Mail Index

Thread Index

[FD] Alcatel Lucent Home Device Manager - Management Console Multiple XSS
- From: Uğur Cihan KOÇ
[FD] Executable installers/self-extractors are vulnerable^WEVIL (case 17): Kaspersky Labs utilities
- From: Stefan Kanthak
[FD] Possible vulnerability in F5 BIG-IP LTM - Improper input validation of the HTTP version number of the HTTP reqest allows any payload size and conent to pass through
- From: Eitan Caspi
[FD] Vulnerabilities in Office Document Reader for iOS
- From: MustLive
[FD] Confluence Vulnerabilities
- From: Sebastian Perez
[FD] CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak)
- From: Pierre Kim
[FD] CALL FOR PAPERS - NUIT DU HACK - 02/03 july 2016
- From: freeman
[FD] Buffer Overflow in Advanced Encryption Package Software
- From: vishnu raju
[FD] Buffer Overflow at password field in Advanced Encryption Package Software
- From: vishnu raju
[FD] MediaAccess , unauthenticated file disclosure
- From: Ahmed Sultan
[FD] Cross Site Scripting (XSS) & Cross Site Request Forgery (CSRF) in Crony Cronjob Manager Version 0.4.4
- From: CSW Research Lab
[FD] Unauthenticated remote code execution in OpenMRS
- From: Brian Hysell
[FD] [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images
- From: RedTeam Pentesting GmbH
[FD] [RT-SA-2015-001] AVM FRITZ!Box: Remote Code Execution via Buffer Overflow
- From: RedTeam Pentesting GmbH
[FD] [RT-SA-2015-005] o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials
- From: RedTeam Pentesting GmbH
[FD] Security BSides Ljubljana 0x7E0 CFP - March 9, 2016
- From: Andraz Sraka
[FD] [CVE-2015-8604] Cacti SQL injection in graphs_new.php
- From: changzhao.mao@xxxxxxxxxxxxxxxxxxxx
[FD] OpenCart Security Advisory - XSS Vulnerabiltiy - CVE-2015-4671
- From: Onur Yilmaz
[FD] Serendipity Security Advisory - XSS Vulnerability - CVE-2015-8603
- From: Onur Yilmaz
[FD] APPLE-SA-2016-01-07-1 QuickTime 7.7.9
- From: Apple Product Security
[FD] Combining DLL hijacking with USB keyboard emulation based attacks
- From: Rodrigo Menezes
[FD] MobaXTerm before version 8.5 vulnerability in "jump host" functionality
- From: Thomas Bleier
[FD] Executable installers are vulnerable^WEVIL (case 18): EMSISoft's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 19): ZoneAlarm's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Stefan Kanthak
[FD] Multiple Cross Site Scripting in Netgear Router Version 1.0.0.24
- From: CSW Research Lab
[FD] SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7
- From: operator8203
[FD] Google Chrome - Javascript Execution Via Default Search Engines
- From: metalkey net
[FD] Cross Site Request Forgery in Netgear Router JNR1010 Version 1.0.0.24
- From: CSW Research Lab
[FD] Broken Authentication & Improper Session Management in Netgear Router JNR1010 Version 1.0.0.24
- From: CSW Research Lab
[FD] Exploiting XXE vulnerabilities in AMF libraries
- From: Nicolas Grégoire
[FD] Linux user namespaces overlayfs local root
- From: halfdog
[FD] CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer
- From: Stelios Tsampas
[FD] CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent
- From: Stelios Tsampas
[FD] New BlackArch Linux ISOs (2016.01.10) released
- From: Black Arch
Re: [FD] Combining DLL hijacking with USB keyboard emulation
- From: gremlin
Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Douglas Held
Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Sarah Allen
Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Stefan Kanthak
[FD] SEC Consult whitepaper: Bypassing McAfee Application Whitelisting for Critical Infrastructure Systems
- From: SEC Consult Vulnerability Lab
[FD] Html injection Dolibarr 3.8.3
- From: NaxoneZ .
[FD] EasyDNNnews Reflected XSS
- From: Peter Lapp
[FD] [KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability
- From: Egidio Romano
[FD] [TOOL] The Metabrik Platform
- From: GomoR
[FD] Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- From: Qualys Security Advisory
[FD] FreeBSD bsnmpd information disclosure
- From: Pierre Kim
[FD] Whatever happened with CVE-2015-0072?
- From: Patrick Toomey
[FD] CCA on CoreProc/crypto-guard and an Appeal to PHP Programmers
- From: Scott Arciszewski
Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Stefan Kanthak
[FD] [CVE-2016-0014] Executable installers are vulnerable^WEVIL (case 1): Microsoft's IExpress resp. WExtract, SFXCab, BoxStub, ...
