Home page logo
/

123 messages starting Nov 01 12 and ending Nov 30 12
Date index | Thread index | Author index

Thursday, 01 November

NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Vulnerability Lab
PrestaShop <= 1.5.1 Persistent XSS David Sopas
PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Vulnerability Lab
VaM Shop v1.69 - Multiple Web Vulnerabilities Vulnerability Lab
Medium risk security flaws in Konqueror Tim Brown
XSS in dokeos 2.1.1 marcelavbx
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 2570-1] openoffice.org security update Yves-Alexis Perez
Re: [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] osoriojr
[ MDVSA-2012:169 ] java-1.6.0-openjdk security

Friday, 02 November

APPLE-SA-2012-11-01-1 iOS 6.0.1 Apple Product Security
APPLE-SA-2012-11-01-2 Safari 6.0.2 Apple Product Security
[security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data security-alert
[security bulletin] HPSBMU02815 SSRT100715 rev.4 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert
Re: [Full-disclosure] XSS, LFI and SQL Injection Vulnerabilities in Achievo Henri Salo
[security bulletin] HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities security-alert
[CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability n0b0d13s

Monday, 05 November

[ MDVSA-2012:170 ] firefox security
[SECURITY] [DSA 2571-1] libproxy security update Raphael Geissert
[SECURITY] [DSA 2572-1] iceape security update Thijs Kinkhorst
PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls research
Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client Stefan Kanthak
iCompel Digital Signage risks Chris S
XSS in answer my question plugin marcelavbx
VideoLAN VLC Media Player <= 2.0.4 Crash Bug bingxuefenggu
[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability machuanlei

Tuesday, 06 November

Multiple Vulnerabilities in LibreOffice advisory
SQL Injection Vulnerability in OrangeHRM advisory
multiple critical vulnerabilities in sophos products Tavis Ormandy
Wisecracker 1.0 - A high performance distributed cryptanalysis framework Vikas N Kumar
[security bulletin] HPSBHF02699 SSRT100592 rev.2 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure security-alert
Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0 Stefan Kanthak

Wednesday, 07 November

Sql injection in AJAX post Search wordpress plugin marcelavbx
Cross-Site Request Forgery (CSRF) in CMS Made Simple advisory

Thursday, 08 November

Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team
APPLE-SA-2012-11-07-1 QuickTime 7.7.3 Apple Product Security
Vulnerability Report on AWCM 2.2 Sooel Postman

Friday, 09 November

Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities Cisco Systems Product Security Incident Response Team
[ MDVSA-2012:171 ] icedtea-web security

Monday, 12 November

[SECURITY] [DSA 2573-1] radsecproxy security update Luciano Bello
BananaDance Wiki b2.2 - Multiple Web Vulnerabilities Vulnerability Lab

Tuesday, 13 November

[DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities DefenseCode
Eventy CMS v1.8 Plus - Multiple Web Vulnerablities Vulnerability Lab
Weak password encryption on Huawei products roberto . paleari
[OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown
Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Vulnerability Lab
Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown
ESA-2012-055: RSA® Data Protection Manager Multiple Vuln erabilities Security Alert
Reflective XSS in uk cookie plugin nauty . me04
Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework Jann Horn
Re: Wisecracker 1.0 - A high performance distributed cryptanalysis framework Vikas N Kumar

Wednesday, 14 November

0-day vulnerabilities in Call of Duty MW3 and CryEngine 3 ReVuln
Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Jan Lieskovsky
Multiple vulnerabilities in BabyGekko advisory
Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12 LpSolit
iDev Rentals v1.0 - Multiple Web Vulnerabilities Vulnerability Lab
Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Michal Ambroz

Thursday, 15 November

SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability SEC Consult Vulnerability Lab
[CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air cjlacayo

Friday, 16 November

[SECURITY] [DSA 2574-1] typo3-src security update Florian Weimer
DC4420 - London DEFCON - November meet - Tuesday 20th November alien DC4420
[SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations
Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group

Monday, 19 November

[SECURITY] [DSA 2575-1] tiff security update Nico Golde
[ MDVSA-2012:172 ] libproxy security
Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local) Vulnerability Lab
Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites Vulnerability Lab
CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Jakob Lell
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security

Tuesday, 20 November

[security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information security-alert
SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities Vulnerability Lab
Re: [SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations
OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures roman . fiedler
FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= Matan Azugi
Wordpress Facebook Survey v1 - SQL Injection Vulnerability Vulnerability Lab
Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Jakob Lell
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security

Wednesday, 21 November

ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities Vulnerability Lab
Multiple vulnerabilities in dotProject advisory
[ MDVSA-2012:173 ] firefox security

Thursday, 22 November

[slackware-security] mozilla-firefox (SSA:2012-326-02) Slackware Security Team
[slackware-security] seamonkey (SSA:2012-326-01) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2012-326-03) Slackware Security Team
[ MDVSA-2012:174 ] libtiff security

Friday, 23 November

FreeBSD Security Advisory FreeBSD-SA-12:06.bind FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-12:08.linux FreeBSD Security Advisories
XSS Vulnerability in Simple Slider Wordpress Plugin nauty . me04
Twitter App 5.0 vulnerable to eavesdropping Carlos Reventlov
[SECURITY] [DSA 2576-1] trousers security update Yves-Alexis Perez

Monday, 26 November

[oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision Andrea Barisani
VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability VUPEN Security Research
ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities Security Alert
ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities Security Alert
[DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities DefenseCode
Forescout NAC (Network Access Control) multiple vulnerabilities Joseph Sheridan

Tuesday, 27 November

[SE-2011-01] Additional materials released for SAT TV research Security Explorations

Wednesday, 28 November

[SECURITY] [DSA 2578-1] rssh security update Yves-Alexis Perez
Re: rssh security announcement Derek Martin
Re: rssh security announcement Russ Allbery
Re: rssh security announcement Nico Kadel-Garcia

Thursday, 29 November

[ MDVSA-2012:175 ] libssh security
Re: rssh security announcement Russ Allbery
Oracle Exadata leaf switch logins larry0
ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL nauty . me04
Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability nauty . me04
Safend Data Protector Multiple Vulnerabilities Joseph Sheridan

Friday, 30 November

VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability VUPEN Security Research
APPLE-SA-2012-11-29-1 Apple TV 5.1.1 Apple Product Security
[SECURITY] [DSA 2579-1] apache2 security update Stefan Fritsch
SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011 Lists
NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout NCC Group Research
NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow NCC Group Research
NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection NCC Group Research
NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection NCC Group Research
NGS000330 Technical Advisory: Squiz CMS File Path Traversal NCC Group Research
NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection NCC Group Research
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel NCC Group Research
NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL NCC Group Research
NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email NCC Group Research
NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator NCC Group Research
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault