277 messages starting Oct 01 12 and ending Oct 31 12 Date index | Thread index | Author index
BF, XSS, CSRF and Redirector vulnerabilities in IBM Lotus Notes Traveler MustLive [ MDVSA-2012:154-1 ] apache security CarolinaCon-9 - March 2013 - Call for Presenters/Speakers/Papers/Demos Vic Vandal CA20121001-01: Security Notice for CA License Williams, James K
Reminder: ClubHack2012 Call for Papers Closing Soon Abhijeet Patil PrezziPazzi.com vulnerable to XSS tig3rhack [ MDVSA-2012:152-1 ] bind security [ MDVSA-2012:156 ] inn security GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities Vulnerability Lab Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Vulnerability Lab OPlayer v2.0.05 iOS - Multiple Web Vulnerabilities Vulnerability Lab [HTTPCS] Handshakes Professional 'frm_id' Remote SQL Injection Vulnerability HTTPCS Google Talk s2s SSL configuration Tim Brown Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Vulnerability Lab Google Maps pseudonym disclosure vulnerability via Google Places reviews Sai Paypal BugBounty #9 - Persistent Web Vulnerabilities Vulnerability Lab Paypal BugBounty #9 - Persistent Web Vulnerabilities [FULL] Vulnerability Lab Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert Re: Paypal BugBounty #9 - Persistent Web Vulnerabilities Benji [ MDVSA-2012:155-1 ] xinetd security Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Benji XSS Vulnerabilities in phpFreeChat Netsparker Advisories [ MDVSA-2012:153-1 ] dhcp security Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert
[ MDVSA-2012:157 ] openjpeg security Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability Piotr Chmylkowski Paypal BugBounty #9 - Persistent Web Vulnerabilities [FULL DETAILS] Vulnerability Lab Omnistar Mailer v7.2 - Multiple Web Vulnerabilities Vulnerability Lab winAUTOPWN v3.2 Released QUAKER DOOMER [ MDVSA-2012:158 ] gc security [waraxe-2012-SA#091] - Multiple Vulnerabilities in phpMyBitTorrent 2.04 Janek Vind [ MDVSA-2012:159 ] freeradius security [Security-news] SA-CONTRIB-2012-149 - Hostip - Cross Site Scripting (XSS) security-news [Security-news] SA-CONTRIB-2012-150 - Twitter Pull - Cross Site Scripting (XSS) security-news [Security-news] SA-CONTRIB-2012-151 - Commerce Extra Panes - Cross Site Request Forgery security-news ANNOUNCE: RFIDIOt v1.0d released and code migration Adam Laurie
XnView JLS File Decompression Heap Overflow Joseph Sheridan Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by Ogg DirectShow filters Stefan Kanthak
Team SHATTER Security Advisory: JAR file overwrite vulnerability via SQLJ.DB2_INSTALL_JAR system stored Shatter Team SHATTER Security Advisory: XML file disclosure vulnerability via GET_WRAP_CFG_C and GET_WRAP_CFG_C2 Shatter Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components) Shatter Team SHATTER Security Advisory: Elevated roles through DBCC Shatter Team SHATTER Security Advisory: Java Operating System command execution Shatter VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates VMware Security Team Your account could be at risk of state-sponsored attacks Aftermath [ MDVSA-2012:151-1 ] ghostscript security [ MDVSA-2012:150-1 ] java-1.6.0-openjdk security [ MDVSA-2012:160 ] imagemagick security [SECURITY] [DSA 2555-1] libxslt security update Moritz Muehlenhoff Re: Your account could be at risk of state-sponsored attacks Nick Boyce Re: Your account could be at risk of state-sponsored attacks Peter Dawson
-== MySQL Brute Force Account Scanner ==- king cope [ MDVSA-2012:161 ] html2ps security utempter allows fake host setting paul . szabo
Re: Your account could be at risk of state-sponsored attacks Aftermath rubilyn-0.0.1.tar.gz - Mac OS X rootkit Levent Kayan Multiple vulnerabilities in Megapolis.Portal Manager MustLive
JSON-RPC Cross-Site Request Forgery little exploitation trick DefenseCode [SECURITY] [DSA 2556-1] icedove security update Nico Golde [SECURITY] [DSA 2557-1] hostapd security update Nico Golde [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation Timo Warns Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Henri Salo Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities Vulnerability Lab Paypal BugBounty #5 - Persistent Web Vulnerability Vulnerability Lab Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Vulnerability Lab GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities Vulnerability Lab [SECURITY] [DSA 2558-1] bacula security update Raphael Geissert Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert
Multiple 0-days in Dark Comet RAT Hertz, Jesse
Re: Multiple 0-days in Dark Comet RAT Philip Whitehouse Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Malte Müller [ MDVSA-2012:162 ] bind security Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player Cisco Systems Product Security Incident Response Team List Charter John Cartwright [Security-news] SA-CONTRIB-2012-152 - Feeds - Access bypass security-news [Security-news] SA-CONTRIB-2012-153 - Mandrill - Information Disclosure security-news [Security-news] SA-CONTRIB-2012-154 - Basic webmail - Multiple vulnerabilities security-news [Security-news] SA-CONTRIB-2012-155 - ShareThis - Cross Site Scripting (XSS) security-news binfmt_script kernel stack data disclosure during exec halfdog Re: Multiple 0-days in Dark Comet RAT Thor (Hammer of God) FileBound - Privilege Escalation Vulnerability - Security Advisory - SOS-12-010 Lists
Last reminder for ClubHack 2012 : Call for Papers Abhijeet Patil thc-ipv6 v2.0 Marc Heuse Omnistar Document Manager v8.0 - Multiple Vulnerabilities Vulnerability Lab vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Vulnerability Lab Re: Multiple 0-days in Dark Comet RAT Pascal Ernster [ MDVSA-2012:163 ] firefox security Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks [ MDVSA-2012:164 ] libxslt security Re: Multiple 0-days in Dark Comet RAT Gage Bystrom Re: Multiple 0-days in Dark Comet RAT Julius Kivimäki Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Henri Salo [CORE-2012-0613] - Cisco WebEx .wrf Memory Corruption Vulnerability Core Security Advisories Team Wordpress plugin abtest vulnerable to a directory traversal attack Scott Herbert
[ MDVSA-2012:165 ] graphicsmagick security [ MDVSA-2012:166 ] bacula security
[ MDVSA-2012:167 ] firefox security
P1 WiMAX modems port 80 open with default login Nursyafiq Mohamad Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse
Is it OK to hold credit card numbers in cookies? Santander? auto62098873 SilverStripe CMS 2.4.7 <= Arbitrary URL Redirection YGN Ethical Hacker Group SilverStripe CMS 2.4.7 <= Persistent Cross Site Scripting Vulnerability YGN Ethical Hacker Group Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks Re: Is it OK to hold credit card numbers in cookies? Santander? klondike Re: Is it OK to hold credit card numbers in cookies? Santander? Rainer Duffner Visual Tools DVR multiple vulnerabilities Andrea Fabrizi
Critical issues affecting Steam users ReVuln Re: Is it OK to hold credit card numbers in cookies? Santander? Alexander Georgiev Re: Is it OK to hold credit card numbers in cookies? Santander? Christian Sciberras Re: Is_it_OK_to_hold_credit_card_numbers_ in_cookies?_Santander? Christian Rost Last minute CFP: FSCONS (G öteborg, Sweden) Security related topics track klondike
SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass SEC Consult Vulnerability Lab SEC Consult SA-20121017-1 :: Unirgy uStoreLocator SQL Injection - Magento extension SEC Consult Vulnerability Lab [IMF 2013] 3rd Call for Papers: Deadline Extended Oliver Goebel SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites (former FatWire Content Server) SEC Consult Vulnerability Lab [waraxe-2012-SA#092] - Multiple Vulnerabilities in Wordpress Slideshow Plugin Janek Vind Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse Credentials leaks in Legrand-003598 / Bticino-F454 SCS Web Gateway sxpert [waraxe-2012-SA#093] - Multiple Vulnerabilities in Wordpress Social Discussions Plugin Janek Vind [Security-news] SA-CONTRIB-2012-156 - Search API - Cross Site Request Forgery (CSRF) security-news [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure security-news
RealPlayer suffers from Arbitrary Code Execution kaveh ghaemmaghami [SECURITY] [DSA 2559-1] libexif security update Yves-Alexis Perez Re: [Full-disclosure] [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Inf ormation disclosure Dex CA20121018-01: Security Notice for CA ARCserve Backup Kotas, Kevin J Before We Knew It Jeffrey Walton Re: Multiple 0-days in Dark Comet RAT scriptjunkie Re: Multiple 0-days in Dark Comet RAT kaveh ghaemmaghami
Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks favicon debug CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Vulnerability Lab XSS Vulnerabilities in TaskFreak Netsparker Advisories XSS Vulnerabilities in CMSMini Netsparker Advisories XSS Vulnerabilities in ClipBucket Netsparker Advisories XSS and SQL Injection Vulnerabilities in DotProject Netsparker Advisories [HTTPCS] 52 Vulnerabilities in Dolibarr HTTPCS Re: favicon Milan Berger XSS and IAA vulnerabilities in Wordfence Security for WordPress MustLive
