Mail Index

• Thread Index

• [FD] Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [FD] File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] Soso Transfer v1.1 iOS - Denial of Service Vulnerability
  • From: Vulnerability Lab
• [FD] Soso Transfer v1.1 iOS - Denial of Service Vulnerability
  • From: Vulnerability Lab
• [FD] File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] SimpleView CRM - Client Side Open Redirect Vulnerability
  • From: Vulnerability Lab
• [FD] Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability
  • From: Vulnerability Lab
• [FD] Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability
  • From: Vulnerability Lab
• [FD] Security Advisories
  • From: Portcullis Advisories
• [FD] AST-2016-001: BEAST vulnerability in HTTP server
  • From: Asterisk Security Team
• [FD] AST-2016-002: File descriptor exhaustion in chan_sip
  • From: Asterisk Security Team
• [FD] AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data.
  • From: Asterisk Security Team
• [FD] ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation
  • From: graphx
• [FD] Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities
  • From: Sachin Wagh
• [FD] VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability
  • From: t . schughart
• [FD] OpenXchange | Information Disclosure
  • From: t . schughart
• [FD] Equibase.com HTML Injection/Possible Reflected XSS
  • From: Russell Butturini
• [FD] Atutor 2.2: XSS
  • From: Curesec Research Team (CRT)
• [FD] Opendocman 1.3.4: CSRF
  • From: Curesec Research Team (CRT)
• [FD] Opendocman 1.3.4: HTML Injection
  • From: Curesec Research Team (CRT)
• [FD] Time-based SQL Injection in Admin panel UliCMS <= v9.8.1
  • From: Manuel Garcia Cardenas
• [FD] GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Sensitive Info Vulnerabilities
  • From: Karn Ganeshen
• [FD] MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS
  • From: Onur Yilmaz
• [FD] ASUS RT-N56U Persistent XSS
  • From: graphx
• [FD] DLink DVG­N5402SP Multiple Vulnerabilities
  • From: Karn Ganeshen
• [FD] Sauter ModuWEB Vision SCADA vulnerabilities
  • From: Martin Jartelius
• [FD] Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability
  • From: David Coomber
• [FD] [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300
  • From: Pedro Ribeiro
• [FD] CALL FOR PAPERS - FAQin Congress - Madrid
  • From: Esteban Dauksis
• [FD] Apple Software Update 2.1.3 (Windows) Remote Command Execution.
  • From: Rio Sherri
• [FD] A tale of openssl_seal(), PHP and Apache2handle
  • From: s3810
• [FD] ArpON (ARP handler inspection) 3.0-ng release
  • From: Andrea Di Pasquale
• [FD] Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass
  • From: Vulnerability Lab
• [FD] NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers
  • From: Kyriakos Economou
• [FD] osTicket multiple vulnerabilities
  • From: Giovanni Cerrato
• [FD] Netgear RP614v3 : Authentication Bypass
  • From: fulldisclosure
• [FD] Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege
  • From: Stefan Kanthak
• [FD] JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] Getdpd BB #3 - Persistent Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [FD] Getdpd BB #5 - Persistent Filename Vulnerability
  • From: Vulnerability Lab
• [FD] Getdpd BB #4 - (name) Persistent Validation Vulnerability
  • From: Vulnerability Lab
• [FD] Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability
  • From: Vulnerability Lab
• [FD] Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities
  • From: Vulnerability Lab
• [FD] PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities
  • From: Vulnerability Lab
• [FD] SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities
  • From: SEC Consult Vulnerability Lab
• [FD] File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] Apache Sling Framework v2.3.6 (Adobe AEM) [CVE-2016-0956] - Information Disclosure Vulnerability
  • From: Vulnerability Lab
• [FD] NPS Datastore server DLL side loading vulnerability
  • From: Securify B.V.
• [FD] BDA MPEG2 Transport Information Filter DLL side loading vulnerability
  • From: Securify B.V.
• [FD] MapsUpdateTask Task DLL side loading vulnerability
  • From: Securify B.V.
• Re: [FD] OLE DB Provider for Oracle multiple DLL side loading vulnerabilities
  • From: Securify B.V.
• [FD] D-Link router DSL-2750B firmware 1.01 to 1.03 - remote command execution no auth required
  • From: p
• [FD] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox
  • From: Stefan Kanthak
• [FD] Multiple vulnerabilities in Open Real Estate v 1.15.1
  • From: Simon Waters (Surevine)
• [FD] SerVision HVG - Hardcoded password
  • From: Richard Tafoya
• [FD] Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege
  • From: Stefan Kanthak
• [FD] Poor UX in Asus routers can leave the web UI unintentionally exposed to the Internet
  • From: David Longenecker
• [FD] CVE-2016-2046 Cross Site Scripting in Sophos UTM 9
  • From: Mike Lisi
• [FD] VP2016-001: Remote Command Execution in File Replication Pro
  • From: Vantage Point Security
• Re: [FD] Netgear GS105Ev2 - Multiple Vulnerabilities
  • From: Nick Boyce
• [FD] HD Video Player v2.5 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution
  • From: KoreLogic Disclosures
• [FD] Serena Business Manager < 10.01 DOM XSS Vulnerability
  • From: Cosmin Maier
• [FD] RVAsec 2016 CFP is now Open!
