Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
271 messages
starting Jul 22 10 and
ending Jul 16 10
Date index |
Thread index |
Author index
advisories
vBulletin - Critical Information Disclosure advisories (Jul 22)
Jira Enterprise 4.0.1 - Multiple Low Risk Vulnerabilities advisories (Jul 28)
advisory
XSS vulnerability in DSite CMS advisory (Jul 15)
XSS vulnerability in CruxPA advisory (Jul 08)
XSS vulnerability in Campsite advisory (Jul 30)
XSS vulnerability in Campsite advisory (Jul 30)
SQL injection vulnerability in CMSQLite advisory (Jul 13)
XSS vulnerability in FestOS advisory (Jul 15)
SQL injection vulnerability in Theeta CMS advisory (Jul 27)
XSS vulnerability in Diem advisory (Jul 13)
XSS vulnerability in WebPress advisory (Jul 15)
XSS vulnerability in Pixie advisory (Jul 15)
XSRF (CSRF) in Pixie advisory (Jul 15)
XSS vulnerability in Theeta CMS advisory (Jul 27)
XSS vulnerability in Theeta CMS advisory (Jul 27)
XSS vulnerability in Spitfire advisory (Jul 22)
XSS vulnerability in FestOS advisory (Jul 15)
XSS vulnerability in WebPress advisory (Jul 15)
XSS vulnerability in Pligg search module advisory (Jul 15)
XSS vulnerability in Gekko Web Builder advisory (Jul 15)
XSS vulnerability in CruxPA advisory (Jul 08)
XSRF (CSRF) in phpwcms advisory (Jul 15)
XSS vulnerability in SyndeoCMS advisory (Jul 27)
XSS vulnerability in Spitfire advisory (Jul 22)
XSS vulnerability in CruxPA advisory (Jul 08)
Stored XSS vulnerability in Pixie advisory (Jul 15)
XSS vulnerability in Taggon CMS advisory (Jul 15)
XSS vulnerability in WebPress advisory (Jul 15)
XSS vulnerability in CruxPA advisory (Jul 08)
XSS vulnerability in Spitfire search advisory (Jul 22)
XSS vulnerability in CruxCMS advisory (Jul 08)
XSS vulnerability in WebPress advisory (Jul 15)
XSS vulnerability in SyndeoCMS advisory (Jul 27)
XSS vulnerability in Theeta CMS advisory (Jul 27)
SQL injection vulnerability in CMSQLite advisory (Jul 13)
XSS vulnerability in Diem advisory (Jul 13)
XSS vulnerability in Spitfire advisory (Jul 22)
XSS vulnerability in Spitfire advisory (Jul 22)
XSS vulnerability in SyndeoCMS advisory (Jul 27)
XSS vulnerability in phpwcms advisory (Jul 15)
XSRF (CSRF) in Pixie advisory (Jul 15)
XSS vulnerability in CMSQLite advisory (Jul 13)
XSS vulnerability in Diem advisory (Jul 13)
XSS vulnerability in CruxCMS advisory (Jul 08)
SQL injection vulnerability in CMSQLite advisory (Jul 13)
Akita Software Security
Outlook PR_ATTACH_METHOD file execution vulnerability Akita Software Security (Jul 15)
Akamai Download Manager arbitrary file download & execution Akita Software Security (Jul 30)
Alexander Sotirov
Pwnie Awards 2010 Alexander Sotirov (Jul 15)
Alexandr Polyakov
[DSECRG-09-040] SAP Netweaver wsnavigator XSS Security Vulnerability Alexandr Polyakov (Jul 23)
[DSECRG-09-068] SAP NetWaver SLD - multiple XSS Alexandr Polyakov (Jul 23)
Andrea Barisani
[oCERT-2010-002] Joomla input sanitization errors (XSS) Andrea Barisani (Jul 21)
Andrei Rimsa
Pligg Installation File XSS Vulnerability Andrei Rimsa (Jul 07)
Pligg Installation File XSS Vulnerability Andrei Rimsa (Jul 08)
RunCMS XSS Vulnerability via User Agent Andrei Rimsa (Jul 07)
DCP-Portal Multiple XSS Vulnerabilities Andrei Rimsa (Jul 07)
Exponent Slideshow XSS Vulnerability Andrei Rimsa (Jul 07)
MODx Installation File XSS Vulnerability Andrei Rimsa (Jul 07)
Bartłomiej Balcerek
PBS Pro race condition vulnerability Bartłomiej Balcerek (Jul 07)
bill
Xlight FTPd Multiple Directory Traversal in SFTP bill (Jul 06)
Bkis
[Bkis-03-2010] Vulnerability in Flash Slideshow Maker Vulnerability Bkis (Jul 02)
bugreport
IIS5.1 Directory Authentication Bypass by using “:$I30:$Index_Allocation” bugreport (Jul 02)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability Cisco Systems Product Security Incident Response Team (Jul 07)
Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability Cisco Systems Product Security Incident Response Team (Jul 21)
ClubHack
ClubHack2010 CFP ClubHack (Jul 15)
Crash
IrcDelphi DCA-00010 Vulnerability Report Crash (Jul 05)
Cristofaro Mune
IS-2010-006 - D-Link DAP-1160 formFilter buffer overflow Cristofaro Mune (Jul 15)
Dan Rosenberg
Mac OS X WebDAV kernel extension local denial-of-service Dan Rosenberg (Jul 26)
FuzzDiff tool Dan Rosenberg (Jul 27)
david . kurz
[MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues david . kurz (Jul 27)
[MajorSecurity SA-076]Conpresso CMS - Cross site Scripting vulnerabilities david . kurz (Jul 16)
ddivulnalert
DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass ddivulnalert (Jul 02)
DeepSec Conference
DeepSec 2010 - Call for Papers - REMINDER DeepSec Conference (Jul 07)
Dominic
London DEFCON July meet - DC4420 - Wed 28th July 2010 Dominic (Jul 27)
egypt
Metasploit Framework 3.4.1 Released egypt (Jul 12)
Elazar Broad
SAPGui BI wadmxhtml.dll Tags Property Heap Corruption Elazar Broad (Jul 15)
Florian Weimer
[SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution Florian Weimer (Jul 28)
[SECURITY] [DSA 2077-1] New openldap packages fix potential code execution Florian Weimer (Jul 29)
Francis Provencher
{PRL} Novell Groupwise Webaccess Stack Overflow Francis Provencher (Jul 15)
{PRL} Novell Groupwise Internet Agent Stack Overflow Francis Provencher (Jul 16)
Frank Stuart
CVE-2010-2384: Solaris wbem unsafe use of temporary files Frank Stuart (Jul 20)
CVE-2010-2382: Solaris flar unsafe use of temporary files Frank Stuart (Jul 20)
CVE-2010-2382: Solaris nfslogd unsafe use of temporary files Frank Stuart (Jul 20)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-10:07.mbuf FreeBSD Security Advisories (Jul 13)
g1xsystem
DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit g1xsystem (Jul 26)
YACK CMS 10.5.27 Remote File Inclusion Vulnerability g1xsystem (Jul 19)
Gadi Evron
Paper on the law and Implantable Devices security Gadi Evron (Jul 27)
Gerald Carter
[LWSA-2010-001] Likewise Open 5.4 & 6.0 Gerald Carter (Jul 26)
Giuseppe Iuculano
[SECURITY] [DSA 2074-1] New ncompress packages fix execution of arbitrary code Giuseppe Iuculano (Jul 21)
[SECURITY] [DSA 2072-1] New libpng packages fix several vulnerabilities Giuseppe Iuculano (Jul 19)
[SECURITY] [DSA-2068-1] New python-cjson packages fix denial of service Giuseppe Iuculano (Jul 12)
Hafez Kamal
[HITB-Ann] Reminder: HITB2010 Malaysia Call for Papers Closing August 9th Hafez Kamal (Jul 29)
[HITB-Announce] HITB Magazine Issue 003 + HITBSecConf2010 - Amsterdam Hafez Kamal (Jul 05)
Hashdays CFP
Re: hashdays 2010 - Call for Papers (#days CFP) Hashdays CFP (Jul 13)
Henri Salo
Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management Henri Salo (Jul 02)
houkouonchi
Re: Re: Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games houkouonchi (Jul 07)
Ian Maguire
Re: pam_captcha username harvest vulnerability Ian Maguire (Jul 15)
pam_captcha username harvest vulnerability Ian Maguire (Jul 06)
info
Opera Browser Address Bar Spoofing Vulnerability info (Jul 15)
SeaMonkey 2.0.5 Address Bar Spoofing Vulnerability info (Jul 19)
Internet Explorer 8.0 Address Bar Spoofing Vulnerability info (Jul 26)
IE6 css set Denial of Service Vulnerability info (Jul 12)
Mozilla Firefox 3.5.x Address Bar Spoofing Vulnerability info (Jul 21)
Opera Crash by <canvas> Element info (Jul 12)
Insomnia Security
Insomnia : ISVA-100730.1 - CMS Multiple SQL injection Vulnerabilities Insomnia Security (Jul 30)
ithilgore
A new zombie port scanning attack ithilgore (Jul 16)
ivan . sanchez