- From: Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 22): python.org's executable installers allow arbitrary (remote) code execution
- From: Stefan Kanthak
[FD] Defense in depth -- the Microsoft way (part 38): does Microsoft follow their own security guidance/advisories?
- From: Stefan Kanthak
Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Michel Arboi
Re: [FD] Combining DLL hijacking with USB keyboard emulation
- From: Rodrigo Menezes
[FD] Correct answer Information Disclosure in TCExam <= 12.2.5
- From: lists@xxxxxxxxxxxxxxxxxxx lists@xxxxxxxxxxxxxxxxxxx
[FD] It essentially wins crypto vulnerability bingo! gilfether/phpcrypt
- From: Scott Arciszewski
[FD] [CORE-2016-0001] - Intel Driver Update Utility MiTM
- From: CORE Advisories Team
[FD] Administrator auto-logout design flaw in ASUS wireless routers
- From: David Longenecker
[FD] SeaWell Networks Spectrum - Multiple Vulnerabilities
- From: Karn Ganeshen
[FD] GRR <= 3.0.0-RC1 (all versions) file upload filter bypass (authenficated)
- From: Jean-Marie Bourbon
[FD] mobile.facebook.com is not on HSTS preload list or sending the Strict-Transport-Security header
- From: Ricardo Iramar dos Santos
[FD] LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability
- From: Onur Yilmaz
[FD] OpenCart users, switch to OpenCart-CE immediately
- From: Scott Arciszewski
[FD] SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices
- From: SEC Consult Vulnerability Lab
[FD] LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities
- From: Securify B.V.
[FD] HP ToComMsg DLL side loading vulnerability
- From: Securify B.V.
[FD] HP LaserJet Fax Preview DLL side loading vulnerability
- From: Securify B.V.
[FD] [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities
- From: CORE Advisories Team
[FD] Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities
- From: Vulnerability Lab
[FD] Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities
- From: Vulnerability Lab
[FD] Apple WatchOS v2.1 - Denial of Service Vulnerability
- From: Vulnerability Lab
[FD] Telegram (API) - Cross Site Request Forgery Vulnerabilities
- From: Vulnerability Lab
[FD] Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability
- From: Vulnerability Lab
[FD] Kleefa v1.7 (IR) - Multiple Web Vulnerabilities
- From: Vulnerability Lab
[FD] Classic Infomedia (Login) - Auth Bypass Web Vulnerability
- From: Vulnerability Lab
[FD] WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability
- From: Vulnerability Lab
[FD] los818 CMS 2016 Q1 - SQL Injection Web Vulnerability
- From: Vulnerability Lab
[FD] Netgear GS105Ev2 - Multiple Vulnerabilities
- From: Benedikt Westermann
[FD] Eclipse BIRT report viewer <= 4.5.0 Persistent XSS
- From: graphx
[FD] ZyXel WAP3205 V1 Multiple Persistent and Reflected XSS
- From: graphx
[FD] Eclipse BIRT Report Viewer <= 4.5.0 XSS
- From: graphx
[FD] Eclipse BIRT Viewer <= v4.5.0 Persistent XSS
- From: graphx
[FD] PHP-FPM fpm_log.c memory leak and buffer overflow
- From: Imre RAD
[FD] PHP LiteSpeed SAPI secret key improper disposal
- From: Imre RAD
[FD] PHP LiteSpeed SAPI out of boundaries read due to missing input validation
- From: Imre RAD
[FD] Authentication bypass in PHP File Manager 0.9.8
- From: Imre Rad
[FD] SAP Hana Cloud 4 XSS
- From: Shahmeer Baloch
[FD] HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi
- From: Hacking Corporation Sàrl
[FD] McAfee File Lock Driver - Kernel Memory Leak
- From: Kyriakos Economou
[FD] McAfee File Lock Driver - Kernel Memory Leak
- From: Kyriakos Economou
[FD] McAfee File Lock Driver - Kernel Stack Based BOF
- From: Kyriakos Economou
[FD] Recon 2016 Call For Papers - June 17 - 19, 2016 - Montreal, Canada
- From: cfp2016
[FD] [ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption
- From: ERPScan inc
[FD] Multiple security issues in MOVEit Managed File Transfer application
- From: Profundis Labs
[FD] HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase
- From: Hacking Corporation Sàrl
[FD] Announcing nullcon HackIM 2016 Powered by EMC2
- From: murtuja bharmal
[FD] CarolinaCon-12 - March 2016 - FINAL ANNOUNCEMENT
- From: Vic Vandal
[FD] Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability
- From: Vulnerability Lab
[FD] New Era Company CMS - (id) SQL Injection Vulnerability
- From: Vulnerability Lab
[FD] Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability
- From: Vulnerability Lab

Mail converted by MHonArc