263 messages starting Apr 01 13 and ending Apr 30 13 Date index | Thread index | Author index
Remote command execution in Ruby Gem ldoce 0.0.2 Larry W. Cashdollar Network Weathermap 0.97a - Persistent XSS Daniel Ricardo dos Santos Aspen 0.8 - Directory Traversal Daniel Ricardo dos Santos
Advisory: PonyOS Security Issues John Cartwright Re: Advisory: PonyOS Security Issues coderman
SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance SEC Consult Vulnerability Lab Google AD Sync Tool - Exposure of Sensitive Information Vulnerability Lists [Security-news] SA-CONTRIB-2013-040 - Commerce Skrill (Formerly Moneybookers) - Access bypass security-news [Security-news] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass security-news DoS vulnerability in Adobe Flash Player (BSOD) MustLive
[SECURITY] [DSA 2654-1] libxslt security update Salvatore Bonaccorso Hackersh 0.1 Release Announcement Itzik Kotler Re: DoS vulnerability in Adobe Flash Player (BSOD) Jann Horn [ MDVSA-2013:018 ] automake security [ MDVSA-2013:019 ] bash security [ MDVSA-2013:027-1 ] clamav security [ MDVSA-2013:015-1 ] apache security [SECURITY] [DSA 2658-1] postgresql-9.1 security update Giuseppe Iuculano [ MDVSA-2013:017 ] arpwatch security [ MDVSA-2013:016 ] apache-mod_security security [SECURITY] [DSA 2657-1] postgresql-8.4 security update Giuseppe Iuculano GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) SEC Consult Vulnerability Lab [ MDVSA-2013:015-1 ] apache security
[ MDVSA-2013:029 ] apache-mod_security security [ MDVSA-2013:030 ] arpwatch security [ MDVSA-2013:031 ] automake security [ MDVSA-2013:032 ] bash security [ MDVSA-2013:023-1 ] coreutils security [ MDVSA-2013:033 ] cronie security [ MDVSA-2013:034 ] cups security [ MDVSA-2013:035 ] libexif security [ MDVSA-2013:036 ] exif security [ MDVSA-2013:037 ] fetchmail security [ MDVSA-2013:038 ] freeradius security [ MDVSA-2013:039 ] freetype2 security [ MDVSA-2013:001-1 ] gnupg security [ MDVSA-2013:040 ] gnutls security [ MDVSA-2013:041 ] html2ps security [ MDVSA-2013:042 ] krb5 security [ MDVSA-2013:043 ] libgssglue security [ MDVSA-2013:044 ] libjpeg security [ MDVSA-2013:045 ] libssh security [ MDVSA-2013:046 ] libtiff security c0c0n 2013 - Call For Papers and Call For Workshops c0c0n International Information Security Conference
[ MDVSA-2013:055 ] wireshark security [ MDVSA-2013:048 ] ncpfs security [ MDVSA-2013:052 ] openssl security [ MDVSA-2013:049 ] net-snmp security [ MDVSA-2013:047 ] libxslt security [ MDVSA-2013:050 ] nss security [ MDVSA-2013:054 ] sudo security [ MDVSA-2013:053 ] proftpd security [ MDVSA-2013:051 ] openssh security [Slightly OT] "Summerschool at the NSA" - a screenplay where the NSA gets pwned by two Hollywood actresses (100% non-violently ; WiP) Shlomi Fish [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 ISecAuditors Security Advisories Last Mile: SECURWARE 2013 || August 25 - 31, 2013 - Barcelona, Spain Cristina Pascual
Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable Ing. Michael F. Schratt, MSc Hackito Ergo Sum 2013 – Call For Paper – HES2013 CFP choukoumoun
[ MDVSA-2013:056 ] libxml2 security SEC Consult 20130408-0 :: Nitro Pro 8 - Insecure Library Loading Allows Remote Code Execution (DLL Hijacking) SEC Consult Vulnerability Lab [ MDVSA-2013:057 ] xinetd security APT1: technical backstage rootbsd [ MDVSA-2013:058 ] bind security [ MDVSA-2013:059 ] dhcp security [ MDVSA-2013:060 ] accountsservice security [ MDVSA-2013:061 ] awstats security [ MDVSA-2013:062 ] backuppc security [ MDVSA-2013:063 ] bip security [ MDVSA-2013:064 ] bogofilter security [ MDVSA-2013:065 ] boost security [ MDVSA-2013:066 ] bugzilla security [ MDVSA-2013:067 ] couchdb security [ MDVSA-2013:068 ] courier-authlib security [ MDVSA-2013:069 ] cups-pk-helper security [ MDVSA-2013:070 ] dbus security [ MDVSA-2013:071 ] dbus-glib security [ MDVSA-2013:072 ] dnsmasq security Poshing the Hashes Nikhil Mittal GitHub Login Cookie Failure Chris Roussel [ MDVSA-2013:073 ] dokuwiki security [ MDVSA-2013:074 ] drupal security [ MDVSA-2013:075 ] elinks security Re: GitHub Login Cookie Failure Gregory Boddin Re: GitHub Login Cookie Failure Jeffrey Walton Re: GitHub Login Cookie Failure Jann Horn Re: GitHub Login Cookie Failure Jann Horn XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress MustLive XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress MustLive [ MDVSA-2013:076 ] emacs security
