Home page logo
/

224 messages starting Dec 01 13 and ending Dec 31 13
Date index | Thread index | Author index

Sunday, 01 December

TouchID and !simple passcodes Brandon Perry
Re: Day of bugs in WordPress 3 Zenny
Re: Seems like Coinbase Security Team doesn't know how their cookie works Marc Nimmerrichter

Monday, 02 December

PHDays IV Call for Papers is Open PHD
Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities Vulnerability Lab
(no subject) Ciaran McNally

Tuesday, 03 December

D-Link DIR-XXX remote root access exploit. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
FBTest remote command execution. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
Command injection vulnerability in Ruby Gem sprout 0.7.246 Larry W. Cashdollar
Re: Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). coderman
CarolinaCon-10 / 2014 - Call for Presenters/Speakers Vic Vandal
Re: CVE-2013-6271 Remove Android Device Lock - App published Curesec Research Team
[SECURITY] [DSA 2808-1] openjpeg security update Raphael Geissert
[CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue Fran
Tftpd32 Client Side Format String Vulnerability Rustein, Fara Denise (LATCO - Buenos Aires)
DAVOSET v.1.1.4 MustLive

Wednesday, 04 December

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation \"VMware Security Response Center\"
McAfee Email Gateway multiple vulns Brandon Perry
Any not annoying help welcome ICSS Security
Re: Any not annoying help welcome ICSS Security
Re: Any not annoying help welcome adam
Re: Any not annoying help welcome Michael von Dach
Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab
Re: Any not annoying help welcome Christopher Dreher
[SECURITY] [DSA 2809-1] ruby1.8 security update Salvatore Bonaccorso
[SECURITY] [DSA 2810-1] ruby1.9.1 security update Salvatore Bonaccorso
Re: DAVOSET v.1.1.4 MustLive

Thursday, 05 December

[Security-news] SA-CONTRIB-2013-097 - OG Features - Access bypass security-news
CFP RootedCON 2014 Omar Benbouazza
Reflected XSS Attacks XSS vulnerabilities in NagiosQL 3.2.0 Servicepack 2 (CVE: CVE-2013-6039) William Costa
Re: Any not annoying help welcome Mr OverBlue
Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability Vulnerability Lab
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities Vulnerability Lab

Friday, 06 December

NEW VMSA-2013-0015 VMware ESX updates to third party libraries Edward Hawkins
[CVE-2013-6985]SQL Injection Vulnerability In Enorth Webpublisher CMS xin . wang
China's tool of the year silence_is_best
[CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin Christian Catalano
Re: Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 MustLive

Saturday, 07 December

[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood

Sunday, 08 December

[SECURITY] [DSA 2811-1] chromium-browser security update Michael Gilbert
Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive

Monday, 09 December

Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability Vulnerability Lab
Print n Share v5.5 iOS - Multiple Web Vulnerabilities Vulnerability Lab
[SECURITY] [DSA 2812-1] samba security update Moritz Muehlenhoff
Vulnerabilities in Apache Solr < 4.6.0 Nicolas Grégoire
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Julius Kivimäki
Re: Open phones for privacy/anonymity applications, Guardian Anonymous
[SECURITY] [DSA 2813-1] gimp security update Moritz Muehlenhoff
[SECURITY] [DSA 2814-1] varnish security update Salvatore Bonaccorso
[SECURITY] [DSA 2815-1] munin security update Salvatore Bonaccorso

Tuesday, 10 December

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities Vulnerability Lab
Re: Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability #full Vulnerability Lab
Owning Render Farms via NVIDIA mental ray ReVuln
CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability CORE Advisories Team
Android Fragment Injection vulnerability Roee Hay

Wednesday, 11 December

Re: Open phones for privacy/anonymity applications, Guardian Sean Lynch
Adobe Flash Player and Shockwave Player security updates Osama Alrashid
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities Vulnerability Lab
[Onapsis Research Labs] New SAP Security In-Depth issue: "Transport Management System: Highway to Production" Onapsis Research Labs
Clickjacking (?) on Facebook.com (Question) Stefan Schurtz
CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team
SOJOBO-ADV-13-05: Vtiger 5.4.0 Reflected Cross Site Scripting advisories
List Charter John Cartwright
Re: CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team

Thursday, 12 December

Microsoft PhotoStory - CS Cross Site Scripting Vulnerability Vulnerability Lab
Microsoft Yammer - Persistent Profile Vulnerabilities Vulnerability Lab
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn
Re: Clickjacking (?) on Facebook.com (Question) Stefan Schurtz
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski
Command injection in Ruby Gem Webbynode 1.0.5.3 Larry W. Cashdollar

