364 messages
starting Dec 01 07 and
ending Dec 31 07
Date index |
Thread index |
Author index
[SECURITY] [DSA 1417-1] New asterisk packages fix SQL injection Moritz Muehlenhoff (Dec 03)
PR06-11: BEA Plumtree portal search facility leaks usernames to unauthenticated users research (Dec 03)
[SECURITY] [DSA 1418-1] New cacti packages fix SQL injection Thijs Kinkhorst (Dec 03)
PR06-09: BEA Plumtree portal full version disclosure vulnerability research (Dec 03)
Re: SQL Injection in saphp "showcat.php" security curmudgeon (Dec 03)
[WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps AKS aka (0kn0ck) (Dec 03)
sing (debian) vunlerability? Milen Rangelov (Dec 03)
Re: SQL Injection in SaphpLesson2.0 "show.php" security curmudgeon (Dec 03)
Lotfian Brochure and cataloge Script XSS And SQL Injection noreply (Dec 03)
McAfee SecurityCenter Privacy Service HTML Execution Vulnerability DoZ (Dec 03)
SYMSA-2007-014: SQL Injection Vulnerability in Beehive Forum Software research (Dec 03)
[USN-550-1] Cairo vulnerability Kees Cook (Dec 03)
Snitz2000 SQL Injection: A user can gain admin level admin (Dec 04)
[MacOS X] Insecure eval() in Twitgit and Twitterlex dashboard widgets Thomas Roessler (Dec 04)
[USN-551-1] OpenLDAP vulnerabilities Jamie Strandboge (Dec 04)
SEC Consult SA-20071204-0 :: SonicWALL Global VPN Client Format String Vulnerability Bernhard Mueller (Dec 04)
[ MDKSA-2007:234 ] - Updated vixie-cron packages fix DoS vulnerability security (Dec 04)
[USN-549-2] PHP regression Kees Cook (Dec 04)
[ MDKSA-2007:235 ] - Updated apache packages fix vulnerabilities security (Dec 04)
(Re-post) ATC-08 CFP atc08 (Dec 04)
The first release of SWFIntruder is out ! Stefano Di Paola (Dec 04)
Re: [dns-operations] Web Proxy Auto-Discovery (WPAD) Information Disclosure (fwd) Gadi Evron (Dec 04)
PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection research (Dec 04)
CORE-2007-1004: VLC Activex Bad Pointer Initialization Vulnerability CORE Security Technologies Advisories (Dec 04)
[security bulletin] HPSBMA02293 SSRT071494 rev.1 - HP Select Identity, Remote Unauthorized Access security-alert (Dec 04)
Re: Powerschool 404 Admin Exposure bob (Dec 04)
TIBCO Rendezvous Exploitation Video IRM Research (Dec 04)
RFI and Multiple XSS in PhpMyChat beenudel1986 (Dec 04)
[USN-546-2] Firefox regression Kees Cook (Dec 04)
The recent number of unpatched QuickTime flaws is: two Juha-Matti Laurio (Dec 05)
[USN-553-1] Mono vulnerability Kees Cook (Dec 05)
[ MDKSA-2007:236 ] - Updated openssh packages fix X11 cookie vulnerability security (Dec 05)
rPSA-2007-0257-1 rsync rPath Update Announcements (Dec 05)
[ MDKSA-2007:237 ] - Updated openssl packages fix DTLS vulnerability security (Dec 05)
Blind Sql-Injection in Joomla 1.5 RC3 beenudel1986 (Dec 05)
[USN-552-1] Perl vulnerability Kees Cook (Dec 05)
Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" Michal Bucko (Dec 05)
Opera 9.50 beta and prior remote DoS (freeze) gynvael (Dec 05)
[ECHO_ADV_86$2007] Mambo/Joomla Component rsgallery <= 2.0 beta 5 (catid) Remote SQL Injection Vulnerability erdc (Dec 05)
Sql Injection in wordpress 2.3.1 beenudel1986 (Dec 05)
Advisory: Cross Site Scripting in CiscoWorks Liquidmatrix Security Digest (Dec 05)
[SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution Martin Schulze (Dec 05)
[ELEYTT] Public Advisory 05-12-2007 Michal Bucko (Dec 05)
