Mail Index
Thread Index
[FD] LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection
From
: advisories
[FD] [SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7)
From
: Security Explorations
[FD] [Advisory]LibRaw Multi Memory error[CVE-2015-8366 and CVE-2015-8367]
From
: ChenQin
[FD] Brocade Fabric OS v6.3.1b Multiple Vulnerabilities
From
: Karn Ganeshen
[FD] Mutliple Vulnerabilities in ZurmoCRM 3.0.5
From
: NaxoneZ .
[FD] [CFP] BSides San Francisco - February 2016
From
: BSides SF
[FD] BF and CE vulnerabilities in ASUS RT-G32
From
: MustLive
[FD] Huawei Wimax routers vulnerable to multiple threats
From
: Pierre Kim
[FD] Multiple vulnerabilities in Huutopörssi's website (huutoporssi.fi)
From
: Wub TheCaptain
[FD] KL-001-2015-006 : Linksys EA6100 Wireless Router Authentication Bypass
From
: KoreLogic Disclosures
[FD] MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow
From
: [CXSEC]
[FD] [CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference
From
: CORE Advisories Team
[FD] Symfony CMS 2.6.3 – Multiple Cross-Site Scripting Vulnerability
From
: Sachin Wagh
[FD] [CVE-2015-8369] Cacti SQL injection in graph.php
From
: changzhao.mao
[FD] Announcing NorthSec 2016 CFP + Reg - Montreal, May 19-22
From
: Pierre-David Oriol
[FD] ntop-ng <= 2.0.151021 - Privilege Escalation
From
: Dolev Farhi
[FD] SQLMap Code Execute
From
: Vex Woo
[FD] 4images 1.7.12: XSS
From
: Curesec Research Team (CRT)
[FD] 4images 1.7.11: SQL Injection
From
: Curesec Research Team (CRT)
[FD] 4images 1.7.11: Path Traversal
From
: Curesec Research Team (CRT)
[FD] 4images 1.7.11: Code Execution Exploit
From
: Curesec Research Team (CRT)
[FD] 4images 1.7.11: Code Execution
From
: Curesec Research Team (CRT)
[FD] CodoForum 3.4: XSS
From
: Curesec Research Team (CRT)
[FD] phpwcms 1.7.9: CSRF
From
: Curesec Research Team (CRT)
[FD] phpwcms 1.7.9: Code Execution
From
: Curesec Research Team (CRT)
[FD] Geeklog 2.1.0: XSS
From
: Curesec Research Team (CRT)
[FD] Geeklog 2.1.0: Code Execution Exploit
From
: Curesec Research Team (CRT)
[FD] Geeklog 2.1.0: Code Execution
From
: Curesec Research Team (CRT)
[FD] redaxscript 2.5.0: XSS
From
: Curesec Research Team (CRT)
[FD] redaxscript 2.5.0: Code Execution
From
: Curesec Research Team (CRT)
[FD] appRain 4.0.3: XSS
From
: Curesec Research Team (CRT)
[FD] appRain 4.0.3: Path Traversal
From
: Curesec Research Team (CRT)
[FD] appRain 4.0.3: CSRF
From
: Curesec Research Team (CRT)
[FD] appRain 4.0.3: Code Execution
From
: Curesec Research Team (CRT)
[FD] Defense in depth -- the Microsoft way (part 37): MMC.exe and DrvInst.exe load and execute ".dll" with elevated resp. SYSTEM privileges
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 9): Chrome's setup.exe allows arbitrary code execution and escalation of privilege
From
: Stefan Kanthak
[FD] [CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities
From
: Vogt, Thomas
[FD] LG Nortel ADSL modems - Multiple vulnerabilities
From
: Karn Ganeshen
[FD] APPLE-SA-2015-12-08-1 iOS 9.2
From
: Apple Product Security
[FD] APPLE-SA-2015-12-08-4 watchOS 2.1
From
: Apple Product Security
[FD] APPLE-SA-2015-12-08-5 Safari 9.0.2
From
: Apple Product Security
[FD] APPLE-SA-2015-12-08-6 Xcode 7.2
From
: Apple Product Security
[FD] APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008
From
: Apple Product Security
[FD] APPLE-SA-2015-12-08-2 tvOS 9.1
From
: Apple Product Security
[FD] GoAutoDial CE 3.3 Multiple SQL injections, Command Injection
From
: Rio Sherri
[FD] [CVE-2014-3260] Crypto implementation flaws in Pacom GMS System
From
: XPD Advisories Team
[FD] SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities
From
: SEC Consult Vulnerability Lab
[FD] BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability
From
: Blue Frost Security Research Lab
[FD] CLOUD4WI SPLASH PORTAL REFLECTED XSS VULNERABILITY – CVE-2015-4699
From
: agotouning@xxxxxxxxx
[FD] Polycom VVX-Series Business Media Phones Path Traversal Vulnerability
From
: Jake Reynolds
[FD] APPLE-SA-2015-12-11-1 iTunes 12.3.2
From
: Apple Product Security
[FD] COM+ Services DLL side loading vulnerability
From
: Securify B.V.