  • From: Sullo
• [FD] BSides Hannover 2016
  • From: Daniel Busch
• [FD] Point of Sale WinREST machines remote privilege escalation
  • From: Vitor Silva
• [FD] [ERPSCAN-15-031] SAP MII – Encryption Downgrade vulnerability
  • From: ERPScan inc
• [FD] [ERPSCAN-15-032] SAP PCo agent – DoS vulnerability
  • From: ERPScan inc
• [FD] Redaxo CMS contains multiple vulnerabilities
  • From: LSE-Advisories
• [FD] Browser Security Tool: HTTPS Only (Why, How, Open Source, Python)
  • From: David Leo
• [FD] Packet Hacking Village Speaker Workshops at DEF CON 24 CFP Now Open (Modified)
  • From: Ming
• [FD] Tiny Tiny RSS Blind SQL Injection
  • From: Kacper Szurek
• Re: [FD] [oss-security] HTTPS Only (Open Source, Python)
  • From: P J P
• [FD] BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware
  • From: Blue Frost Security Research Lab
• Re: [FD] Point of Sale WinREST machines remote privilege escalation
  • From: Douglas Held
• Re: [FD] Point of Sale WinREST machines remote privilege escalation
  • From: Vítor Hugo Silva
• Re: [FD] Point of Sale WinREST machines remote privilege escalation
  • From: Duarte Silva
• [FD] Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability
  • From: Necmettin COŞKUN
• [FD] CVE-2016-2046 Cross Site Scripting in Sophos UTM 9
  • From: Mike Lisi
• [FD] Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities
  • From: Sandeep Kamble
• [FD] Cisco ASA VPN - Zero Day Exploit
  • From: Juan Sacco
• [FD] EBAY Bugbounty: Persistent DOM Based XSS on ebay.com
  • From: Alexander Korznikov
• [FD] ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability
  • From: Vulnerability Lab
• [FD] Investors Application - Client Side Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [FD] Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability
  • From: Vulnerability Lab
• [FD] Chamilo LMS - Persistent Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [FD] Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] InstantCoder v1.0 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities
  • From: Vulnerability Lab
• Re: [FD] Cisco ASA VPN - Zero Day Exploit
  • From: Joey Maresca
• [FD] Avast Virtualization Driver - Elevation Of Privileges
  • From: Kyriakos Economou
• [FD] BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS
  • From: Adrian Hayes
• [FD] PLANET IP Surveillance camera Multiple Vulnerabilities
  • From: 0rwell Labs
• [FD] ferretCMS– Multiple Cross-Site Scripting Vulnerabilities
  • From: Sachin Wagh
• Re: [FD] Cisco ASA VPN - Zero Day Exploit
  • From: Mark-David McLaughlin (marmclau)
• [FD] Vulnerability in WebSVN 2.3.3
  • From: Etnies
• [FD] CVE Request: Fiyo CMS 2.0.2.1 - Multiple Persistent XSS Vulnerabilities
  • From: Himanshu Mehta
• Re: [FD] Cisco ASA VPN - Zero Day Exploit
  • From: Daniel Hadfield
• [FD] Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [FD] InstantCoder v1.0 iOS - Multiple Web Vulnerabilities
  • From: Vulnerability Lab
• [FD] Prezi Bug Bounty #7 - (Charts) Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] [KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability
  • From: Egidio Romano
• [FD] eFront Learning 3.6.15.6 CMS - (Forum) Persistent Title Web Vulnerability
  • From: Vulnerability Lab
• [FD] eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability
  • From: Vulnerability Lab
• [FD] GTA Firewall GB-OS v6.2.02 - Filter Bypass & Persistent Vulnerability
  • From: Vulnerability Lab
• [FD] CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM)
  • From: Alexandre Herzog
• [FD] CSNC-2016-001 - XSS in OpenAM
  • From: Alexandre Herzog
• [FD] CSNC-2016-002 - Open Redirect in OpenAM
  • From: Alexandre Herzog
• [FD] Ubiquiti Networks UniFi v3.2.10 Generic CSRF Protection Bypass
  • From: Julien Ahrens
• [FD] CVE ID Request : Centreon remote code execution
  • From: Sysdream Labs
• [FD] CVE ID Request : Proxmox VE Insecure hostname checking (remote root exploit)
  • From: Sysdream Labs
• [FD] CVE-2015-6541 : Multiple CSRF in Zimbra Mail interface
  • From: Sysdream Labs
• [FD] D-Link, Netgear Router Vulnerabiltiies
  • From: Dominic Chen
• [FD] XSSer v1.7b: "ZiKA-47 Swarm!" released....
  • From: psy
• Re: [FD] Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege
  • From: Jernej Simončič
• Re: [FD] Cisco ASA VPN - Zero Day Exploit
  • From: Joey Maresca
• [FD] Hacking Passwords, Lesson 11, Available Now!
  • From: Pete Herzog
• [FD] [CVE-2015-5345] Information disclosure vulnerability in Apache Tomcat
  • From: Mark Koek
• [FD] Various Linux Kernel USERNS Issues
  • From: halfdog
• [FD] Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege
  • From: Stefan Kanthak
• Re: [FD] Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege
  • From: Stefan Kanthak
• [FD] Executable installers are vulnerable^WEVIL (case 4): InstallShield's wrapper and setup.exe
  • From: Stefan Kanthak
• [FD] WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability
  • From: Vulnerability Lab