Full Disclosure: by thread
236 messages
starting Nov 01 12 and
ending Nov 30 12
Date index |
Thread index |
Author index
- XSS, LFI and SQL Injection Vulnerabilities in Achievo Netsparker Advisories (Nov 01)
- Re: XSS, LFI and SQL Injection Vulnerabilities in Achievo Henri Salo (Nov 01)
- <Possible follow-ups>
- Re: XSS, LFI and SQL Injection Vulnerabilities in Achievo Vulnerability Lab (Nov 19)
- [SECURITY] [DSA 2570-1] openoffice.org security update Yves-Alexis Perez (Nov 01)
- Whonix ALPHA 0.4.5 - Anonymous Operating System released adrelanos (Nov 01)
- Re: [OT] How much a million facebook passwords would cost? Julius Kivimäki (Nov 01)
- <Possible follow-ups>
- Re: [OT] How much a million facebook passwords would cost? Gonzalo Brusella (Nov 01)
- Re: [OT] How much a million facebook passwords would cost? ramo (Nov 01)
- Re: [OT] How much a million facebook passwords would cost? Grandma Eubanks (Nov 01)
- Re: Is it OK to hold credit card numbers in cookies? Santander? Jann Horn (Nov 01)
- EasyPHP 12.1 - Remote code execution of any php/js on local PC auto59190641 (Nov 01)
- <Possible follow-ups>
- Re: EasyPHP 12.1 - Remote code execution of any php/js on local PC auto59190641 (Nov 12)
- Security risks of doing business with China? Dan Ballance (Nov 01)
- Re: Security risks of doing business with China? bk (Nov 01)
- Re: Security risks of doing business with China? Thor (Hammer of God) (Nov 01)
- Re: Security risks of doing business with China? Seth Arnold (Nov 02)
- Re: Security risks of doing business with China? bk (Nov 01)
- [ MDVSA-2012:169 ] java-1.6.0-openjdk security (Nov 01)
- Re: :Re: [OT] How much a million facebook Mikhail A. Utin (Nov 01)
- Elgg unsecure installation vulnerability Enrico Cinquini (Nov 01)
- PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls research (Nov 02)
- Checkpoint/SofaWare Firewall Vulnerability Research research (Nov 02)
- n.runs-SA-2012.003 - SPLUNK DoS HashDOS security (Nov 02)
- <Possible follow-ups>
- n.runs-SA-2012.003 - SPLUNK DoS HashDOS security (Nov 02)
- Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client Stefan Kanthak (Nov 02)
- [ MDVSA-2012:170 ] firefox security (Nov 02)
- Open Letter to the International Information Security Community - Help Brazilian Security Researchers Pablo Ximenes (Nov 02)
- pfSense Captive Portal Voucher Jeffrey Walton (Nov 03)
- [SECURITY] [DSA 2571-1] libproxy security update Raphael Geissert (Nov 05)
- [waraxe-2012-SA#096] - Multiple Vulnerabilities in Zenphoto 1.4.3.3 Janek Vind (Nov 05)
- [SECURITY] [DSA 2572-1] iceape security update Thijs Kinkhorst (Nov 05)
- AWAuctionScript CMS v1.x - Multiple Web Vulnerabilities Vulnerability Lab (Nov 05)
- HTP Zine 4 h (Nov 05)
- [HITB-Announce] #HITB2013AMS Call For Papers Now Open Hafez Kamal (Nov 05)
- multiple critical vulnerabilities in sophos products Tavis Ormandy (Nov 05)
- Re: multiple critical vulnerabilities in sophos products Michele Orru (Nov 05)
- Re: multiple critical vulnerabilities in sophos products Michele Orru (Nov 05)
- Re: multiple critical vulnerabilities in sophos products Michele Orru (Nov 05)
- [SECURITY] CVE-2012-2733 Apache Tomcat Denial of Service Mark Thomas (Nov 05)
- [SECURITY] CVE-2012-3439 Apache Tomcat DIGEST authentication weaknesses Mark Thomas (Nov 05)
- Convite para o CONISLI 2012 — palestra "SSL/TLS para Todos" (Guarulhos / SP, Brasil) contato (Nov 05)
- Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0 Stefan Kanthak (Nov 06)
- Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue Cisco Systems Product Security Incident Response Team (Nov 07)
- Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Nov 07)
- [Security-news] SA-CONTRIB-2012-161 - Webform CiviCRM Integration - Access Bypass security-news (Nov 07)
- [Security-news] SA-CONTRIB-2012-160 - OM Maximenu - Cross Site Scripting (XSS) security-news (Nov 07)
