Bugtraq: by thread
218 messages
starting Oct 03 11 and
ending Oct 31 11
Date index |
Thread index |
Author index
- Elastix PBX Extensions Enumeration Bassem Ammar (Oct 03)
- [ MDVSA-2011:139 ] firefox security (Oct 03)
- [ MDVSA-2011:140 ] mozilla-thunderbird security (Oct 03)
- [ MDVSA-2011:141 ] firefox security (Oct 03)
- [ MDVSA-2011:142 ] mozilla-thunderbird security (Oct 03)
- SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability research () vulnerability-lab com (Oct 03)
- Netvolution referer header SQL injection vulnerability Dimitris Glynos (Oct 03)
- Vulnerabilities in Cytel Studio 9 Luigi Auriemma (Oct 03)
- Vulnerabilities in GenStat 14.1.0.5943 Luigi Auriemma (Oct 03)
- DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal ddivulnalert (Oct 03)
- Phorum 5.2.18 Cross-site scripting vulnerability sschurtz (Oct 03)
- DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval ddivulnalert (Oct 03)
- [SECURITY] [DSA 2314-1] puppet security update Nico Golde (Oct 03)
- vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Oct 04)
- Multiple vulnerabilities in SonicWall hvazquez (Oct 04)
- New open source Security Framework noreply (Oct 04)
- FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED] FreeBSD Security Advisories (Oct 05)
- VMSA-2011-0011 VMware hosted products address remote code execution vulnerability VMware Security Team (Oct 05)
- vTiger CRM 5.2.x <= Remote Code Execution Vulnerability YGN Ethical Hacker Group (Oct 05)
- <Possible follow-ups>
- Re: vTiger CRM 5.2.x <= Remote Code Execution Vulnerability Steven Nuhn (Oct 06)
- vTiger CRM 5.2.x <= Blind SQL Injection Vulnerability YGN Ethical Hacker Group (Oct 05)
- Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability Secunia Research (Oct 05)
- [SECURITY] [DSA 2315-1] openoffice.org security update Giuseppe Iuculano (Oct 05)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Cisco Systems Product Security Incident Response Team (Oct 06)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Cisco Systems Product Security Incident Response Team (Oct 06)
- Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager Cisco Systems Product Security Incident Response Team (Oct 06)
- [SECURITY] [DSA 2316-1] quagga security update Florian Weimer (Oct 06)
- [ MDVSA-2011:143 ] rpm security (Oct 06)
- [SECURITY] [DSA 2317-1] icedove security update Moritz Muehlenhoff (Oct 06)
- Active CMS 1.2.0 'mod' Cross-site Scripting Vulnerability sschurtz (Oct 06)
- [SECURITY] [DSA 2318-1] cyrus-imapd-2.2 security update Nico Golde (Oct 07)
- Secunia Research: Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability Secunia Research (Oct 07)
- Secunia Research: Autonomy Keyview Ichitaro Text Parsing Buffer Overflow Secunia Research (Oct 07)
- Secunia Research: Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability Secunia Research (Oct 07)
- VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability VUPEN Security Research (Oct 07)
- VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability VUPEN Security Research (Oct 07)
- Medium severity flaw with Ark Tim Brown (Oct 07)
- Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM Tim Brown (Oct 07)
- ABUS TVIP 11550/21550 Multiple vulnerabilities (and possibly other ABUS cams) Marco van Berkum (Oct 11)
- Contao 2.10.1 Cross-site scripting vulnerability sschurtz (Oct 11)
- SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities sschurtz (Oct 11)
- Re: SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities Henri Salo (Oct 12)
- [ MDVSA-2011:144 ] apache security (Oct 11)
- [SECURITY] [DSA 2319-1] policykit-1 security update Thijs Kinkhorst (Oct 11)
- [SECURITY] [DSA 2320-1] dokuwiki regression fix Thijs Kinkhorst (Oct 11)
- openEngine 2.0 'key' Blind SQL Injection vulnerability sschurtz (Oct 11)
- KaiBB 2.0.1 XSS and SQL Injection vulnerabilities sschurtz (Oct 11)
- [ GLSA 201110-01 ] OpenSSL: Multiple vulnerabilities Tobias Heinlein (Oct 11)
- [ MDVSA-2011:131-1 ] libxml security (Oct 11)
- [ MDVSA-2011:145 ] libxml2 security (Oct 11)
- NGS00062 Technical Advisory: Apple OSX / iPhone ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow Research@NGSSecure (Oct 11)
- [Announcement] ClubHack Mag Issue 21- October 2011 Released abhijeet (Oct 11)
