Mail Thread Index
- [FD] Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities,
Vulnerability Lab
- [FD] Soso Transfer v1.1 iOS - Denial of Service Vulnerability,
Vulnerability Lab
- [FD] File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities,
Vulnerability Lab
- [FD] SimpleView CRM - Client Side Open Redirect Vulnerability,
Vulnerability Lab
- [FD] Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability,
Vulnerability Lab
- [FD] Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability,
Vulnerability Lab
- [FD] Security Advisories,
Portcullis Advisories
- [FD] AST-2016-001: BEAST vulnerability in HTTP server,
Asterisk Security Team
- [FD] AST-2016-002: File descriptor exhaustion in chan_sip,
Asterisk Security Team
- [FD] AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data.,
Asterisk Security Team
- [FD] ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation,
graphx
- [FD] Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities,
Sachin Wagh
- [FD] VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability,
t . schughart
- [FD] OpenXchange | Information Disclosure,
t . schughart
- [FD] Equibase.com HTML Injection/Possible Reflected XSS,
Russell Butturini
- [FD] Atutor 2.2: XSS,
Curesec Research Team (CRT)
- [FD] Opendocman 1.3.4: CSRF,
Curesec Research Team (CRT)
- [FD] Opendocman 1.3.4: HTML Injection,
Curesec Research Team (CRT)
- [FD] Time-based SQL Injection in Admin panel UliCMS <= v9.8.1,
Manuel Garcia Cardenas
- [FD] GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Sensitive Info Vulnerabilities,
Karn Ganeshen
- [FD] MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS,
Onur Yilmaz
- [FD] ASUS RT-N56U Persistent XSS,
graphx
- [FD] DLink DVGN5402SP Multiple Vulnerabilities,
Karn Ganeshen
- [FD] Sauter ModuWEB Vision SCADA vulnerabilities,
Martin Jartelius
- [FD] Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability,
David Coomber
- [FD] [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300,
Pedro Ribeiro
- [FD] CALL FOR PAPERS - FAQin Congress - Madrid,
Esteban Dauksis
- [FD] Apple Software Update 2.1.3 (Windows) Remote Command Execution.,
Rio Sherri
- [FD] A tale of openssl_seal(), PHP and Apache2handle,
s3810
- [FD] ArpON (ARP handler inspection) 3.0-ng release,
Andrea Di Pasquale
- [FD] Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass,
Vulnerability Lab
- [FD] NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers,
Kyriakos Economou
- [FD] osTicket multiple vulnerabilities,
Giovanni Cerrato
- [FD] Netgear RP614v3 : Authentication Bypass,
fulldisclosure
- [FD] Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege,
Stefan Kanthak
- [FD] JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability,
Vulnerability Lab
- [FD] Getdpd BB #3 - Persistent Cross Site Scripting Vulnerability,
Vulnerability Lab
- [FD] Getdpd BB #5 - Persistent Filename Vulnerability,
Vulnerability Lab
- [FD] Getdpd BB #4 - (name) Persistent Validation Vulnerability,
Vulnerability Lab
- [FD] Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability,
Vulnerability Lab
- [FD] Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities,
Vulnerability Lab
- [FD] PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities,
Vulnerability Lab
- [FD] SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities,
SEC Consult Vulnerability Lab
- [FD] File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities,
Vulnerability Lab
- [FD] MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability,
Vulnerability Lab
- [FD] Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability,
Vulnerability Lab
- [FD] Apache Sling Framework v2.3.6 (Adobe AEM) [CVE-2016-0956] - Information Disclosure Vulnerability,
Vulnerability Lab
- [FD] NPS Datastore server DLL side loading vulnerability,
Securify B.V.
- [FD] BDA MPEG2 Transport Information Filter DLL side loading vulnerability,
Securify B.V.
- [FD] MapsUpdateTask Task DLL side loading vulnerability,
Securify B.V.
- Re: [FD] OLE DB Provider for Oracle multiple DLL side loading vulnerabilities,
Securify B.V.