[SECURITY] [DSA 1420-1] New zabbix packages fix privilege escalation Thijs Kinkhorst (Dec 05)
Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability Cisco Systems Product Security Incident Response Team (Dec 05)
Firefox 2.0.0.11 INPUT Denial Of Service azizov (Dec 05)
[ GLSA 200712-02 ] Cacti: SQL injection Pierre-Yves Rofes (Dec 05)
ezContents Version 1.4.5 Remote File Disclosure Vulnerability. p4imi0 (Dec 05)
SineCMS <= 2.3.4 Calendar SQL Injection 'n something else.. kingoftheworld92 (Dec 05)
[ GLSA 200712-01 ] Hugin: Insecure temporary file creation Pierre-Yves Rofes (Dec 05)
Aria-Security.Net: PenPals Login and search page SQL Injection no-reply (Dec 06)
Avast! AntiVirus TAR Processing Remote Heap Corruption Sowhat (Dec 06)
[security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code security-alert (Dec 06)
[UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability cocoruder (Dec 06)
[SECURITY] [DSA 1421-1] New wesnoth packages fix arbitrary file disclosure Martin Schulze (Dec 06)
SQUID-2007:2, Dec 4, 2007 Adrian Chadd (Dec 06)
NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability NSFOCUS Security Team (Dec 06)
Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection NetAuctionHelp Support (Dec 06)
HITBSecConf2007 Malaysia Videos Now Available Praburaajan (Dec 06)
[XSS] OpenNewsletter v2.5 Multipe XSS Attacks bugtraq (Dec 06)
UPDATE: [ GLSA 200711-29 ] Samba: Execution of arbitrary code Pierre-Yves Rofes (Dec 06)
[Security Advisorie] OpenNewsletter v2.5 Multipe XSS Attacks Sarasa (Dec 06)
[ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow security (Dec 06)
[USN-554-1] teTeX and TeX Live vulnerabilities Jamie Strandboge (Dec 06)
ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows zdi-disclosures (Dec 06)
ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability zdi-disclosures (Dec 06)
TCP Port randomization paper Fernando Gont (Dec 07)
<Possible follow-ups>
RE: TCP Port randomization paper Amit Klein (Dec 11)
Re: RE: TCP Port randomization paper Amit Klein (Dec 18)
[CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities Williams, James K (Dec 07)
Potential SQL injection vulnerability in Apache::AuthCAS Matthias Bethke (Dec 07)
[SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution Steve Kemp (Dec 07)
[ MDKSA-2007:239 ] - Updated heimdal packages fix potential vulnerability security (Dec 07)
Re: RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability security curmudgeon (Dec 07)
Re: Friend Script 2.5 - 2.4 Remote File İnclude security curmudgeon (Dec 07)
rPSA-2007-0260-1 firefox rPath Update Announcements (Dec 07)
Re: BellaBiblio Admin Login Bypass security curmudgeon (Dec 07)
Re: Phorm v3.0 Remote File Upload Vulnerability security curmudgeon (Dec 07)
[ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS ISecAuditors Security Advisories (Dec 07)
R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities advisory (Dec 07)
[SECURITY] [DSA 1423-1] New sitebar packages fix several vulnerabilities Steve Kemp (Dec 07)
Kvaliitti WebDoc 3.0 CMS SQL Injection vulnerability jaakkoNOSPAM (Dec 07)
[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw security (Dec 07)
Two vulnerabilities in Simple HTTPD 1.38 Luigi Auriemma (Dec 07)
Limited upload directory traversal in HTTP File Server 2.2a / 2.3 beta (build #146) Luigi Auriemma (Dec 07)
Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 Luigi Auriemma (Dec 07)
