Mail Thread Index
- [FD] Zend Framework / zend-mail < 2.4.11 Remote Code Execution (CVE-2016-10034),
Dawid Golunski
- [FD] CINtruder v0.3 released...,
psy
- [FD] Advisories Unsafe Dll in Audacity, telegram and Akamai,
filipe
- [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software,
jlss
- [FD] 0-day: QNAP NAS Devices suffer of heap overflow,
bashis
- [FD] Executable installers are vulnerable^WEVIL (case 43): SoftMaker's Office service pack installers allow escalation of privilege,
Stefan Kanthak
- [FD] Executable installers are vulnerable^WEVIL (case 45): ReadPDF's installers allow escalation of privilege,
Stefan Kanthak
- [FD] Stop User Enumeration does not stop user enumeration (WordPress plugin),
dxw Security
- [FD] CarolinaCon-13 - May 2017 - Call for Papers/Presenters and Attendees,
Vic Vandal
- [FD] Trango Altum AC600 Default root Login,
Ian Ling
- [FD] YSTS 11th Edition - CFP,
Luiz Eduardo
- [FD] BSides Las Vegas 2017 CFP is open.,
Daemon Tamer
- [FD] Hotlinking Vulnerability in PHProxy 0.5b2,
Celso Bento
- [FD] enigma2-plugin-extensions-webadmin Remote Code Execution (IoT),
Fabian Fingerle
- [FD] pev 0.80 released,
Fernando Mercês
- [FD] CSRF/XSS in Responsive Poll allows unauthenticated attackers to do almost anything an admin can (WordPress plugin),
dxw Security
- [FD] Docker 1.12.6 - Security Advisory,
Nathan McCauley
- [FD] Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability,
Vulnerability Lab
- [FD] BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability,
Vulnerability Lab
- [FD] Bit Defender #39 - Auth Token Bypass Vulnerability,
Vulnerability Lab
- [FD] Huawei Flybox B660 - (POST Reboot) CSRF Vulnerability,
Vulnerability Lab
- [FD] Boxoft Wav v1.1.0.0 - Buffer Overflow Vulnerability,
Vulnerability Lab
- [FD] Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability,
Vulnerability Lab
- [FD] [CVE-2016-3403] [Zimbra] Multiple CSRF in Administration interface - all versions,
Sysdream Labs
- [FD] Multiple vulnerabilities in cPanel <= 60.0.34,
Open Security
- [FD] ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers),
Fernando Gont
- [FD] Nginx (Debian-based + Gentoo distros) - Root Privilege Escalation [CVE-2016-1247 UPDATE],
Dawid Golunski
- [FD] Executable installers are vulnerable^WEVIL (case 44): SoftMaker's FlexiPDF installers allow escalation of privilege,
Stefan Kanthak
- [FD] Huawei Flybox B660 - (POST SMS) CSRF Web Vulnerability,
Vulnerability Lab
- [FD] Salesforce (Event Registration) - Persistent Vulnerability,
Vulnerability Lab
- [FD] Apple (iTunes Notify) - Filter Bypass & Persistent Web Vulnerability,
Vulnerability Lab
- [FD] Security BSides Ljubljana 0x7E1 CFP - March 10, 2017,
Andraz Sraka
- [FD] New exploit for new vulnerability in WordPress Plugin + tutorial,
Diego
- [FD] Multiple RCE in ZyXEL / Billion / TrueOnline routers,
Pedro Ribeiro
- [FD] Reflected Cross-Site Scripting (XSS) in Atlassian Jira Software,
Roberto Soares
- [FD] EuskalHack Security Congress CFP,
Joxean Koret
- [FD] SEC Consult SA-20170117-0 :: XSS in Recommend Page extension for TYPO3 CMS (pb_recommend_page),
SEC Consult Vulnerability Lab
- [FD] Announce Keypatch v2.1, a better assembler for IDA Pro!,
Nguyen Anh Quynh
- [FD] APPLE-SA-2017-01-18-1 GarageBand 10.1.5,
Apple Product Security
- [FD] APPLE-SA-2017-01-18-2 Logic Pro X 10.3,
Apple Product Security
- [FD] [ERPSCAN-16-036] SAP ASE ODATA SERVER - DENIAL OF SERVICE,
ERPScan inc
- [FD] [ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 - INFORMATION DISCLOSURE,
ERPScan inc
- [FD] CALL FOR PAPERS - br3aking c0de,
Estación Informática
- [FD] Persistent XSS in Ghost 0.11.3,
Patrick
- [FD] [RCESEC-2016-012] Mattermost <= 3.5.1 "/error" Unauthenticated Reflected Cross-Site Scripting / Content Injection,
Julien Ahrens
- [FD] Tap 'n' Sniff,