- [FD] D-Link router DSL-2750B firmware 1.01 to 1.03 - remote command execution no auth required,
p
- [FD] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox,
Stefan Kanthak
- [FD] Multiple vulnerabilities in Open Real Estate v 1.15.1,
Simon Waters (Surevine)
- [FD] SerVision HVG - Hardcoded password,
Richard Tafoya
- [FD] Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege,
Stefan Kanthak
- [FD] Poor UX in Asus routers can leave the web UI unintentionally exposed to the Internet,
David Longenecker
- [FD] CVE-2016-2046 Cross Site Scripting in Sophos UTM 9,
Mike Lisi
- [FD] VP2016-001: Remote Command Execution in File Replication Pro,
Vantage Point Security
- Re: [FD] Netgear GS105Ev2 - Multiple Vulnerabilities,
Nick Boyce
- [FD] HD Video Player v2.5 iOS - Multiple Web Vulnerabilities,
Vulnerability Lab
- [FD] KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution,
KoreLogic Disclosures
- [FD] Serena Business Manager < 10.01 DOM XSS Vulnerability,
Cosmin Maier
- [FD] RVAsec 2016 CFP is now Open!,
Sullo
- [FD] BSides Hannover 2016,
Daniel Busch
- [FD] Point of Sale WinREST machines remote privilege escalation,
Vitor Silva
- Re: [FD] Point of Sale WinREST machines remote privilege escalation,
Duarte Silva
- <Possible follow-ups>
- Re: [FD] Point of Sale WinREST machines remote privilege escalation,
Douglas Held
[FD] [ERPSCAN-15-031] SAP MII – Encryption Downgrade vulnerability,
ERPScan inc
[FD] [ERPSCAN-15-032] SAP PCo agent – DoS vulnerability,
ERPScan inc
[FD] Redaxo CMS contains multiple vulnerabilities,
LSE-Advisories
[FD] Browser Security Tool: HTTPS Only (Why, How, Open Source, Python),
David Leo
[FD] Packet Hacking Village Speaker Workshops at DEF CON 24 CFP Now Open (Modified),
Ming
[FD] Tiny Tiny RSS Blind SQL Injection,
Kacper Szurek
Re: [FD] [oss-security] HTTPS Only (Open Source, Python),
P J P
[FD] BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware,
Blue Frost Security Research Lab
[FD] Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability,
Necmettin COŞKUN
[FD] Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities,
Sandeep Kamble
[FD] Cisco ASA VPN - Zero Day Exploit,
Juan Sacco
[FD] EBAY Bugbounty: Persistent DOM Based XSS on ebay.com,
Alexander Korznikov
[FD] ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability,
Vulnerability Lab
[FD] ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability,
Vulnerability Lab
[FD] Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability,
Vulnerability Lab
[FD] Investors Application - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
[FD] Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability,
Vulnerability Lab
[FD] Chamilo LMS - Persistent Cross Site Scripting Vulnerability,
Vulnerability Lab
[FD] Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities,
Vulnerability Lab
[FD] InstantCoder v1.0 iOS - Multiple Web Vulnerabilities,
Vulnerability Lab
[FD] Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities,
Vulnerability Lab
[FD] Avast Virtualization Driver - Elevation Of Privileges,
Kyriakos Economou
[FD] BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS,
Adrian Hayes
[FD] PLANET IP Surveillance camera Multiple Vulnerabilities,
0rwell Labs
[FD] ferretCMS– Multiple Cross-Site Scripting Vulnerabilities,
Sachin Wagh
[FD] Vulnerability in WebSVN 2.3.3,
Etnies
[FD] CVE Request: Fiyo CMS 2.0.2.1 - Multiple Persistent XSS Vulnerabilities,
Himanshu Mehta
[FD] Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability,
Vulnerability Lab
[FD] Prezi Bug Bounty #7 - (Charts) Persistent Vulnerability,
Vulnerability Lab
[FD] [KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability,
Egidio Romano
[FD] eFront Learning 3.6.15.6 CMS - (Forum) Persistent Title Web Vulnerability,
Vulnerability Lab
[FD] eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability,
Vulnerability Lab
[FD] GTA Firewall GB-OS v6.2.02 - Filter Bypass & Persistent Vulnerability,
Vulnerability Lab
[FD] CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM),
Alexandre Herzog
[FD] CSNC-2016-001 - XSS in OpenAM,
Alexandre Herzog
[FD] CSNC-2016-002 - Open Redirect in OpenAM,
Alexandre Herzog
[FD] Ubiquiti Networks UniFi v3.2.10 Generic CSRF Protection Bypass,
Julien Ahrens
[FD] CVE ID Request : Centreon remote code execution,
Sysdream Labs
[FD] CVE ID Request : Proxmox VE Insecure hostname checking (remote root exploit),
Sysdream Labs
[FD] CVE-2015-6541 : Multiple CSRF in Zimbra Mail interface,
Sysdream Labs
[FD] D-Link, Netgear Router Vulnerabiltiies,
Dominic Chen
[FD] XSSer v1.7b: "ZiKA-47 Swarm!" released....,
psy
[FD] Hacking Passwords, Lesson 11, Available Now!,
Pete Herzog
[FD] [CVE-2015-5345] Information disclosure vulnerability in Apache Tomcat,
Mark Koek
[FD] Various Linux Kernel USERNS Issues,
halfdog
[FD] Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege,
Stefan Kanthak
[FD] Executable installers are vulnerable^WEVIL (case 4): InstallShield's wrapper and setup.exe,
Stefan Kanthak
[FD] WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability,
Vulnerability Lab
Mail converted by MHonArc