NTSOFT BBS E-Market Professional = XSS / Remote Execution Code ivan . sanchez (Jul 06)
Jamie Strandboge
[USN-930-5] ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikko, OpenJDK, packagekit, ubufox, webfav, yelp update Jamie Strandboge (Jul 23)
[USN-930-4] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Jul 23)
[USN-956-1] sudo vulnerability Jamie Strandboge (Jul 02)
[USN-927-8] Thunderbird update Jamie Strandboge (Jul 23)
[USN-930-6] Firefox and Xulrunner vulnerability Jamie Strandboge (Jul 27)
[USN-927-7] nspr update Jamie Strandboge (Jul 23)
[USN-957-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Jul 23)
[USN-927-6] NSS vulnerability Jamie Strandboge (Jul 23)
[USN-957-2] Firefox and Xulrunner vulnerability Jamie Strandboge (Jul 26)
jason
Re: MODx Installation File XSS Vulnerability jason (Jul 08)
Jon
RE: vBulletin - Critical Information Disclosure Jon (Jul 23)
Jordan Sissel
Re: pam_captcha username harvest vulnerability Jordan Sissel (Jul 15)
Jose Nicolas Castellano
CFP NcN 2010 Jose Nicolas Castellano (Jul 29)
Juha-Matti Laurio
Re: ZDI-10-121: Command Injection Remote Code Execution Vulnerability Juha-Matti Laurio (Jul 16)
Kees Cook
[USN-964-1] Likewise Open vulnerability Kees Cook (Jul 27)
[USN-959-1] PAM vulnerability Kees Cook (Jul 08)
[USN-962-1] VTE vulnerability Kees Cook (Jul 15)
[USN-940-2] Kerberos vulnerability Kees Cook (Jul 21)
Kiwicon
Kiwicon IV: Our Worst CFP Yet Kiwicon (Jul 16)
Laurent OUDOT at TEHTRI-Security
Security Advisories from TEHTRI-Security at HITB Europe Laurent OUDOT at TEHTRI-Security (Jul 05)
lilf
QQplayer smi File Processing Buffer Overflow Vulnerability lilf (Jul 26)
madhck
Nessus Vulnerabilities madhck (Jul 26)
Mailing lists at Core Security Technologies
Hiding Backdoors in plain sight Mailing lists at Core Security Technologies (Jul 05)
Marc Deslauriers
[USN-960-1] libpng vulnerabilities Marc Deslauriers (Jul 08)
[USN-943-1] Thunderbird vulnerabilities Marc Deslauriers (Jul 06)
[USN-963-1] FreeType vulnerabilities Marc Deslauriers (Jul 20)
[USN-958-1] Thunderbird vulnerabilities Marc Deslauriers (Jul 26)
[USN-961-1] Ghostscript vulnerabilities Marc Deslauriers (Jul 13)
Marc Ruef
[scip_Advisory 4143] Shemes Grabbit Malicious NZB Date Denial of Service Marc Ruef (Jul 08)
Mark Thomas
[SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability Mark Thomas (Jul 09)
martin
Re: TTVideo 1.0 Joomla Component SQL Injection Vulnerability martin (Jul 28)
Moritz Muehlenhoff
[SECURITY] [DSA 2070-1] New freetype packages fix several vulnerabilities Moritz Muehlenhoff (Jul 15)
[SECURITY] [DSA 2071-1] New libmikmod packages fix several vulnerabilities Moritz Muehlenhoff (Jul 15)
[SECURITY] [DSA 2066-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (Jul 02)
[SECURITY] [DSA 2075-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Jul 28)
MustLive
Vulnerabilities in WP-UserOnline for WordPress MustLive (Jul 02)
Multiple vulnerabilities in MC Content Manager MustLive (Jul 26)
[Suspected Spam]Cross-Site Scripting vulnerabilities in SimpGB MustLive (Jul 15)
Vulnerabilities in Cetera eCommerce MustLive (Jul 28)
Vulnerabilities in SimpNews MustLive (Jul 09)
Day of bugs in WordPress 2 MustLive (Jul 30)
New vulnerabilities in Cetera eCommerce MustLive (Jul 28)
[Suspected Spam]File Download and DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera MustLive (Jul 05)
[Suspected Spam]SQL Injection vulnerability in coWiki MustLive (Jul 21)
noreply
TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow noreply (Jul 05)
Onapsis Research Labs
[Onapsis Security Advisory 2010-006] SAP J2EE Web Services Navigator Cross-Site Scripting Onapsis Research Labs (Jul 21)
P0ndera
Re: Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games P0ndera (Jul 06)
Paul Craig