Upload directory traversal in Easy File Sharing 4.5 Luigi Auriemma (Dec 07)
Nullsoft Winamp MP4 tags Stack Overflow gforce (Dec 08)
Windows media player 6.4 MP4 Stack Overflow 0-day gforce (Dec 08)
[SECURITY] [DSA 1425-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Dec 08)
Media Player Classic 6.4.9 MP4 Stack Overflow 0-day gforce (Dec 08)
Re: Media Player Classic 6.4.9 MP4 Stack Overflow 0-day Matthew Leeds (Dec 12)
[USN-555-1] e2fsprogs vulnerability Kees Cook (Dec 08)
[SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities Moritz Muehlenhoff (Dec 08)
Lotfian.com DATABASE DRIVEN TRAVEL SITE Multiple SQL Injection no-reply (Dec 10)
webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability brainheadbrainhead (Dec 10)
[ GLSA 200712-09 ] Ruby-GNOME2: Format string error Pierre-Yves Rofes (Dec 10)
Call for Papers - Security and High Performance Computing System 2008 shpcs08 (Dec 10)
Two vulnerabilities in SquirrelMail GPG plugin Tomas Kuliavas (Dec 10)
The Cookie Tools v0.3 -- first public release michele dallachiesa (Dec 10)
Unsanitized scripting in RoundCube webmail Tomas Kuliavas (Dec 10)
[ GLSA 200712-06 ] Firebird: Multiple buffer overflows Pierre-Yves Rofes (Dec 10)
CVE-2007-6205 Hanno Böck (Dec 10)
Flat PHP Board <= 1.2 Multiple Vulnerabilities kingoftheworld92 (Dec 10)
Bitweaver XSS & SQL Injection Vulnerability DoZ (Dec 10)
Security and hacking papers Ork (Dec 10)
[ GLSA 200712-03 ] GNU Emacs: Multiple vulnerabilities Pierre-Yves Rofes (Dec 10)
bttlxeForum Multiple SQL Injection And Cross Site Scripting noreply (Dec 10)
[ GLSA 200712-04 ] Cairo: User-assisted execution of arbitrary code Pierre-Yves Rofes (Dec 10)
Falt4 CMS Security Report/Advisory Mesut Timur (Dec 10)
Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability Secunia Research (Dec 10)
[ GLSA 200712-05 ] PEAR::MDB2: Information disclosure Pierre-Yves Rofes (Dec 10)
[ GLSA 200712-08 ] AMD64 x86 emulation Qt library: Multiple vulnerabilities Pierre-Yves Rofes (Dec 10)
SQL injection - GestDownV1.00Beta bebe (Dec 10)
squids ICAP implementation lacks a defer check when reading from ICAP server Martin Huter (Dec 10)
[ GLSA 200712-07 ] Lookup: Insecure temporary file creation Pierre-Yves Rofes (Dec 10)
Advisory: Websense XSS Vulnerability Liquidmatrix Security Digest (Dec 10)
[SECURITY] Buffer overrun in send_mailslot() Gerald (Jerry) Carter (Dec 10)
Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) and vulnerable bz2lib (CAN-2005-0758 & CAN-2005-0953) Stefan Kanthak (Dec 10)
rPSA-2007-0261-1 samba samba-swat rPath Update Announcements (Dec 10)
WordPress Charset SQL injection vulnerability (re-resend) Abel Cheung (Dec 10)
Multiple vulnerabilities in BarracudaDrive 3.7.2 Luigi Auriemma (Dec 10)
Multiple vulnerabilities in BadBlue 2.72b Luigi Auriemma (Dec 10)
Filesystem access in DOSBox 0.72 Luigi Auriemma (Dec 10)
[USN-550-2] Cairo regression Kees Cook (Dec 10)
[SECURITY] [DSA 1427-1] New samba packages fix arbitrary code execution Moritz Muehlenhoff (Dec 10)
WASC Announcement: The Script Mapping Project Results and Call for Participation announcements (Dec 10)
[ GLSA 200712-10 ] Samba: Execution of arbitrary code Pierre-Yves Rofes (Dec 10)
Dell / Dell Financial Services - Contact Justin@InfoTek (Dec 10)
ZDI-07-072: Novell Netmail AntiVirus Agent Multiple Overflow Vulnerabilities zdi-disclosures (Dec 10)
