Home page logo
/

123 messages starting Nov 06 12 and ending Nov 28 12
Date index | Thread index | Author index

advisory

Multiple Vulnerabilities in LibreOffice advisory (Nov 06)
SQL Injection Vulnerability in OrangeHRM advisory (Nov 06)
Cross-Site Request Forgery (CSRF) in CMS Made Simple advisory (Nov 07)
Multiple vulnerabilities in BabyGekko advisory (Nov 14)
Multiple vulnerabilities in dotProject advisory (Nov 21)

alien DC4420

DC4420 - London DEFCON - November meet - Tuesday 20th November alien DC4420 (Nov 16)

Andrea Barisani

[oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision Andrea Barisani (Nov 26)

Apple Product Security

APPLE-SA-2012-11-01-1 iOS 6.0.1 Apple Product Security (Nov 02)
APPLE-SA-2012-11-01-2 Safari 6.0.2 Apple Product Security (Nov 02)
APPLE-SA-2012-11-07-1 QuickTime 7.7.3 Apple Product Security (Nov 08)
APPLE-SA-2012-11-29-1 Apple TV 5.1.1 Apple Product Security (Nov 30)

bingxuefenggu

VideoLAN VLC Media Player <= 2.0.4 Crash Bug bingxuefenggu (Nov 05)

Carlos Reventlov

Twitter App 5.0 vulnerable to eavesdropping Carlos Reventlov (Nov 23)

Chris S

iCompel Digital Signage risks Chris S (Nov 05)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Cisco Systems Product Security Incident Response Team (Nov 01)
Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Nov 01)
Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue Cisco Systems Product Security Incident Response Team (Nov 08)
Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Nov 08)
Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities Cisco Systems Product Security Incident Response Team (Nov 09)

cjlacayo

[CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air cjlacayo (Nov 15)

David Sopas

PrestaShop <= 1.5.1 Persistent XSS David Sopas (Nov 01)

DefenseCode

[DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities DefenseCode (Nov 13)
[DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities DefenseCode (Nov 26)

Derek Martin

Re: rssh security announcement Derek Martin (Nov 28)

Florian Weimer

[SECURITY] [DSA 2574-1] typo3-src security update Florian Weimer (Nov 16)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-12:06.bind FreeBSD Security Advisories (Nov 23)
FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd FreeBSD Security Advisories (Nov 23)
FreeBSD Security Advisory FreeBSD-SA-12:08.linux FreeBSD Security Advisories (Nov 23)

Henri Salo

Re: [Full-disclosure] XSS, LFI and SQL Injection Vulnerabilities in Achievo Henri Salo (Nov 02)

Jakob Lell

CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Jakob Lell (Nov 19)
Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Jakob Lell (Nov 20)

Jan Lieskovsky

Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Jan Lieskovsky (Nov 14)

Jann Horn

Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework Jann Horn (Nov 13)

Joseph Sheridan

Forescout NAC (Network Access Control) multiple vulnerabilities Joseph Sheridan (Nov 26)
Safend Data Protector Multiple Vulnerabilities Joseph Sheridan (Nov 29)

larry0

Oracle Exadata leaf switch logins larry0 (Nov 29)

Lists

SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011 Lists (Nov 30)

LpSolit

Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12 LpSolit (Nov 14)

Luciano Bello

[SECURITY] [DSA 2573-1] radsecproxy security update Luciano Bello (Nov 12)

machuanlei

[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability machuanlei (Nov 05)

marcelavbx

XSS in dokeos 2.1.1 marcelavbx (Nov 01)
XSS in answer my question plugin marcelavbx (Nov 05)
Sql injection in AJAX post Search wordpress plugin marcelavbx (Nov 07)

Matan Azugi

FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= Matan Azugi (Nov 20)

Michal Ambroz

Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Michal Ambroz (Nov 14)

n0b0d13s

[CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability n0b0d13s (Nov 02)

nauty . me04

Reflective XSS in uk cookie plugin nauty . me04 (Nov 13)
XSS Vulnerability in Simple Slider Wordpress Plugin nauty . me04 (Nov 23)
ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL nauty . me04 (Nov 29)
Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability nauty . me04 (Nov 29)

NCC Group Research

NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout NCC Group Research (Nov 30)
NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow NCC Group Research (Nov 30)
NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection NCC Group Research (Nov 30)
NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection NCC Group Research (Nov 30)
NGS000330 Technical Advisory: Squiz CMS File Path Traversal NCC Group Research (Nov 30)
NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection NCC Group Research (Nov 30)
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel NCC Group Research (Nov 30)
NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL NCC Group Research (Nov 30)
NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email NCC Group Research (Nov 30)
NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator NCC Group Research (Nov 30)