iKAT - Interactive Kiosk Attack Tool v3 : Defcon 18 Edition Paul Craig (Jul 27)
paul . sec117
Re: Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation? paul . sec117 (Jul 13)
Pedro Andujar
Editran editcp V4.1 R7 - Remote buffer overflow Pedro Andujar (Jul 05)
praveen_recker
VLC Player M3U file ftp:// URI Handler Remote Stack Buffer Overflow praveen_recker (Jul 06)
Heap Overflow/DoS Vulnerability in Media Player Classic praveen_recker (Jul 27)
Raphael Geissert
[SECURITY] [DSA-2067-1] New mahara packages fix several vulnerabilities Raphael Geissert (Jul 05)
[SECURITY] [DSA-2069-1] New znc packages fix denial of service Raphael Geissert (Jul 12)
research
PR09-16: Juniper Secure Access series (Juniper IVE) Cross-Site Scripting Vulnerability research (Jul 15)
Richard . haf
Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation? Richard . haf (Jul 12)
rimsa
Re: RunCMS XSS Vulnerability via User Agent rimsa (Jul 08)
Re: MODx Installation File XSS Vulnerability rimsa (Jul 08)
Rodrigo Branco
PoC for CVE-2010-1869 (ghostscript) and CVE-2010-1039 (rpc.pcnfsd) Rodrigo Branco (Jul 19)
Rodrigo Rubira Branco (BSDaemon)
Call For Papers - Hackers 2 Hackers Conference 7th Edition - Brazil Rodrigo Rubira Branco (BSDaemon) (Jul 26)
Salvatore Fresta aka Drosophila
TTVideo 1.0 Joomla Component SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Jul 27)
ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (Jul 07)
PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection Salvatore Fresta aka Drosophila (Jul 29)
iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Jul 02)
Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (Jul 05)
PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection Salvatore Fresta aka Drosophila (Jul 28)
REVISION: iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila (Jul 02)
Sandbox 2.0.3 Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (Jul 07)
iScripts ReserveLogic 1.0 SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Jul 02)
WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila (Jul 26)
Appointinator 1.0.1 Joomla Component Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (Jul 28)
iScripts SocialWare 2.2.x Multiple Remote Vulnerability Salvatore Fresta aka Drosophila (Jul 05)
RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Jul 16)
iScripts MultiCart 2.2 Multiple SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Jul 05)
Secunia Research
Secunia Research: GIGABYTE Dldrv2 ActiveX Control Unsafe Methods Secunia Research (Jul 15)
Secunia Research: Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow Secunia Research (Jul 28)
Secunia Research: Joomla BookLibrary From Same Author Module "id" SQL Injection Secunia Research (Jul 05)
Secunia Research: Autonomy KeyView wkssr.dll Integer Underflow Vulnerability Secunia Research (Jul 28)
Secunia Research: Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error Secunia Research (Jul 28)
Secunia Research: Autonomy KeyView wkssr.dll String Indexing Vulnerability Secunia Research (Jul 28)
Secunia Research: GIGABYTE Dldrv2 ActiveX Control Array Indexing Vulnerability Secunia Research (Jul 15)
Secunia Research: Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow Secunia Research (Jul 28)
Secunia Research: Autonomy KeyView Compound File Parsing Buffer Overflow Secunia Research (Jul 28)
Secunia Research: Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows Secunia Research (Jul 28)
security
[ MDVSA-2010:127 ] imlib2 security (Jul 05)
[ MDVSA-2010:128 ] lftp security (Jul 07)
[ MDVSA-2010:137 ] freetype2 security (Jul 19)
[ MDVSA-2010:135 ] ghostscript security (Jul 16)
[ MDVSA-2010:134 ] ghostscript security (Jul 16)
[ MDVSA-2010:141 ] samba security (Jul 27)