- When those who say to represent computing/IT students have serious security vulnerabilities? (XSS and data disclosure on http://ritsi.org ) klondike (Nov 07)
- [IA42] Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Local Buffer Overflow Inshell Security (Nov 08)
- Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities Cisco Systems Product Security Incident Response Team (Nov 08)
- [ MDVSA-2012:171 ] icedtea-web security (Nov 09)
- A damn aweful facebook DOS Chris C. Russo (Nov 09)
- Re: A damn aweful facebook DOS Bill Weiss (Nov 09)
- Re: A damn aweful facebook DOS Chris C. Russo (Nov 09)
- Re: A damn aweful facebook DOS Bacon Zombie (Nov 09)
- Re: A damn aweful facebook DOS Chris C. Russo (Nov 09)
- Re: A damn aweful facebook DOS Chris C. Russo (Nov 09)
- Re: A damn aweful facebook DOS Bill Weiss (Nov 09)
- XSS vulnerability in swfupload in WordPress MustLive (Nov 09)
- Re: XSS vulnerability in swfupload in WordPress Robert Kim SuperHydroPhobic! (Nov 11)
- TTY handling when executing code in lower-privileged context (su, virt containers) halfdog (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Michal Zalewski (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Benji (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Michal Zalewski (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Benji (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Benji (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Jerry Bell (Nov 12)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Michal Zalewski (Nov 11)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Benji (Nov 10)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Georgi Guninski (Nov 11)
- Re: TTY handling when executing code in lower-privileged context (su, virt containers) Michal Zalewski (Nov 10)
- Gajim fails to handle invalid certificates y33t (Nov 12)
- [SECURITY] [DSA 2573-1] radsecproxy security update Luciano Bello (Nov 12)
- BananaDance Wiki b2.2 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 12)
- List Charter John Cartwright (Nov 12)
- Re: Full-Disclosure Digest, Vol 93, Issue 11 Scott Miller (Nov 12)
- Re: Full-Disclosure Digest, Vol 93, Issue 11 Nick FitzGerald (Nov 12)
- Eventy CMS v1.8 Plus - Multiple Web Vulnerablities Vulnerability Lab (Nov 13)
- Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Vulnerability Lab (Nov 13)
- [DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities DefenseCode (Nov 13)
- GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM Thierry Zoller (Nov 13)
- Re: GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM Jeffrey Walton (Nov 13)
- Re: GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM Georgi Guninski (Nov 14)
- Re: GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM Jeffrey Walton (Nov 14)
- Re: GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM Georgi Guninski (Nov 14)
- Re: GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM Jeffrey Walton (Nov 13)
- XSS vulnerability in web applications with swfupload: Dotclear, XenForo, InstantCMS, AionWeb, Dolphin MustLive (Nov 13)
- Readdle: User traking (device UUID) over plaintext HTTP in query parameter Jeffrey Walton (Nov 13)
- Skype account + IM history hijack vulnerability Kirils Solovjovs (Nov 14)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 14)
- Re: **VL-JUNK** Re: Skype account + IM history hijack vulnerability Chris C. Russo (Nov 14)
- Re: **VL-JUNK** Re: Skype account + IM history hijack vulnerability Christian Sciberras (Nov 14)
- Re: **VL-JUNK** Re: Skype account + IM history hijack vulnerability Georgi Guninski (Nov 14)
- Re: **VL-JUNK** Re: Skype account + IM history hijack vulnerability Chris C. Russo (Nov 14)
- Re: Skype account + IM history hijack vulnerability klondike (Nov 14)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 14)
- Re: Skype account + IM history hijack vulnerability klondike (Nov 14)
- Re: Skype account + IM history hijack vulnerability Nick FitzGerald (Nov 14)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 15)
