224 messages starting Dec 01 13 and ending Dec 31 13 Date index | Thread index | Author index
TouchID and !simple passcodes Brandon Perry Re: Day of bugs in WordPress 3 Zenny Re: Seems like Coinbase Security Team doesn't know how their cookie works Marc Nimmerrichter
PHDays IV Call for Papers is Open PHD Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities Vulnerability Lab (no subject) Ciaran McNally
D-Link DIR-XXX remote root access exploit. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt FBTest remote command execution. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt Command injection vulnerability in Ruby Gem sprout 0.7.246 Larry W. Cashdollar Re: Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). coderman CarolinaCon-10 / 2014 - Call for Presenters/Speakers Vic Vandal Re: CVE-2013-6271 Remove Android Device Lock - App published Curesec Research Team [SECURITY] [DSA 2808-1] openjpeg security update Raphael Geissert [CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue Fran Tftpd32 Client Side Format String Vulnerability Rustein, Fara Denise (LATCO - Buenos Aires) DAVOSET v.1.1.4 MustLive
NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation \"VMware Security Response Center\" McAfee Email Gateway multiple vulns Brandon Perry Any not annoying help welcome ICSS Security Re: Any not annoying help welcome ICSS Security Re: Any not annoying help welcome adam Re: Any not annoying help welcome Michael von Dach Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab Re: Any not annoying help welcome Christopher Dreher [SECURITY] [DSA 2809-1] ruby1.8 security update Salvatore Bonaccorso [SECURITY] [DSA 2810-1] ruby1.9.1 security update Salvatore Bonaccorso Re: DAVOSET v.1.1.4 MustLive
[Security-news] SA-CONTRIB-2013-097 - OG Features - Access bypass security-news CFP RootedCON 2014 Omar Benbouazza Reflected XSS Attacks XSS vulnerabilities in NagiosQL 3.2.0 Servicepack 2 (CVE: CVE-2013-6039) William Costa Re: Any not annoying help welcome Mr OverBlue Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability Vulnerability Lab Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities Vulnerability Lab
NEW VMSA-2013-0015 VMware ESX updates to third party libraries Edward Hawkins [CVE-2013-6985]SQL Injection Vulnerability In Enorth Webpublisher CMS xin . wang China's tool of the year silence_is_best [CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin Christian Catalano Re: Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 MustLive
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood
[SECURITY] [DSA 2811-1] chromium-browser security update Michael Gilbert Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive
Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability Vulnerability Lab Print n Share v5.5 iOS - Multiple Web Vulnerabilities Vulnerability Lab [SECURITY] [DSA 2812-1] samba security update Moritz Muehlenhoff Vulnerabilities in Apache Solr < 4.6.0 Nicolas Grégoire Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Julius Kivimäki Re: Open phones for privacy/anonymity applications, Guardian Anonymous [SECURITY] [DSA 2813-1] gimp security update Moritz Muehlenhoff [SECURITY] [DSA 2814-1] varnish security update Salvatore Bonaccorso [SECURITY] [DSA 2815-1] munin security update Salvatore Bonaccorso
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities Vulnerability Lab Re: Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability #full Vulnerability Lab Owning Render Farms via NVIDIA mental ray ReVuln CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability CORE Advisories Team Android Fragment Injection vulnerability Roee Hay
Re: Open phones for privacy/anonymity applications, Guardian Sean Lynch Adobe Flash Player and Shockwave Player security updates Osama Alrashid Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities Vulnerability Lab [Onapsis Research Labs] New SAP Security In-Depth issue: "Transport Management System: Highway to Production" Onapsis Research Labs Clickjacking (?) on Facebook.com (Question) Stefan Schurtz CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team SOJOBO-ADV-13-05: Vtiger 5.4.0 Reflected Cross Site Scripting advisories List Charter John Cartwright Re: CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team