[ MDKSA-2007:242 ] - Updated e2fsprogs packages fix vulnerability security (Dec 11)
[ MDKSA-2007:243 ] - Updated MySQL packages fix multiple vulnerabilities security (Dec 11)
[SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Dec 11)
[ MDKSA-2007:241 ] - Updated tomcat5 packages fix multiple vulnerabilities security (Dec 11)
rPSA-2007-0262-1 e2fsprogs rPath Update Announcements (Dec 11)
SupportSuite 3.11.01~ Multiple file ~ PHP SELF XSS imei Addmimistrator (Dec 11)
PGMfuzz - a tool for testing Pragmatic General Multicast protocol implementations IRM Research (Dec 11)
HP notebooks remote code execution vulnerability (multiple series) porkythepig (Dec 11)
Black Hat Briefings Call for Papers jmoss (Dec 11)
Meridian Prolog Manager Username and Plain Text Password Disclosure Prolog Error (Dec 11)
ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability zdi-disclosures (Dec 11)
ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption zdi-disclosures (Dec 11)
[SECURITY] [DSA 1429-1] New htdig packages fix cross site scripting Steve Kemp (Dec 11)
ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability zdi-disclosures (Dec 11)
ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability zdi-disclosures (Dec 11)
[SECURITY] [DSA 1430-1] New libnss-ldap packages fix denial of service Steve Kemp (Dec 11)
[SECURITY] [DSA 1431-1] New ruby-gnome2 packages fix execution of arbitrary code Steve Kemp (Dec 11)
[ MDKSA-2007:244 ] - Updated samba packages fix vulnerability security (Dec 12)
[SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Dec 12)
Cpanel Vulnerability? Francisco Pecorella (Dec 12)
MS Office 2007: Digital Signature does not protect Meta-Data poehls (Dec 12)
iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability iDefense Labs (Dec 12)
rPSA-2007-0264-1 mod_dav_svn subversion rPath Update Announcements (Dec 12)
iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability iDefense Labs (Dec 12)
QK SMTP Server 3 - Denial of service jplopezy (Dec 13)
Hosting Controller - Multiple Security Bugs (Extremely Critical) admin (Dec 13)
[security bulletin] HPSBUX02296 SSRT071504 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code security-alert (Dec 13)
OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents poehls (Dec 13)
[USN-550-3] Cairo regression Kees Cook (Dec 13)
[security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) security-alert (Dec 13)
SQL MKPortal M1.1 Rc1 Sw33t . h4cK3r (Dec 13)
Fwd: Websense 6.3.1 Filtering Bypass The Security Community (Dec 13)
MS Office 2007: Target of Hyperlinks not covered by Digital Signatures poehls (Dec 13)
SECURITY: 1.4.12 Package Compromise Jon Angliss (Dec 13)
[ GLSA 200712-11 ] Portage: Information disclosure Pierre-Yves Rofes (Dec 13)
[ GLSA 200712-12 ] IRC Services: Denial of Service Pierre-Yves Rofes (Dec 13)
[ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote denial of service security (Dec 13)
+ Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338 swhite (Dec 13)
Re: AW: MS Office 2007: Digital Signature does not protect Meta-Data webmaster () networkdefense biz (Dec 13)
PHP MySQL Banner Exchange 2.2.1 remote mysql database bug arsalan1991 (Dec 14)
HPSBUX02296 SSRT071504 rev.2 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code security-alert (Dec 14)
[ISR] - Novell Groupwise client remote stack overflow silently patched. ISR-noreply (Dec 14)
