Mail Thread Index
- Re: [FD] Cisco AnyConnect elevation of privileges via DLL side loading,
Securify B.V.
- Re: [FD] Cisco AnyConnect elevation of privileges via DMG install script,
Securify B.V.
- [FD] Tool: Race condition chaser on windows,
Alexander Georgiev
- [FD] CVE-2015-2342 VMware vCenter Remote Code Execution,
David Stubley
- [FD] Telegram - Multiple Vulnerabilities,
Eduardo Alves
- Re: [FD] WinRAR SFX v5.21 - Remote Code Execution Vulnerability,
Gynvael Coldwind
- [FD] Shell Injection in Pygments FontManager._get_nix_font_path,
Javantea
- [FD] Vulnerabilities in Callisto 821+R3 ADSL Router,
MustLive
- [FD] Mac OS X local root (rsh/libmalloc),
Philip Pettersson
- [FD] APPLE-SA-2015-09-30-01 iOS 9.0.2,
Apple Product Security
- [FD] APPLE-SA-2015-09-30-2 Safari 9,
Apple Product Security
- [FD] APPLE-SA-2015-09-30-3 OS X El Capitan 10.11,
Apple Product Security
- [FD] Komento Joomla! component Persistent XSS,
David Sopas
- [FD] Charter Spectrum Business HTTP MITM,
Mark Felder
- [FD] Sicherheitslücke - Liferay Portal Enterprise Edition,
Tim Schughart
- [FD] ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal,
xistence
- [FD] Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome,
Haifei Li
- [FD] Qualys Security Advisory - OpenSMTPD Audit Report,
Qualys Security Advisory
- [FD] CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability,
Specto
- [FD] Apple Safari URI spoofing (CVE-2015-5764),
Antonio Sanso
- [FD] WinRar Settings Import Command Execution,
Rio Sherri
- [FD] Persistent XSS - Liferay Portal Enterprise Edition,
Tim Schughart
- [FD] Blind SQL Injection in admin panel PHP-Fusion <= v7.02.07,
Manuel Garcia Cardenas
- [FD] u-design wordpress theme DOM XSS,
Kenan Gms
- [FD] DDos Attack To Drop The Internet,
Jeffrey Roberts
- [FD] Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img,
Alexandre Herzog
- [FD] [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities,
Matteo Beccati
- [FD] CSRF vulnerabilities in Callisto 821+R3 ADSL Router,
MustLive
- [FD] TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390,
Onur Yilmaz
- [FD] TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391,
Onur Yilmaz
- [FD] CVE-2015-2652 – Unauthenticated File Upload in Oracle E-business Suite.,
Sandeep Kamble
- [FD] Drupal 8.0.0-beta14 Vendor Script Vulnerable to XSS,
Sandeep Kamble
- [FD] A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE,
Pierre Kim
- [FD] [RT-SA-2015-006] Buffalo LinkStation Authentication Bypass,
RedTeam Pentesting GmbH
- [FD] Veeam Backup & Replication Local Privilege Escalation Vulnerability,
ascii
- [FD] Broken, Abandoned, and Forgotten Code, Part 13,
Zach C
- [FD] WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability,
Vulnerability Lab
- [FD] PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability,
Vulnerability Lab
- [FD] W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability,
Vulnerability Lab
- [FD] FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability,
Vulnerability Lab
- [FD] Exploit NetUSB CVE-2015-3036,
Adrián Ruiz
- [FD] DirectAdmin (1.44.3) CSRF Vulnerability,
Necmettin COŞKUN
- [FD] Writing Cisco IOS Rootkits,
Luca
- [FD] JScript 5.7 (MSIE 8) RegExpBase::FBadHeader regular expression use-after-free,
Berend-Jan Wever
- [FD] Buffer overflow in tiny-AES128-C,
Pascal Cuoq
- [FD] Vantage Point Security Advisory 2015-003,
Lyon Yang
- [FD] Vantage Point Security Advisory 2015-002,
Lyon Yang
- [FD] IntelliSec Advisory - Multiple Vulnerabilities in Kerio Control Firewall,
research
- [FD] Full Path Disclosure vulnerability in JM Twitter Cards reveals the location of the WordPress installation on the server (WordPress plugin),
dxw Security
- [FD] Mozilla extensions: a security nightmare (part 2),
Stefan Kanthak
- [FD] PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability,
Vulnerability Lab
- [FD] Freemake Video Downloader 3.7.1 - Code Execution Vulnerability,
Vulnerability Lab
- [FD] Unicorn CPU Emulator Framework is out!,
Nguyen Anh Quynh
- [FD] hackercon berlin: hack4 the year is 2015,
dash
- [FD] netis RealTek wireless router / ADSL modem Multiple Vulnerabilities,
Karn Ganeshen
- [FD] PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities,
Karn Ganeshen
- [FD] UISGCON11 CFP,
Andrey Loginov
- [FD] CakePHP Xml class SSRF Vulnerability,
Takeshi Terada
- [FD] APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6,
Apple Product Security
- [FD] Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334),
Qualys Security Advisory
- [FD] Events Made Easy WordPress plugin CSRF + Persistent XSS,
David Sopas
- [FD] ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access,
ERPScan inc
- [FD] CarolinaCon-12 - March 2016 - Call for Speakers/Papers/Presenters/Demos,
Vic Vandal
- [FD] Western Digital - My Passport / My Book self-encrypting external hard drive series - Multiple vulnerabilities,
alendal
- [FD] Seagate Central NAS vulnerabilities,
Eric Windisch
- [FD] Firefox FindMyDevice Critical ClickJacking Security Vulnerability,
Mohamed A. Baset
- [FD] [SE-2014-02] Google App Engine Java security sandbox bypasses (Issue 42),
Security Explorations
- [FD] APPLE-SA-2015-10-21-1 iOS 9.1,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-2 watchOS 2.0.1,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-3 Safari 9.0.1,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-5 iTunes 12.3.1,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-7 Xcode 7.1,
Apple Product Security
- [FD] APPLE-SA-2015-10-21-8 OS X Server 5.0.15,
Apple Product Security
- [FD] SiteWIX - (edit_photo2.php id) SQL Injection Exploit,
ZoRLu Bugrahan
- [FD] Simple PHP static code analysis for security researchers,
Marcin Probola
- [FD] SEC Consult SA-20151022-0 :: Lime Survey Multiple Critical Vulnerabilities,
SEC Consult Vulnerability Lab
- [FD] Back to the future NTP attacks new attack vector,
Jerome Athias
- [FD] Back to the future EMV attacks,
Jerome Athias
- [FD] [ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability,
ERPScan inc
- [FD] [ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability,
ERPScan inc
- [FD] [ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability,
ERPScan inc
- [FD] AoF and CSRF vulnerabilities in D-Link DCS-2103,
MustLive
- [FD] Timing attack vulnerability in most Zeus server-sides,
rotem kerner
- [FD] RootedCON 2016 CFP,
omarbv
- [FD] CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver,
Portcullis Advisories
- [FD] CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver,
Portcullis Advisories
- [FD] eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM,
Dawid Golunski
- [FD] KeeFarce - A KeePass 2.x database extraction tool,
Denis Andzakovic
- [FD] Pligg CMS 2.0.2: Code Execution & CSRF,
CRT
- [FD] Pligg CMS 2.0.2: Directory Traversal,
CRT
- [FD] Pligg CMS 2.0.2: Multiple SQL Injections,
CRT
- [FD] [ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability,
ERPScan inc
- [FD] [ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability,
ERPScan inc
- [FD] [ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability,
ERPScan inc
- [FD] Xen VM Escape,
Alan Hikerell
- [FD] Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE,
Stefan Kanthak
Mail converted by MHonArc