- [ MDVSA-2011:146 ] cups security (Oct 11)
- [ MDVSA-2011:147 ] cups security (Oct 11)
- [SECURITY] [DSA 2321-1] moin security update Moritz Muehlenhoff (Oct 11)
- [SECURITY] [DSA 2322-1] bugzilla security update Jonathan Wiltshire (Oct 11)
- [security bulletin] HPSBMU02710 SSRT100601 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access security-alert (Oct 11)
- [ GLSA 201110-03 ] Stefan Behte (Oct 11)
- [ GLSA 201110-04 ] Stefan Behte (Oct 11)
- [ GLSA 201110-05 ] GnuTLS: Multiple vulnerabilities Tobias Heinlein (Oct 11)
- [ GLSA 201110-07 ] vsftpd: Denial of Service Tobias Heinlein (Oct 11)
- Related POC for JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities admin (Oct 11)
- ZOHO ManageEngine ADSelfService Plus Administrative Access roberto . paleari (Oct 11)
- [ GLSA 201110-06 ] PHP: Multiple vulnerabilities Tobias Heinlein (Oct 11)
- APPLE-SA-2011-10-11-1 iTunes 10.5 Apple Product Security (Oct 11)
- [ MDVSA-2011:148 ] samba security (Oct 12)
- Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364) Adi Sharabani (Oct 12)
- LedgerSMB 1.3.0 released, includes anti-XSRF framework Chris Travers (Oct 12)
- Multiple vulnerabilities in BugFree advisory (Oct 12)
- Multiple vulnerabilities in Pretty Link WordPress Plugin advisory (Oct 12)
- AppSec DC 2012 CFP is OPEN! AppSec DC (Oct 12)
- CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption CORE Security Technologies Advisories (Oct 12)
- APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4 Apple Product Security (Oct 12)
- APPLE-SA-2011-10-12-1 iOS 5 Software Update Apple Product Security (Oct 12)
- APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006 Apple Product Security (Oct 12)
- APPLE-SA-2011-10-12-5 Pages for iOS v1.5 Apple Product Security (Oct 12)
- APPLE-SA-2011-10-12-6 Numbers for iOS v1.5 Apple Product Security (Oct 12)
- iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability labs-no-reply (Oct 12)
- APPLE-SA-2011-10-12-4 Safari 5.1.1 Apple Product Security (Oct 12)
- Two Remote Code Execution Vulnerabilities in Internet Explorer Ivan Fratric (Oct 13)
- VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console VMware Security Team (Oct 13)
- SEC Consult SA-20111012-0 :: Client-side remote file upload & command execution in Microsoft Forefront UAG Remote Access Agent (CVE-2011-1969) SEC Consult Vulnerability Lab (Oct 13)
- Security-Assessment.com Advisory: Destination Search Admin Console Access Control Bypass Drew Calcott (Oct 13)
- Multiple G-WAN vulnerabilities Fredrik Widlund (Oct 13)
- iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability labs-no-reply (Oct 13)
- iDefense Security Advisory 10.12.11: Apple Mobile OfficeImport Framework Word Document Parsing Memory Corruption Vulnerability labs-no-reply (Oct 13)
- [ GLSA 201110-08 ] feh: Multiple vulnerabilities Stefan Behte (Oct 14)
- [ GLSA 201110-09 ] Conky: Privilege escalation Stefan Behte (Oct 14)
- [ GLSA 201110-10 ] Wget: User-assisted file creation or overwrite Tim Sammut (Oct 14)
- [ GLSA 201110-11 ] Adobe Flash Player: Multiple vulnerabilities Tim Sammut (Oct 14)
- DC4420 - London DEFCON - October meet - Tuesday October 18th 2011 Major Malfunction (Oct 14)
- [PTResearch] SAP DIAG Decompress plugin for Wireshark noreply (Oct 14)
- [ MDVSA-2011:149 ] cyrus-imapd security (Oct 17)
- [slackware-security] httpd (SSA:2011-284-01) Slackware Security Team (Oct 17)
- [ GLSA 201110-12 ] Unbound: Denial of Service Tobias Heinlein (Oct 17)
- ZDI-11-287 : Internet Explorer Select Element Cache Remote Code Execution Vulnerability ZDI Disclosures (Oct 17)
- [ MDVSA-2011:150 ] squid security (Oct 17)
- [ MDVSA-2011:151 ] libpng security (Oct 17)
- Re: [Full-disclosure] Breaking the links: Exploiting the linker Tim Brown (Oct 17)
- foofus.net Security Advisory - Toshiba eStudio Multifunction Printer Authentication Bypass percx (Oct 17)
- DAEMON Tools IOCTL local denial-of-service vulnerability tanda (Oct 17)
- WordPress Plugin BackWPUp 2.1.4 - Security Advisory - SOS-11-012 Lists (Oct 17)
- [Announcement] ClubHack Magazine - Call for Articles abhijeet (Oct 17)
- [ MDVSA-2011:152 ] ncompress security (Oct 17)
- [ MDVSA-2011:153 ] libxfont security (Oct 17)
- [ MDVSA-2011:154 ] systemtap security (Oct 17)