[ MDVSA-2013:077 ] ettercap security [ MDVSA-2013:078 ] fail2ban security [ MDVSA-2013:079 ] ffmpeg security [ MDVSA-2013:080 ] ganglia security [ MDVSA-2013:081 ] gegl security [ MDVSA-2013:082 ] gimp security [ MDVSA-2013:083 ] glib2.0 security [ MDVSA-2013:084 ] gnome-keyring security SVN extractor for Web Application Pentesters Anant Shrivastava Re: GitHub Login Cookie Failure Chris Roussel [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 Janek Vind List Charter John Cartwright [ MDVSA-2013:085 ] groff security [ MDVSA-2013:086 ] groff security Remote Command Injection Ruby Gem Karteek Docsplit 0.5.4 Larry W. Cashdollar [ MDVSA-2013:087 ] firefox security [ MDVSA-2013:088 ] hplip security [ MDVSA-2013:089 ] icclib security [ MDVSA-2013:090 ] argyllcms security [ MDVSA-2013:091 ] icecast security [ MDVSA-2013:092 ] imagemagick security
Re: Allegro.pl XSS [0-day] Georgi Guninski XSS and CS vulnerabilities in Dotclear MustLive
Re: Allegro.pl XSS [0-day] Maksymilian Arciemowicz Re: Allegro.pl XSS [0-day] Michal Zalewski Re: [ MDVSA-2013:101 ] lynx Alex Vulnerabilities in AI-Bolit MustLive
RAT list Antonio Leiva Re: RAT list Alex [ MDVSA-2013:143 ] poppler security Re: [MDVSA-2013:11X ] ENTIRE OS Alexander Georgiev Re: [MDVSA-2013:11X ] ENTIRE OS Laurelai Remote command injection md2pdf ruby gem Larry W. Cashdollar Re: [MDVSA-2013:11X ] ENTIRE OS Daniel Preußker Re: [MDVSA-2013:11X ] ENTIRE OS Christophe Garault Re: [MDVSA-2013:11X ] ENTIRE OS Taylor Burke DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal ddivulnalert Re: RAT list Bryan Bickford Re: RAT list Swair Mehta
[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution ESNC Security [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control ESNC Security [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services ESNC Security Re: RAT list Antonio Leiva Oppida/NoSuchCon challenge has been released NoSuchCon [ MDVSA-2013:144 ] phpmyadmin security Re: [ MDVSA-2013:144 ] phpmyadmin yersinia [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations
RAT List Nick Giannoulis Re: [ MDVSA-2013:144 ] phpmyadmin Taylor Burke ZPanel arbitrary code execution + root escalation vulnerability Sven Slootweg SI6 Networks' IPv6 Toolkit v1.3.4 released! Fernando Gont Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations Re: [Full-disclosure] ZPanel arbitrary code execution + roo t escalation vulnerability Dex SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey SEC Consult Vulnerability Lab SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server SEC Consult Vulnerability Lab Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team [Security-news] SA-CONTRIB-2013-043 - MP3 Player - Cross Site Scripting (XSS) security-news [Security-news] SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request Forgery (CSRF) security-news [Security-news] SA-CONTRIB-2013-045 - Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) - Access bypass security-news [SECURITY] [DSA 2661-1] xorg-server security update Yves-Alexis Perez
DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 Major Malfunction Fwd: CVE-2013-2504 : Matrix42 Service Desk XSS 43z sec [SECURITY] [DSA 2662-1] xen security update Salvatore Bonaccorso TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation Trustwave Advisories
Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab [ MDVSA-2013:145 ] java-1.6.0-openjdk security [ MDVSA-2013:146 ] icedtea-web security [ MDVSA-2013:147 ] libarchive security Re: [ MDVSA-2013:147 ] libarchive l3thal Re: [ MDVSA-2013:147 ] libarchive Valdis . Kletnieks Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) paul . szabo
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bob The CCIE MSCE Kim Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Joxean Koret Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Mario Vilas Re: [ MDVSA-2013:147 ] libarchive Geir Skjotskift Re: [ MDVSA-2013:147 ] libarchive Julius Kivimäki Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Julius Kivimäki Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Sergio Alvarez Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Lee [SECURITY] [DSA 2660-1] curl security update Salvatore Bonaccorso Multiple vulnerabilities in Colormix theme for WordPress MustLive Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Joxean Koret
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Valdis . Kletnieks Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) phocean Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Gregor S. Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Gregor S. reasonable return on investment; better investments in security [was Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555)] coderman Vulnerabilities in jPlayer MustLive
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Jeffrey Walton [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE Security Explorations Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji 44Café Tuesday 23rd April, E arls Court London - What to expect Steve Coliseum101 - Security Conferences Calendar Nahuel Grisolia NoSuchCon 2013, Paris (France), May 15th-17 th NoSuchCon How do I contact Vodafone Security? Jann Horn 0day Vulnerability in VLC (this is my first release of the vuln anywhere) jay van Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Henri Salo Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) kaveh ghaemmaghami [ MDVSA-2013:148 ] roundcubemail security [ MDVSA-2013:149 ] roundcubemail security [ MDVSA-2013:150 ] mysql security Re: How do I contact Vodafone Security? Jeffrey Walton Vulnerabilities in multiple plugins for WordPress with jPlayer MustLive [SECURITY] [DSA 2663-1] tinc security update Yves-Alexis Perez
Re: How do I contact Vodafone Security? Alexander Georgiev Re: How do I contact Vodafone Security? Jann Horn Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Henri Salo Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gregory Boddin Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gregory Boddin Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Benji Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Tavis Ormandy Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Valdis . Kletnieks Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gary Baribault Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Tavis Ormandy Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Valdis . Kletnieks Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Taylor Burke Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) dawg Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Mark Felder Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gary Baribault Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Valdis . Kletnieks Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Tavis Ormandy
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gregory Boddin [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver ESNC Security hornbill supportworks SQL injection research hornbill supportworks sql injection research Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product Cisco Systems Product Security Incident Response Team Vulnerabilities in multiple themes for WordPress with jPlayer MustLive
Apache CloudStack Security Advisory: Multiple vulnerabilities in Apache CloudStack John Kinsella [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin Janek Vind BSidesCLT Call for Presenters Bsides Charlotte Fwd: Module import security issue Jen Savage
Hacking IPv6 networks training (slideware, upcoming trainings, etc.) Fernando Gont [ MDVSA-2013:151 ] curl security [ MDVSA-2013:152 ] subversion security [ MDVSA-2013:153 ] subversion security
WPS Office Wpsio.dll Stack Buffer Overflow Vulnerability zhangjiantao BF and IA vulnerabilities in IBM Lotus Domino MustLive
[ MDVSA-2013:154 ] util-linux security [ MDVSA-2013:155 ] fuse security [ MDVSA-2013:156 ] apache-mod_security security CORE-2013-0301 - Vivotek IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories PayPal Bug Bounty #45 BillSafe - Remote Auth Bypass Session Web Vulnerability Vulnerability Lab
Updated - CA20130213-01: Security Notice for CA ControlMinder Kotas, Kevin J WowzaMediaServer StorageDir escape (regression) Michal J. WowzaMediaServer SecureToken bypass (and worse) Michal J. [ MDVSA-2013:157 ] krb5 security [ MDVSA-2013:158 ] krb5 security [ MDVSA-2013:159 ] clamav security [SECURITY] [DSA 2665-1] strongswan security update Yves-Alexis Perez n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution security
RSS Feed
About List
All Lists
Previous period