86 messages
starting Jul 31 15 and
ending Aug 30 15
Date index |
Thread index |
Author index
SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network SEC Consult Vulnerability Lab (Aug 05)
Comment form CSRF in WordPress 4.2.2 allows admin impersonation via comments dxw Security (Aug 05)
Security Advisory - "Cross-VM ASL INtrospection (CAIN)" antonio (Aug 06)
Vulnerable MSVC++ runtime distributed with LibreOffice 5.0.0 for Windows Stefan Kanthak (Aug 06)
SCADA with antenna SCADA StrangeLove (Aug 06)
Ferrari - PHP CGI Argument Injection (RCE) Vulnerability Vulnerability Lab (Aug 07)
Device Inspector v1.5 iOS - Command Inject Vulnerabilities Vulnerability Lab (Aug 07)
Use After Free Vulnerability in unserialize() with SPL ArrayObject Taoguang Chen (Aug 07)
Use After Free Vulnerability in unserialize() with SplDoublyLinkedList Taoguang Chen (Aug 07)
Use After Free Vulnerability in unserialize() with SplObjectStorage Taoguang Chen (Aug 07)
Pineapple autopwn script 2.3.0 or lower versions. Electric Mind (Aug 08)
T Mobile Business - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Aug 10)
CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation Gregory Pickett (Aug 11)
Thomson Reuters FATCA - Local File Inclusion Etnies (Aug 11)
Thomson Reuters FATCA - Arbitrary File Upload Etnies (Aug 11)
php 7 use after free bug 牛保龙 (Aug 11)
BigTree CMS 4.2.3 Multiple Cross-Site-Scripting Vulnerabilities Curesec Research Team (Aug 11)
BigTree CMS 4.2.3 Multiple Sql Injections Curesec Research Team (Aug 11)
CodoForum 3.3.1 Multiple Cross Site Scriptings Curesec Research Team (Aug 11)
CodoForum 3.3.1 Multiple SQL Injections Curesec Research Team (Aug 11)
Stored XSS in Google Analytics by Yoast Premium allows privileged users to attack other users (WordPress plugin) dxw Security (Aug 11)
Blind SQL Injection in WP Symposium allows unauthenticated attackers to access sensitive data (WordPress plugin) dxw Security (Aug 11)
Reflected XSS in iframe allows unauthenticated users to do almost anything an admin can (WordPress plugin) dxw Security (Aug 11)
Stored XSS in iframe allows less privileged users to do almost anything an admin can (WordPress plugin) dxw Security (Aug 11)
bizidea Design CMS 2015Q3 - SQL Injection Vulnerability Vulnerability Lab (Aug 12)
[Onapsis Security Advisory 2015-011] SAP Mobile Platform DataVault Predictable encryption passwords for Configuration Values Onapsis Research Labs (Aug 12)
[Onapsis Security Advisory 2015-010] SAP Mobile Platform DataVault Keystream Recovery Onapsis Research Labs (Aug 12)
[Onapsis Security Advisory 2015-012] SAP Mobile Platform DataVault Predictable Encryption Password for Secure Storage Onapsis Research Labs (Aug 12)
Open source tool for applying Google Chrome security updates David Leo (Aug 12)
BFS-SA-2015-001: Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability Blue Frost Security Research Lab (Aug 12)
The OAuth2 Complete plugin for WordPress uses a pseudorandom number generator which is non-cryptographically secure (WordPress plugin) dxw Security (Aug 12)
Update: Backdoor and RCE found in 8 TOTOLINK router models Pierre Kim (Aug 12)
Zend Framework <= 2.4.2 XML eXternal Entity Injection (XXE) on PHP FPM Dawid Golunski (Aug 12)
Cisco Unified Communications Manager Multiple Vulnerabilities (VP2015-001) Vantage Point Security (Aug 12)
SAP Security Notes August 2015 ERPScan inc (Aug 13)
NetRipper - Smart traffic sniffing for penetration testers Poyo VL (Aug 13)
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 Apple Product Security (Aug 13)
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 Apple Product Security (Aug 13)
APPLE-SA-2015-08-13-3 iOS 8.4.1 Apple Product Security (Aug 13)
APPLE-SA-2015-08-13-4 OS X Server v4.1.5 Apple Product Security (Aug 13)
BFS-SA-2015-002: OpenSSH PAM Privilege Separation Vulnerabilities Blue Frost Security Research Lab (Aug 13)
[CVE-2015-5617]Enorth Webpublisher CMS SQL Injection from delete_pending_news.jsp cbNewsid xin . wang (Aug 13)
ERPSCAN Research Advisory [ERPSCAN-15-012] SAP Afaria 7 XComms – Buffer Overflow ERPScan inc (Aug 14)
Sandbox bypass through Google Admin WebView Vahagn Vardanyan (Aug 14)
vBulletin x.x.x rce "0day" Joshua Rogers (Aug 15)
Oracle CSO numbers, security hygiene and fixes at the same time Security Explorations (Aug 16)
Insufficient certificate validation in EMC Secure Remote Services Virtual Edition Securify B.V. (Aug 17)
Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal Securify B.V. (Aug 17)
[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD – XXE ERPScan inc (Aug 17)
Severe weakness in checkout provider Borderfree allows users to easily control the prices they pay on ecommerce websites John Smith (Aug 17)
Phorum 5.2.19 - Reflected XSS and Open Redirect Curesec Research Team (CRT) (Aug 18)
Bolt 2.2.4 - Code Execution Curesec Research Team (CRT) (Aug 18)
ModX Revolution 2.3.5 - Reflected XSS Curesec Research Team (CRT) (Aug 18)
UNIT4TETA TETA WEB - Authorization Bypass vulnerability Lukasz Miedzinski (Aug 18)
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064) Vulnerability Lab (Aug 20)
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability Vulnerability Lab (Aug 20)
ChiefPDF Software v2.x - Buffer Overflow Vulnerability Vulnerability Lab (Aug 20)
WebSolutions India Design CMS - SQL Injection Vulnerability Vulnerability Lab (Aug 20)
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Aug 20)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability Vulnerability Lab (Aug 20)
nullcon se7en CFP is open nullcon (Aug 27)
AnchorCMS - PHP Object Injection (CVE-2015-5687) and More Scott Arciszewski (Aug 27)
CSRF/XSS vulnerability in Private Only could allow an attacker to do almost anything an admin user can (WordPress plugin) dxw Security (Aug 27)
Publicly exploitable XSS in WordPress plugin Navis Documentcloud (WordPress plugin) dxw Security (Aug 27)
Dogma India dogmaindia CMS - Auth Bypass Session Vulnerability Vulnerability Lab (Aug 28)
LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability Vulnerability Lab (Aug 28)
PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability Vulnerability Lab (Aug 28)
Photo Transfer (2) v1.0 iOS - Denial of Service Vulnerability Vulnerability Lab (Aug 28)
KnowledgeTree OSS 3.0.3b Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug Jing Wang (Aug 30)
Winmail Server 4.2 Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug Jing Wang (Aug 30)