- Re: Skype account + IM history hijack vulnerability klondike (Nov 15)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 15)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 15)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 15)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 14)
- Re: Skype account + IM history hijack vulnerability Jeffrey Walton (Nov 18)
- Re: Skype account + IM history hijack vulnerability Benji (Nov 14)
- 0-day vulnerabilities in Call of Duty MW3 and CryEngine 3 ReVuln (Nov 14)
- Re: 0-day vulnerabilities in Call of Duty MW3 and CryEngine 3 Christian Sciberras (Nov 14)
- [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 14)
- Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 14)
- Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Jan Lieskovsky (Nov 14)
- Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Michal Ambroz (Nov 14)
- Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Jan Lieskovsky (Nov 14)
- Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection Tim Brown (Nov 14)
- iDev Rentals v1.0 - Multiple Web Vulnerabilities Vulnerability Lab (Nov 14)
- Hakin9 Reflected XSS - Irony? pieter (Nov 14)
- Re: Hakin9 Reflected XSS - Irony? Swair Mehta (Nov 15)
- linux rootkit in combination with nginx stack trace (Nov 14)
- Re: linux rootkit in combination with nginx dxp (Nov 26)
- Re: linux rootkit in combination with nginx Gregor S. (Nov 27)
- Re: linux rootkit in combination with nginx Benji (Nov 27)
- Re: linux rootkit in combination with nginx Jeffrey Walton (Nov 27)
- Re: linux rootkit in combination with nginx Gregor S. (Nov 27)
- Re: linux rootkit in combination with nginx dxp (Nov 26)
- [Security-news] SA-CONTRIB-2012-163 - User Read-Only - Permission escalation security-news (Nov 14)
- [Security-news] SA-CONTRIB-2012-162 - RESTful Web Services - Cross site request forgery (CSRF) security-news (Nov 14)
- [Security-news] SA-CONTRIB-2012-164 - Smiley module and Smileys module - Cross Site Scripting (XSS) security-news (Nov 14)
- [Security-news] SA-CONTRIB-2012-165 - Chaos tool suite (ctools) - Cross Site Scripting (XSS) security-news (Nov 14)
- [Security-news] SA-CONTRIB-2012-166 - Table of Contents - Access Bypass security-news (Nov 14)
- (no subject) mohit tyagi (Nov 15)
- Re: (no subject) Peter Osterberg (Nov 15)
- Re: (no subject) Gary Baribault (Nov 15)
- Re: (no subject) Sanguinarious Rose (Nov 15)
- Re: (no subject) James Condron (Nov 15)
- Re: (no subject) Julius Kivimäki (Nov 15)
- Re: (no subject) Peter Osterberg (Nov 15)
- ZDI-12-183 : RealNetworks RealPlayer RV40 Remote Code Execution Vulnerability ZDI Disclosures (Nov 15)
- ZDI-12-184 : Microsoft Excel Feature11/Feature12 Record Trusted Counter Remote Code Execution Vulnerability ZDI Disclosures (Nov 15)
- ZDI-12-185 : Apple Mac OS X DirectoryService SwapProxyMessage Unchecked objOffset Remote Code Execution Vulnerability ZDI Disclosures (Nov 15)
- ZDI-12-186 : Microsoft Office 2007 RTF Mismatch Remote Code Execution Vulnerability ZDI Disclosures (Nov 15)
- SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability SEC Consult Vulnerability Lab (Nov 15)
- [DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities DefenseCode (Nov 15)
- XSS vulnerability in web applications with swfupload: AionWeb, Magento, Liferay Portal, SurgeMail, symfony MustLive (Nov 15)
- [SECURITY] [DSA 2574-1] typo3-src security update Florian Weimer (Nov 15)
- DC4420 - London DEFCON - November meet - Tuesday 20th November alien DC4420 (Nov 16)
- [SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations (Nov 19)
- Re: [SE-2012-01] Security vulnerabilities in Java SE (details released) Security Explorations (Nov 21)
- Skype Account Service - Session Token Bypass Vulnerability Vulnerability Lab (Nov 19)
- Skype Account Service - Reset (Session) Password/Username Vulnerability Vulnerability Lab (Nov 19)
- Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local) Vulnerability Lab (Nov 19)
- [SECURITY] [DSA 2575-1] tiff security update Nico Golde (Nov 19)
- bash path normalization bug Andris Berzins (Nov 19)
- Re: bash path normalization bug Seth Arnold (Nov 19)
- Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Nov 19)
- [ MDVSA-2012:172 ] libproxy security (Nov 19)
- ZDI-12-187 : RealNetworks RealPlayer RV20 Frame Size Array Remote Code Execution Vulnerability ZDI Disclosures (Nov 19)
- n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security (Nov 19)
- <Possible follow-ups>
- n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS security (Nov 19)
- phpmyadmin compromised? Lucio Crusca (Nov 19)
- Re: phpmyadmin compromised? Benji (Nov 19)
- Re: phpmyadmin compromised? Benji (Nov 19)
- Re: phpmyadmin compromised? Christian Sciberras (Nov 19)
- Re: phpmyadmin compromised? H. Kurth Bemis (Nov 21)
- Re: phpmyadmin compromised? Benji (Nov 19)
- Re: phpmyadmin compromised? nauty . me04 (Nov 21)
- Re: phpmyadmin compromised? Benji (Nov 19)
- BF and FPD vulnerabilities in MODx MustLive (Nov 20)
- SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities Vulnerability Lab (Nov 21)
- LAN.FS Messenger Software v2.4 - Command Execution Vulnerability Vulnerability Lab (Nov 21)
- Wordpress Facebook Survey v1.0 - SQL Injection Vulnerability Vulnerability Lab (Nov 21)
- ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities Vulnerability Lab (Nov 21)
- NutriSystem.com stores passwords in database using plaintext warning (Nov 21)
- FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= Matan Azugi (Nov 21)
- webubs.com and prioritymeter.com; multiple security issues warning (Nov 21)
- [ MDVSA-2012:173 ] firefox security (Nov 21)
- XSS vulnerability in swfupload in TinyMCE, SPIP, Radiant CMS, AionWeb, Liferay Portal, SurgeMail, symfony MustLive (Nov 21)
- Simple DOS POC lighttpd 1.4.31 Milan Berger (Nov 22)
- You Are Committing a Crime Right Now illwill (Nov 22)
- Remote Command Execution on Cisco WAG120N Manu (Nov 22)
- Re: Remote Command Execution on Cisco WAG120N Gary Driggs (Nov 26)
- Re: Remote Command Execution on Cisco WAG120N Manu (Nov 26)
- Re: Remote Command Execution on Cisco WAG120N Julius Kivimäki (Nov 26)
- Re: Remote Command Execution on Cisco WAG120N Gary Driggs (Nov 26)
- Re: Remote Command Execution on Cisco WAG120N Benji (Nov 26)
- Re: Remote Command Execution on Cisco WAG120N Gary (Nov 28)
- Re: Remote Command Execution on Cisco WAG120N Ulisses Montenegro (Nov 28)
- Re: Remote Command Execution on Cisco WAG120N gremlin (Nov 27)
- Re: Remote Command Execution on Cisco WAG120N andfarm (Nov 27)
- Re: Remote Command Execution on Cisco WAG120N Gary Driggs (Nov 26)
- [ MDVSA-2012:174 ] libtiff security (Nov 22)
- XSS injection in netadmin's challenge in Dreamhack klondike (Nov 24)
- OT Google raises sploit bounties Georgi Guninski (Nov 24)
- Re: OT Google raises sploit bounties Chris Evans (Nov 25)
- Re: OT Google raises sploit bounties adam (Nov 25)
- Re: OT Google raises sploit bounties Michal Zalewski (Nov 25)
- Re: OT Google raises sploit bounties Guifre (Nov 26)
- Re: OT Google raises sploit bounties Robert Święcki (Nov 26)
- Re: OT Google raises sploit bounties Georgi Guninski (Nov 27)
- Re: OT Google raises sploit bounties Dan Kaminsky (Nov 27)
- Re: OT Google raises sploit bounties Georgi Guninski (Nov 28)
- Re: OT Google raises sploit bounties Dan Kaminsky (Nov 28)
- Re: OT Google raises sploit bounties Michal Zalewski (Nov 28)
- Re: OT Google raises sploit bounties adam (Nov 25)
- Re: OT Google raises sploit bounties Nick Boyce (Nov 26)
- Re: OT Google raises sploit bounties Thor (Hammer of God) (Nov 26)
- Re: OT Google raises sploit bounties Chris Evans (Nov 25)
- XSS vulnerability in swfupload in TYPO3 CMS, TinyMCE, Liferay Portal, Drupal, Codeigniter, SentinelleOnAir MustLive (Nov 24)
