Bugtraq: by thread
296 messages
starting Apr 01 11 and
ending Apr 29 11
Date index |
Thread index |
Author index
- BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload Tavis Ormandy (Apr 01)
- [security bulletin] HPSBMA02650 SSRT100429 rev.1 - HP Operations for UNIX, Remote Cross Site Scripting (XSS), Unauthorized Access security-alert (Apr 01)
- [ MDVSA-2011:058 ] quagga security (Apr 01)
- iDefense Security Advisory 03.31.10: RealNetworks Helix DNA Server RTSP Stack Buffer Overflow labs-no-reply (Apr 01)
- [ MDVSA-2011:057 ] apache security (Apr 01)
- Microsoft VISTA TCP/IP heap buffer underflow J. Oquendo (Apr 01)
- RE: [Full-disclosure] Microsoft VISTA TCP/IP heap buffer underflow Thor (Hammer of God) (Apr 01)
- 6-year FreeBSD-SA-05:02.sendfile exploit Solar Designer (Apr 01)
- [ MDVSA-2011:059 ] ffmpeg security (Apr 01)
- [security bulletin] HPSBUX02645 SSRT100387 rev.1 - HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS) security-alert (Apr 01)
- [security bulletin] HPSBUX02646 SSRT100396 rev.1 - HP-UX, Local Denial of Service (DoS) security-alert (Apr 01)
- [security bulletin] HPSBUX02639 SSRT100293 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) security-alert (Apr 01)
- AR Web Content Manager (AWCM) Cross-Site scripting Vulnerability SecPod Research (Apr 01)
- Flag this message Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit ^Xecuti0N3r (Apr 01)
- Movie Player v4.82 0Day Buffer overflow/DOS Exploit ^Xecuti0N3r (Apr 01)
- [ MDVSA-2011:060 ] ffmpeg security (Apr 04)
- Re: RFI in JAF CMS security curmudgeon (Apr 04)
- XCon 2011 XFocus Information Security Conference Call for Paper xcon (Apr 04)
- [SECURITY] [DSA 2210-1] tiff security update Thijs Kinkhorst (Apr 04)
- Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang) mike (Apr 04)
- [ MDVSA-2011:061 ] ffmpeg security (Apr 04)
- [ MDVSA-2011:062 ] ffmpeg security (Apr 04)
- [ MDVSA-2011:063 ] xmlsec1 security (Apr 04)
- [SECURITY] [DSA 2209-1] tgt security update Moritz Muehlenhoff (Apr 04)
- ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability ZDI Disclosures (Apr 04)
- THOMSON Router XSS edgard . chammas (Apr 04)
- <Possible follow-ups>
- RE: THOMSON Router XSS Auffret Patrice (Apr 15)
- Xymon monitor cross-site scripting vulnerabilities Henrik Størner (Apr 04)
- Re: Xymon monitor cross-site scripting vulnerabilities Henri Salo (Apr 04)
- DC4420 - London DEFCON - April meet - Wednesday 22nd April 2011 Major Malfunction (Apr 04)
- Re: DC4420 - London DEFCON - April meet - Wednesday 20th April 2011 Adam Laurie (Apr 04)
- Re: DC4420 - London DEFCON - April meet - Wednesday 20th April 2011 Major Malfunction (Apr 18)
- [ MDVSA-2011:064 ] libtiff security (Apr 04)
- ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 04)
- RealNetworks RealGames StubbyUtil.ShellCtl.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution and Code Execution Vulnerabilities nospam (Apr 04)
- ZDI-11-041: (0day) Multiple Browser Node Processing Stack Overflow Vulnerability ZDI Disclosures (Apr 04)
- RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution Vulnerabilities nospam (Apr 04)
- [USN-1103-1] tex-common vulnerability Marc Deslauriers (Apr 04)
- [USN-1102-1] tiff vulnerability Marc Deslauriers (Apr 04)
- [USN-1104-1] FFmpeg vulnerabilities Marc Deslauriers (Apr 04)
- HTB22914: Local File Inclusion in UseBB advisory (Apr 05)
- HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB advisory (Apr 05)
- HTB22912: Multiple SQL Injections in Eleanor CMS advisory (Apr 05)
- HTB22911: XSS in Eleanor CMS advisory (Apr 05)
- [security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Apr 05)
- StartSite.ir Cross-site Scripting Vulnerability md . r00t . defacer (Apr 05)
- [ MDVSA-2011:065 ] logrotate security (Apr 05)
- Re: XSS in CompactCMS security curmudgeon (Apr 06)
- Re: [eVuln.com] Cookie Auth Bypass in Hot Links SQL security curmudgeon (Apr 06)
- [USN-1105-1] Linux kernel vulnerabilities Kees Cook (Apr 06)