Microsoft PhotoStory - CS Cross Site Scripting Vulnerability Vulnerability Lab Microsoft Yammer - Persistent Profile Vulnerabilities Vulnerability Lab Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab Re: Clickjacking (?) on Facebook.com (Question) Jann Horn Re: Clickjacking (?) on Facebook.com (Question) Stefan Schurtz Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski Re: Clickjacking (?) on Facebook.com (Question) Jann Horn Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski Command injection in Ruby Gem Webbynode 1.0.5.3 Larry W. Cashdollar
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski Re: Clickjacking (?) on Facebook.com (Question) Jann Horn Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski Re: Clickjacking (?) on Facebook.com (Question) Jann Horn Re: Clickjacking (?) on Facebook.com (Question) Nahuel Grisolía Ditto Forensic FieldStation, multiple vulnerabilities Martin Wundram [SECURITY] [DSA 2816-1] php5 security update Thijs Kinkhorst <b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo Multiple vulnerabilities in SMF forum software Jakob Lell Re: Where are you guys standing re: the (full) disclosure Mikhail A. Utin Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Georgi Guninski Re: Where are you guys standing re: the (full) disclosure Georgi Guninski Re: Where are you guys standing re: the (full) disclosure imipak Microsoft Online, Office & Cloud - Persistent Encoding Vulnerabilities Vulnerability Lab Re: Where are you guys standing re: the (full) disclosure Gary Baribault Re: Where are you guys standing re: the (full) disclosure Georgi Guninski DC4420 - DefCon London: Christmas Social (= no talks), Tuesday 17th December 2013 Tony Naggs Re: Where are you guys standing re: the (full) disclosure Gary Baribault Re: Where are you guys standing re: the (full) disclosure Jeffrey Walton Re: Where are you guys standing re: the (full) disclosure Gary Baribault Re: Where are you guys standing re: the (full) disclosure Gary Baribault Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability Stefan Esser Re: Where are you guys standing re: the (full) disclosure Gary Baribault Re: Where are you guys standing re: the (full) disclosure Gary Baribault
RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman Re: Where are you guys standing re: the (full) disclosure amani cryptographic flaws in IBM SPSS data file encryption Ben Pfaff [SECURITY] [DSA 2817-1] libtar security update Luciano Bello Securely Download Google Chrome Offline Installer Dieyu Re: <b>Where are you guys standing re: the (full) disclosure question?</b> silence_is_best Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips E-mail Hacking - Hacker Highschool Pete Herzog Re: Where are you guys standing re: the (full) disclosure Paul Ammann Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell Call for Papers -YSTS 8 - Information Security Conference, Brazil Luiz Eduardo Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Dieyu Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Microsoft Security Response Center
Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line Larry W. Cashdollar Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips Re: Where are you guys standing re: the (full) disclosure Pedro Luis Karrasquillo iscripts autohoster , multiple vulns / php code injection exploit 0u7 5m4r7 Iscripts multicart , multiple vulns 0u7 5m4r7 Iscripts supportdesk 4.x , Multiple vulns / Sql injection exploit 0u7 5m4r7 Buxalert PTC , multiple vulns / SQL injection Exploit 0u7 5m4r7 Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W. Cashdollar
Re: WordPress OptimizePress Theme - File Upload Vulnerability Kurt Seifried Traidnt up 3 , Admin info reset exploit 0u7 5m4r7 Arabportal 2.x , Sql injection / Password reset exploit 0u7 5m4r7 Kaspersky Internet Security - fake av. vx Indy [SECURITY] [DSA 2818-1] mysql-5.5 security update Salvatore Bonaccorso [SECURITY] [DSA 2819-1] End-of-life announcement for iceape Moritz Muehlenhoff Re: Kaspersky Internet Security - fake av. iPwn OpenText Exceed On Demand 8 multiple vulnerabilities Krzysztof Kotowicz Information Leakage and Backdoor vulnerabilities in WordPress MustLive Release: Faraday Penetration Test IDE Francisco Amato FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab BodyHacking Convention 2014 I)ruid AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message Asterisk Security Team AST-2013-007: Asterisk Manager User Dialplan Permission Escalation Asterisk Security Team QuickHeal AntiVirus 7.0.0.1 - Stack Overflow Vulnerability Vulnerability Lab
