Home page logo
/

192 messages starting Apr 18 13 and ending Apr 30 13
Date index | Thread index | Author index

43z sec

CVE-2013-2504 : Matrix42 Service Desk XSS 43z sec (Apr 18)

advisory

SQL Injection Vulnerability in Symphony advisory (Apr 03)
PHP Code Injection in FUDforum advisory (Apr 03)
Novell GroupWise Multiple Remote Code Execution Vulnerabilities advisory (Apr 03)
Multiple Vulnerabilities in KrisonAV CMS advisory (Apr 17)

akshay . vaghela

Groovy Media Player buffer overflow Vulnerability akshay . vaghela (Apr 04)

Alexandre De Oliveira

Hackito Ergo Sum 2013 Speaker Announcement! Alexandre De Oliveira (Apr 09)

Apple Product Security

APPLE-SA-2013-04-16-1 Safari 6.0.4 Apple Product Security (Apr 17)
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Apple Product Security (Apr 17)

Carl Benedict

Cisco/Linksys HTTP Service Remote DoS (Denial of Service) Carl Benedict (Apr 24)
Cisco/Linksys E1200 N300 Reflected XSS Carl Benedict (Apr 29)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team (Apr 18)
Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Apr 18)
Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Apr 25)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System Cisco Systems Product Security Incident Response Team (Apr 25)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product Cisco Systems Product Security Incident Response Team (Apr 25)

come2waraxe

[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 come2waraxe (Apr 01)
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5 come2waraxe (Apr 01)
[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 come2waraxe (Apr 09)
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin come2waraxe (Apr 25)

CORE Security Technologies Advisories

CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories (Apr 30)

ddivulnalert

DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal ddivulnalert (Apr 16)

demonalex

Personal File Share HTTP Server Remote Overflow Vulnerability demonalex (Apr 30)
Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability demonalex (Apr 30)

devnull

Multiple Vulnerabilities in D-Link devices devnull (Apr 08)
Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A devnull (Apr 23)
Multiple Vulnerabilities in D'Link DIR-635 devnull (Apr 26)

Egidio Romano

[KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability Egidio Romano (Apr 29)

ESNC Security

[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution ESNC Security (Apr 17)
[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control ESNC Security (Apr 17)
[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services ESNC Security (Apr 17)
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver ESNC Security (Apr 24)

F. Duchene

GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene (Apr 04)

Fernando Gont

SI6 Networks' IPv6 Toolkit v1.3.4 released! Fernando Gont (Apr 17)
Hacking IPv6 networks training (slideware, upcoming trainings, etc.) Fernando Gont (Apr 29)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-13:03.openssl FreeBSD Security Advisories (Apr 03)
FreeBSD Security Advisory FreeBSD-SA-13:04.bind FreeBSD Security Advisories (Apr 03)
FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver FreeBSD Security Advisories (Apr 30)
FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED] FreeBSD Security Advisories (Apr 30)

Giuseppe Iuculano

[SECURITY] [DSA 2658-1] postgresql-9.1 security update Giuseppe Iuculano (Apr 04)
[SECURITY] [DSA 2657-1] postgresql-8.4 security update Giuseppe Iuculano (Apr 04)

ISecAuditors Security Advisories

[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 ISecAuditors Security Advisories (Apr 09)

Itzik Kotler

Hackersh 0.1 Release Announcement Itzik Kotler (Apr 04)

Ken

[CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2 Ken (Apr 09)

larry0

Remote command execution in Ruby Gem ldoce 0.0.2 larry0 (Apr 02)
Remote command injection in Ruby Gem kelredd-pruview 0.3.8 larry0 (Apr 12)

Lists

Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 Lists (Apr 03)

Major Malfunction

DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 Major Malfunction (Apr 18)

Martin Braun

Open-Xchange Security Advisory 2013-04-17 Martin Braun (Apr 17)

Maxim Konovalov

Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)
Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)

Michael Eddington

EDSC 2013 CFP Open Michael Eddington (Apr 29)

Michał Błaszczak

[SQLi] vBilling for FreeSWITCH Michał Błaszczak (Apr 22)

Michal J.

WowzaMediaServer StorageDir escape (regression) Michal J. (Apr 30)
WowzaMediaServer SecureToken bypass (and worse) Michal J. (Apr 30)

mschratt

Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable mschratt (Apr 08)

NCC Group Research

NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities NCC Group Research (Apr 02)

nospam

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows nospam (Apr 26)
Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution nospam (Apr 26)

roberto

Authentication bypass on Netgear WNR1000 roberto (Apr 01)

roberto . paleari

Sitecom WLM-3500 backdoor accounts roberto . paleari (Apr 17)

safe3q

Nginx ngx_http_close_connection function integer overflow safe3q (Apr 25)

Salvatore Bonaccorso

[SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso (Apr 01)
[SECURITY] [DSA 2654-1] libxslt security update Salvatore Bonaccorso (Apr 04)
[SECURITY] [DSA 2662-1] xen security update Salvatore Bonaccorso (Apr 18)
[SECURITY] [DSA 2660-1] curl security update Salvatore Bonaccorso (Apr 22)

SEC Consult Vulnerability Lab

SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance SEC Consult Vulnerability Lab (Apr 03)
SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) SEC Consult Vulnerability Lab (Apr 04)
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab (Apr 18)
SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server SEC Consult Vulnerability Lab (Apr 18)
SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey SEC Consult Vulnerability Lab (Apr 18)
Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab (Apr 19)

security

[ MDVSA-2013:015-1 ] apache security (Apr 04)
[ MDVSA-2013:016 ] apache-mod_security security (Apr 04)
[ MDVSA-2013:017 ] arpwatch security (Apr 04)
[ MDVSA-2013:018 ] automake security (Apr 04)
[ MDVSA-2013:015-1 ] apache security (Apr 04)
[ MDVSA-2013:019 ] bash security (Apr 05)
[ MDVSA-2013:027-1 ] clamav security (Apr 05)
[ MDVSA-2013:029 ] apache-mod_security security (Apr 08)
[ MDVSA-2013:030 ] arpwatch security (Apr 08)
[ MDVSA-2013:031 ] automake security (Apr 08)
[ MDVSA-2013:032 ] bash security (Apr 08)
[ MDVSA-2013:023-1 ] coreutils security (Apr 08)
[ MDVSA-2013:033 ] cronie security (Apr 08)
[ MDVSA-2013:034 ] cups security (Apr 08)
[ MDVSA-2013:035 ] libexif security (Apr 08)
[ MDVSA-2013:036 ] exif security (Apr 08)
[ MDVSA-2013:037 ] fetchmail security (Apr 08)
[ MDVSA-2013:038 ] freeradius security (Apr 08)
[ MDVSA-2013:039 ] freetype2 security (Apr 08)
[ MDVSA-2013:001-1 ] gnupg security (Apr 08)
[ MDVSA-2013:040 ] gnutls security (Apr 08)
[ MDVSA-2013:041 ] html2ps security (Apr 08)
[ MDVSA-2013:042 ] krb5 security (Apr 08)
[ MDVSA-2013:043 ] libgssglue security (Apr 08)
[ MDVSA-2013:044 ] libjpeg security (Apr 08)
[ MDVSA-2013:045 ] libssh security (Apr 08)
[ MDVSA-2013:046 ] libtiff security (Apr 08)
[ MDVSA-2013:047 ] libxslt security (Apr 08)
[ MDVSA-2013:048 ] ncpfs security (Apr 08)
[ MDVSA-2013:049 ] net-snmp security (Apr 08)
[ MDVSA-2013:050 ] nss security (Apr 08)
[ MDVSA-2013:051 ] openssh security (Apr 08)
[ MDVSA-2013:052 ] openssl security (Apr 08)
[ MDVSA-2013:053 ] proftpd security (Apr 08)
[ MDVSA-2013:054 ] sudo security (Apr 08)
[ MDVSA-2013:055 ] wireshark security (Apr 08)
[ MDVSA-2013:056 ] libxml2 security (Apr 08)
[ MDVSA-2013:057 ] xinetd security (Apr 08)
[ MDVSA-2013:058 ] bind security (Apr 08)
[ MDVSA-2013:059 ] dhcp security (Apr 08)
[ MDVSA-2013:060 ] accountsservice security (Apr 08)
[ MDVSA-2013:061 ] awstats security (Apr 08)
[ MDVSA-2013:062 ] backuppc security (Apr 08)
[ MDVSA-2013:063 ] bip security (Apr 08)
[ MDVSA-2013:064 ] bogofilter security (Apr 08)
[ MDVSA-2013:065 ] boost security (Apr 08)
[ MDVSA-2013:066 ] bugzilla security (Apr 09)
[ MDVSA-2013:067 ] couchdb security (Apr 09)
[ MDVSA-2013:068 ] courier-authlib security (Apr 09)
[ MDVSA-2013:069 ] cups-pk-helper security (Apr 09)
[ MDVSA-2013:070 ] dbus security (Apr 09)
[ MDVSA-2013:071 ] dbus-glib security (Apr 09)
[ MDVSA-2013:072 ] dnsmasq security (Apr 09)
[ MDVSA-2013:073 ] dokuwiki security (Apr 09)
[ MDVSA-2013:074 ] drupal security (Apr 09)
[ MDVSA-2013:075 ] elinks security (Apr 09)
[ MDVSA-2013:076 ] emacs security (Apr 09)
[ MDVSA-2013:081 ] gegl security (Apr 09)
[ MDVSA-2013:082 ] gimp security (Apr 09)
[ MDVSA-2013:083 ] glib2.0 security (Apr 09)
[ MDVSA-2013:084 ] gnome-keyring security (Apr 09)
[ MDVSA-2013:085 ] groff security (Apr 09)
[ MDVSA-2013:086 ] groff security (Apr 09)
[ MDVSA-2013:087 ] firefox security (Apr 09)
[ MDVSA-2013:088 ] hplip security (Apr 09)
[ MDVSA-2013:089 ] icclib security (Apr 09)
[ MDVSA-2013:090 ] argyllcms security (Apr 09)
[ MDVSA-2013:091 ] icecast security (Apr 09)
[ MDVSA-2013:092 ] imagemagick security (Apr 09)
[ MDVSA-2013:078 ] fail2ban security (Apr 09)
[ MDVSA-2013:077 ] ettercap security (Apr 09)
[ MDVSA-2013:142 ] postgresql security (Apr 12)
[ MDVSA-2013:143 ] poppler security (Apr 16)
[ MDVSA-2013:144 ] phpmyadmin security (Apr 17)
[ MDVSA-2013:145 ] java-1.6.0-openjdk security (Apr 19)
[ MDVSA-2013:146 ] icedtea-web security (Apr 19)
[ MDVSA-2013:147 ] libarchive security (Apr 22)
[ MDVSA-2013:148 ] roundcubemail security (Apr 23)
[ MDVSA-2013:149 ] roundcubemail security (Apr 23)
[ MDVSA-2013:150 ] mysql security (Apr 23)
[ MDVSA-2013:151 ] curl security (Apr 29)
[ MDVSA-2013:152 ] subversion security (Apr 29)
[ MDVSA-2013:153 ] subversion security (Apr 29)
[ MDVSA-2013:154 ] util-linux security (Apr 29)
[ MDVSA-2013:155 ] fuse security (Apr 29)
[ MDVSA-2013:156 ] apache-mod_security security (Apr 30)
[ MDVSA-2013:157 ] krb5 security (Apr 30)
[ MDVSA-2013:158 ] krb5 security (Apr 30)

