Home page logo
/

202 messages starting Jul 01 13 and ending Jul 30 13
Date index | Thread index | Author index

Monday, 01 July

GreHack 2013 - CFP EXTENDED TO JULY,16 - Conf: Nov. 15, Grenoble, France F. Duchene
[slackware-security] mozilla-thunderbird (SSA:2013-180-02) Slackware Security Team
joomla com_football Components Sql Injection vulnerability iedb . team
[slackware-security] mozilla-firefox (SSA:2013-180-01) Slackware Security Team
Re: ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability security_alert
[security bulletin] HPSBST02846 SSRT100798 rev.2 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code security-alert
[security bulletin] HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution security-alert
[SECURITY] CVE-2013-1777: Apache Geronimo 3 RMI classloader exposure Jarek Gawor

Tuesday, 02 July

[CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows Inshell Security
[CVE-2013-4695] WinAmp v5.63 gen_ff.dll links.xml Value Parsing Invalid Pointer Dereference Inshell Security
Re: joomla com_football Components Sql Injection vulnerability Packet Storm
Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access kyle Lovett
[ MDVSA-2013:187 ] apache-mod_security security
WordPress feed plugin Sql Injection iedb . team
[ MDVSA-2013:188 ] otrs security
[ MDVSA-2013:189 ] wordpress security
[ MDVSA-2013:190 ] autotrace security
WordPress category-grid-view-galler plugin Cross-Site Scripting Vulnerabilities iedb . team
Real player resource exhaustion Vulnerability akshay . vaghela
[ MDVSA-2013:191 ] fail2ban security

Wednesday, 03 July

[ MDVSA-2013:192 ] php-radius security
[SECURITY] [DSA 2718-1] wordpress security update Yves-Alexis Perez
[security bulletin] HPSBUX02893 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Cross Site Scripting (XSS) security-alert
[security bulletin] HPSBUX02889 SSRT101252 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert
APPLE-SA-2013-07-02-1 Security Update 2013-003 Apple Product Security
Slots open for Security Projects :Open Source Showcase at AppSec Research / EU 2013 Dirk W
Multiple Vulnerabilities in Kasseler CMS advisory
Multiple Vulnerabilities in OpenX advisory
Re: Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access krlovett

Thursday, 04 July

re: Real player resource exhaustion Vulnerability security curmudgeon

Friday, 05 July

Mobile Atlas Creator 1.9.12 - Persistent Command Injection Vulnerability Vulnerability Lab
AVAST Internet Security Suite - Persistent Vulnerabilities Vulnerability Lab
AVAST Universal Core Installer - Multiple Vulnerabilities Vulnerability Lab
Paypal Bug Bounty #102 QR Dev Labs - Auth Bypass Vulnerability Vulnerability Lab
AVAST Antivirus v8.0.1489 - Multiple Core Vulnerabilities Vulnerability Lab
LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin LSE Leading Security Experts GmbH \(Security Advisories\)

Monday, 08 July

[SECURITY] [DSA 2720-1] icedove security update Moritz Muehlenhoff
OS-Command Injection via UPnP Interface in multiple D-Link devices devnull
[oCERT-2013-001] File Roller path sanitization errors Daniele Bianco
[SECURITY] [DSA 2721-1] nginx security update Nico Golde
VUPEN Security Research - Mozilla Firefox Maintenance Service Privilege Escalation Vulnerabilities VUPEN Security Research
VUPEN Security Research - Oracle Java Preloader Click-2-Play Warning Bypass Vulnerability VUPEN Security Research
Avira Analysis Web Service - SQL Injection Vulnerability Vulnerability Lab
Authentication bypass in D-Link routers doylej . ia
ESA-2013-050: EMC Replication Manager Sensitive Information Disclosure Vulnerability Security Alert
ESA-2013-052: RSA(r) Authentication Manager Sensitive Information Disclosure Vulnerability Security Alert
Authentication bypass in D-Link devices (session cookies not validated) doylej . ia
Re: OS-Command Injection via UPnP Interface in multiple D-Link devices krlovett
Re: OS-Command Injection via UPnP Interface in multiple D-Link devices devnull
[security bulletin] HPSBST02890 rev.2 - HP StoreOnce D2D Backup System, Remote Unauthorized Access and Modification security-alert
Re: [security bulletin] HPSBST02890 rev.2 - HP StoreOnce D2D Backup System, Remote Unauthorized Access and Modification Neusbeer
Re: WordPress feed plugin Sql Injection Henri Salo

Tuesday, 09 July

Re: re: Real player resource exhaustion Vulnerability akshay . vaghela
[HITB-Announce] REMINDER: #HITB2013KUL CFP Closes 25th July Hafez Kamal
SEC Consult SA-20130709-0 :: Denial of service vulnerability in Apache CXF SEC Consult Vulnerability Lab
Re: re: Real player resource exhaustion Vulnerability Henri Salo
Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution kyle Lovett

Wednesday, 10 July

(CVE-2013-1059) Linux Kernel libceph Null Pointer Dereference Vulnerability chanam . park
[security bulletin] HPSBST02896 rev.1 - HP StoreVirtual Storage, Remote Unauthorized Access security-alert
Re: Project Pier Web Vulnerabilities the infinitenigma
Re: Cisco/Linksys E1200 N300 Reflected XSS the infinitenigma
[slackware-security] dbus (SSA:2013-191-01) Slackware Security Team
VULNERABLE (3rd party) components in Adobe Reader 11.0.03, and dangling reference to Acrobat.exe Stefan Kanthak
[Foreground Security 2013-001]: Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability Jose Carlos de Arriba
Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability Vulnerability Lab

Thursday, 11 July

[SECURITY] [DSA 2719-1] poppler security update Michael Gilbert
Hard-coded accounts on multiple network cameras roberto . paleari
[ MDVSA-2013:193 ] apache security
Facebook Url Redirection Vuln. CANSIN YILDIRIM
Re: Wordpress wp-private-messages Plugin Sql Injection vulnerability Henri Salo
[ MDVSA-2013:194 ] kernel security
Re: [Full-disclosure] XSS and SQL Injection Vulnerabilities in MiniBB Henri Salo
Re: Facebook Url Redirection Vuln. Anthony Dubuissez
Re: Facebook Url Redirection Vuln. Jann Horn
Windows 7/8 admin account installation password stored in the clear in LSA Secrets Dnegel X.

Friday, 12 July

Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Rob
CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2 cyoung
Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Dnegel X.
CVE-2013-3568 - Linksys CSRF + Root Command Injection vuln-report
Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Marco Ivaldi
Multiple vulnerabilities in McAfee ePO 4.6.6 NCIRC INFOSEC EVAL
Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95 NCIRC INFOSEC EVAL
[security bulletin] HPSBST02890 rev.3 - HP StoreOnce D2D Backup System, Remote Unauthorized Access, Modification, and Escalation of Privilege security-alert
[Foreground Security 2013-002]: Corda Path Disclosure and XSS Adam Willard
MiniUPnPd Information Disclosure (CVE-2013-2600) cyoung
Re: MiniUPnPd Information Disclosure (CVE-2013-2600) Jeffrey Walton

Monday, 15 July

Botconf 2013 - Call for short talks - Deadline Aug 31 2013 Eric Freyssinet
Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units kyle Lovett
[waraxe-2013-SA#106] - Multiple Vulnerabilities in Saurus CMS 4.7.1 come2waraxe
[CVE-2012-6458] Multiple Persistent XSS in silverstripe-ecommerce Craig Young
Ruxcon 2013 Final Call For Papers cfp
[ MDVSA-2013:195 ] php security
[ MDVSA-2013:196 ] java-1.6.0-openjdk security
Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability Frédéric Basse
[CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection Frédéric Basse
[SECURITY] [DSA 2722-1] openjdk-7 security update Moritz Muehlenhoff
CVE-2013-4788 - Eglibc PTR MANGLE bug Hector Marco
[security bulletin] HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure security-alert
Squid-3.3.5 DoS PoC king cope

Tuesday, 16 July

[CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities Craig Young
Re: Multiple vulnerabilities in McAfee ePO 4.6.6 Harold_Toomey
Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue Vulnerability Lab
FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability Vulnerability Lab
Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability Vulnerability Lab
Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities Vulnerability Lab
Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Vulnerability Lab
Re: [ MDVSA-2013:195 ] php Gabriel Maggiotti
[CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 醉麻
Voice Logger astTECS - bypass login & arbitrary file download Michał Błaszczak
[security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert
[security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information security-alert

Wednesday, 17 July

[slackware-security] php (SSA:2013-197-01) Slackware Security Team
XSS Vulnerabilities in OpenCms advisory
ESA-2013-055: EMC Avamar Multiple Vulnerabilities Security Alert
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software Cisco Systems Product Security Incident Response Team
Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units krlovett
[security bulletin] HPSBHF02888 rev.2 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution security-alert
Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units krlovett
[SECURITY] [DSA 2723-1] php5 security update Florian Weimer

Thursday, 18 July

WiFly 1.0 Pro iOS - Multiple Web Vulnerabilities Vulnerability Lab
Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Vulnerability Lab
Barracuda CudaTel 2.6.02.04 - Multiple Client Side Cross Site Vulnerabilities (Bug Bounty #17) Vulnerability Lab
ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab
Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities Vulnerability Lab
[security bulletin] HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access security-alert
[SE-2012-01] New Reflection API affected by a known 10+ years old attack Security Explorations
Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit th_decoder
[security bulletin] HPSBMU02900 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities security-alert
[SECURITY] [DSA 2725-1] tomcat6 security update Moritz Muehlenhoff

Friday, 19 July

[SECURITY] [DSA 2724-1] chromium-browser security update Michael Gilbert
DeepSec 2013 - Call for Papers - REMINDER deepsec
Western Digital My Net N600, N750, N900 and N900C - Plain text disclosure of administrative credentials kyle Lovett
SEC Consult SA-20130719-0 :: Multiple vulnerabilities in Sybase EAServer SEC Consult Vulnerability Lab
Re: [Full-disclosure] XSS Vulnerabilities in Serendipity Henri Salo
[security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities security-alert
Download Lite v4.3 iOS - Persistent File Web Vulnerability Vulnerability Lab

Monday, 22 July

Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability Vulnerability Lab
Re: [Full-disclosure] [SE-2012-01] New Reflection API affected by a known 10+ years old attack Jeffrey Walton
Samsung TV - DoS vulnerability malik
Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Vulnerability Lab
DirectShow Arbitrary Memory Overwrite Vulnerability ms13-056 Andres Gomez Ramirez
[CVE-2013-2250] Apache OFBiz Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz Jacopo Cappellato
[CVE-2013-2137] Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application Jacopo Cappellato
Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability Vulnerability Lab
Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials kyle Lovett

Tuesday, 23 July

Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities Vulnerability Lab
Juniper Secure Access XSS Vulnerability Anil Pazvant
SurgeFtp Server BufferOverflow Vulnerability Anil Pazvant
Defense in depth -- the Microsoft way (part 4) Stefan Kanthak
Photo Server 2.0 iOS - Multiple Critical Vulnerabilities Vulnerability Lab
Re: Samsung TV - DoS vulnerability malik
CORE-2013-0705 - XnView Buffer Overflow Vulnerability CORE Advisories Team
CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability CORE Advisories Team
[ MDVSA-2013:197 ] mysql security

Wednesday, 24 July

Orbit Downloader versions causing massive SYN flooding. Cyberoam cautions! bhadresh . k . patel
CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions CORE Advisories Team
[ MDVSA-2013:198 ] libxml2 security
Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets Albert Puigsech Galicia
Cross-Site Scripting (XSS) in Magnolia CMS advisory
Cross-Site Scripting (XSS) in Duplicator WordPress Plugin advisory

Thursday, 25 July

Easy Blog by JM LLC - Multiple Vulnerabilities Sp3ctrecore ­
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager Cisco Systems Product Security Incident Response Team
Basic Forum by JM LLC - Multiple Vulnerabilities Sp3ctrecore ­
iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability Vulnerability Lab
[security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS) security-alert
[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS) security-alert

Friday, 26 July

[ MDVSA-2013:199 ] squid security
[SECURITY] [DSA 2726-1] php-radius security update Thijs Kinkhorst
Xymon Systems and Network Monitor - remote file deletion vulnerability Henrik Størner
[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code security-alert
[SECURITY] [DSA 2727-1] openjdk-6 security update Moritz Muehlenhoff
CA20130725-01: Security Notice for CA Service Desk Manager Kotas, Kevin J
CVE-2013-2189: OpenOffice DOC Memory Corruption Vulnerability Herbert Duerr
CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability Herbert Duerr
Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets Kingcope
Meet the folks of ws-attacker, BeEF, WAHH, sqlmap, Zed Attack Proxy, OWASP Top10, DOMinator, Minion, Mallodroid, and the inglorious bastards aka HackPra Allstars Dirk Wetter
SEC Consult SA-20130726-0 :: Multiple vulnerabilities - Surveillance via Symantec Web Gateway SEC Consult Vulnerability Lab
[ MDVSA-2013:200 ] ruby security
[ MDVSA-2013:201 ] ruby security

Monday, 29 July

FreeBSD Security Advisory FreeBSD-SA-13:08.nfsserver FreeBSD Security Advisories
[SECURITY] [DSA 2728-1] bind9 security update Salvatore Bonaccorso
FreeBSD Security Advisory FreeBSD-SA-13:07.bind FreeBSD Security Advisories
Defense in depth -- the Microsoft way (part 5): sticky, persistent vulnerabilities Stefan Kanthak
[Announcement] CHMag - Call for Articles abhijeet
Re: DEFCON London - DC4420 July - social event - Tuesday 30th July 2013 Tony Naggs
[SECURITY] [DSA 2729-1] openafs security update Moritz Muehlenhoff
Private Photos v1.0 iOS - Persistent Path Web Vulnerability Vulnerability Lab
Private Photos v1.0 iOS - Persistent Path Web Vulnerability Vulnerability Lab
WebDisk 3.0.2 PhotoViewer iOS - Command Execution Vulnerability Vulnerability Lab
[ MDVSA-2013:202 ] bind security
DEFCON London - DC4420 July - social event - Tuesday 30th July 2013 Tony Naggs
ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability Security Alert

Tuesday, 30 July

WorldCIST'14 - World Conference on IST, 15 - 18 April 2014, at Madeira Island maria Lemos
[security bulletin] HPSBGN02904 rev.1 - HP SiteScope running SOAP, Remote Code Execution security-alert
[SECURITY] [DSA 2731-1] libgcrypt11 security update Thijs Kinkhorst
[SECURITY] [DSA 2730-1] gnupg security update Thijs Kinkhorst
[ MDVSA-2013:203 ] phpmyadmin security
[ MDVSA-2013:204 ] wireshark security
MojoPortal XSS vulns
NGS00434 Technical Advisory: Oracle Hyperion 11 Directory Traversal NCC Group Research
NGS00500 Technical Advisory: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE NCC Group Research
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]