Mail Thread Index
- [FD] Mysterious CVE-2008-568 (Solaris),
Mark Felder
- [FD] Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015),
Hanno Böck
- [FD] IKE Aggressive Mode Downgrade Attack?,
Melchior Limacher
- [FD] OS X 0day - works on latest verz,
魏诺德
- Re: [FD] #WorldPenguinDay or this cant be right, can it?,
PIN
- [FD] HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation Vulnerability,
Vulnerability Lab
- [FD] Cisco (Newsroom) - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] Grindr v2.1.1 iOS Bounty #1 - (Session) Auth Bypass Vulnerabilities,
Vulnerability Lab
- [FD] Grindr v2.1.1 iOS - (eMail) Session Vulnerability,
Vulnerability Lab
- [FD] Grindr 2.1.1 iOS Bug Bounty #2 - Denial of Service Software Vulnerability,
Vulnerability Lab
- [FD] PhotoWebsite v3.1 iOS - File Include Web Vulnerability,
Vulnerability Lab
- [FD] vPhoto-Album v4.2 iOS - File Include Web Vulnerability,
Vulnerability Lab
- [FD] Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL,
Pedro Ribeiro
- [FD] F5 ASM JSON Profile Bypass,
Peter Lapp
- [FD] Oracle Business Intelligence Mobile HD v11.x iOS - Persistent UI Vulnerability,
Vulnerability Lab
- [FD] PDF Converter & Editor 2.1 iOS - File Include Vulnerability,
Vulnerability Lab
- [FD] TORNADO Computer Trading CMS - SQL Injection Vulnerability,
Vulnerability Lab
- [FD] Alienvault OSSIM/USM Multiple Vulnerabilities,
Peter Lapp
- [FD] [SE-2014-02] Some additional GAE Java security sandbox bypasses,
Security Explorations
- [FD] pydio vulnerabilities,
Just A Fake
- [FD] Album Streamer v2.0 iOS - Directory Traversal Vulnerability,
Vulnerability Lab
- [FD] Yahoo eMarketing Bug Bounty #31 - Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability,
Vulnerability Lab
- [FD] Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities,
Vulnerability Lab
- [FD] SAP vulnerabilities highlighted in many reports such as HP Cyber Risk Report 2015,
Darya Maenkova
- [FD] Yet Another Related Posts Plugin (YARPP) 4.2.4 CSRF -> XSS -> RCE,
Evex ola
- [FD] Docker 1.6.1 - Security Advisory [150507],
Eric Windisch
- Re: [FD] AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%,
Hector Marco-Gisbert
- [FD] MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities,
Jing Wang
- [FD] MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities,
Jing Wang
- [FD] MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities,
Jing Wang
- [FD] Artnana Webboard version 1.4 XSS (Cross-site Scripting) Web Security Vulnerabilities,
Jing Wang
- [FD] Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities,
Jing Wang
- [FD] Capstone disassembly framework 3.0.3 is out!,
Nguyen Anh Quynh
- [FD] DAVOSET v.1.2.4,
MustLive
- [FD] CVE-2014-3440 - Symantec Critical System Protection RCE,
Balint Varga-Perke
- [FD] Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429,
Onur Yilmaz
- [FD] Wordpress Roomcloud plugin v1.1(rev @1115307) XSS vulnerability,
Nitin Venkatesh
- [FD] 0day Mailbird XSS ?,
Alfred Baroti
- [FD] Sqlbuddy Path Traversal Vulnerability,
John Page
- [FD] Broken, Abandoned, and Forgotten Code,
Zach C
- [FD] G-Homa WLan Power Plug Multiple Problems,
honeypot
- [FD] Call for Papers: RAID 2015,
Skander Iversen
- [FD] Two invalid read errors / heap overflows in SQLite (TFPA 006/2015),
Hanno Böck
- [FD] SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server,
SEC Consult Vulnerability Lab
- [FD] Web India Solutions CMS 2015 - SQL Injection Vulnerability,
Vulnerability Lab
- [FD] [CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities,
CORE Advisories Team
- [FD] Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250,
Onur Yilmaz
- [FD] Multiple Vulnerabilities in Openlitespeed <= 1.3.10 - CVE-b045-73d a.k.a. Analbleed.,
Anal Bleed
- [FD] New release of,STONIX OS hardening tool,
Roy Nielsen
- [FD] SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2),
SEC Consult Vulnerability Lab
- [FD] Hue 3.7.1 Local Privilege Escalation,
Julian Horoszkiewicz
- [FD] Ambari Server 1.7.0 Local Privilege Escalation,
Julian Horoszkiewicz
- [FD] Read heap overflow / invalid memory access in Wireshark,
Hanno Böck
- [FD] How to detect a promiscuous interface by using WMIC,
Eiji James Yoshida
- [FD] Broken, Abandoned, and Forgotten Code, Part 4,
Zach C
- [FD] [SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine,
Security Explorations
- [FD] XML Injection, AoF and BF vulnerabilities in Hikvision DS-2CD2012-I,
MustLive
- [FD] CSRF & XSS vulnerabilities in Encrypted Contact Form Wordpress Plugin v1.0.4,
Nitin Venkatesh
- [FD] Chinease attack on USIS using SAP vulnerability – Detailed review and comments,
Darya Maenkova
- [FD] Soundcloud XSS (Cross-Site Scripting) Security Vulnerability,
Researcher Triponoid
- [FD] ftpmap 0.5 Release Announcement,
Hypsurus
- [FD] Facebook #26 - Filter Bypass & Exception Handling Redirect Web Vulnerability,
Vulnerability Lab
- [FD] CRUCMS Crucial Networking - SQL Injection Vulnerability,
Vulnerability Lab
- [FD] Wireless Photo Transfer v3.0 iOS - File Include Vulnerability,
Vulnerability Lab
- [FD] iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability,
Vulnerability Lab
- [FD] OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities,
Vulnerability Lab
- [FD] KL-001-2015-002 : Piriform CCleaner Wiped Filename Recovery,
KoreLogic Disclosures
- [FD] [Samba 3.0.37] EnumPrinters memory corruption,
Gabriele Avosani
- [FD] SEC Consult SA-20150519-0 :: Critical buffer overflow vulnerability in KCodes NetUSB (VU#177092, CVE-2015-3036),
SEC Consult Vulnerability Lab
- [FD] SQLi in FeedWordPress WordPress plugin,
Adrián M. F.