- [ MDVSA-2011:066 ] rsync security (Apr 06)
- XSS Vulnerability in Redmine 1.0.1 to 1.1.1 Netsparker Advisories (Apr 06)
- Re: AWCM v2.2 Auth Bypass Vulnerabilities security curmudgeon (Apr 06)
- ICMPv6 Router Announcement flooding denial of service affecting multiple systems Marc Heuse (Apr 06)
- Re: Multiple vulnerabilities in chCounter <= 3.1.3 security curmudgeon (Apr 06)
- [SECURITY] CVE-2011-1475 Apache Tomcat information disclosure Mark Thomas (Apr 06)
- [SECURITY] CVE-2011-1183 Apache Tomcat security constraint bypass Mark Thomas (Apr 06)
- Sonexis ConferenceManager SQL Injection robkraus (Apr 06)
- [USN-1107-1] x11-xserver-utils vulnerability Marc Deslauriers (Apr 06)
- [USN-1106-1] NSS vulnerabilities Micah Gersten (Apr 06)
- Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities robkraus (Apr 06)
- [SECURITY] [DSA 2211-1] vlc security update Moritz Muehlenhoff (Apr 07)
- SEC Consult SA-20110407-0 :: Libmodplug ReadS3M Stack Overflow SEC Consult Vulnerability Lab (Apr 07)
- HTB22921: SQL Injection in Viscacha advisory (Apr 07)
- HTB22919: Multiple XSS in Viscacha advisory (Apr 07)
- HTB22915: Path disclosure in Joomla advisory (Apr 07)
- HTB22920: Path disclosure in Viscacha advisory (Apr 07)
- HTB22918: Path disclosure in phpCollab advisory (Apr 07)
- HTB22917: XSS vulnerabilities in phpCollab advisory (Apr 07)
- HTB22916: XSRF (CSRF) in phpCollab advisory (Apr 07)
- O2 classic router: persistent cross site scripting (XSS) and cross site request forgery (CSRF) Hanno Böck (Apr 08)
- phplist: cross site request forgery (CSRF), CVE-2011-0748 Hanno Böck (Apr 08)
- [SECURITY] [DSA 2212-1] tmux security update Nico Golde (Apr 08)
- XSS Vulnerabilities in 1024cms Admin Control Panel v1.1.0 Beta by_argos (Apr 08)
- LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) by_argos (Apr 08)
- Directory Traversal Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) by_argos (Apr 08)
- XSS Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) by_argos (Apr 08)
- LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) by_argos (Apr 08)
- [ MDVSA-2011:069 ] php security (Apr 08)
- [ MDVSA-2011:070 ] gdm security (Apr 08)
- [ MDVSA-2011:071 ] kdelibs4 security (Apr 08)
- [ MDVSA-2011:072 ] gwenhywfar security (Apr 08)
- joomlacontenteditor (com_jce) BLIND sql injection vulnerability eidelweiss (Apr 08)
- Re: joomlacontenteditor (com_jce) BLIND sql injection vulnerability Stephen Brandon (Apr 13)
- [SECURITY] [DSA 2213-1] x11-xserver-utils security update Nico Golde (Apr 11)
- [SECURITY] [DSA 2214-1] ikiwiki security update Nico Golde (Apr 11)
- Re: XSRF (CSRF) in Wolf CMS security curmudgeon (Apr 11)
- Arbitary File Upload Vulnerability in Elxis CMS component eForum v1.1 by_argos (Apr 11)
- [SECURITY] [DSA 2215-1] gitolite security update Nico Golde (Apr 11)
- WOOT '11 Call for Papers (reminder) Michal Zalewski (Apr 11)
- [Tool] sqlmap 0.9 released Miroslav Stampar (Apr 11)
- [SECURITY] [DSA 2216-1] isc-dhcp security update Nico Golde (Apr 11)
- Linksys WRT54G - read router password from file placed on FTP rafdw (Apr 11)
- ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability ZDI Disclosures (Apr 11)
- <Possible follow-ups>
- Re: ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability nospam (Apr 14)
- [ MDVSA-2011:073 ] dhcp security (Apr 11)
- [SECURITY] [DSA 2217-1] dhcp3 security update Nico Golde (Apr 11)
- Vulnerabilities in Microsoft Reader and HIS Luigi Auriemma (Apr 11)
- ZDI-11-118: Novell ZENworks Asset Management Path Traversal File Overwrite Remote Code Execution Vulnerability ZDI Disclosures (Apr 11)
- rPSA-2011-0013-1 openssl openssl-scripts rPath Update Announcements (Apr 11)
- Passwords^11 - Call for Papers ending April 17! Per Thorsheim (Apr 11)
- rPSA-2011-0014-1 httpd mod_ssl rPath Update Announcements (Apr 11)
- [USN-1108-1] DHCP vulnerability Marc Deslauriers (Apr 12)
- Medium severity flaw in Konqueror Tim Brown (Apr 12)
- Re: [Full-disclosure] Medium severity flaw in Konqueror Vincent Danen (Apr 12)
- Re: [Full-disclosure] Medium severity flaw in Konqueror Tim Brown (Apr 12)
- Re: [Full-disclosure] Medium severity flaw in Konqueror Vincent Danen (Apr 12)
- CFP for BugCON 2011 @ Mexico City Carlos A. Lozano (Apr 12)
- HTB22927: CSRF (Cross-Site Request Forgery) in Webjaxe advisory (Apr 12)
- HTB22930: Multiple XSS in WebCalendar advisory (Apr 12)
- [SECURITY] [DSA 2218-1] vlc security update Nico Golde (Apr 12)
- HTB22926: XSS vulnerability in Plogger advisory (Apr 12)
- HTB22925: Path disclosure in Plogger advisory (Apr 12)
- Stack overflow in Microsoft HTML Help 6.1 (CHM files) Luigi Auriemma (Apr 12)
- HTB22929: Multiple Path disclosure in WebsiteBaker advisory (Apr 12)
- [security bulletin] HPSBPI02656 SSRT090262 rev.1 - Certain HP Photosmart Printers, Remote Unauthorized Access, Cross Site Scripting (XSS) security-alert (Apr 12)
- [IMF 2011] Call for Participation Oliver Goebel (Apr 12)
- HTB22928: Multiple SQL Injections in WebsiteBaker advisory (Apr 12)
- ZDI-11-119: (Pwn2Own) Microsoft Internet Explorer onPropertyChange Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- ZDI-11-120: Microsoft Office Excel RealTimeData Record Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- Announcing TakeDownCon Dallas - May 14-19 - Dallas, TX EC-Council USA (Apr 13)
- ZDI-11-121: Microsoft Office XP Data Validation Record Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- ZDI-11-122: RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- ZDI-11-124: Microsoft PowerPoint TimeColorBehaviorContainer Floating Point Record Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- ZDI-11-123: Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- nSense-2011-001: VeryPDF pdf2tif Henri Lindberg (Apr 13)
- [security bulletin] HPSBUX02655 SSRT100353 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Apr 13)
- [security bulletin] HPSBUX02653 SSRT100310 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS) security-alert (Apr 13)
- VUPEN Security Research - Microsoft Windows GDI+ Size Handling Integer Overflow Vulnerability VUPEN Security Research (Apr 13)
- iDefense Security Advisory 04.12.11: Microsoft Excel Memory Corruption Vulnerability labs-no-reply (Apr 13)
- [security bulletin] HPSBMA02643 SSRT100416 rev.2 - HP Network Node Manager i (NNMi), Local Unauthorized Read Access to Files, Remote Cross Site Scripting (XSS) security-alert (Apr 13)
- iDefense Security Advisory 04.12.11: Microsoft Internet Explorer Use-After-Free Memory Corruption Vulnerability labs-no-reply (Apr 13)
- [USN-1109-1] GIMP vulnerabilities Marc Deslauriers (Apr 13)
- [PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel Timo Warns (Apr 13)
- ZDI-11-125: Microsoft Office PowerPoint PersistDirectoryEntry Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
- [ MDVSA-2011:074 ] qt4 security (Apr 13)
- VUPEN Security Research - Microsoft Office MSO Size Handling Integer Overflow Vulnerability VUPEN Security Research (Apr 13)
- [DCA-2011-0010] TOTVS Microsiga Protheus ERP - Memory Corruption Flavio do Carmo Junior aka waKKu (Apr 13)
- [security bulletin] HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) security-alert (Apr 13)
- Microsoft Patches Binary Planting Issues In Various Vendors' Products ACROS Security Lists (Apr 13)
- MITKRB5-SA-2011-004 kadmind invalid pointer free() [CVE-2011-0285] Tom Yu (Apr 13)
- ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-128: CA Total Defense Suite UnassignFunctionalUsers Stored Procedure SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-127: CA Total Defense Suite UNCWS Web Service getDBConfigSettings Credential Disclosure Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-129: CA Total Defense Suite UnassignAdminRoles Stored Procedure SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-130: CA Total Defense Suite UNC Management Console DeleteFilter SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-131: CA Total Defense Suite NonAssignedUserList Stored Procedure SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- CA20110413-01: Security Notice for CA Total Defense Kotas, Kevin J (Apr 14)
- ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability ZDI Disclosures (Apr 14)
- HTB22924: Arbitrary Command Execution in phpAlbum.net advisory (Apr 14)
- HTB22923: XSRF (CSRF) in phpAlbum.net advisory (Apr 14)
- HTB22922: XSS vulnerabilities in phpAlbum.net advisory (Apr 14)
- [security bulletin] HPSBMA02652 SSRT100432 rev.3 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Apr 14)
- The BodgeIt Store - another vulnerable web app psiinon (Apr 14)
- Recon 2011 - Accepted Talks , Training, Call For Papers Reminder - July 8 to 10, 2011 - Montreal, Quebec hfortier (Apr 14)
- [USN-1110-1] KDE-Libs vulnerabilities Jamie Strandboge (Apr 14)
- ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
- VUPEN Security Research - Microsoft Windows OpenType CFF Driver Stack Overflow Vulnerability (CVE-2011-0034) VUPEN Security Research (Apr 15)
- ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability ZDI Disclosures (Apr 15)
- VUPEN Security Research - Microsoft Office Excel Real Time Data Stack Overwrite Vulnerability (CVE-2011-0105) VUPEN Security Research (Apr 15)
- VUPEN Security Research - Microsoft Internet Explorer Property Change Memory Corruption (CVE-2011-1345) VUPEN Security Research (Apr 15)
- VUPEN Security Research - Apple Safari Text Nodes Remote Use-after-free Vulnerability (CVE-2011-1344) VUPEN Security Research (Apr 15)
- VUPEN Security Research - Microsoft Internet Explorer Layouts Use-after-free Vulnerability (CVE-2011-0094) VUPEN Security Research (Apr 15)
- Does anyone know how to contact OpenSSH non-public? Jann Horn (Apr 18)
- Re: Does anyone know how to contact OpenSSH non-public? Rico Secada (Apr 18)
- Announcement: ClubHACK Magazine Issue 15-April 2011 released abhijeet (Apr 18)
- [USN-1113-1] Postfix vulnerabilities Marc Deslauriers (Apr 18)
- ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability Security_Alert (Apr 18)
- ESA-2011-014: RSA, The Security Division of EMC, announces the release of Adaptive Authentication (On-Premise) Flash File Security Patch Security_Alert (Apr 18)
- cPassMan v1.82 Arbitrary File Download - SOS-11-004 Lists (Apr 18)
- HTB22932: Multiple XSS in webSPELL advisory (Apr 19)
- HTB22935: Multiple XSS in WP-StarsRateBox wordpress plugin advisory (Apr 19)
- [DCA-2011-0011] - Ocomon Multiple SQL Injection Crash (Apr 19)
- HTB22934: SQL Injection in WP-StarsRateBox wordpress plugin advisory (Apr 19)
- [Annoucement] CHMag Call for Articles abhijeet (Apr 19)
- HTB22940: XSS in SocialGrid wordpress plugin advisory (Apr 19)
- HTB22941: CSRF (Cross-Site Request Forgery) in Dalbum advisory (Apr 19)
- HTB22939: Multiple SQL Injection in Universal Post Manager wordpress plugin advisory (Apr 19)
- HTB22933: Multiple Path disclosure in webSPELL advisory (Apr 19)
- ZDI-11-136: IBM Tivoli Directory Server ibmslapd.exe SASL Bind Request Remote Code Execution Vulnerability ZDI Disclosures (Apr 19)
- [SECURITY] [DSA 2219-1] xmlsec1 security update Thijs Kinkhorst (Apr 19)
- [USN-1114-1] KDENetwork vulnerability Jamie Strandboge (Apr 19)
- [security bulletin] HPSBMA02659 SSRT100440 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert (Apr 19)
- Windows Synchronization Object Vulnerabilites in Antivirus Suites Lists (Apr 19)
- HTB22931: XSS vulnerability in InTerra Blog Machine advisory (Apr 19)
- HTB22943: XSS in Dalbum advisory (Apr 19)
- HTB22937: Path disclosure in Universal Post Manager wordpress plugin advisory (Apr 19)
- Re: SQL Injection in LightNEasy security curmudgeon (Apr 19)
- <Possible follow-ups>
- Re: SQL Injection in LightNEasy security curmudgeon (Apr 19)
- HTB22942: Path disclousure in Dalbum advisory (Apr 19)
- HTB22938: Multiple XSS in Universal Post Manager wordpress plugin advisory (Apr 19)
- [security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS) security-alert (Apr 20)
- [security bulletin] HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure security-alert (Apr 20)
- [USN-1118-1] OpenSLP vulnerability Marc Deslauriers (Apr 20)
- ZDI-11-138: Webkit Undefined DOM Prototype Attach Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
- [security bulletin] HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 20)
- [USN-1108-2] DHCP vulnerability Marc Deslauriers (Apr 20)
- [SECURITY] [DSA 2221-1] Mojolicious security update Moritz Muehlenhoff (Apr 20)
- ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
- ZDI-11-139: Webkit Anonymous Frame Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
- [security bulletin] HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 20)
- ZDI-11-140: Webkit Detached Body Element Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
- [USN-1115-1] language-selector vulnerability Kees Cook (Apr 20)
- [security bulletin] HPSBMA02660 SSRT100433 rev.1 - HP Performance Insight Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access to Sensitive Information security-alert (Apr 20)
- [USN-1116-1] Kerberos vulnerability Kees Cook (Apr 20)
- [SECURITY] [DSA 2220-1] Request Tracker security update Florian Weimer (Apr 20)
- [USN-1117-1] PolicyKit vulnerability Kees Cook (Apr 20)
- Directory Traversal Vulnerability in Viola DVR VIO-4/1000 by_argos (Apr 20)
- [ MDVSA-2011:075 ] kdelibs4 security (Apr 20)
- [SECURITY] [DSA 2222-1] tinyproxy security update Moritz Muehlenhoff (Apr 20)
- [SECURITY] [DSA 2223-1] doctrine security update Florian Weimer (Apr 20)
- [security bulletin] HPSBMA02664 SSRT100417 rev.1 - HP Insight Control Performance Management for Windows, Remote Privilege Elevation, Cross Site Request Forgery (CSRF) security-alert (Apr 21)
- [security bulletin] HPSBMA02665 SSRT100185 rev.1 - HP Virtual Server Environment for Windows, Remote Privilege Elevation security-alert (Apr 21)
- [SECURITY] [DSA 2224-1] openjdk-6 security update Florian Weimer (Apr 21)
- CA20110420-02: Security Notice for CA Output Management Web Viewer Williams, James K (Apr 21)
- [USN-1119-1] Linux kernel (OMAP4) vulnerabilities Kees Cook (Apr 21)
- CA20110420-01: Security Notice for CA SiteMinder Williams, James K (Apr 21)
- HTB22947: XSS in Ajax Category Dropdown wordpress plugin advisory (Apr 21)
- FreeBSD Security Advisory FreeBSD-SA-11:01.mountd FreeBSD Security Advisories (Apr 21)
- HTB22946: Multiple SQL Injection in Ajax Category Dropdown wordpress plugin advisory (Apr 21)
- HTB22945: Multiple XSS in ZENphoto advisory (Apr 21)
- Re: HTB22945: Multiple XSS in ZENphoto Christian Kujau (Apr 25)
- HTB22950: SQL injection in 4images advisory (Apr 21)
- HTB22949: Multiple Path disclousure in 4images advisory (Apr 21)
- HTB22944: Path disclousure in ZENphoto advisory (Apr 21)
- hack.lu 2011 CFP hack.lu 2011 information team (Apr 21)
- [USN-1120-1] tiff vulnerability Marc Deslauriers (Apr 21)
- [ MDVSA-2011:076 ] xrdb security (Apr 21)
- AST-2011-005: File Descriptor Resource Exhaustion Asterisk Security Team (Apr 25)
- [security bulletin] HPSBMA02667 SSRT100464 rev.1 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection security-alert (Apr 25)
- [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay Alexandr Polyakov (Apr 25)
- Re: [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay Vladimir '3APA3A' Dubrovin (Apr 26)
- [security bulletin] HPSBMA02666 SSRT100434 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Apr 25)
- [ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011) ACM CCS 2011 (Apr 25)
- [ MDVSA-2011:077 ] krb5 security (Apr 25)
- [ MDVSA-2011:078 ] libtiff security (Apr 25)
- XSS in Webmin 1.540 + exploit for privilege escalation Javier Bassi (Apr 25)
- AT-TFTP Server Remote Denial of Service Vulnerability SecPod Research (Apr 25)
- AST-2011-006: Asterisk Manager User Shell Access Asterisk Security Team (Apr 25)
- [TOOL RELEASE] T50 - an Experimental Mixed Packet Injector ( v5.3) Nelson Brito (Apr 25)
- HTB22957: XSRF (CSRF) in phpList advisory (Apr 26)
- HTB22954: Path disclousure in yappa-ng Photo Gallery advisory (Apr 26)
- HTB22951: XSS in WP-Ajax-Recent-Posts wordpress plugin advisory (Apr 26)
- HTB22956: XSS vulnerabilities in phpList advisory (Apr 26)
- HTB22948: Path disclosure in Cotonti advisory (Apr 26)
- HTB22952: XSS vulnerabilities in Noah's Classifieds advisory (Apr 26)
- HTB22953: XSS in Max's PHP Photo Album advisory (Apr 26)
- Re: SQL Injection in phpMySport security curmudgeon (Apr 26)
- HTB22955: Path disclosure in BuddyPress WordPress plugin advisory (Apr 26)
- [security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code security-alert (Apr 27)
- [SECURITY] [DSA 2225-1] asterisk security update Moritz Muehlenhoff (Apr 27)
- [SECURITY] [DSA 2226-1] libmodplug security update Moritz Muehlenhoff (Apr 27)
- CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server Kotas, Kevin J (Apr 27)
- [security bulletin] HPSBMA02667 SSRT100464 rev.2 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection security-alert (Apr 27)
- Re: Stored XSS vulnerability in diafan.CMS security curmudgeon (Apr 27)
- B-Sides Vienna | NinjaCon 11 Call For Participation astera (Apr 27)
- NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write Research@NGSSecure (Apr 27)
- [USN-1124-1] rsync vulnerability Marc Deslauriers (Apr 27)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager Cisco Systems Product Security Incident Response Team (Apr 27)
- Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Apr 27)
- [USN-1125-1] PCSC-Lite vulnerability Marc Deslauriers (Apr 28)
- HTB22958: XSS in phpGraphy advisory (Apr 28)
- HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy advisory (Apr 28)
- HTB22961: XSS in WP Photo Album wordpress plugin advisory (Apr 28)
- CFP: Hacktivity 2011, September 17-18, Budapest, Hungary jozsef . tiborcz (Apr 28)
- HTB22965: Multiple XSS vulnerabilities in BackupPC advisory (Apr 28)
- hashdays 2011 - Call for Papers (#days CFP) Hashdays CFP (Apr 28)
- HTB22960: XSS in Daily Maui Photo Widget wordpress plugin advisory (Apr 28)
- [Onapsis Security Advisory 2011-010] Oracle JD Edwards JDENET Remote Logging Deactivation Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-011] Oracle JD Edwards JDENET Buffer Overflow Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-012] Oracle JD Edwards JDENET Firewall Bypass Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-013] Oracle JD Edwards JDENET USRBROADCAST Denial of Service Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-005] SAP Enterprise Portal Path Disclosure Onapsis Research Labs (Apr 28)
- VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console VMware Security Team (Apr 28)
- [Onapsis Security Advisory 2011-006] Oracle JD Edwards JDENET Kernel Denial of Service Onapsis Research Labs (Apr 28)
- ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability ZDI Disclosures (Apr 28)
- [Onapsis Security Advisory 2011-008] Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-007] Oracle JD Edwards JDENET Kernel Shutdown Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-009] Oracle JD Edwards JDENET SawKernel Remote Password Disclosure Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-003] SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities Onapsis Research Labs (Apr 28)
- [Onapsis Security Advisory 2011-004] SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities Onapsis Research Labs (Apr 28)
- [security bulletin] HPSBMA02668 SSRT100474 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code security-alert (Apr 29)
- Re: HTB22827: File Content Disclosure in Wikipad security curmudgeon (Apr 29)
- ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention Security_Alert (Apr 29)
- ZDI-11-144: HP Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability ZDI Disclosures (Apr 29)
- ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
- [USN-1126-1] PHP vulnerabilities Steve Beattie (Apr 29)