[FD] Event Viewer Snapin multiple DLL side loading vulnerabilities
From
: Securify B.V.
[FD] Windows Authentication UI DLL side loading vulnerability
From
: Securify B.V.
[FD] XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247
From
: Aravind
[FD] SilverStripe CMS & Framework v3.2.0 – Cross-Site Scripting Vulnerability
From
: CSW Research Lab
[FD] OcPortal CMS 9.0.20 – Cross-Site Scripting Vulnerability
From
: CSW Research Lab
[FD] OcPortal CMS 9.0.21 – Cross-site Request Forgery (CSRF) Vulnerability
From
: CSW Research Lab
[FD] Bedita 3.6.0 – Cross-Site Scripting Vulnerability
From
: CSW Research Lab
[FD] Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities
From
: CSW Research Lab
[FD] DAVOSET v.1.2.7
From
: MustLive
[FD] [CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability
From
: xiaotian.wang@dbappsecurity.com.cn
[FD] Shutdown UX DLL side loading vulnerability
From
: Securify B.V.
[FD] Shockwave Flash Object DLL side loading vulnerability
From
: Securify B.V.
[FD] OLE DB Provider for Oracle multiple DLL side loading vulnerabilities
From
: Securify B.V.
[FD] [CFP] Speak About Your Cyberwar at PHDays VI
From
: Alexander Lashkov
[FD] [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability
From
: ERPScan inc
[FD] ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS
From
: ERPScan inc
[FD] #BadWinmail: The "Enterprise Killer" Attack Vector in Microsoft Outlook
From
: Haifei Li
[FD] Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]
From
: Hector Marco-Gisbert
[FD] libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506)
From
: Hans Jerry Illikainen
[FD] libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507)
From
: Hans Jerry Illikainen
[FD] Two bytes change and you have a zero day
From
: Hossein Lotfi
[FD] User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness
From
: halfdog
[FD] Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta)
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 11): Nmap <7.01 and Nmap-WinPcap <4.13
From
: Stefan Kanthak
Re: [FD] Executable installers are vulnerable^WEVIL (case 11): Nmap <7.01 and Nmap-WinPcap <4.13
From
: imposter imp
[FD] Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege
From
: Stefan Kanthak
[FD] PFSense <= 2.2.5 Directory Traversal
From
: Rio Sherri
[FD] Samsung softap weak random generated password
From
: Augusto Pereyra
[FD] KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password
From
: KoreLogic Disclosures
[FD] KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address
From
: KoreLogic Disclosures
[FD] Notepad ++ NPPFtp Plugin Buffer Overflow
From
: Rio Sherri
[FD] giflib: heap overflow in giffix (CVE-2015-7555)
From
: Hans Jerry Illikainen
[FD] Call for Papers -YSTS X - Information Security Conference, Brazil
From
: Luiz Eduardo
Re: [FD] PFSense <= 2.2.5 Directory Traversal
From
: Bacon Zombie
[FD] Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege
From
: Stefan Kanthak
[FD] Faraday v1.0.16: (Group vulns by fields, Filter false-positives, Canvas plugin)
From
: Francisco Amato
[FD] [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality
From
: RedTeam Pentesting GmbH
[FD] Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution
From
: Stefan Kanthak
[FD] DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability
From
: Vulnerability Lab
[FD] Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability
From
: Vulnerability Lab
[FD] WP Content Text Slider on Post 6.8 - Persistent Vulnerability
From
: Vulnerability Lab
[FD] Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability
From
: Vulnerability Lab
[FD] Lithium Forum - (previewImages) Persistent Vulnerability
From
: Vulnerability Lab
[FD] Switch v4.68 - Code Execution Vulnerability
From
: Vulnerability Lab
[FD] POP Peeper 4.0.1 - Persistent Code Execution Vulnerability
From
: Vulnerability Lab
[FD] Aeris Calandar v2.1 - Buffer Overflow Vulnerability
From
: Vulnerability Lab
[FD] SIPROTEC 4 and SIPROTEC Compact FAQ #5
From
: SCADA StrangeLove
[FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege
From
: Stefan Kanthak
Re: [FD] Symfony CMS 2.6.3 – Multiple Cross-Site Scripting Vulnerability
From
: Sachin Wagh
Re: [FD] Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability
From
: Ryan Dewhurst
[FD] PhpSocial v2.0.0304: XSS
From
: Curesec Research Team (CRT)
[FD] PhpSocial v2.0.0304: CSRF
From
: Curesec Research Team (CRT)
[FD] Arastta 1.1.5: XSS
From
: Curesec Research Team (CRT)
[FD] Arastta 1.1.5: SQL Injection
From
: Curesec Research Team (CRT)
[FD] Grawlix 1.0.3: XSS
From
: Curesec Research Team (CRT)
[FD] Grawlix 1.0.3: CSRF
From
: Curesec Research Team (CRT)
[FD] Grawlix 1.0.3: Code Execution
From
: Curesec Research Team (CRT)
[FD] CouchCMS 1.4.5: XSS & Open Redirect
From
: Curesec Research Team (CRT)
[FD] CouchCMS 1.4.5: Code Execution
From
: Curesec Research Team (CRT)
[FD] esoTalk 1.0.0g4: XSS
From
: Curesec Research Team (CRT)
Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege
From
: Shawn McMahon
Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege
From
: NaxoneZ .
Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege
From
: Justin Ferguson
[FD] XZERES 442SR Wind Turbine XSS
From
: Karn Ganeshen
[FD] Nordex Control 2 (NC2) SCADA V16 and prior versions - XSS
From
: Karn Ganeshen
[FD] eWON sa Industrial router - Multiple Vulnerabilities
From
: Karn Ganeshen
[FD] libtiff: invalid write (CVE-2015-7554)
From
: Hans Jerry Illikainen
[FD] EasyCafe Server <= 2.2.14 Remote File Read
From
: Rio Sherri
Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege
From
: Stefan Kanthak
Re: [FD] libtiff: invalid write (CVE-2015-7554)
From
: Martin Kühne
[FD] Local root vulnerability in DeleGate v9.9.13
From
: Larry W. Cashdollar
[FD] Vulnerabilities in Mobile Safari
From
: MustLive
[FD] Netduma R1 Router CSRF
From
: Josh Chaney
Re: [FD] Executable installers are vulnerable^WEVIL (case 15):F-SecureOnlineScanner.exe allows arbitrary (remote) codeexecution and escalation of privilege
From
: lists
Re: [FD] Executable installers are vulnerable^WEVIL (case 15):F-SecureOnlineScanner.exe allows arbitrary (remote) codeexecution and escalation of privilege
From
: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution
From
: Stefan Kanthak
Mail converted by
MHonArc