- ZDI-11-288 : Microsoft Internet Explorer Select Element Insufficient,Type Checking Remote Code Execution Vulnerability ZDI Disclosures (Oct 17)
- ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code,Execution Vulnerability ZDI Disclosures (Oct 17)
- ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability ZDI Disclosures (Oct 17)
- AST-2011-012: Remote crash vulnerability in SIP channel driver Asterisk Security Team (Oct 17)
- [ MDVSA-2011:155 ] systemtap security (Oct 17)
- [PT-2011-14] SQL injection vulnerability in BoonEx Dolphin noreply (Oct 18)
- Site@School 2.4.10 SQL Injection & XSS vulnerabilities sschurtz (Oct 18)
- Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection n0b0d13s (Oct 18)
- [ MDVSA-2011:156 ] tomcat5 security (Oct 18)
- MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529] Tom Yu (Oct 20)
- [ GLSA 201110-13 ] Tor: Multiple vulnerabilities Tim Sammut (Oct 20)
- ZDI-11-295 : Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerability ZDI Disclosures (Oct 20)
- Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities Cisco Systems Product Security Incident Response Team (Oct 20)
- Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Oct 20)
- Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities sschurtz (Oct 20)
- [security bulletin] HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure security-alert (Oct 20)
- DNS Poisoning via Port Exhaustion Roee Hay (Oct 20)
- Multiple vulnerabilities in Tine 2.0 advisory (Oct 20)
- [security bulletin] HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote Execution of Arbitrary Code security-alert (Oct 20)
- Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow Vulnerability nospam (Oct 20)
- OCS Inventory NG 2.0.1 Persistent XSS (CVE-2011-4024) Nicolas DEROUET (Oct 20)
- GotRoot Security Challenge Ivan Buetler (Oct 20)
- [SECURITY] [DSA 2324-1] wireshark security update Moritz Muehlenhoff (Oct 20)
- Metasploit 4.1.0 Web UI stored XSS vulnerability sschurtz (Oct 21)
- [ MDVSA-2011:157 ] freetype2 security (Oct 21)
- VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after-free Vulnerability VUPEN Security Research (Oct 21)
- inCommand Technologies, Inc. Cross-site Scripting Vulnerability md . r00t . defacer (Oct 21)
- [ MDVSA-2011:158 ] phpmyadmin security (Oct 21)
- TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN function) Shatter (Oct 21)
- TeamSHATTER Security Advisory: Database Vault Account Management Vulnerabilites Shatter (Oct 21)
- TeamSHATTER Security Advisory: SQL Injection Vulnerability in Oracle DROP INDEX for spatial datatypes Shatter (Oct 21)
- [ GLSA 201110-14 ] D-Bus: Multiple vulnerabilities Stefan Behte (Oct 24)
- [ GLSA 201110-15 ] GnuPG: User-assisted execution of arbitrary code Tim Sammut (Oct 24)
- [ GLSA 201110-16 ] Cyrus IMAP Server: Multiple vulnerabilities Tim Sammut (Oct 24)
- [ GLSA 201110-17 ] Avahi: Denial of Service Tobias Heinlein (Oct 24)
- [ GLSA 201110-18 ] rgmanager: Privilege escalation Tobias Heinlein (Oct 24)
- [ MDVSA-2011:159 ] krb5 security (Oct 24)
- [ MDVSA-2011:160 ] krb5 security (Oct 24)
- [ GLSA 201110-20 ] Clam AntiVirus: Multiple vulnerabilities Tim Sammut (Oct 24)
- [SECURITY] [DSA 2325-1] kfreebsd-8 security update Aurelien Jarno (Oct 24)
- [SECURITY] [DSA 2326-1] pam security update Moritz Muehlenhoff (Oct 24)
- [CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues. 0x9950 (Oct 24)
- RE: [CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues. Paul Oxman (poxman) (Oct 28)
- jara 1.6 sql injection vulnerability muuratsalo experimental hack lab (Oct 24)
- Re: jara 1.6 sql injection vulnerability Henri Salo (Oct 25)
- Re: jara 1.6 sql injection vulnerability Henri Salo (Oct 28)
- phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit n0b0d13s (Oct 24)
- TC-SA-2011-01: Multiple vulnerabilities in OmniTouch Instant Communication Suite Tobias Glemser (Oct 24)
- [SECURITY] [DSA 2327-1] libfcgi-perl security-update Nico Golde (Oct 25)
- [ GLSA 201110-21 ] Asterisk: Multiple vulnerabilities Tim Sammut (Oct 25)
- [ MDVSA-2011:161 ] postgresql security (Oct 25)
- [security bulletin] HPSBUX02700 SSRT100506 rev.2 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code security-alert (Oct 25)
- [SECURITY] [DSA 2328-1] freetype security update Moritz Muehlenhoff (Oct 25)
