Home page logo
/

233 messages starting Apr 09 12 and ending Apr 18 12
Date index | Thread index | Author index

Aaron T. Myers

[CVE-2012-1574] Apache Hadoop user impersonation vulnerability Aaron T. Myers (Apr 09)

ACROS Security Lists

ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting ACROS Security Lists (Apr 16)

Adam Behnke

Backtrack 5 R2 priv escalation 0day found in CTF exercise Adam Behnke (Apr 11)
Erronous post concerning Backtrack 5 R2 0day Adam Behnke (Apr 13)

advisory

Multiple vulnerabilities in osCmax advisory (Apr 04)
Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress advisory (Apr 11)
Multiple XSS vulnerabilities in XOOPS advisory (Apr 18)
Multiple vulnerabilities in Newscoop advisory (Apr 18)
Multiple vulnerabilities in Piwigo advisory (Apr 25)

Akita Software Security

.NET Framework EncoderParameter integer overflow vulnerability Akita Software Security (Apr 23)

Amir

vBulletin 4.1.10 Sql Injection Vulnerabilitiy Amir (Apr 05)
Wordpress taggator plugin Sql Injection Vulnerabilities Amir (Apr 05)
Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities Amir (Apr 30)

Amos Jeffries

Re: Squid URL Filtering Bypass Amos Jeffries (Apr 23)

Ange Albertini

[CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64) Ange Albertini (Apr 19)

Apple Product Security

APPLE-SA-2012-04-03-1 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 Apple Product Security (Apr 04)
APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 Apple Product Security (Apr 13)
APPLE-SA-2012-04-13-1 Flashback malware removal tool Apple Product Security (Apr 16)

ariosrandy

PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities ariosrandy (Apr 30)

Asterisk Security Team

AST-2012-004: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Apr 23)
AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver Asterisk Security Team (Apr 23)
AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver Asterisk Security Team (Apr 23)

bede

XSS in Kaseya version 6.2.0.0 web interface bede (Apr 20)

blaszczakm

CitrusDB 2.4.1 - LFI/SQLi Vulnerability blaszczakm (Apr 09)

b . saleh

Arbor Networks Peakflow SP web interface XSS b . saleh (Apr 04)

cfp

Ruxcon 2012 Call For Papers cfp (Apr 19)

Charles Morris

Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services Charles Morris (Apr 25)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Cisco Systems Product Security Incident Response Team (Apr 04)

come2waraxe

[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0 come2waraxe (Apr 05)
[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4 come2waraxe (Apr 05)
[waraxe-2012-SA#084] - Multiple Vulnerabilities in OpenCart 1.5.2.1 come2waraxe (Apr 09)
[waraxe-2012-SA#085] - Reflected XSS in Uploadify Integration Wordpress plugin come2waraxe (Apr 09)
[waraxe-2012-SA#086] - Local File Inclusion in Invision Power Board 3.3.0 come2waraxe (Apr 12)

Crash

[DCA-2011-0016] - Tufin SecureTrack Cross Site Script Crash (Apr 04)

CrAzY_CrAcKeR

PHPNuke Module's Name Download SQL Injection Vulnerabilities CrAzY_CrAcKeR (Apr 09)
online newspaper university"newsdesc.php" SQL Injection Vulnerabilities CrAzY_CrAcKeR (Apr 12)
Total Quality Machines (productdetail.php) SQL Injection Vulnerabilities CrAzY_CrAcKeR (Apr 16)

ddivulnalert

DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal ddivulnalert (Apr 26)
DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal ddivulnalert (Apr 26)

Esteban Martinez Fayo

OCIPasswordChange API leaks information of password hash (CVE-2012-0511) Esteban Martinez Fayo (Apr 20)

Fermín J . Serna

CVE-2012-0769, the case of the perfect info leak Fermín J . Serna (Apr 09)

