Re: [FD] Mysterious CVE-2008-568 (Solaris)
- Re: [FD] Mysterious CVE-2008-568 (Solaris)
- Re: [FD] IKE Aggressive Mode Downgrade Attack?
- Re: [FD] #WorldPenguinDay or this cant be right, can it?
- Re: [FD] #WorldPenguinDay or this cant be right, can it?
- Re: [FD] #WorldPenguinDay or this cant be right, can it?
- Re: [FD] #WorldPenguinDay or this cant be right, can it?
- [FD] HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation Vulnerability
- [FD] Cisco (Newsroom) - Client Side Cross Site Scripting Vulnerability
- [FD] Grindr v2.1.1 iOS Bounty #1 - (Session) Auth Bypass Vulnerabilities
- [FD] Grindr v2.1.1 iOS - (eMail) Session Vulnerability
- [FD] Grindr 2.1.1 iOS Bug Bounty #2 - Denial of Service Software Vulnerability
- [FD] PhotoWebsite v3.1 iOS - File Include Web Vulnerability
- [FD] vPhoto-Album v4.2 iOS - File Include Web Vulnerability
- [FD] Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability
- [FD] [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL
- [FD] F5 ASM JSON Profile Bypass
- [FD] Oracle Business Intelligence Mobile HD v11.x iOS - Persistent UI Vulnerability
- [FD] PDF Converter & Editor 2.1 iOS - File Include Vulnerability
- [FD] TORNADO Computer Trading CMS - SQL Injection Vulnerability
- [FD] Alienvault OSSIM/USM Multiple Vulnerabilities
- [FD] [SE-2014-02] Some additional GAE Java security sandbox bypasses
- From: Security Explorations
- [FD] pydio vulnerabilities
- [FD] Album Streamer v2.0 iOS - Directory Traversal Vulnerability
- [FD] Yahoo eMarketing Bug Bounty #31 - Cross Site Scripting Vulnerability
- [FD] Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability
- [FD] Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities
- [FD] SAP vulnerabilities highlighted in many reports such as HP Cyber Risk Report 2015
- [FD] Yet Another Related Posts Plugin (YARPP) 4.2.4 CSRF -> XSS -> RCE
- [FD] Docker 1.6.1 - Security Advisory [150507]
- Re: [FD] AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%
- From: Hector Marco-Gisbert
- Re: [FD] pydio vulnerabilities
- [FD] MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities
- [FD] MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities
- [FD] MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities
- [FD] Artnana Webboard version 1.4 XSS (Cross-site Scripting) Web Security Vulnerabilities
- [FD] Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities
- Re: [FD] Alienvault OSSIM/USM Multiple Vulnerabilities
- [FD] Capstone disassembly framework 3.0.3 is out!
- [FD] DAVOSET v.1.2.4
- [FD] CVE-2014-3440 - Symantec Critical System Protection RCE
- [FD] Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429
- [FD] Wordpress Roomcloud plugin v1.1(rev @1115307) XSS vulnerability
- [FD] 0day Mailbird XSS ?
- [FD] Sqlbuddy Path Traversal Vulnerability
- [FD] Broken, Abandoned, and Forgotten Code
- [FD] G-Homa WLan Power Plug Multiple Problems
- [FD] Call for Papers: RAID 2015
- [FD] Two invalid read errors / heap overflows in SQLite (TFPA 006/2015)
- [FD] SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server
- From: SEC Consult Vulnerability Lab
- [FD] Web India Solutions CMS 2015 - SQL Injection Vulnerability
- [FD] [CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities
- From: CORE Advisories Team
- [FD] Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250
- [FD] Multiple Vulnerabilities in Openlitespeed <= 1.3.10 - CVE-b045-73d a.k.a. Analbleed.
- [FD] New release of,STONIX OS hardening tool
- Re: [FD] Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250
- [FD] SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2)
- From: SEC Consult Vulnerability Lab
- [FD] Hue 3.7.1 Local Privilege Escalation
- From: Julian Horoszkiewicz
- [FD] Ambari Server 1.7.0 Local Privilege Escalation
- From: Julian Horoszkiewicz
- [FD] Read heap overflow / invalid memory access in Wireshark
- [FD] How to detect a promiscuous interface by using WMIC
- [FD] Broken, Abandoned, and Forgotten Code, Part 4
- [FD] [SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine
- From: Security Explorations
- [FD] XML Injection, AoF and BF vulnerabilities in Hikvision DS-2CD2012-I
- [FD] CSRF & XSS vulnerabilities in Encrypted Contact Form Wordpress Plugin v1.0.4
- [FD] Chinease attack on USIS using SAP vulnerability – Detailed review and comments
- [FD] Soundcloud XSS (Cross-Site Scripting) Security Vulnerability
- From: Researcher Triponoid
- [FD] ftpmap 0.5 Release Announcement
- [FD] Facebook #26 - Filter Bypass & Exception Handling Redirect Web Vulnerability
- [FD] CRUCMS Crucial Networking - SQL Injection Vulnerability
- [FD] Wireless Photo Transfer v3.0 iOS - File Include Vulnerability
- [FD] iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability
- [FD] OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities
- [FD] KL-001-2015-002 : Piriform CCleaner Wiped Filename Recovery
- From: KoreLogic Disclosures
- [FD] [Samba 3.0.37] EnumPrinters memory corruption
- [FD] SEC Consult SA-20150519-0 :: Critical buffer overflow vulnerability in KCodes NetUSB (VU#177092, CVE-2015-3036)
- From: SEC Consult Vulnerability Lab
- [FD] SQLi in FeedWordPress WordPress plugin
- [FD] Milw0rm Clone Script v1.0 - (time based) SQLi
- [FD] Clickheat 1.13+ Unauthenticated RCE
- [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability
- Re: [FD] KL-001-2015-002 : Piriform CCleaner Wiped Filename Recovery
- From: Jean-François Gingras
- [FD] Multiple Vulnerabilities in ZTE AC 3633R USB Modem
- [FD] 0-day Denial of Service in IPsec-Tools
- [FD] XML Injection, AoF and BF vulnerabilities in Hikvision DS-7108HWI-SH
- Re: [FD] 0-day Denial of Service in IPsec-Tools
- Re: [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability
- Re: [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability
- Re: [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability
- Re: [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability
- [FD] HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability
- [FD] WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability
- [FD] Staff FTP v3.04 Software - DLL Hijacking Vulnerability
- [FD] Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability
- [FD] hardwear.io - Hardware Security Conference Call for Papers
- [FD] CVE ID assignment - eZPublish vulnerability
- [FD] CVE for Apple's ECDHE-ECDSA SecureTransport bug?
- [FD] [CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability
- From: CORE Advisories Team
- [FD] SAP Security Notes May 2015
- [FD] Hacktivity 2015 CFP
- [FD] 0day Mailbird XSS
- [FD] Hue 3.7.1 Local Privilege Escalation
- [FD] Multiple Vulnerabilities in Openlitespeed <= 1.3.10 - CVE-b045-73d a.k.a. Analbleed.
- [FD] call for paper(information retrieval, privacy)
- [FD] Broken, Abandoned, and Forgotten Code, Part 5
- [FD] Gcon Tech Solutions v1.0 XSS (Cross-site Scripting) Web Security Vulnerabilities
- [FD] Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities
- [FD] SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities
- [FD] phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities
- [FD] phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities
- [FD] Command injection vulnerability in Synology Photo Station
- [FD] Reflected Cross-Site Scripting in Synology DiskStation Manager
- [FD] Synology Photo Station multiple Cross-Site Scripting vulnerabilities
- [FD] CVE-2015-4062, CVE-2015-4063: Multiple vulnerabilities in WordPress plugin "NewStatPress"
- [FD] CVE-2015-4064, CVE-2015-4065: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages"
- [FD] CVE-2015-4066: SQLi vulnerabilities in WordPress plugin "GigPress"
- [FD] ClearPass Policy Manager Stored XSS
- [FD] Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability
- [FD] RootedCON 2015 videos published
- [FD] hwclock(8) SUID privilege escalation
- [FD] [Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability
- From: Onapsis Research Labs
- [FD] [Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement
- From: Onapsis Research Labs
- [FD] New release: UFONet v0.5b "Invasion"
- [FD] Sophos WAF (WebServer Protection) does not analyze JSON data
- [FD] Flash: Local SWF files can leak arbitrary local files to the internet
- [FD] Safari Address Spoofing (How We Got It)
- [FD] The Empire Strikes Back Apple ? how your Mac firmware security is completely broken
- [FD] [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices
- [FD] CVE-2015-3935 HTML Injection in Dolibarr
- [FD] More than 60 undisclosed vulnerabilities affect 22 SOHO routers
- From: Jose Antonio Rodriguez Garcia
- [FD] Logical Flaw in Google's OAuth
- [FD] Broken, Abandoned, and Forgotten Code, Part 6
- [FD] XSS vulnerability in IBM Domino
- [FD] XML Injection vulnerability in multiple Hikvision IP cameras and DVR
Mail converted by MHonArc