- [FD] Milw0rm Clone Script v1.0 - (time based) SQLi,
john smith
- [FD] Clickheat 1.13+ Unauthenticated RCE,
Calum Hutton
- [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability,
ValdikSS
- [FD] Multiple Vulnerabilities in ZTE AC 3633R USB Modem,
vishnu raju
- [FD] 0-day Denial of Service in IPsec-Tools,
Javantea
- [FD] XML Injection, AoF and BF vulnerabilities in Hikvision DS-7108HWI-SH,
MustLive
- [FD] HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability,
Vulnerability Lab
- [FD] WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability,
Vulnerability Lab
- [FD] Staff FTP v3.04 Software - DLL Hijacking Vulnerability,
Vulnerability Lab
- [FD] Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability,
Vulnerability Lab
- [FD] hardwear.io - Hardware Security Conference Call for Papers,
Hardwear Team
- [FD] CVE ID assignment - eZPublish vulnerability,
us3r777
- [FD] CVE for Apple's ECDHE-ECDSA SecureTransport bug?,
Jeffrey Walton
- [FD] [CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability,
CORE Advisories Team
- [FD] SAP Security Notes May 2015,
Darya Maenkova
- [FD] Hacktivity 2015 CFP,
Ferenc Spala
- [FD] call for paper(information retrieval, privacy),
Hongkai Wu
- [FD] Broken, Abandoned, and Forgotten Code, Part 5,
Zach C
- [FD] Gcon Tech Solutions v1.0 XSS (Cross-site Scripting) Web Security Vulnerabilities,
Jing Wang
- [FD] Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities,
Jing Wang
- [FD] SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities,
Jing Wang
- [FD] phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities,
Jing Wang
- [FD] phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities,
Jing Wang
- [FD] Command injection vulnerability in Synology Photo Station,
Securify B.V.
- [FD] Reflected Cross-Site Scripting in Synology DiskStation Manager,
Securify B.V.
- [FD] Synology Photo Station multiple Cross-Site Scripting vulnerabilities,
Securify B.V.
- [FD] CVE-2015-4062, CVE-2015-4063: Multiple vulnerabilities in WordPress plugin "NewStatPress",
Adrián M. F.
- [FD] CVE-2015-4064, CVE-2015-4065: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages",
Adrián M. F.
- [FD] CVE-2015-4066: SQLi vulnerabilities in WordPress plugin "GigPress",
Adrián M. F.
- [FD] ClearPass Policy Manager Stored XSS,
Cristiano Maruti
- [FD] Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability,
David Coomber
- [FD] RootedCON 2015 videos published,
omarbv
- [FD] hwclock(8) SUID privilege escalation,
up201407890
- [FD] [Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability,
Onapsis Research Labs
- [FD] [Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement,
Onapsis Research Labs
- [FD] New release: UFONet v0.5b "Invasion",
psy
- [FD] Sophos WAF (WebServer Protection) does not analyze JSON data,
Glaudson Ocampos
- [FD] Flash: Local SWF files can leak arbitrary local files to the internet,
Jann Horn
- [FD] Safari Address Spoofing (How We Got It),
David Leo
- [FD] The Empire Strikes Back Apple ? how your Mac firmware security is completely broken,
fG
- [FD] [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices,
Gergely Eberhardt
- [FD] CVE-2015-3935 HTML Injection in Dolibarr,
NaxoneZ .
- [FD] More than 60 undisclosed vulnerabilities affect 22 SOHO routers,
Jose Antonio Rodriguez Garcia
- [FD] Logical Flaw in Google's OAuth,
vishnu raju
- [FD] Broken, Abandoned, and Forgotten Code, Part 6,
Zach C
- [FD] XSS vulnerability in IBM Domino,
MustLive
- [FD] XML Injection vulnerability in multiple Hikvision IP cameras and DVR,
MustLive
Mail converted by MHonArc