nullcon Goa 2013 Final Call For Papers/Events and First Round of Speakers nullcon [SECURITY] [DSA 2560-1] bind9 security update Florian Weimer Adobe reader 10.1.4 memory corruption kaveh ghaemmaghami
Re: vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities ZeroDay.JP Re: vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Benji Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress Philip Whitehouse Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress Mark Maunder Re: Google Maps pseudonym disclosure vulnerability via Google Places reviews Sai F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection YGN Ethical Hacker Group Re: vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities アドリアンヘンドリック [SECURITY] [DSA 2561-1] tiff security update Moritz Muehlenhoff Re: F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection Gary Driggs
[ MDVSA-2012:168 ] hostapd security DC4420 - London DEFCON - October meet - tomorrow, Tuesday 23rd October. alien DC4420 how to steal openssh private key nothacking [SE-2012-01] Challenging Oracle (in a different way) Security Explorations [ANNOUNCE] Apache OFBiz 10.04.03 released Jacopo Cappellato Content Spoofing and Cross-Site Scripting vulnerabilities in Bitrix Site Manager MustLive Re: how to steal openssh private key Nate Theis
Google Numbers Search Marshall Whittaker stealing ssh keys Daniel Sichel HP/H3C and Huawei SNMP Weak Access to Critical Data Kurt Grutzmacher [SECURITY] [DSA 2565-1] iceweasel security update Florian Weimer
SEC Consult Vulnerability Lab Study - "Application Security of Core Banking Systems - A first reality check" SEC Consult Vulnerability Lab [SECURITY] [DSA 2562-1] cups-pk-helper security update Thijs Kinkhorst [SECURITY] [DSA 2563-1] viewvc security update Thijs Kinkhorst [SECURITY] [DSA 2564-1] tinyproxy security update Thijs Kinkhorst Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress Troy Rose Grandstream GXP1405 Executive IP Phone Persistent XSS Are You Likeme Now Re: Google Numbers Search boardnerd Microsoft Office Word 2010 Stack Overflow kaveh ghaemmaghami Re: Microsoft Office Word 2010 Stack Overflow Mario Vilas Re: SEC Consult Vulnerability Lab Study - "Application Security of Core Banking Systems - A first reality check" Jeffrey Walton Re: stealing ssh keys Jacqui Caren [Security-news] SA-CONTRIB-2012-157 - Time Spent - Multiple Vulnerabilities - (unsupported) security-news [Security-news] SA-CONTRIB-2012-158 - MailChimp - Cross Site Scripting (XSS) security-news Re: stealing ssh keys Thor (Hammer of God)
Re: stealing ssh keys Raj Mathur (राज माथुर) Microsoft Office Picture Manager 2010 memory corruption kaveh ghaemmaghami
Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 Multiple Remote Vulnerabilities Carlo Di Dato Re: how to steal openssh private key Valdis . Kletnieks [waraxe-2012-SA#094] - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin Janek Vind Gramophone v0.01b1 'rs' XSS Thomas Richards Allscripts Homecare Client Local Memory Corruption table_info.ff2 Thomas Richards Inventory 1.0 Multiple SQL Vulnerabilities Thomas Richards Inventory 1.0 Multiple XSS Vulnerabilities Thomas Richards Layton Helpbox 4.4.0 Multiple Security Issues Joseph Sheridan Medium severity flaw with Perl 5 Tim Brown [SECURITY] [DSA 2566-1] exim4 security update Nico Golde Realplayer Watchfolders Long Filepath Overflow Joseph Sheridan RANDOM NUMBER SECURITY IN PYTHON pr LiveChatInc.com breached warning Re: stealing ssh keys Ivaylo Hubanov Re: stealing ssh keys Thor (Hammer of God) [SECURITY] [DSA 2567-1] request-tracker3.8 security update Florian Weimer [SECURITY] [DSA 2568-1] rtfm security update Florian Weimer Re: stealing ssh keys Jeffrey Walton Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress MustLive
Re: stealing ssh keys Raj Mathur (राज माथुर) Microsoft Windows Help program (WinHlp32.exe) memory corruption kaveh ghaemmaghami Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Mario Vilas Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption kaveh ghaemmaghami Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption adam Re: Microsoft Office Word 2010 Stack Overflow kaveh ghaemmaghami Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Benji Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Gynvael Coldwind Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Peter Ferrie Re: Microsoft Office Word 2010 Stack Overflow Peter Ferrie Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption kaveh ghaemmaghami Re: Microsoft Office Word 2010 Stack Overflow kaveh ghaemmaghami Microsoft Office Publisher 2010 memory corruption kaveh ghaemmaghami