[ MDKSA-2007:246 ] - Updated Firefox packages fix multiple vulnerabilities security (Dec 14)
ANNOUNCE: SquirrelMail 1.4.13 Released Jon Angliss (Dec 14)
POC for samba send_mailslot() x 86 (Dec 14)
Phpay - Local File Inclusion th3 . r00k . nospam (Dec 15)
[security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access security-alert (Dec 15)
Anon Proxy Server - Remote Code Execution th3 . r00k . nospam (Dec 15)
Oreon/Centreon - Multiple Remote File Inclusion th3 . r00k . nospam (Dec 15)
PHP RPG - Sql Injection and Session Information Disclosure. th3 . r00k . nospam (Dec 15)
Wordpress - Broken Access Control th3 . r00k . nospam (Dec 15)
ClubHack2007: Presentation are online now `ClubHack ` (Dec 15)
neuron news1.0 Multiple Remote Vulnerabilities (sql injection/xss) hadihadi_zedehal_2006 (Dec 17)
ZSA-2007-029: syslog-ng Denial of Service Balazs Scheidler (Dec 17)
PHP Security Framework: Vuln and Security Bypass gmdarkfig (Dec 17)
jetAudio 7.0.5 COWON Media Center MP4 Stack Overflow gforce (Dec 17)
[SECURITY] [DSA 1432-1] New link-grammar packages fix execution of code Steve Kemp (Dec 17)
[SECURITY] [DSA 1433-1] New centericq packages fix execution of code Steve Kemp (Dec 17)
[SECURITY] [DSA 1434-1] New mydns packages fix denial of service Thijs Kinkhorst (Dec 17)
release uhooker v1.3 Hernan Ochoa (Dec 17)
Heap overflow in PeerCast 0.1217 Luigi Auriemma (Dec 17)
rPSA-2007-0266-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Dec 17)
RaidenHTTPD 2.0.19 ulang cmd exec poc exploit retrog (Dec 17)
SurgeMail v.38k4 webmail Host header crash retrog (Dec 17)
Uber Uploader <= 5.3.6 Remote File Upload Vulnerability sys-project (Dec 17)
Apple OS X Software Update Remote Command Execution Moritz Jodeit (Dec 17)
rPSA-2007-0268-1 kdebase rPath Update Announcements (Dec 17)
Rosoft Media Player 4.1.7 crash jplopezy (Dec 18)
ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability zdi-disclosures (Dec 18)
Multiple xss in mambo 4.6.2 beenudel1986 (Dec 18)
ZDI-07-078: St. Bernard Open File Manager Heap Overflow Vulnerability zdi-disclosures (Dec 18)
iMesh <= 7.1.0.x IMWebControl Class (IMWeb.dll 7.0.0.x) remote exploit retrog (Dec 18)
ZDI-07-079: Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability zdi-disclosures (Dec 18)
SyScan'08 Call For Paper/Training organiser () syscan org (Dec 18)
[security bulletin] HPSBST02299 SSRT071506 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-063 to MS07-069 security-alert (Dec 18)
[USN-556-1] Samba vulnerability Kees Cook (Dec 18)
iDefense Security Advisory 12.18.07: ClamAV libclamav MEW PE File Integer Overflow Vulnerability iDefense Labs (Dec 18)
rPSA-2007-0269-1 kernel rPath Update Announcements (Dec 18)
iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability iDefense Labs (Dec 18)
Tiger Team: New TV series about pen testers airing on CourtTV Dec 25 11 pm blackredyellow (Dec 18)
AST-2007-027 - Database matching order permits host-based authentication to be ignored Security Officer (Dec 18)
Google Toolbar Dialog Spoofing Vulnerability avivra (Dec 18)
[ GLSA 200712-13 ] E2fsprogs: Multiple buffer overflows Robert Buchholz (Dec 18)
[ GLSA 200712-14 ] CUPS: Multiple vulnerabilities Robert Buchholz (Dec 18)
[USN-557-1] GD library vulnerability Jamie Strandboge (Dec 19)
smbfs and apache+php source code disclosure Maciej Gąsiorowski (Dec 19)