[ MDVSA-2010:133 ] libpng security (Jul 16)
[ MDVSA-2010:131 ] iscsitarget security (Jul 13)
[ MDVSA-2010:138 ] iputils security (Jul 23)
[ MDVSA-2010:130 ] heimdal security (Jul 07)
[ MDVSA-2010:142 ] openldap security (Jul 29)
[ MDVSA-2010:129 ] heimdal security (Jul 07)
[ MDVSA-2010:132 ] python security (Jul 15)
[ MDVSA-2010:140 ] php security (Jul 27)
[ MDVSA-2010:136 ] ghostscript security (Jul 16)
Security_Alert
ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability Security_Alert (Jul 30)
ESA-2010-011: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSAR Federated Identity Manager Security_Alert (Jul 21)
security-alert
[security bulletin] HPSBTU02453 SSRT091037 rev.1 - HP Tru64 UNIX BIND Server, Denial of Service (DoS) security-alert (Jul 13)
[security bulletin] HPSBMA02548 SSRT100126 rev.1 - HP Insight Orchestration for Windows, Remote Unauthorized Access security-alert (Jul 13)
[security bulletin] HPSBMA02558 SSRT100158 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Jul 21)
[security bulletin] HPSBMA02439 SSRT080082 rev.3 - HP OpenView SNMP Emanate Master Agent Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert (Jul 15)
[security bulletin] HPSBUX02450 SSRT090141 rev1 - HP-UX ttrace(2), Local Denial of Service (DoS) security-alert (Jul 13)
[security bulletin] HPSBMA02551 SSRT100065 rev.2 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS) security-alert (Jul 21)
[security bulletin] HPSBMA02551 SSRT100165 rev.1 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS) security-alert (Jul 13)
[security bulletin] HPSBMA02549 SSRT090158 rev.1 - HP Insight Control Power Management for Windows, Local Unauthorized Access to Data, Denial of Service (DoS) security-alert (Jul 13)
[security bulletin] HPSBMA02550 SSRT100170 rev.2 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF) security-alert (Jul 15)
[security bulletin] HPSBMA02554 SSRT100018 rev.2 - HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote Denial of Service (DoS), Remote Unauthorized Access security-alert (Jul 15)
[security bulletin] HPSBMA02553 SSRT100184 rev.1 - HP Insight Control Server Migration for Windows, Local and Remote Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS) security-alert (Jul 13)
[security bulletin] HPSBUX02556 SSRT100014 rev.2 - HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code security-alert (Jul 29)
[security bulletin] HPSBMA02547 SSRT100179 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert (Jul 13)
[security bulletin] HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 13)
[security bulletin] HPSBMA02549 SSRT090158 rev.2 - HP Insight Control Power Management for Windows, Local Unauthorized Read Access to Data security-alert (Jul 28)
[security bulletin] HPSBUX02556 SSRT100014 rev.1 - HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code security-alert (Jul 15)
[security bulletin] HPSBOV02539 SSRT090267 rev.1 - HP OpenVMS Auditing, Local Information Disclosure, Elevation of Privilege, Denial of Service (DoS) security-alert (Jul 13)
[security bulletin] HPSBMA02425 SSRT080091 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Jul 20)
[security bulletin] HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Jul 21)
[security bulletin] HPSBMA02557 SSRT100025 rev.1- HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code security-alert (Jul 21)
[security bulletin] HPSBMA02555 SSRT100064 rev.1 - HP Client Automation Enterprise Infrastructure (Radia) Remote Disclosure of Information security-alert (Jul 13)
[security bulletin] HPSBMA02550 SSRT100170 rev.1 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF) security-alert (Jul 13)
security curmudgeon
Re: Cherokee Web Server 0.5.3 Multiple Vulnerabilities security curmudgeon (Jul 02)