- zFtp Server <= 2011-04-13 | "STAT,CWD" Remote Denial of Service Vulnerability YGN Ethical Hacker Group (Oct 25)
- [ GLSA 201110-22 ] PostgreSQL: Multiple vulnerabilities Alex Legler (Oct 25)
- [ GLSA 201110-19 ] X.Org X Server: Multiple vulnerabilities Alex Legler (Oct 25)
- [ GLSA 201110-23 ] Apache mod_authnz_external: SQL injection Alex Legler (Oct 26)
- Path disclosure in SPIP advisory (Oct 26)
- [security bulletin] HPSBMU02714 SSRT100244 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information security-alert (Oct 26)
- Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability Cisco Systems Product Security Incident Response Team (Oct 26)
- Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras Cisco Systems Product Security Incident Response Team (Oct 26)
- Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability Cisco Systems Product Security Incident Response Team (Oct 26)
- Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Cisco Systems Product Security Incident Response Team (Oct 26)
- Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities Cisco Systems Product Security Incident Response Team (Oct 26)
- ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- ZDI-11-297 : Adobe Reader U3D PCX Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- ZDI-11-298 : Adobe Reader U3D IFF RGBA Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- ZDI-11-299 : Adobe Reader PICT Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- ZDI-11-300 : Adobe Reader U3D PICT 10h Encoding Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- ZDI-11-301 : Adobe Reader U3D PICT 0Eh Encoding Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability ZDI Disclosures (Oct 26)
- [SECURITY] [DSA 2329-1] torque security update Nico Golde (Oct 28)
- SANS AppSec 2012 CFP is Open SANS AppSec CFP (Oct 28)
- ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-310 : Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315] ddivulnalert (Oct 28)
- [ GLSA 201110-24 ] Squid: Multiple vulnerabilities Tim Sammut (Oct 28)
- [ GLSA 201110-25 ] Pure-FTPd: Multiple vulnerabilities Tim Sammut (Oct 28)
- [ GLSA 201110-26 ] libxml2: Multiple vulnerabilities Tim Sammut (Oct 28)
- APPLE-SA-2011-10-26-1 QuickTime 7.7.1 Apple Product Security (Oct 28)
- foofus.net security advisory - Toshiba eStudio Multifunction Printer Information Leakage percx (Oct 28)
- [SECURITY] [DSA 2330-1] simplesamlphp security update Thijs Kinkhorst (Oct 28)
- ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability ZDI Disclosures (Oct 28)
- [security bulletin] HPSBUX02719 SSRT100658 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Oct 28)
- [security bulletin] HPSBUX02715 SSRT100623 rev.2 - HP-UX Containers (SRP), Local Unauthorized Access and Increased Privileges security-alert (Oct 28)
- VMSA-2011-0013 VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX VMware Security Response Team (Oct 28)
- [PT-2011-20] Authorization bypass vulnerability in OneOrZero AIMS noreply (Oct 28)
- [PT-2011-21] SQL injection vulnerability in OneOrZero AIMS noreply (Oct 28)
- [PT-2011-29] Arbitrary file reading and arbitrary code execution in Router Manager for D-Link DIR-300 noreply (Oct 28)
- [PT-2011-30] Disclosure of sensitive information in D-Link DIR-300 Router noreply (Oct 28)
- [SECURITY] [DSA 2323-1] radvd security update Yves-Alexis Perez (Oct 28)
- [SECURITY] [DSA 2331-1] tor security update Moritz Muehlenhoff (Oct 28)
- eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities n0b0d13s (Oct 28)
- [security bulletin] HPSBUX02702 SSRT100606 rev.5 - HP-UX Apache Web Server, Remote Denial of Service (DoS) security-alert (Oct 31)
- [security bulletin] HPSBUX02707 SSRT100626 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS) security-alert (Oct 31)
- [SECURITY] [DSA 2332-1] python-django security update Thijs Kinkhorst (Oct 31)
- [SECURITY] [DSA 2333-1] phpldapadmin security update Jonathan Wiltshire (Oct 31)
- Apple's Mail.app mail of death Paul (Oct 31)
- PlotLineControl ActiveX Control "LinePutPoint" Integer Overflow demonalex (Oct 31)
- Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC (*.oce) nospam (Oct 31)
- YaTFTPSvr TFTP Server Directory Traversal Vulnerability demonalex (Oct 31)