Cisco Security Advisory: Application Inspection Vulnerability in Cisco Firewall Services Module Cisco Systems Product Security Incident Response Team (Dec 19)
SYMSA-2007-015 research (Dec 19)
Array overflow in id3lib (devel CVS) Luigi Auriemma (Dec 19)
[SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Dec 19)
HP laptops Software Update tool vulnerability porkythepig (Dec 19)
xeCMS 1.x.x Remote File Disclosure Vulnerability. p4imi0 (Dec 19)
Black Hat Briefings Call for Papers and Happy Happy Joy Joy jmoss (Dec 20)
[security bulletin] HPSBUX02295 SSRT071333 rev.1 - HP-UX Running rpc.yppasswdd, Remote Denial of Service (DoS) security-alert (Dec 20)
iSupport v1.8 Local file include vulnerability ahcrew (Dec 20)
Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability mj (Dec 20)
[Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection The-0utl4w-noreply (Dec 20)
[security bulletin] HPSBTU02300 SSRT071452 rev.1 - HP Tru64 UNIX running FFM, Local Denial of Service (Dos) security-alert (Dec 20)
SiteScape Forum TCL injection lolo lolo (Dec 20)
PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability sys-project (Dec 20)
[security bulletin] HPSBUX02284 SSRT071483 rev.4 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access security-alert (Dec 20)
Re: Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability antonio (Dec 20)
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Dec 20)
Re: Design flaw in AS3 socket handling allows port probing fukami (Dec 20)
CFP CISIS '08 hjan (Dec 21)
[USN-559-1] MySQL vulnerabilities Jamie Strandboge (Dec 21)
Moodle SQL Injection root (Dec 21)
Cryptome: NSA has real-time access to Hushmail servers Juha-Matti Laurio (Dec 21)
Buffer-overflow in WinUAE 1.4.4 Luigi Auriemma (Dec 21)
[CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability Williams, James K (Dec 21)
HPSBGN2301 SSRT071508 rev.1 - HP Software Update Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access security-alert (Dec 21)
Word 2003 denial of service jplopezy (Dec 21)
America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution evanchik (Dec 21)
Microsoft Office Publisher jplopezy (Dec 22)
My Blog Rfi beenudel1986 (Dec 22)
[HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities DoZ (Dec 22)
pdflib long filename multiple bufferoverflows poplix (Dec 24)
Logaholic Web Analytics Software malibu . r (Dec 24)
[CVE-2007-5342] Apache Tomcat's default security policy is too open Mark Thomas (Dec 24)
[ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack ISecAuditors Security Advisories (Dec 24)
Tikiwiki 1.9.8.3 tiki-special_chars.php XSS Vulnerability Mesut Timur (Dec 24)
[waraxe-2007-SA#060] - Sensitive info disclosure in CuteNews <= 1.4.5 come2waraxe (Dec 24)
PHP <= 5.2.5 Safe Mode Bypass admin (Dec 24)
Jupiter Cms Multiple Vulnerabilities admin (Dec 24)
Buffer-overflow and format string in VideoLAN VLC 0.8.6d Luigi Auriemma (Dec 24)
SimpleForum <= 4.6.2 - Cross-Site Scripting Vulnerability sys-project (Dec 24)
Double directory traversal in ImgSvr 0.6.21 Luigi Auriemma (Dec 24)
Update: Clients buffer-overflow in Live for Speed 0.5X10 Luigi Auriemma (Dec 24)
Unicode buffer-overflow in Zoom Player 6.00b2 Luigi Auriemma (Dec 24)
Multiple vulnerabilities in RUNCMS 1.6 by DSecRG Digital Security Research Group (Dec 25)
TotalPlayer 3.0 .m3u crash david130490 (Dec 25)
Confixx Professional RFİ erne (Dec 26)