Re: SQL injection vulnerability in WebDB security curmudgeon (Jul 06)
Re: SQL injection vulnerability in TomatoCMS security curmudgeon (Jul 06)
Re: XSS vulnerability in PortalApp security curmudgeon (Jul 06)
sh4v
XSS holes dotDefender sh4v (Jul 12)
Shreyas Zare
Re: Internet Explorer 8.0 Address Bar Spoofing Vulnerability Shreyas Zare (Jul 26)
spider
Foofus.net Security Advisory: Symantec AMS Intel Alert Handler service Design Flaw spider (Jul 26)
Thijs Kinkhorst
[SECURITY] [DSA 2073-1] New mlmmj packages fix directory traversal Thijs Kinkhorst (Jul 21)
thomas
cPanel XSS Vulnerability thomas (Jul 15)
Tobias Glemser
OWASP Appsec Germany Call for Papers Tobias Glemser (Jul 15)
Tom Ritter
Microsoft ClickOnce MITM Vulnerabilities Tom Ritter (Jul 19)
VMware Security Team
VMSA-2010-0011 VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0. VMware Security Team (Jul 13)
VMSA-2010-0012 VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities VMware Security Team (Jul 19)
VSR Advisories
VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities VSR Advisories (Jul 02)
CVE-2010-2375: WebLogic Plugin HTTP Injection via Encoded URLs VSR Advisories (Jul 15)
VUPEN Security Research
VUPEN Security Research - HP OpenView Network Node Manager "nnmrptconfig.exe" Buffer Overflow (CVE-2010-2703) VUPEN Security Research (Jul 21)
VUPEN Security Research - HP OpenView Network Node Manager "ov.dll" Buffer Overflow Vulnerability (CVE-2010-2704) VUPEN Security Research (Jul 21)
VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities VUPEN Security Research (Jul 13)
VUPEN Web Security
Zoph Multiple Parameter Cross Site Scripting Vulnerabilities VUPEN Web Security (Jul 02)
yuval . lerner
Re: SAP's web module OLK SQL Injection vulnerability yuval . lerner (Jul 02)
ZDI Disclosures
TPTI-10-04: Oracle Secure Backup Scheduler Service Remote Code Execution Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities ZDI Disclosures (Jul 21)
ZDI-10-117: Microsoft Office Access AccWizObjects ActiveX Control Uninitialized Imports Remote Code Execution Vulnerability ZDI Disclosures (Jul 13)
ZDI-10-126: Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability ZDI Disclosures (Jul 16)
ZDI-10-121: Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-118: Oracle Secure Backup Administration uname Authentication Bypass Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-10-119: Oracle Secure Backup Administration $other Variable Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-120: Oracle Secure Backup Administration objectname Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-132: Mozilla Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-10-122: Oracle Secure Backup Administration Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-10-131: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-10-129: Novell Netware Groupwise Internet Gateway Remote Code Execution Vulnerability ZDI Disclosures (Jul 16)
ZDI-10-128: Ipswitch Imail Server Queuemgr Format String Remote Code Execution Vulnerability ZDI Disclosures (Jul 16)
ZDI-10-125: IBM SolidDB solid.exe Handshake Request Username Field Remote Code Execution Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability ZDI Disclosures (Jul 22)
ZDI-10-123: Oracle Secure Backup Administration Authentication Bypass Vulnerability ZDI Disclosures (Jul 15)
ZDI-10-124: Oracle Secure Backup Web Interface Various Post-Auth Command Injection Remote Code Execution Vulnerabilities ZDI Disclosures (Jul 15)
ZDI-10-137: Hewlett-Packard OpenView NNM webappmon.exe execvp_nc Remote Code Execution Vulnerability ZDI Disclosures (Jul 22)
ZDI-10-127: Ipswitch Imail Server Mailing List Remote Code Execution Vulnerability ZDI Disclosures (Jul 16)