Fernando Gont

IPv6 stable privacy addresses Fernando Gont (Apr 04)
Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012 Fernando Gont (Apr 16)
IPv6 host scanning in IPv6 Fernando Gont (Apr 20)
New IETF I-D: Security Implications of IPv6 on IPv4 networks Fernando Gont (Apr 24)

Filip Palian

Sourcefire Defense Center - multiple vulnerabilities. Filip Palian (Apr 04)

Florent Daigniere

[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 Florent Daigniere (Apr 05)

Florian Weimer

[SECURITY] [DSA 2445-1] typo3-src security update Florian Weimer (Apr 04)
[SECURITY] [DSA 2442-2] openarena regression Florian Weimer (Apr 04)
[SECURITY] [DSA 2398-2] curl regression Florian Weimer (Apr 04)
[SECURITY] [DSA 2459-1] quagga security update Florian Weimer (Apr 26)

gab . mnunes

Sony Bravia Remote Denial of Service - CVE-2012-2210 gab . mnunes (Apr 05)

Gabriel Menezes Nunes

Squid URL Filtering Bypass Gabriel Menezes Nunes (Apr 18)
McAfee Web Gateway URL Filtering Bypass Gabriel Menezes Nunes (Apr 18)
Re: Squid URL Filtering Bypass Gabriel Menezes Nunes (Apr 19)
Re: Squid URL Filtering Bypass Gabriel Menezes Nunes (Apr 23)

h1kari

ToorCamp 2012: The American Hacker Camp h1kari (Apr 26)

Hafez Kamal

[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) Hafez Kamal (Apr 23)

Henri Salo

Re: Wordpress advanced-text-widget Plugin Vulnerabilities Henri Salo (Apr 18)
Re: Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities Henri Salo (Apr 18)
Re: Wordpress 1-jquery-photo-gallery-slideshow-flash plugin Cross-Site Scripting Vulnerabilities Henri Salo (Apr 18)

info

Re: Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Are Fixed! info (Apr 11)

InterN0T Advisories

Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise InterN0T Advisories (Apr 13)

irancrash

DokuWiki Ver.2012/01/25 CSRF Add User Exploit irancrash (Apr 18)

Ivan Buetler

OWASP 2012 Online Competition with Hacking-Lab Ivan Buetler (Apr 30)

ivan_terkin

SQL injection in Wordpress plugin Buddypress ivan_terkin (Apr 04)

Jacopo Cappellato

[CVE-2012-1621] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)

Jamie Riden

Re: Erronous post concerning Backtrack 5 R2 0day Jamie Riden (Apr 13)

jc

RuggedCom - Backdoor Accounts in my SCADA network? You don't say... jc (Apr 24)

Jelmer Kuperus

Specially crafted Json service request allows full control over a Liferay portal instance Jelmer Kuperus (Apr 20)
Liferay 6.1 can be compromised in its default configuration Jelmer Kuperus (Apr 20)
Specially crafted webdav request allows reading of local files on liferay 6.0.x Jelmer Kuperus (Apr 20)

Jesús Olmos

linux privileged and arbitrary chdir() (fixed at 5.4 cifs release) Jesús Olmos (Apr 25)

Jim Harrison

RE: Squid URL Filtering Bypass Jim Harrison (Apr 20)
RE: McAfee Web Gateway URL Filtering Bypass Jim Harrison (Apr 24)
RE: We're now paying up to $20,000 for web vulns in our services Jim Harrison (Apr 25)

Jonathan Brossard

Hackito 2012 Crypto Challenge Jonathan Brossard (Apr 04)

Jonathan Wiltshire

[SECURITY] [DSA 2448-1] inspircd security update Jonathan Wiltshire (Apr 10)

Jose Nazario

Re: Arbor Networks Peakflow SP web interface XSS Jose Nazario (Apr 04)
Re: Arbor Networks Peakflow SP web interface XSS Jose Nazario (Apr 05)

Joxean Koret

The history of a -probably- 13 years old Oracle bug: TNS Poison Joxean Koret (Apr 19)
Oracle TNS Poison vulnerability is actually a 0day with no patch available Joxean Koret (Apr 26)

laurenz . albe

Re: The history of a -probably- 13 years old Oracle bug: TNS Poison laurenz . albe (Apr 26)