Cross-Site Scripting vulnerability in CorePlayer MustLive
Re: Microsoft Office Publisher 2010 memory corruption Peter Ferrie Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami Re: Microsoft Office Excel 2010 memory corruption Benji Re: stealing ssh keys gold flake Re: stealing ssh keys Jeffrey Walton Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Richard Miles Re: Microsoft Office Publisher 2010 memory corruption Yuhong Bao IE8 xss filter breaked WooYun =| Security Advisory - TP-LINK TL-WR841N LFI |= Matan Azugi Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao Re: Microsoft Office Excel 2010 memory corruption Julius Kivimäki Positive Hack Days III — Cal l For Papers Has Started PHD Call for Papers: DIMVA 2013 Collin Mulliner Re: Microsoft Paint 5.1 memory corruption Yuhong Bao Re: Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami Re: Microsoft Office Excel 2010 memory corruption Peter Ferrie Re: Microsoft Office Excel 2010 memory corruption Jeffrey Walton Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami Re: Microsoft Office Excel 2010 memory corruption Antony widmal Re: Microsoft Paint 5.1 memory corruption Antony widmal Re: Microsoft Office Excel 2010 memory corruption Thor (Hammer of God) Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami Re: Microsoft Office Excel 2010 memory corruption Julius Kivimäki Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami [SECURITY] [DSA 2569-1] icedove security update Florian Weimer Re: Microsoft Office Excel 2010 memory corruption Peter Ferrie Re: Microsoft Office Excel 2010 memory corruption Jeffrey Walton
Re: Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami Re: Microsoft Paint 5.1 memory corruption Antony widmal RealPlayer 15.0.6.14(.3g2) WriteAV Vulnerability kaveh ghaemmaghami Cybsec Advisory#2012-1029 Multiple Persistent XSS in Endpoint Protector]] advisories Context IS Advisory - Citrix XenServer Hypervisor Privilege Escalation Context IS - Disclosure Re: Microsoft Office Excel 2010 memory corruption Kelvin White Re: Microsoft Office Excel 2010 memory corruption Richard Miles Re: Microsoft Office Excel 2010 memory corruption Michael Simpson Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Richard Miles Hack In Paris CFP 2013 sihame Re: Microsoft Office Excel 2010 memory corruption Michael Simpson [waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin Janek Vind Re: RealPlayer 15.0.6.14(.3g2) WriteAV Vulnerability Antony widmal Re: Full-Disclosure Digest, Vol 92, Issue 34 - 1. Microsoft Windows Help program (WinHlp32.exe) memory Mikhail A. Utin Re: Full-Disclosure Digest, Vol 92, Issue 34 - 1. Microsoft Windows Help program (WinHlp32.exe) memory Peter Dawson Re: Full-Disclosure Digest, Vol 92, Issue 34 - 1. Microsoft Windows Help program (WinHlp32.exe) memory Mario Vilas Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Peter Ferrie Re: Microsoft Paint 5.1 memory corruption Peter Ferrie Re: RealPlayer 15.0.6.14(.3g2) WriteAV Vulnerability kaveh ghaemmaghami Re: Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami Cybsec Advisory#2012-1029 Multiple Persistent XSS in Endpoint Protector]]]]]] CYBSEC Labs
Medium risk security flaws in Konqueror Tim Brown VaM Shop v1.69 - Multiple Web Vulnerabilities Vulnerability Lab PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Vulnerability Lab NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Vulnerability Lab [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] Matan Azugi Virtual PC 2007 BUG Walied Assar Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Cisco Systems Product Security Incident Response Team [OT] How much a million facebook passwords would cost? Georgi Guninski Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team Re: [OT] How much a million facebook passwords would cost? Memory Vandal [Security-news] SA-CONTRIB-2012-159 - Password policy - Information leakage of hashed passwords security-news XSS Vulnerabilities in bloofoxCMS Netsparker Advisories
RSS Feed
About List
All Lists
Previous period