security-alert

[security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code security-alert (Apr 01)
[security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities security-alert (Apr 01)
[security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 08)
[security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities security-alert (Apr 16)
[security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency security-alert (Apr 24)
[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege security-alert (Apr 26)
[security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS) security-alert (Apr 29)
[security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files security-alert (Apr 29)
[security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update security-alert (Apr 30)
[security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert (Apr 30)
[security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert (Apr 30)

Security Explorations

[SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations (Apr 17)
Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations (Apr 17)
[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE Security Explorations (Apr 22)

shekyan

[CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI shekyan (Apr 09)

Simon Bieber

TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 Simon Bieber (Apr 03)

Slackware Security Team

[Suspected Spam] [slackware-security] libssh (SSA:2013-087-01) Slackware Security Team (Apr 01)
[slackware-security] mozilla-thunderbird (SSA:2013-093-02) Slackware Security Team (Apr 03)
[slackware-security] mozilla-firefox (SSA:2013-093-01) Slackware Security Team (Apr 03)
[slackware-security] subversion (SSA:2013-095-01) Slackware Security Team (Apr 08)
[slackware-security] seamonkey (SSA:2013-097-01) Slackware Security Team (Apr 08)

Steve

44Café 23rd April details Steve (Apr 22)

suzuki

CVE-2013-0798 : World read and write access to app_tmp directory on Android suzuki (Apr 09)

Timo Juhani Lindfors

Aastra IP Telephone hardcoded telnet admin password Timo Juhani Lindfors (Apr 08)

Trustwave Advisories

TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation Trustwave Advisories (Apr 19)

US-CERT Alerts

US-CERT Alert TA13-088A: DNS Amplification Attacks US-CERT Alerts (Apr 01)

Vulnerability Lab

MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab (Apr 01)

VUPEN Security Research

VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013) VUPEN Security Research (Apr 18)
VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) VUPEN Security Research (Apr 19)

Yves-Alexis Perez

[SECURITY] [DSA 2661-1] xorg-server security update Yves-Alexis Perez (Apr 18)
[SECURITY] [DSA 2663-1] tinc security update Yves-Alexis Perez (Apr 23)
[SECURITY] [DSA 2665-1] strongswan security update Yves-Alexis Perez (Apr 30)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]