Nico Golde

[SECURITY] [DSA 2575-1] tiff security update Nico Golde (Nov 19)

Nico Kadel-Garcia

Re: rssh security announcement Nico Kadel-Garcia (Nov 28)

osoriojr

Re: [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] osoriojr (Nov 01)

Raphael Geissert

[SECURITY] [DSA 2571-1] libproxy security update Raphael Geissert (Nov 05)

research

PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls research (Nov 05)

ReVuln

0-day vulnerabilities in Call of Duty MW3 and CryEngine 3 ReVuln (Nov 14)

roberto . paleari

Weak password encryption on Huawei products roberto . paleari (Nov 13)

roman . fiedler

OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures roman . fiedler (Nov 20)

Russ Allbery

Re: rssh security announcement Russ Allbery (Nov 28)
Re: rssh security announcement Russ Allbery (Nov 29)

SEC Consult Vulnerability Lab

SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability SEC Consult Vulnerability Lab (Nov 15)

security

[ MDVSA-2012:169 ] java-1.6.0-openjdk security (Nov 01)
[ MDVSA-2012:170 ] firefox security (Nov 05)
[ MDVSA-2012:171 ] icedtea-web security (Nov 09)
[ MDVSA-2012:172 ] libproxy security (Nov 19)
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security (Nov 19)
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security (Nov 20)
[ MDVSA-2012:173 ] firefox security (Nov 21)
[ MDVSA-2012:174 ] libtiff security (Nov 22)
[ MDVSA-2012:175 ] libssh security (Nov 29)

Security Alert

ESA-2012-055: RSA® Data Protection Manager Multiple Vuln erabilities Security Alert (Nov 13)
ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities Security Alert (Nov 26)
ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities Security Alert (Nov 26)

security-alert

[security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data security-alert (Nov 02)
[security bulletin] HPSBMU02815 SSRT100715 rev.4 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert (Nov 02)
[security bulletin] HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities security-alert (Nov 02)
[security bulletin] HPSBHF02699 SSRT100592 rev.2 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure security-alert (Nov 06)
[security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information security-alert (Nov 20)

Security Explorations

[SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations (Nov 16)
Re: [SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations (Nov 20)
[SE-2011-01] Additional materials released for SAT TV research Security Explorations (Nov 27)

Slackware Security Team

[slackware-security] mozilla-firefox (SSA:2012-326-02) Slackware Security Team (Nov 22)
[slackware-security] seamonkey (SSA:2012-326-01) Slackware Security Team (Nov 22)
[slackware-security] mozilla-thunderbird (SSA:2012-326-03) Slackware Security Team (Nov 22)

Sooel Postman

Vulnerability Report on AWCM 2.2 Sooel Postman (Nov 08)

Stefan Fritsch

[SECURITY] [DSA 2579-1] apache2 security update Stefan Fritsch (Nov 30)

Stefan Kanthak

Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client Stefan Kanthak (Nov 05)
Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0 Stefan Kanthak (Nov 06)

Tavis Ormandy

multiple critical vulnerabilities in sophos products Tavis Ormandy (Nov 06)

Thijs Kinkhorst

[SECURITY] [DSA 2572-1] iceape security update Thijs Kinkhorst (Nov 05)

Tim Brown

Medium risk security flaws in Konqueror Tim Brown (Nov 01)
[OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 13)
Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 13)

Vikas N Kumar

Wisecracker 1.0 - A high performance distributed cryptanalysis framework Vikas N Kumar (Nov 06)
Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework Vikas N Kumar (Nov 13)

Vulnerability Lab

NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 01)
PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Vulnerability Lab (Nov 01)
VaM Shop v1.69 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 01)
BananaDance Wiki b2.2 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 12)
Eventy CMS v1.8 Plus - Multiple Web Vulnerablities Vulnerability Lab (Nov 13)
Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Vulnerability Lab (Nov 13)
iDev Rentals v1.0 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 14)
Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local) Vulnerability Lab (Nov 19)
Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites Vulnerability Lab (Nov 19)
SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities Vulnerability Lab (Nov 20)
Wordpress Facebook Survey v1 - SQL Injection Vulnerability Vulnerability Lab (Nov 20)
ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities Vulnerability Lab (Nov 21)

VUPEN Security Research

VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability VUPEN Security Research (Nov 26)
VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability VUPEN Security Research (Nov 30)

YGN Ethical Hacker Group

Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Nov 16)

Yves-Alexis Perez

[SECURITY] [DSA 2570-1] openoffice.org security update Yves-Alexis Perez (Nov 01)
[SECURITY] [DSA 2576-1] trousers security update Yves-Alexis Perez (Nov 23)
[SECURITY] [DSA 2578-1] rssh security update Yves-Alexis Perez (Nov 28)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault