Mail Thread Index
- [FD] FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability,
Vulnerability Lab
- [FD] Kaspersky Company Account - Response XSS Vulnerability,
Vulnerability Lab
- [FD] Kaspersky Company Account - FileManager Vulnerability,
Vulnerability Lab
- [FD] SEC Consult SA-20160906-0 :: Private key for browser-trusted certificate embedded in multiple Aruba Networks / Alcatel-Lucent products,
SEC Consult Vulnerability Lab
- [FD] Picosmos Shows v1.6.0 - Stack Buffer Overflow Vulnerability,
Vulnerability Lab
- [FD] PHPHolidays CMS v3.00.50 - Cross Site Scripting Web Vulnerability,
Vulnerability Lab
- [FD] Persistent Cross-Site Scripting vulnerability in WordPress due to unsafe processing of file names,
Summer of Pwnage
- ***UNCHECKED*** [FD] Unrar 0.0.1 Memory Corruption,
Rio Sherri
- [FD] Multiple vulnerabilities - Powerlogic/Schneider Electric IONXXXX series Smart Meters,
Karn Ganeshen
- [FD] ELNet Energy & Electrical Power Meter - Mulitple Vulnerabilities,
Karn Ganeshen
- [FD] Heap 'two-write-where-and-what' format string (FMS) technique,
bashis
- [FD] Defense in depth -- the Microsoft way (part 43): restricting the DLL load order fails,
Stefan Kanthak
- [FD] cve request: Airmail URLScheme render and file:// xss vulnerability,
redrain root
- [FD] CVE-2016-4264 Adobe ColdFusion <= 11 XXE Vulnerability,
Dawid Golunski
- [FD] CVE request - Samsumg Mobile Phone SVE-2016-6248: SystemUI Security issue,
0xr0ot
- [FD] AST-2016-006: Crash on ACK from unknown endpoint,
Asterisk Security Team
- [FD] AST-2016-007: RTP Resource Exhaustion,
Asterisk Security Team
- [FD] Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters plugin,
Summer of Pwnage
- [FD] Command injection in InfiniteWP Admin Panel,
Summer of Pwnage
- [FD] Authorization bypass in InfiniteWP Admin Panel,
Summer of Pwnage
- [FD] Persistent Cross-Site Scripting in Woocommerce WordPress plugin,
Summer of Pwnage
- [FD] [oss-security] CVE request - Airmail URLScheme render and file:// xss vulnerability,
redrain root
- [FD] Brute force every Samsung repair customer's info with ease,
Justa Person
- [FD] CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ),
Dawid Golunski
[FD] [RCESEC-2016-006] XenForo ToggleME 3.1.2 "/admin.php?options/list/toggleME" Multiple Persistent Cross-Site Scriptings,
Julien Ahrens
[FD] XSS found on www.google.fr,
Sysdream Labs
[FD] APPLE-SA-2016-09-13-1 iOS 10,
Apple Product Security
[FD] APPLE-SA-2016-09-13-2 Xcode 8,
Apple Product Security
[FD] APPLE-SA-2016-09-13-3 watchOS 3,
Apple Product Security
[FD] APPLE-SA-2016-09-14-1 iOS 10.0.1,
Apple Product Security
[FD] Security Advisory -- Multiple Vulnerabilities - MuM Map Edit,
Paul Baade
[FD] Keypatch v2.0 is out!,
Nguyen Anh Quynh
[FD] Multiple vulnerabilities in ASUS RT-N10,
MustLive
[FD] Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936],
Nightwatch Cybersecurity
[FD] Peel Shopping 8.0.2: Object Injection,
Curesec Research Team (CRT)
[FD] Kajona 4.7: XSS & Directory Traversal,
Curesec Research Team (CRT)
[FD] MyBB 1.8.6: CSRF, Weak Hashing, Plaintext Passwords,
Curesec Research Team (CRT)
[FD] MyBB 1.8.6: SQL Injection,
Curesec Research Team (CRT)
[FD] MyBB 1.8.6: Improper validation of data passed to eval,
Curesec Research Team (CRT)
[FD] Oxwall 1.8.0: XSS & Open Redirect,
Curesec Research Team (CRT)
[FD] BINOM3 Electric Power Quality Meter Vulnerabilities,
Karn Ganeshen
[FD] Segmentation fault in Oracle Outside In File ID 8.5.3,
Brandon Perry
[FD] Facebook Privacy Issue - IRL Direct Human Reference,
Hicham A. Tolimat
[FD] ShoreTel Connect ONSITE Blind SQL Injection Vulnerability,
Iraklis A. Mathiopoulos
[FD] Unrestricted Upload/RCE in Neosense theme for WordPress,
Walter Hop
[FD] Critical Vulnerabilities in Sparkassen Bank Server discovered by German Security Researchers,
Vulnerability Lab
[FD] Joomla! session id not hashed.,
Blazej Adamczyk
[FD] Blind SQL Injection in Exponent CMS <= v2.3.9,
Manuel Garcia Cardenas
[FD] XSS Wordpress W3 Total Cache <= 0.9.4.1,
Fernando A. Lagos Berardi
[FD] CVE-2016-5725 - JCraft/JSch Java Secure Channel <= 0.1.53 recursive sftp-get path traversal (client-side, windows),
oststrom (public)
[FD] SEC Consult SA-20160922-0 :: Potential backdoor access through multiple vulnerabilities in Kerio Control Unified Threat Management,
SEC Consult Vulnerability Lab
[FD] DllHijackAuditor 3.5 - Stack Buffer Overflow Vulnerability,
Vulnerability Lab
[FD] 3GP Player 4.7.0 - DLL Hijacking Vulnerability,
Vulnerability Lab
[FD] Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium,
cfpbrussels2017
[FD] Call for Papers 0x7E0 hack4 in Berlin,
Daniel Ashton
[FD] Vulnerability Note VU#667480 - AVer EH6108H+ hybrid DVR contains multiple vulnerabilities,
Travis Lee
[FD] Welcome Faraday 2.1! Collaborative Penetration Test & Vulnerability Management Platform,
Francisco Amato
[FD] skype installer dll hijacking vulnerability - CVE-2016-5720,
Tien Phan
[FD] [Adobe Flash] local-with-filesystem sandbox bypass via navigateToURL() and UI redressing,
TRUEL IT | Leone Pontorieri
[FD] IE11 is not following CORS specification for local files,
Ricardo Iramar dos Santos
[FD] Edward Snowden won Glas of Reason - (Glas der Vernunft) Award 2016,
Vulnerability Lab
[FD] Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...),
Pierre Kim
[FD] Symantec Messaging Gateway <= 10.6.1 Directory Traversal,
Rio Sherri
[FD] [REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities,
Matteo Beccati
[FD] Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla,
Larry W. Cashdollar
[FD] Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla,
Larry W. Cashdollar
[FD] KeepNote 0.7.8 Remote Command Execution,
Rio Sherri
[FD] Persistent XSS in Abus Security Center - CVSS 8.0,
Tim Schughart
Mail converted by MHonArc