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman [SECURITY] [DSA 2820-1] nspr security update Raphael Geissert Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Fyodor CSRF, DoS and IL vulnerabilities in WordPress MustLive Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application William Scott Lockwood III [ MDVSA-2013:288 ] subversion security [ MDVSA-2013:287-1 ] drupal security Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application coderman CORE-2013-0903 - RealPlayer Heap-based Buffer Overflow Vulnerability CORE Advisories Team Fw: xss VMw4r3
Capstone 1.0 disassembly framework release! Nguyen Anh Quynh [ MDVSA-2013:289 ] owncloud security [ MDVSA-2013:291 ] kernel security [ MDVSA-2013:291 ] kernel security [ MDVSA-2013:290 ] mediawiki security phrack.org being spammed Yvan Janssens InfoSec Southwest 2014 CFP now open! ISSW CFP [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms Christian Catalano Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood [ MDVSA-2013:292 ] links security [ MDVSA-2013:293 ] gimp security [ MDVSA-2013:294 ] gimp security [SECURITY] [DSA 2822-1] xorg-server security update Moritz Muehlenhoff [SECURITY] [DSA 2823-1] pixman security update Moritz Muehlenhoff
[Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability security-news [SECURITY] [DSA 2821-1] gnupg security update Thijs Kinkhorst XSS in HP Operations Orchestration Central version 9.06 Bart Leppens Apache Santuario security advisory CVE-2013-4517 released Colm O hEigeartaigh Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering Mikhail A. Utin [ MDVSA-2013:295 ] gnupg security [SECURITY] [DSA 2824-1] curl security update Salvatore Bonaccorso Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities Vulnerability Lab URL Redirector Abuse and XSS vulnerabilities in WordPress MustLive
Re: MS13-102: NtConnectPort() LPC yuange [REVIVE-SA-2013-001] Revive Adserver 3.0.2 fixes SQL injection vulnerability Matteo Beccati Synology DSM multiple directory traversal Andrea Fabrizi Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman [ MDVSA-2013:296 ] wireshark security [ MDVSA-2013:297 ] munin security [SECURITY] [DSA 2825-1] wireshark security update Moritz Muehlenhoff [ MDVSA-2013:298 ] php security WinAppDbg 1.5 is out! Mario Vilas
Fwd: NS1 ssh bad attempts Gary Baribault
[ MDVSA-2013:299 ] samba security Practical malleability attack against CBC-Encrypted LUKS partitions Jakob Lell Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive
NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX \"VMware Security Response Center\" [ MDVSA-2013:300 ] asterisk security [ MDVSA-2013:301 ] nss security Security by destruction Jerome Athias Vulnerabilities in Dewplayer MustLive Merry Christmas and all the best in the new year Georgi Guninski Re: Fwd: NS1 ssh bad attempts silence_is_best CVSphoto.com Stores Passwords Unhashed Alex Buie [SECURITY] [DSA 2826-1] denyhosts security update Yves-Alexis Perez
[SECURITY] [DSA 2827-1] libcommons-fileupload-java security update Salvatore Bonaccorso Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Valdis . Kletnieks Happy Holidays / Xmas Advisory joernchen Re: Happy Holidays / Xmas Advisory Henri Salo
Re: Happy Holidays / Xmas Advisory PsychoBilly [ MDVSA-2013:302 ] pixman security RBS Change v3.6.8 XSS Vulnerability metropolis haxor [Wooyun]Amazon elasticbeanstalk code execution Wooyun.org [Wooyun] Safari for windows PhishingAlert bypass vuln Wooyun.org [CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability arno Re: Happy Holidays / Xmas Advisory Brandon Perry Re: Happy Holidays / Xmas Advisory Gage Bystrom Vulnerabilities in plugins for WordPress, Joomla and Plone with Dewplayer MustLive
SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection SEC Consult Vulnerability Lab Re: Happy Holidays / Xmas Advisory Henri Salo
[SECURITY] [DSA 2828-1] drupal6 security update Salvatore Bonaccorso [SECURITY] [DSA 2829-1] hplip security update Moritz Muehlenhoff CALL FOR PAPERS - Hackers 2 Hackers Conference 11th edition Rodrigo Rubira Branco (BSDaemon) vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog
30c3: The Year in Crypto default engines loaded in openssl-1.x through openssl-1.0.1e] coderman Re: Happy Holidays / Xmas Advisory Matthew Gow Re: vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog
[SECURITY] [DSA 2830-1] ruby-i18n security update Florian Weimer
Phact iPwn Re: Open phones for privacy/anonymity applications, Guardian l DoS vulnerability in Adobe Flash Player (BSOD) MustLive CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler MustLive
RSS Feed
About List
All Lists
Previous period