[SECURITY] [DSA 1437-1] New cupsys packages fix several vulnerabilities Moritz Muehlenhoff (Dec 26)
Bid 24744 ? balrog (Dec 26)
Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection sys-project (Dec 27)
XZero Community Classifieds <= v4.95.11 LFI & SQL Injection office (Dec 27)
IPortalX Forums Cross-Site Scripting Vulnerability DoZ (Dec 27)
[security bulletin] HPSBGN02298 SSRT071502 rev.2 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access security-alert (Dec 27)
Latest round of web hacking incidents for 2007 & Project news Ofer Shezaf (Dec 27)
PHP -> set_time_limit brancohat (Dec 27)
Multiple vulnerabilities in Feng 0.1.15 Luigi Auriemma (Dec 27)
Multiple vulnerabilities in libnemesi 0.6.4-rc1 Luigi Auriemma (Dec 27)
Buffer-overflow in Extended Module Player 2.5.1 Luigi Auriemma (Dec 27)
OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities Juan Galiana (Dec 28)
FAQMasterFlexPlus multiple vulnerabilities Juan Galiana (Dec 28)
2z-project 0.9.6.1 Multiple Security Vulnerabilities Digital Security Research Group [DSecRG] (Dec 28)
[SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities Florian Weimer (Dec 28)
[SECURITY] [DSA 1405-3] New zope-cmfplone packages fix regression Thijs Kinkhorst (Dec 28)
[SECURITY] [DSA 1439-1] New typo3-src packages fix SQL injection Thijs Kinkhorst (Dec 28)
[SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary code execution Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 1441-1] New peercast packages fix arbitrary code execution Thijs Kinkhorst (Dec 28)
Buffer-overflow in CoolPlayer 217 Luigi Auriemma (Dec 28)
[SECURITY] [DSA 1442-2] New libsndfile packages fix arbitrary code execution Moritz Muehlenhoff (Dec 29)
[ GLSA 200712-15 ] libexif: Multiple vulnerabilities Pierre-Yves Rofes (Dec 29)
[ GLSA 200712-16 ] Exiv2: Integer overflow Pierre-Yves Rofes (Dec 29)
[ GLSA 200712-17 ] exiftags: Multiple vulnerabilities Pierre-Yves Rofes (Dec 29)
[ GLSA 200712-18 ] Multi-Threaded DAAP Daemon: Multiple vulnerabilities Robert Buchholz (Dec 29)
[ GLSA 200712-19 ] Syslog-ng: Denial of Service Robert Buchholz (Dec 29)
[ GLSA 200712-20 ] ClamAV: Multiple vulnerabilities Robert Buchholz (Dec 29)
[ GLSA 200712-21 ] Mozilla Firefox, SeaMonkey: Multiple vulnerabilities Robert Buchholz (Dec 29)
TK53 Advisory #2: Multiple vulnerabilities in ClamAV Lolek of TK53 (Dec 29)
CuteNews Arbitrary File Download AllVersion pawel2827 (Dec 29)
CCMS v3.1 Demo <= SQL Injection Vulnerability 0day pawel2827 (Dec 29)
[ GLSA 200712-23 ] Wireshark: Multiple vulnerabilities Robert Buchholz (Dec 31)
[ GLSA 200712-24 ] AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code Robert Buchholz (Dec 31)
[ GLSA 200712-25 ] OpenOffice.org: User-assisted arbitrary code execution Pierre-Yves Rofes (Dec 31)
Bitweaver source code disclosure, arbitrary file upload admin (Dec 31)
Fingerprints in Astaro Security Gateway v7.1 morin . josh (Dec 31)
[ GLSA 200712-22 ] Opera: Multiple vulnerabilities Pierre-Yves Rofes (Dec 31)
milliscripts (dir.php) Cross-Site Scripting Vulnerability sys-project (Dec 31)
LiveCart Multiple Cross-Site Scripting Vulnerabilities DoZ (Dec 31)
Instant Softwares DatingSite SQL Injection The-0utl4w-noreply (Dec 31)
Re: TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities oldguy (Dec 31)
[HSC Security Group] Multiple CSRF in Joomla all versions - Complete compromise zinho (Dec 31)