- One packet OS fingerprinting feature in SinFP3 GomoR (Nov 25)
- Re: XSS vulnerability in swfupload in TinyMCE, SPIP, Radiant CMS, AionWeb, Liferay Portal, SurgeMail, symfony MustLive (Nov 25)
- OpenBSD implementation of the libc's RPC (portmap) remote DoS. auto236751 (Nov 26)
- [SECURITY] [DSA 2576-1] trousers security update Yves-Alexis Perez (Nov 26)
- Websense Proxy Filter Bypass Nahuel Grisolia (Nov 26)
- Forescout NAC multiple vulnerabilities Joseph Sheridan (Nov 26)
- Skype Community - Mail Encoding Web Vulnerability #1 Vulnerability Lab (Nov 26)
- Skype Community - Mail Encoding Web Vulnerability #2 Vulnerability Lab (Nov 26)
- Possible infection of Piwik 1.9.2 download archive Maximilian Grobecker (Nov 27)
- Re: Possible infection of Piwik 1.9.2 download archive Christian Sciberras (Nov 27)
- Re: Possible infection of Piwik 1.9.2 download archive Felipe Montecino (Nov 27)
- Re: Possible infection of Piwik 1.9.2 download archive Max Grobecker (Nov 27)
- Re: Possible infection of Piwik 1.9.2 download archive Ferenc Kovacs (Nov 27)
- Re: Possible infection of Piwik 1.9.2 download archive Christian Sciberras (Nov 27)
- Spotify Playlists - Persistent Cross Site Scripting pieter (Nov 27)
- [SE-2011-01] Additional materials released for SAT TV research Security Explorations (Nov 27)
- Samsung +Dell printer firmware built-in backdoor account Kirils Solovjovs (Nov 27)
- The email that hacks you Bogdan Calin (Nov 28)
- Re: The email that hacks you Guifre (Nov 28)
- Re: The email that hacks you Bogdan Calin (Nov 28)
- Re: The email that hacks you Christian Sciberras (Nov 28)
- Re: The email that hacks you aditya (Nov 28)
- Re: The email that hacks you Bogdan Calin (Nov 28)
- Re: The email that hacks you aditya (Nov 28)
- Re: The email that hacks you Bogdan Calin (Nov 28)
- Re: The email that hacks you Guifre (Nov 28)
- [SECURITY] [DSA 2578-1] rssh security update Yves-Alexis Perez (Nov 28)
- Apple WGT Dictionnaire 1.3 - Script Code Inject Vulnerability Vulnerability Lab (Nov 28)
- Re: Apple WGT Dictionnaire 1.3 - Script Code Inject Vulnerability Thor (Hammer of God) (Nov 28)
- Paypal Bug Bounty #11 - Redirection Web Vulnerability Vulnerability Lab (Nov 28)
- Paypal Bug Bounty #27 - Community Web Vulnerability Vulnerability Lab (Nov 28)
- Paypal Bug Bounty #21 - Persistent Encoding Vulnerability Vulnerability Lab (Nov 28)
- Hacking Competition PHDAYS CTF Quals 2012 Starts PHD (Nov 28)
- [Security-news] SA-CONTRIB-2012-167 - Mixpanel - Cross site scripting (XSS) security-news (Nov 28)
- [Security-news] SA-CONTRIB-2012-169 - Email Field - Cross Site Scripting and Access bypass security-news (Nov 28)
- [Security-news] SA-CONTRIB-2012-171 - Webmail Plus - SQL injection - (unsupported) security-news (Nov 28)
- [Security-news] SA-CONTRIB-2012-170 - MultiLink - Access Bypass security-news (Nov 28)
- [Security-news] SA-CONTRIB-2012-168 - Services - Information Disclosure security-news (Nov 28)
- Server Side Request Forgery attacks on web-applications Vladimir Vorontsov (Nov 28)
- [Security-news] SA-CONTRIB-2012-172 - Zero Point - Cross Site Scripting (XSS) security-news (Nov 28)
- [ MDVSA-2012:175 ] libssh security (Nov 29)
- Lesson 1: Being a Hacker Pete Herzog (Nov 29)
- Safend Data Protector Multiple Vulnerabilities Joseph Sheridan (Nov 29)
- CSRF, AoF, DoS and IAA vulnerabilities in MODx MustLive (Nov 29)
- Oracle Exadata leaf switch logins larry Cashdollar (Nov 29)
- SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011 Lists (Nov 29)
- Paypal BugBounty #2 - Persistent Listing Web Vulnerability Vulnerability Lab (Nov 30)
- Directory traversal vulnerabilities in jsupload.cgi.pl version 0.6.4 and before Sean de Regge (Nov 30)
- [SECURITY] [DSA 2579-1] apache2 security update Stefan Fritsch (Nov 30)
- Buffalo Technology LinkStation Information Disclosure And Privilege Escalation Hurgel Bumpf (Nov 30)
- New Ajax SQL Injection Exploit? eltra1n (Nov 30)