Lostmon

Re: phpMyBible 0.5.1 Mutiple XSS Lostmon (Apr 23)

LpSolit

Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9 LpSolit (Apr 19)

Luigi Auriemma

Vulnerabilities in Samsung TV (remote controller protocol) Luigi Auriemma (Apr 19)

Major Malfunction

DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 Major Malfunction (Apr 20)

Mario Vilas

Re: Squid URL Filtering Bypass Mario Vilas (Apr 19)

Mark Stanislav

'e-ticketing' SQL Injection (CVE-2012-1673) Mark Stanislav (Apr 04)
'phpPaleo' Local File Inclusion (CVE-2012-1671) Mark Stanislav (Apr 04)
'Hotel Booking Portal' SQL Injection (CVE-2012-1672) Mark Stanislav (Apr 04)

Michal Zalewski

FYI: We're now paying up to $20,000 for web vulns in our services Michal Zalewski (Apr 23)
Re: We're now paying up to $20,000 for web vulns in our services Michal Zalewski (Apr 25)
Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 25)

Moritz Muehlenhoff

[SECURITY] [DSA 2446-1] libpng security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2447-1] tiff security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2456-1] dropbear security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2457-1] iceweasel security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2548-1] iceape security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2460-1] asterisk security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2461-1] spip security update Moritz Muehlenhoff (Apr 27)
[SECURITY] [DSA 2462-1] imagemagick security update Moritz Muehlenhoff (Apr 30)

n0b0d13s

WebCalendar <= 1.2.4 Two Security Vulnerabilities n0b0d13s (Apr 23)

Netsparker Advisories

XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Netsparker Advisories (Apr 23)

Nico Golde

[SECURITY] [DSA 2449-1] sqlalchemy security update Nico Golde (Apr 12)
[SECURITY] [DSA 2451-1] puppet security update Nico Golde (Apr 13)
[SECURITY] [DSA 2453-1] gajim security update Nico Golde (Apr 16)
[SECURITY] [DSA 2453-2] gajim regression Nico Golde (Apr 19)
[SECURITY] [DSA 2455-1] typo3-src security update Nico Golde (Apr 23)

nospam

Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite nospam (Apr 05)
Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite nospam (Apr 05)
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability nospam (Apr 30)

paul . szabo

Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 16)
Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 17)

Per Thorsheim

Passwords^12 : Call for Presentations Per Thorsheim (Apr 16)

psiinon

OWASP ZAP 1.4.0 released psiinon (Apr 09)

Raphael Geissert

[SECURITY] [DSA 2454-1] openssl security update Raphael Geissert (Apr 20)
[SECURITY] [DSA 2454-2] openssl incomplete fix Raphael Geissert (Apr 25)

Research

Landshop v0.9.2 - Multiple Web Vulnerabilities Research (Apr 04)
[Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 04)
Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Research (Apr 04)
ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities Research (Apr 04)
DirectAdmin v1.403 - Cross Site Scripting Vulnerability Research (Apr 04)
[Suspected Spam] AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities Research (Apr 09)
idev Game Site CMS v1.0 - Multiple Web Vulnerabilites Research (Apr 09)
osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Research (Apr 09)
CsForum v0.8 - Cross Site Scripting Vulnerability Research (Apr 09)
[Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 09)
[Suspected Spam] Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities Research (Apr 09)
Matterdaddy Market v1.1 - SQL Injection Vulnerabilities Research (Apr 10)
GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities Research (Apr 10)
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities Research (Apr 12)
[Suspected Spam] DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities Research (Apr 12)
Crystal Office Suite v1.43 - Buffer Overflow Vulnerability Research (Apr 12)
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites Research (Apr 13)
[Suspected Spam] K-Meleon Browser v1.5.4 - Denial of Service Vulnerability Research (Apr 16)
Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities Research (Apr 16)
[Suspected Spam] Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities Research (Apr 16)
[Suspected Spam] IPhone TreasonSMS - HTML Inject & File Include Vulnerability Research (Apr 23)
[Suspected Spam] Havalite CMS v1.0.4 - Multiple Web Vulnerabilities Research (Apr 23)
PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability Research (Apr 23)
[Spam] Chengdu Bureau of Commerce - SQL Injection Vulnerability Research (Apr 23)
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities Research (Apr 27)
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Research (Apr 27)
Car Portal CMS v3.0 - Multiple Web Vulnerabilities Research (Apr 27)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 27)
Opial CMS v2.0 - Multiple Web Vulnerabilities Research (Apr 30)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 30)
Pritlog v0.821 CMS - Multiple Web Vulnerabilities Research (Apr 30)