Friday, 13 December

Re: Clickjacking (?) on Facebook.com (Question) Jann Horn
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn
Re: Clickjacking (?) on Facebook.com (Question) Nahuel Grisolía
Ditto Forensic FieldStation, multiple vulnerabilities Martin Wundram
[SECURITY] [DSA 2816-1] php5 security update Thijs Kinkhorst
<b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo
Multiple vulnerabilities in SMF forum software Jakob Lell
Re: Where are you guys standing re: the (full) disclosure Mikhail A. Utin
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Georgi Guninski
Re: Where are you guys standing re: the (full) disclosure Georgi Guninski
Re: Where are you guys standing re: the (full) disclosure imipak
Microsoft Online, Office & Cloud - Persistent Encoding Vulnerabilities Vulnerability Lab
Re: Where are you guys standing re: the (full) disclosure Gary Baribault
Re: Where are you guys standing re: the (full) disclosure Georgi Guninski
DC4420 - DefCon London: Christmas Social (= no talks), Tuesday 17th December 2013 Tony Naggs
Re: Where are you guys standing re: the (full) disclosure Gary Baribault
Re: Where are you guys standing re: the (full) disclosure Jeffrey Walton
Re: Where are you guys standing re: the (full) disclosure Gary Baribault
Re: Where are you guys standing re: the (full) disclosure Gary Baribault
Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability Stefan Esser
Re: Where are you guys standing re: the (full) disclosure Gary Baribault
Re: Where are you guys standing re: the (full) disclosure Gary Baribault

Saturday, 14 December

RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman
Re: Where are you guys standing re: the (full) disclosure amani
cryptographic flaws in IBM SPSS data file encryption Ben Pfaff
[SECURITY] [DSA 2817-1] libtar security update Luciano Bello
Securely Download Google Chrome Offline Installer Dieyu
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> silence_is_best
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips
E-mail Hacking - Hacker Highschool Pete Herzog
Re: Where are you guys standing re: the (full) disclosure Paul Ammann
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell
Call for Papers -YSTS 8 - Information Security Conference, Brazil Luiz Eduardo
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Dieyu
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Microsoft Security Response Center

Sunday, 15 December

Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line Larry W. Cashdollar
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips
Re: Where are you guys standing re: the (full) disclosure Pedro Luis Karrasquillo
iscripts autohoster , multiple vulns / php code injection exploit 0u7 5m4r7
Iscripts multicart , multiple vulns 0u7 5m4r7
Iscripts supportdesk 4.x , Multiple vulns / Sql injection exploit 0u7 5m4r7
Buxalert PTC , multiple vulns / SQL injection Exploit 0u7 5m4r7
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab
Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W. Cashdollar

Monday, 16 December

Re: WordPress OptimizePress Theme - File Upload Vulnerability Kurt Seifried
Traidnt up 3 , Admin info reset exploit 0u7 5m4r7
Arabportal 2.x , Sql injection / Password reset exploit 0u7 5m4r7
Kaspersky Internet Security - fake av. vx Indy
[SECURITY] [DSA 2818-1] mysql-5.5 security update Salvatore Bonaccorso
[SECURITY] [DSA 2819-1] End-of-life announcement for iceape Moritz Muehlenhoff
Re: Kaspersky Internet Security - fake av. iPwn
OpenText Exceed On Demand 8 multiple vulnerabilities Krzysztof Kotowicz
Information Leakage and Backdoor vulnerabilities in WordPress MustLive
Release: Faraday Penetration Test IDE Francisco Amato
FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab
BodyHacking Convention 2014 I)ruid
AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message Asterisk Security Team
AST-2013-007: Asterisk Manager User Dialplan Permission Escalation Asterisk Security Team
QuickHeal AntiVirus 7.0.0.1 - Stack Overflow Vulnerability Vulnerability Lab

Tuesday, 17 December

Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman
[SECURITY] [DSA 2820-1] nspr security update Raphael Geissert
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Fyodor
CSRF, DoS and IL vulnerabilities in WordPress MustLive
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application William Scott Lockwood III
[ MDVSA-2013:288 ] subversion security
[ MDVSA-2013:287-1 ] drupal security
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application coderman
CORE-2013-0903 - RealPlayer Heap-based Buffer Overflow Vulnerability CORE Advisories Team
Fw: xss VMw4r3

Wednesday, 18 December

Capstone 1.0 disassembly framework release! Nguyen Anh Quynh
[ MDVSA-2013:289 ] owncloud security
[ MDVSA-2013:291 ] kernel security
[ MDVSA-2013:291 ] kernel security
[ MDVSA-2013:290 ] mediawiki security
phrack.org being spammed Yvan Janssens
InfoSec Southwest 2014 CFP now open! ISSW CFP
[CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms Christian Catalano
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood
[ MDVSA-2013:292 ] links security
[ MDVSA-2013:293 ] gimp security
[ MDVSA-2013:294 ] gimp security
[SECURITY] [DSA 2822-1] xorg-server security update Moritz Muehlenhoff
[SECURITY] [DSA 2823-1] pixman security update Moritz Muehlenhoff

Thursday, 19 December

[Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability security-news
[SECURITY] [DSA 2821-1] gnupg security update Thijs Kinkhorst
XSS in HP Operations Orchestration Central version 9.06 Bart Leppens
Apache Santuario security advisory CVE-2013-4517 released Colm O hEigeartaigh
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering Mikhail A. Utin
[ MDVSA-2013:295 ] gnupg security
[SECURITY] [DSA 2824-1] curl security update Salvatore Bonaccorso
Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities Vulnerability Lab
URL Redirector Abuse and XSS vulnerabilities in WordPress MustLive

Friday, 20 December

Re: MS13-102: NtConnectPort() LPC yuange
[REVIVE-SA-2013-001] Revive Adserver 3.0.2 fixes SQL injection vulnerability Matteo Beccati
Synology DSM multiple directory traversal Andrea Fabrizi
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman
[ MDVSA-2013:296 ] wireshark security
[ MDVSA-2013:297 ] munin security
[SECURITY] [DSA 2825-1] wireshark security update Moritz Muehlenhoff
[ MDVSA-2013:298 ] php security
WinAppDbg 1.5 is out! Mario Vilas

Saturday, 21 December

Fwd: NS1 ssh bad attempts Gary Baribault

Sunday, 22 December

[ MDVSA-2013:299 ] samba security
Practical malleability attack against CBC-Encrypted LUKS partitions Jakob Lell
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive

Monday, 23 December

NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX \"VMware Security Response Center\"
[ MDVSA-2013:300 ] asterisk security
[ MDVSA-2013:301 ] nss security
Security by destruction Jerome Athias
Vulnerabilities in Dewplayer MustLive
Merry Christmas and all the best in the new year Georgi Guninski
Re: Fwd: NS1 ssh bad attempts silence_is_best
CVSphoto.com Stores Passwords Unhashed Alex Buie
[SECURITY] [DSA 2826-1] denyhosts security update Yves-Alexis Perez

Tuesday, 24 December

[SECURITY] [DSA 2827-1] libcommons-fileupload-java security update Salvatore Bonaccorso
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Valdis . Kletnieks
Happy Holidays / Xmas Advisory joernchen
Re: Happy Holidays / Xmas Advisory Henri Salo

Thursday, 26 December

Re: Happy Holidays / Xmas Advisory PsychoBilly
[ MDVSA-2013:302 ] pixman security
RBS Change v3.6.8 XSS Vulnerability metropolis haxor
[Wooyun]Amazon elasticbeanstalk code execution Wooyun.org
[Wooyun] Safari for windows PhishingAlert bypass vuln Wooyun.org
[CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability arno
Re: Happy Holidays / Xmas Advisory Brandon Perry
Re: Happy Holidays / Xmas Advisory Gage Bystrom
Vulnerabilities in plugins for WordPress, Joomla and Plone with Dewplayer MustLive

Friday, 27 December

SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection SEC Consult Vulnerability Lab
Re: Happy Holidays / Xmas Advisory Henri Salo

Saturday, 28 December

[SECURITY] [DSA 2828-1] drupal6 security update Salvatore Bonaccorso
[SECURITY] [DSA 2829-1] hplip security update Moritz Muehlenhoff
CALL FOR PAPERS - Hackers 2 Hackers Conference 11th edition Rodrigo Rubira Branco (BSDaemon)
vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog

Sunday, 29 December

30c3: The Year in Crypto default engines loaded in openssl-1.x through openssl-1.0.1e] coderman
Re: Happy Holidays / Xmas Advisory Matthew Gow
Re: vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog

Monday, 30 December

[SECURITY] [DSA 2830-1] ruby-i18n security update Florian Weimer

Tuesday, 31 December

Phact iPwn
Re: Open phones for privacy/anonymity applications, Guardian l
DoS vulnerability in Adobe Flash Player (BSOD) MustLive
CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler MustLive
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]