224 messages starting Dec 15 13 and ending Dec 01 13 Date index | Thread index | Author index
iscripts autohoster , multiple vulns / php code injection exploit 0u7 5m4r7 (Dec 15) Iscripts multicart , multiple vulns 0u7 5m4r7 (Dec 15) Iscripts supportdesk 4.x , Multiple vulns / Sql injection exploit 0u7 5m4r7 (Dec 15) Buxalert PTC , multiple vulns / SQL injection Exploit 0u7 5m4r7 (Dec 15) Traidnt up 3 , Admin info reset exploit 0u7 5m4r7 (Dec 16) Arabportal 2.x , Sql injection / Password reset exploit 0u7 5m4r7 (Dec 16)
NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation \"VMware Security Response Center\" (Dec 04) NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX \"VMware Security Response Center\" (Dec 23)
Re: Any not annoying help welcome adam (Dec 04)
SOJOBO-ADV-13-05: Vtiger 5.4.0 Reflected Cross Site Scripting advisories (Dec 11)
CVSphoto.com Stores Passwords Unhashed Alex Buie (Dec 23)
Re: Where are you guys standing re: the (full) disclosure amani (Dec 14)
Synology DSM multiple directory traversal Andrea Fabrizi (Dec 20)
Re: Open phones for privacy/anonymity applications, Guardian Anonymous (Dec 09)
[CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability arno (Dec 26)
AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message Asterisk Security Team (Dec 16) AST-2013-007: Asterisk Manager User Dialplan Permission Escalation Asterisk Security Team (Dec 16)
XSS in HP Operations Orchestration Central version 9.06 Bart Leppens (Dec 19)
cryptographic flaws in IBM SPSS data file encryption Ben Pfaff (Dec 14)
TouchID and !simple passcodes Brandon Perry (Dec 01) McAfee Email Gateway multiple vulns Brandon Perry (Dec 04) Re: Happy Holidays / Xmas Advisory Brandon Perry (Dec 26)
[CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin Christian Catalano (Dec 06) [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms Christian Catalano (Dec 18)
Re: Any not annoying help welcome Christopher Dreher (Dec 04)
(no subject) Ciaran McNally (Dec 02)
Re: Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). coderman (Dec 03) RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 14) Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 14) Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 14) Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 17) Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application coderman (Dec 17) Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 20) 30c3: The Year in Crypto default engines loaded in openssl-1.x through openssl-1.0.1e] coderman (Dec 29)
Apache Santuario security advisory CVE-2013-4517 released Colm O hEigeartaigh (Dec 19)
CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability CORE Advisories Team (Dec 10) CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team (Dec 11) Re: CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team (Dec 11) CORE-2013-0903 - RealPlayer Heap-based Buffer Overflow Vulnerability CORE Advisories Team (Dec 17)
Re: CVE-2013-6271 Remove Android Device Lock - App published Curesec Research Team (Dec 03)
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood (Dec 07) Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood (Dec 18)
Securely Download Google Chrome Offline Installer Dieyu (Dec 14) Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Dieyu (Dec 14)
NEW VMSA-2013-0015 VMware ESX updates to third party libraries Edward Hawkins (Dec 06)
[SECURITY] [DSA 2830-1] ruby-i18n security update Florian Weimer (Dec 30)
[CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue Fran (Dec 03)
Release: Faraday Penetration Test IDE Francisco Amato (Dec 16)
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Fyodor (Dec 17)
Re: Happy Holidays / Xmas Advisory Gage Bystrom (Dec 26)