Research () NGSSecure

NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow Research () NGSSecure (Apr 30)
NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI Research () NGSSecure (Apr 30)
NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI Research () NGSSecure (Apr 30)
NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM Research () NGSSecure (Apr 30)
NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI Research () NGSSecure (Apr 30)
NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation Research () NGSSecure (Apr 30)
NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM Research () NGSSecure (Apr 30)

Richard Barrett

Re: Squid URL Filtering Bypass Richard Barrett (Apr 19)

Secunia Research

Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue Secunia Research (Apr 09)
Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities Secunia Research (Apr 09)

security

[ MDVSA-2012:046 ] libpng security (Apr 04)
[ MDVSA-2012:047 ] freeradius security (Apr 04)
[ MDVSA-2012:048 ] mutt security (Apr 04)
[ MDVSA-2012:049 ] nagios security (Apr 04)
[ MDVSA-2012:050 ] phpmyadmin security (Apr 04)
[ MDVSA-2012:051 ] libvorbis security (Apr 04)
[ MDVSA-2012:052 ] libvorbis security (Apr 04)
[ MDVSA-2012:053 ] ocsinventory security (Apr 04)
[ MDVSA-2012:054 ] libtiff security (Apr 05)
[ MDVSA-2012:055 ] samba security (Apr 11)
[ MDVSA-2012:056 ] rpm security (Apr 12)
[ MDVSA-2012:057 ] freetype2 security (Apr 12)
[ MDVSA-2012:058 ] curl security (Apr 13)
[ MDVSA-2012:059 ] python-sqlalchemy security (Apr 16)
[ MDVSA-2012:032-1 ] mozilla security (Apr 18)
[ MDVSA-2012:060 ] openssl security (Apr 19)
[ MDVSA-2012:061 ] raptor security (Apr 23)
[ MDVSA-2012:062 ] openoffice.org security (Apr 23)
[ MDVSA-2012:063 ] libreoffice security (Apr 23)
[ MDVSA-2012:064 ] openssl0.9.8 security (Apr 24)
[ MDVSA-2012:066 ] mozilla security (Apr 27)
[ MDVSA-2012:065 ] php security (Apr 27)

Security_Alert

ESA-2012-018: EMC Data Protection Advisor Multiple Vulnerabilities Security_Alert (Apr 19)