Curesec Research Team (CRT)
- [FD] Apple iOS 10.2 (Notify - iTunes) - Filter Bypass & Persistent Vulnerability,
Vulnerability Lab
- [FD] Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution,
Stefan Kanthak
- [FD] GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability],
Taoguang Chen
- [FD] RVAsec 2017 Call for Presentations,
Sullo
- [FD] [ERPSCAN-17-005] Oracle PeopleSoft - XSS vulnerability CVE-2017-3300,
ERPScan inc
- [FD] CVE-2017-3241 - [ERPSCAN-17-006] Oracle OpenJDK - Java Serialization DoS,
ERPScan inc
- [FD] APPLE-SA-2017-01-23-1 iOS 10.2.1,
Apple Product Security
- [FD] APPLE-SA-2017-01-23-2 macOS 10.12.3,
Apple Product Security
- [FD] APPLE-SA-2017-01-23-3 watchOS 3.1.3,
Apple Product Security
- [FD] APPLE-SA-2017-01-23-4 tvOS 10.1.1,
Apple Product Security
- [FD] APPLE-SA-2017-01-23-5 Safari 10.0.3,
Apple Product Security
- [FD] APPLE-SA-2017-01-23-6 iCloud for Windows 6.1.1,
Apple Product Security
- [FD] New mailing-list on IoT hacking,
Fernando Gont
- [FD] WD My Cloud Mirror 2.11.153 RCE and Authentication Bypass,
Kacper Szurek
- [FD] APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5,
Apple Product Security
- [FD] Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability,
Summer of Pwnage
- [FD] CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerability,
Summer of Pwnage
- [FD] InfiniteWP Client WordPress Plugin unauthenticated PHP Object injection vulnerability,
Summer of Pwnage
- [FD] Call for Papers: DigitalSec2017 in Kuala Lumpur, Malaysia on July 11-13, 2017,
Sandra Evans
- [FD] Digital Ocean ssh key authentication security risk -- password authentication is re-enabled,
Daniel Elebash
- [FD] Privilege Escalation in VirtualBox (CVE-2017-3316),
Wolfgang
- [FD] Cross-Site Request Forgery vulnerability in FormBuilder WordPress Plugin allows plugin permissions modification,
Summer of Pwnage
- [FD] Multiple blind SQL injection vulnerabilities in FormBuilder WordPress Plugin,
Summer of Pwnage
- [FD] Persistent Cross-Site Scripting vulnerability in User Access Manager WordPress Plugin,
Summer of Pwnage
- [FD] SEC Consult SA-20170130-0 :: XSS & CSRF in multiple Ubiquiti Networks products,
SEC Consult Vulnerability Lab
- [FD] New BlackArch Linux ISOs (2017.01.28) released!,
Black Arch
- [FD] BSidesHannover 2017!,
Daniel Busch
- [FD] secuvera-SA-2017-01: Privilege escalation in an OPSI Managed Client environment ("rise of the machines"),
Simon Bieber
- Re: [FD] Announcing NorthSec 2017 CFP + Reg - Montreal, May 16-21,
Olivier Bilodeau
- [FD] Free ebook to learn ethical hacking techniques,
Sparc Flow
- [FD] Sophos Web Appliance - Block & Unblock IPs Remote Command Injection (CVE-2016-9553),
Russell Sanford
- Re: [FD] [0-day] RCE and admin credential disclosure in NETGEAR WNR2000,
Pedro Ribeiro
- [FD] Hacking Printers Advisory 1/6: PostScript printers vulnerable to print job capture,
Jens Müller
- [FD] Hacking Printers Advisory 2/6: Various HP/OKI/Konica printers file/password disclosure via PostScript/PJL,
Jens Müller
- [FD] Hacking Printers Advisory 5/6: HP printers restoring factory defaults through PML commands,
Jens Müller
- [FD] Hacking Printers Advisory 4/6: Multiple vendors buffer overflow in LPD daemon and PJL interpreter,
Jens Müller
- [FD] Hacking Printers Advisory 3/6: Brother printers vulnerable to memory access via PJL commands,
Jens Müller
- [FD] Hacking Printers Advisory 6/6: Multiple vendors physical NVRAM damage via PJL commands,
Jens Müller
- [FD] PEAR Base System v1.10.1 Arbitrary File Download,
hyp3rlinx
- [FD] [REVIVE-SA-2017-001] Revive Adserver - Multiple vulnerabilities,
Matteo Beccati
- [FD] Executable installers are vulnerable^WEVIL (case 47): Heimdal Security's SetupLauncher vulnerable to DLL hijacking,
Stefan Kanthak
Mail converted by MHonArc