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13) Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13) Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13) Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13) Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13) Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13) Fwd: NS1 ssh bad attempts Gary Baribault (Dec 21)
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Georgi Guninski (Dec 13) Re: Where are you guys standing re: the (full) disclosure Georgi Guninski (Dec 13) Re: Where are you guys standing re: the (full) disclosure Georgi Guninski (Dec 13) Merry Christmas and all the best in the new year Georgi Guninski (Dec 23)
vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog (Dec 28) Re: vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog (Dec 29)
Re: Happy Holidays / Xmas Advisory Henri Salo (Dec 24) Re: Happy Holidays / Xmas Advisory Henri Salo (Dec 27)
BodyHacking Convention 2014 I)ruid (Dec 16)
Any not annoying help welcome ICSS Security (Dec 04) Re: Any not annoying help welcome ICSS Security (Dec 04)
Re: Where are you guys standing re: the (full) disclosure imipak (Dec 13)
Re: Kaspersky Internet Security - fake av. iPwn (Dec 16) Phact iPwn (Dec 31)
InfoSec Southwest 2014 CFP now open! ISSW CFP (Dec 18)
Multiple vulnerabilities in SMF forum software Jakob Lell (Dec 13) Practical malleability attack against CBC-Encrypted LUKS partitions Jakob Lell (Dec 22)
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12) Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12) Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 13) Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 13) Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 13)
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips (Dec 14) Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips (Dec 15)
Re: Where are you guys standing re: the (full) disclosure Jeffrey Walton (Dec 13)
Security by destruction Jerome Athias (Dec 23)
Happy Holidays / Xmas Advisory joernchen (Dec 24)
List Charter John Cartwright (Dec 11)
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 14) Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 14) Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 14) Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 15)
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Julius Kivimäki (Dec 09)
OpenText Exceed On Demand 8 multiple vulnerabilities Krzysztof Kotowicz (Dec 16)
Re: WordPress OptimizePress Theme - File Upload Vulnerability Kurt Seifried (Dec 16)
Re: Open phones for privacy/anonymity applications, Guardian l (Dec 31)
Command injection vulnerability in Ruby Gem sprout 0.7.246 Larry W. Cashdollar (Dec 03) Command injection in Ruby Gem Webbynode 1.0.5.3 Larry W. Cashdollar (Dec 12) Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line Larry W. Cashdollar (Dec 15) Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W. Cashdollar (Dec 15)
[SECURITY] [DSA 2817-1] libtar security update Luciano Bello (Dec 14)
Call for Papers -YSTS 8 - Information Security Conference, Brazil Luiz Eduardo (Dec 14)
Re: Seems like Coinbase Security Team doesn't know how their cookie works Marc Nimmerrichter (Dec 01)
WinAppDbg 1.5 is out! Mario Vilas (Dec 20)
Ditto Forensic FieldStation, multiple vulnerabilities Martin Wundram (Dec 13)
[REVIVE-SA-2013-001] Revive Adserver 3.0.2 fixes SQL injection vulnerability Matteo Beccati (Dec 20)
Re: Happy Holidays / Xmas Advisory Matthew Gow (Dec 29)
RBS Change v3.6.8 XSS Vulnerability metropolis haxor (Dec 26)
[SECURITY] [DSA 2811-1] chromium-browser security update Michael Gilbert (Dec 08)
Re: Any not annoying help welcome Michael von Dach (Dec 04)
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 12) Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 12) Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 13) Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 13)
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Microsoft Security Response Center (Dec 14)
Re: Where are you guys standing re: the (full) disclosure Mikhail A. Utin (Dec 13) Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering Mikhail A. Utin (Dec 19)
[SECURITY] [DSA 2812-1] samba security update Moritz Muehlenhoff (Dec 09) [SECURITY] [DSA 2813-1] gimp security update Moritz Muehlenhoff (Dec 09) [SECURITY] [DSA 2819-1] End-of-life announcement for iceape Moritz Muehlenhoff (Dec 16) [SECURITY] [DSA 2822-1] xorg-server security update Moritz Muehlenhoff (Dec 18) [SECURITY] [DSA 2823-1] pixman security update Moritz Muehlenhoff (Dec 18) [SECURITY] [DSA 2825-1] wireshark security update Moritz Muehlenhoff (Dec 20) [SECURITY] [DSA 2829-1] hplip security update Moritz Muehlenhoff (Dec 28)
Re: Any not annoying help welcome Mr OverBlue (Dec 05)
DAVOSET v.1.1.4 MustLive (Dec 03) Re: DAVOSET v.1.1.4 MustLive (Dec 04) Re: Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 MustLive (Dec 06) Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive (Dec 08) Information Leakage and Backdoor vulnerabilities in WordPress MustLive (Dec 16) CSRF, DoS and IL vulnerabilities in WordPress MustLive (Dec 17) URL Redirector Abuse and XSS vulnerabilities in WordPress MustLive (Dec 19) Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive (Dec 22) Vulnerabilities in Dewplayer MustLive (Dec 23) Vulnerabilities in plugins for WordPress, Joomla and Plone with Dewplayer MustLive (Dec 26) DoS vulnerability in Adobe Flash Player (BSOD) MustLive (Dec 31) CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler MustLive (Dec 31)
Re: Clickjacking (?) on Facebook.com (Question) Nahuel Grisolía (Dec 13)
Capstone 1.0 disassembly framework release! Nguyen Anh Quynh (Dec 18)
Vulnerabilities in Apache Solr < 4.6.0 Nicolas Grégoire (Dec 09)
CFP RootedCON 2014 Omar Benbouazza (Dec 05)
[Onapsis Research Labs] New SAP Security In-Depth issue: "Transport Management System: Highway to Production" Onapsis Research Labs (Dec 11)
Adobe Flash Player and Shockwave Player security updates Osama Alrashid (Dec 11)
Re: Where are you guys standing re: the (full) disclosure Paul Ammann (Dec 14)
<b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo (Dec 13) Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo (Dec 14) Re: Where are you guys standing re: the (full) disclosure Pedro Luis Karrasquillo (Dec 15)
E-mail Hacking - Hacker Highschool Pete Herzog (Dec 14)
PHDays IV Call for Papers is Open PHD (Dec 02)
Re: Happy Holidays / Xmas Advisory PsychoBilly (Dec 26)
[SECURITY] [DSA 2808-1] openjpeg security update Raphael Geissert (Dec 03) [SECURITY] [DSA 2820-1] nspr security update Raphael Geissert (Dec 17)
Owning Render Farms via NVIDIA mental ray ReVuln (Dec 10)
CALL FOR PAPERS - Hackers 2 Hackers Conference 11th edition Rodrigo Rubira Branco (BSDaemon) (Dec 28)
Android Fragment Injection vulnerability Roee Hay (Dec 10)
Tftpd32 Client Side Format String Vulnerability Rustein, Fara Denise (LATCO - Buenos Aires) (Dec 03)
[SECURITY] [DSA 2809-1] ruby1.8 security update Salvatore Bonaccorso (Dec 04) [SECURITY] [DSA 2810-1] ruby1.9.1 security update Salvatore Bonaccorso (Dec 04) [SECURITY] [DSA 2814-1] varnish security update Salvatore Bonaccorso (Dec 09) [SECURITY] [DSA 2815-1] munin security update Salvatore Bonaccorso (Dec 09) [SECURITY] [DSA 2818-1] mysql-5.5 security update Salvatore Bonaccorso (Dec 16) [SECURITY] [DSA 2824-1] curl security update Salvatore Bonaccorso (Dec 19) [SECURITY] [DSA 2827-1] libcommons-fileupload-java security update Salvatore Bonaccorso (Dec 24) [SECURITY] [DSA 2828-1] drupal6 security update Salvatore Bonaccorso (Dec 28)
D-Link DIR-XXX remote root access exploit. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt (Dec 03) FBTest remote command execution. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt (Dec 03) Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt (Dec 03)
Re: Open phones for privacy/anonymity applications, Guardian Sean Lynch (Dec 11)
SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection SEC Consult Vulnerability Lab (Dec 27)
[ MDVSA-2013:288 ] subversion security (Dec 17) [ MDVSA-2013:287-1 ] drupal security (Dec 17) [ MDVSA-2013:289 ] owncloud security (Dec 18) [ MDVSA-2013:291 ] kernel security (Dec 18) [ MDVSA-2013:291 ] kernel security (Dec 18) [ MDVSA-2013:290 ] mediawiki security (Dec 18) [ MDVSA-2013:292 ] links security (Dec 18) [ MDVSA-2013:293 ] gimp security (Dec 18) [ MDVSA-2013:294 ] gimp security (Dec 18) [ MDVSA-2013:295 ] gnupg security (Dec 19) [ MDVSA-2013:296 ] wireshark security (Dec 20) [ MDVSA-2013:297 ] munin security (Dec 20) [ MDVSA-2013:298 ] php security (Dec 20) [ MDVSA-2013:299 ] samba security (Dec 22) [ MDVSA-2013:300 ] asterisk security (Dec 23) [ MDVSA-2013:301 ] nss security (Dec 23) [ MDVSA-2013:302 ] pixman security (Dec 26)
[Security-news] SA-CONTRIB-2013-097 - OG Features - Access bypass security-news (Dec 05) [Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability security-news (Dec 19)
China's tool of the year silence_is_best (Dec 06) Re: <b>Where are you guys standing re: the (full) disclosure question?</b> silence_is_best (Dec 14) Re: Fwd: NS1 ssh bad attempts silence_is_best (Dec 23)
Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability Stefan Esser (Dec 13)
Clickjacking (?) on Facebook.com (Question) Stefan Schurtz (Dec 11) Re: Clickjacking (?) on Facebook.com (Question) Stefan Schurtz (Dec 12)
[SECURITY] [DSA 2816-1] php5 security update Thijs Kinkhorst (Dec 13) [SECURITY] [DSA 2821-1] gnupg security update Thijs Kinkhorst (Dec 19)
DC4420 - DefCon London: Christmas Social (= no talks), Tuesday 17th December 2013 Tony Naggs (Dec 13)
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Valdis . Kletnieks (Dec 24)
CarolinaCon-10 / 2014 - Call for Presenters/Speakers Vic Vandal (Dec 03)
Fw: xss VMw4r3 (Dec 17)
Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 02) Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 04) Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Dec 05) Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 05) Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability Vulnerability Lab (Dec 09) Print n Share v5.5 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 09) Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities Vulnerability Lab (Dec 10) Re: Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability #full Vulnerability Lab (Dec 10) Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities Vulnerability Lab (Dec 11) Microsoft PhotoStory - CS Cross Site Scripting Vulnerability Vulnerability Lab (Dec 12) Microsoft Yammer - Persistent Profile Vulnerabilities Vulnerability Lab (Dec 12) Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab (Dec 12) Microsoft Online, Office & Cloud - Persistent Encoding Vulnerabilities Vulnerability Lab (Dec 13) Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab (Dec 15) FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 16) QuickHeal AntiVirus 7.0.0.1 - Stack Overflow Vulnerability Vulnerability Lab (Dec 16) Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities Vulnerability Lab (Dec 19)
Kaspersky Internet Security - fake av. vx Indy (Dec 16)
Reflected XSS Attacks XSS vulnerabilities in NagiosQL 3.2.0 Servicepack 2 (CVE: CVE-2013-6039) William Costa (Dec 05)
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application William Scott Lockwood III (Dec 17)
[Wooyun]Amazon elasticbeanstalk code execution Wooyun.org (Dec 26) [Wooyun] Safari for windows PhishingAlert bypass vuln Wooyun.org (Dec 26)
[CVE-2013-6985]SQL Injection Vulnerability In Enorth Webpublisher CMS xin . wang (Dec 06)
Re: MS13-102: NtConnectPort() LPC yuange (Dec 20)
phrack.org being spammed Yvan Janssens (Dec 18)
[SECURITY] [DSA 2826-1] denyhosts security update Yves-Alexis Perez (Dec 23)
Re: Day of bugs in WordPress 3 Zenny (Dec 01)
RSS Feed
About List
All Lists
Previous period