security-alert

[security bulletin] HPSBMU02759 SSRT100817 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access, Unauthorized Information Disclosure, Denial of Service (DoS), URL Redirection security-alert (Apr 04)
[security bulletin] HPSBMU02753 SSRT100782 rev.1 - HP Business Availability Center (BAC) Running Apache, Remote Execution of Arbitrary Commands, Denial of Service (DoS) security-alert (Apr 04)
[security bulletin] HPSBMU02749 SSRT100793 rev.1 - HP Business Availability Center (BAC) Running on Windows, Remote Cross Site Scripting (XSS) security-alert (Apr 04)
[security bulletin] HPSBUX02757 SSRT100779 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Apr 05)
[security bulletin] HPSBUX02758 SSRT100774 rev.1 - HP-UX running DCE, Remote Denial of Service (DoS) security-alert (Apr 05)
[security bulletin] HPSBUX02760 SSRT100805 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Apr 05)
[security bulletin] HPSBPV02754 SSRT100803 rev.1 - HP ProCurve 5400 zl Switch, Compact flash card virus security-alert (Apr 11)
[security bulletin] HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities security-alert (Apr 17)
[security bulletin] HPSBOV02763 SSRT100826 rev.1 - HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification security-alert (Apr 17)
[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA, Remote Denial of Service (DoS), Unauthorized Access, Privilege Escalation, Unauthorized Disclosure of Information, Unauthorized Modification security-alert (Apr 17)
[security bulletin] HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS) security-alert (Apr 18)
[security bulletin] HPSBMU02766 SSRT100624 rev.1 - HP Onboard Administrator (OA), Remote Denial of Service (DoS) security-alert (Apr 18)
[security bulletin] HPSBUX02761 SSRT100823 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Privilege security-alert (Apr 20)
[security bulletin] HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities security-alert (Apr 20)
[security bulletin] HPSBUX02768 SSRT100664 rev.1 - CIFS Server (Samba), Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS) security-alert (Apr 24)
[security bulletin] HPSBPI02728 SSRT100692 rev.6 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert (Apr 26)
[security bulletin] HPSBPV02754 SSRT100803 rev.2 - HP ProCurve 5400 zl Switch, Compact flash card contains trojan malware security-alert (Apr 27)

Security Explorations

[SE-2012-01] Security vulnerabilities in Java SE Security Explorations (Apr 04)
[SE-2012-01] Security weakness in Apple Quicktime Java extensions Security Explorations (Apr 12)

Shatter

TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command Shatter (Apr 12)
Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) Shatter (Apr 20)
Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511) Shatter (Apr 20)
SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512) Shatter (Apr 20)
SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525) Shatter (Apr 20)
HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) Shatter (Apr 20)
HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) Shatter (Apr 20)
Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528) Shatter (Apr 20)
OCIPasswordChange API leaks information of password hash (CVE-2012-0511) Shatter (Apr 20)

Stefan Fritsch

[SECURITY] [DSA 2452-1] apache2 security update Stefan Fritsch (Apr 16)

sumanj

Android information leak sumanj (Apr 11)

Thijs Kinkhorst

[SECURITY] [DSA 2450-1] samba security update Thijs Kinkhorst (Apr 13)

Thomas Richards

Fwd: PHP Gift Registry 1.5.5 SQL Injection Thomas Richards (Apr 17)
phpMyBible 0.5.1 Mutiple XSS Thomas Richards (Apr 23)
ChurchCMS 0.0.1 'admin.php' Multiple SQLi Thomas Richards (Apr 23)
PHP Ticket System Beta 1 'p' SQL Injection Thomas Richards (Apr 24)
PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Thomas Richards (Apr 26)

Tobias Glemser

TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0 Tobias Glemser (Apr 18)

Trustwave Advisories

TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Apr 12)

v . hirve

ClubHack Magazine's April 2012 Issue is released. v . hirve (Apr 18)

Vikram Dhillon

Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability Vikram Dhillon (Apr 17)
Re: McAfee Web Gateway URL Filtering Bypass Vikram Dhillon (Apr 23)

VMware Security Team

VMSA-2012-0006 VMware ESXi and ESX address several security issues VMware Security Team (Apr 04)
VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation VMware Security Team (Apr 13)
VMSA-2012-0008 VMware ESX updates to ESX Service Console VMware Security Team (Apr 27)

VSR Advisories

HTC IQRD Android Permission Leakage (CVE-2012-2217) VSR Advisories (Apr 23)

VUPEN Security Research

VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172) VUPEN Security Research (Apr 18)
VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vulnerability (APSB12-07 / CVE-2012-0773) VUPEN Security Research (Apr 19)

YGN Ethical Hacker Group

FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Acuity CMS 2.6.x <= Cross Site Scripting YGN Ethical Hacker Group (Apr 18)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault