Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
263 messages
starting Aug 10 09 and
ending Aug 24 09
Date index |
Thread index |
Author index
Adam Baldwin
[NGENUITY] - Ticket Subject Persistent XSS in Kayako SupportSuite Adam Baldwin (Aug 10)
[NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF) Adam Baldwin (Aug 10)
advisories
Re: DoS vulnerability in Google Chrome advisories (Aug 26)
RE: DoS vulnerability in Google Chrome advisories (Aug 25)
Alexandr Polyakov
[DSECRG-09-033] SAP Netweaver UDDI - XSS Security Vulnerability Alexandr Polyakov (Aug 12)
Alex Legler
[ GLSA 200908-06 ] CDF: User-assisted execution of arbitrary code Alex Legler (Aug 18)
[ GLSA 200908-07 ] Perl Compress::Raw modules: Denial of Service Alex Legler (Aug 18)
[ GLSA 200908-02 ] BIND: Denial of Service Alex Legler (Aug 03)
[ GLSA 200908-05 ] Subversion: Remote execution of arbitrary code Alex Legler (Aug 18)
[ GLSA 200908-08 ] ISC DHCP: dhcpd Denial of Service Alex Legler (Aug 18)
[ GLSA 200908-10 ] Dillo: User-assisted execution of arbitrary code Alex Legler (Aug 18)
[ GLSA 200908-09 ] DokuWiki: Local file inclusion Alex Legler (Aug 18)
Amit Klein
Writeup by Amit Klein (Trusteer): "Google Chrome 3.0 (Beta) Math.random vulnerability" Amit Klein (Aug 31)
Andrew Horton
[MORNINGSTAR-2009-01] Multiple security issues in Open Auto Classifieds version <= 1.5.9 Andrew Horton (Aug 26)
Andrzej Targosz
CONFidence 2009, November, CfP Andrzej Targosz (Aug 25)
ascii
Vtiger CRM 5.0.4 Multiple Vulnerabilities ascii (Aug 18)
Asterisk Security Team
AST-2009-004: Remote Crash Vulnerability in RTP stack Asterisk Security Team (Aug 03)
AST-2009-005: Remote Crash Vulnerability in SIP channel driver Asterisk Security Team (Aug 11)
Bkis
[Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities Bkis (Aug 20)
Bonsai - Information Security
[BONSAI] SQL Injection in CS-Cart Bonsai - Information Security (Aug 04)
brad . antoniewicz
ntop <= 3.3.10 Basic Authentication Null Pointer Denial of Service brad . antoniewicz (Aug 18)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability Cisco Systems Product Security Incident Response Team (Aug 19)
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Aug 26)
Cisco Security Advisory: Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability Cisco Systems Product Security Incident Response Team (Aug 18)
ClubHack
ClubHack2009: Call for Papers/Speakers ClubHack (Aug 14)
contact
JibberBook GuestBook 2.3 Multiple Vulnerabilities contact (Aug 12)
contact . fingers
TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local contact . fingers (Aug 17)
core collapse
ASUS Eee PC and other series: BIOS SMM privilege escalation vulnerabilities core collapse (Aug 07)
CORE Security Technologies Advisories
CORE-2009-0727: Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability CORE Security Technologies Advisories (Aug 19)
dann frazier
[SECURITY] [DSA 1864-1] New Linux 2.6.24 packages fix privilege escalation dann frazier (Aug 17)
[SECURITY] [DSA 1872-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Aug 24)
[SECURITY] [DSA 1862-1] New Linux 2.6.26 packages fix privilege escalation dann frazier (Aug 14)
[SECURITY] [DSA 1865-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Aug 17)
David Litchfield
Bypassing DBMS_ASSERT in certain situations David Litchfield (Aug 25)
Oracle 11g (11.1.0.6) Password Policy and Compliance David Litchfield (Aug 25)
Oracle PL/SQL Injection Flaw in REPCAT_RPC.VALIDATE_REMOTE_RC David Litchfield (Aug 25)
DeepSec Conference
DeepSec 2009 - Preliminary Schedule is online DeepSec Conference (Aug 17)
dm
(Reposting truncated message) Re: ntop <= 3.3.10 Basic Authentication Null Pointer Denial of Service dm (Aug 18)
dvlabs
TPTI-09-06: Microsoft Windows Workstation Service NetrGetJoinInformation Heap Corruption Vulnerability dvlabs (Aug 11)
elkekas
Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla elkekas (Aug 13)
Eloy Paris
Re: Clear Text Storage of Password in CS-MARS v6.0.4 and Earlier Eloy Paris (Aug 21)
faghani
Elkapax CMS Cross site scripting vulnerability faghani (Aug 13)
Chavoosh CMS SQL Injection Vulnerability faghani (Aug 12)
Florian Weimer
[SECURITY] [DSA 1833-2] New dhcp3 packages fix arbitrary code execution Florian Weimer (Aug 25)
[SECURITY] [DSA 1854-1] New APR packages fix arbitrary code execution Florian Weimer (Aug 10)
[SECURITY] [DSA 1855-1] New subversion packages fix arbitrary code execution Florian Weimer (Aug 10)
[SECURITY] [DSA 1849-1] New xml-security-c packages fix signature forgery Florian Weimer (Aug 03)
[SECURITY] [DSA 1860-1] New Ruby packages fix several issues Florian Weimer (Aug 12)
[SECURITY] [DSA 1848-1] New znc packages fix remote code execution Florian Weimer (Aug 03)
Francesco Bianchino
Radvision's Scopia Cross Site Scripting Vulnerabilities Francesco Bianchino (Aug 24)
gamr-14
Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) Vulnerabilities gamr-14 (Aug 21)
Glenn Rossi
Re: Multiple vulnerabilities in several ATEN IP KVM Switches Glenn Rossi (Aug 18)
gmcbr0 gmcbr0
Sql injection in OCS Inventory NG Server 1.2.1 gmcbr0 gmcbr0 (Aug 11)
hadikiamarsi
XSS in SqLiteManager hadikiamarsi (Aug 10)
Henri Lindberg - Smilehouse Oy
Xerox WorkCentre multiple models Denial of Service Henri Lindberg - Smilehouse Oy (Aug 25)
hever
Cuteflow Version 2.10.3 "edituser.php" Security Bypass Vulnerability hever (Aug 21)
hkm
2WIRE Gateway Authentication Bypass & Password Reset hkm (Aug 12)
iDefense Labs
iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Security Bypass Vulnerability iDefense Labs (Aug 20)
iDefense Security Advisory 08.06.09: Adobe Flash Player URL Parsing Heap Overflow Vulnerability iDefense Labs (Aug 06)
iDefense Security Advisory 08.06.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability iDefense Labs (Aug 06)
iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Information Disclosure Vulnerability iDefense Labs (Aug 20)
iDefense Security Advisory 08.07.09: Adobe Flash Player Invalid Loader Object Reference Vulnerability iDefense Labs (Aug 07)
iDefense Security Advisory 08.06.09: IBM AIX libC _LIB_INIT_DBG Arbitrary File Creation Vulnerability iDefense Labs (Aug 06)
iDefense Security Advisory 08.11.09: Microsoft Office Web Components 2000 Buffer Overflow Vulnerability iDefense Labs (Aug 19)
iDefense Security Advisory 08.11.09: Multiple Vendor Microsoft ATL/MFC ActiveX Type Confusion Vulnerability iDefense Labs (Aug 20)
iDefense Security Advisory 08.06.09: Microsoft Internet Explorer HTML TIME 'ondatasetcomplete' Use After Free Vulnerability iDefense Labs (Aug 06)
iDefense Security Advisory 08.25.09: Autonomy KeyView Excel File SST Parsing Integer Overflow Vulnerability iDefense Labs (Aug 25)
Inferno
Hijacking Safari 4 Top Sites with Phish Bombs Inferno (Aug 12)
Bypassing OWASP ESAPI XSS Protection inside Javascript Inferno (Aug 20)
itweb
SQL Injection vulnerabilities in Subdreamer CMS itweb (Aug 20)
James C. Slora Jr.
IE7 Script James C. Slora Jr. (Aug 11)
Jamie Strandboge
[USN-810-1] NSS vulnerabilities Jamie Strandboge (Aug 05)
[USN-810-2] NSPR update Jamie Strandboge (Aug 05)
[USN-813-1] apr vulnerability Jamie Strandboge (Aug 10)
[USN-813-2] Apache vulnerability Jamie Strandboge (Aug 10)
[USN-817-1] Thunderbird vulnerabilities Jamie Strandboge (Aug 21)
[USN-811-1] Firefox and Xulrunner vulnerability Jamie Strandboge (Aug 05)
[USN-813-3] apr-util vulnerability Jamie Strandboge (Aug 10)
[USN-809-1] GnuTLS vulnerabilities Jamie Strandboge (Aug 20)
[USN-812-1] Subversion vulnerability Jamie Strandboge (Aug 10)
Jeffrey Walton
Fwd: Follow-up: Heartland CEO on Data Breach: QSAs Let Us Down Jeffrey Walton (Aug 13)
jerome . athias
Multiple Flaws in Huawei SmartAX MT880 [was: Multiple Flaws in Huawei D100] jerome . athias (Aug 05)
katie . french
OpenCms (7.5.0) - Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error katie . french (Aug 06)
Kees Cook
[USN-816-1] fetchmail vulnerability Kees Cook (Aug 13)
[USN-814-1] openjdk-6 vulnerabilities Kees Cook (Aug 11)
[USN-818-1] curl vulnerability Kees Cook (Aug 18)
Kiwicon <3
KIWICON ]|[ - 2009 Call For Papers Kiwicon <3 (Aug 13)
Kotas, Kevin J
CA20090818-02: Security Notice for CA Internet Security Suite Kotas, Kevin J (Aug 18)
CA20090806-02: Security Notice for Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, Unicenter Patch Management Kotas, Kevin J (Aug 07)
CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System Kotas, Kevin J (Aug 18)
CA20090806-01: Security Notice for Data Transport Services Kotas, Kevin J (Aug 07)
labs
Adobe Flex 3.3 SDK DOM-Based XSS labs (Aug 19)
Leon Juranic
Safari buffer overflow Leon Juranic (Aug 18)
Lists
Piwigo SQL Injection Vulnerability - Security Advisory - SOS-09-007 Lists (Aug 17)
Plume CMS Multiple SQL Injection Vulnerabilities - Security Advisory - SOS-09-006 Lists (Aug 12)
Luciano Bello
[SECURITY] [DSA 1858-1] New imagemagick packages fix several vulnerabilities Luciano Bello (Aug 10)
ma+bt
fetchmail security announcement fetchmail-SA-2009-01 (CVE-2009-2666) ma+bt (Aug 06)
Marc Deslauriers
[USN-826-1] Mono vulnerabilities Marc Deslauriers (Aug 26)
[USN-824-1] PHP vulnerability Marc Deslauriers (Aug 24)
[USN-815-1] libxml2 vulnerabilities Marc Deslauriers (Aug 11)
[USN-825-1] libvorbis vulnerability Marc Deslauriers (Aug 24)
[USN-823-1] KDE-Graphics vulnerabilities Marc Deslauriers (Aug 24)
[USN-802-2] Apache regression Marc Deslauriers (Aug 19)
[USN-822-1] KDE-Libs vulnerabilities Marc Deslauriers (Aug 24)
[USN-820-1] Pidgin vulnerability Marc Deslauriers (Aug 20)
Matt Lewis
Subversion heap overflow Matt Lewis (Aug 07)
Mike Duncan
Re: [DSECRG-09-022] Adobe Coldfusion 8 Multiple Linked XSS Vulnerabilies Mike Duncan (Aug 18)
mikey27
SAP Business One 2005 Remote Buffer Overflow Vulnerability. mikey27 (Aug 04)
Moritz Muehlenhoff
[SECURITY] [DSA 1874-1] New nss packages fix several vulnerabilities Moritz Muehlenhoff (Aug 26)
[SECURITY] [DSA 1873-1] New xulrunner packages fix spoofing vulnerabilities Moritz Muehlenhoff (Aug 26)
[SECURITY] [DSA 1875-1] New ikiwiki packages fix information disclosure Moritz Muehlenhoff (Aug 31)
murderkey
Microsoft Wordpad Memory Exhaustion (msftedit) murderkey (Aug 12)
MustLive
DoS vulnerabilities in Mozilla Firefox, Internet Explorer and Chrome MustLive (Aug 21)
Cross-Site Scripting vulnerabiliy in Firefox and Opera MustLive (Aug 03)
DoS vulnerability in Google Chrome MustLive (Aug 24)
Re: DoS vulnerability in Google Chrome MustLive (Aug 25)
Cross-Site Scripting vulnerability in Mozilla, Firefox, SeaMonkey, Orca Browser and Maxthon MustLive (Aug 28)
Nick Freeman
WizzRSS Firefox Extension - Privileged Code Injection Nick Freeman (Aug 24)
ScribeFire Firefox Extension - Privileged Code Injection Nick Freeman (Aug 24)
Feed Sidebar Firefox Extension - Privileged Code Injection Nick Freeman (Aug 24)
Nico Golde
[SECURITY] [DSA 1853-1] New memcached packages fix arbitrary code execution Nico Golde (Aug 07)
[SECURITY] [DSA 1861-1] New libxml packages fix several issues Nico Golde (Aug 13)
[SECURITY] [DSA 1859-1] New libxml2 packages fix several issues Nico Golde (Aug 10)
[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution Nico Golde (Aug 20)
[SECURITY] [DSA 1852-1] New fetchmail packages fix SSL certificate verification weakness Nico Golde (Aug 07)
[SECURITY] [DSA 1863-1] New zope2.10/zope2.9 packages fix arbitrary code execution Nico Golde (Aug 17)
[SECURITY] [DSA 1843-2] New squid3 packages fix regression Nico Golde (Aug 10)
[SECURITY] [DSA 1869-1] New curl packages fix SSL certificate verification weakness Nico Golde (Aug 19)
Oliver Goebel
[IMF 2009] Call for Participation Oliver Goebel (Aug 13)
ostoure . sazan
Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit ostoure . sazan (Aug 17)
new vulnerability founded by ostoure ostoure . sazan (Aug 14)
Packet Storm
Packet Storm is back online. Packet Storm (Aug 24)
palmprehacker
Palm Pre WebOS 1.0.4 Remote execution of arbitrary HTML code vulnerability palmprehacker (Aug 04)
phcoder
Re: [IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage phcoder (Aug 25)
Przemyslaw Frasunek
FreeBSD <= 6.1 kqueue() NULL pointer dereference Przemyslaw Frasunek (Aug 24)
Re: Linux NULL pointer dereference due to incorrect proto_ops initializations Przemyslaw Frasunek (Aug 14)
Ramon de Carvalho Valle
Illustrating the Linux sock_sendpage() NULL pointer dereference on Power/Cell BE Architecture Ramon de Carvalho Valle (Aug 31)
RedTeam Pentesting GmbH
[RT-SA-2009-005] Papoo CMS: Authenticated Arbitrary Code Execution RedTeam Pentesting GmbH (Aug 10)
research
[DSECRG-09-052] Adobe JRun 4 Directory Traversal Vulnerabilities research (Aug 17)
[DSECRG-09-051] Adobe JRun 4 Multiple XSS research (Aug 17)
[DSECRG-09-022] Adobe Coldfusion 8 Multiple Linked XSS Vulnerabilies research (Aug 17)
Robert Buchholz
[ GLSA 200908-03 ] libTIFF: User-assisted execution of arbitrary code Robert Buchholz (Aug 07)
[ GLSA 200908-04 ] Adobe products: Multiple vulnerabilities Robert Buchholz (Aug 07)
Roberto Suggi Liverani
Update Scanner - Firefox Extension - Chrome Privileged Code Injection Roberto Suggi Liverani (Aug 24)
CoolPreviews - Firefox Extension - Chrome Privileged Code Injection Roberto Suggi Liverani (Aug 24)
Roee Hay
Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution (CVE-2009-1869) Roee Hay (Aug 03)
rPath Update Announcements
rPSA-2009-0123-1 apr-util rPath Update Announcements (Aug 24)
rPSA-2009-0118-1 mod_dav_svn subversion rPath Update Announcements (Aug 19)
rPSA-2009-0124-1 curl rPath Update Announcements (Aug 24)
rPSA-2009-0122-1 idle python rPath Update Announcements (Aug 24)
rPSA-2009-0121-1 kernel open-vm-tools rPath Update Announcements (Aug 19)
rPSA-2009-0119-1 apr apr-util rPath Update Announcements (Aug 19)
ryan . wessels
Clear Text Storage of Password in CS-MARS v6.0.4 and Earlier ryan . wessels (Aug 21)
saik0pod
Re: common dns misconfiguration can lead to "same site" scripting saik0pod (Aug 18)
Salvatore Fresta aka Drosophila
Discloser 0.0.4-rc2 SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Aug 03)
Blink Blog System Authentication Bypass Salvatore Fresta aka Drosophila (Aug 03)
Schmidt, Chris
RE: Bypassing OWASP ESAPI XSS Protection inside Javascript Schmidt, Chris (Aug 20)
Scott Miles
[CSS09-01] SlideShowPro Director File Disclosure Vulnerability Scott Miles (Aug 06)
secse
CFP: International workshop on Secure Software Engineering secse (Aug 07)
security
[ MDVSA-2009:206 ] wget security (Aug 19)
[ MDVSA-2009:209 ] java-1.6.0-openjdk security (Aug 21)
[ MDVSA-2009:197 ] nss security (Aug 10)
[ MDVSA-2009:207 ] perl-Compress-Raw-Bzip2 security (Aug 20)
[ MDVSA-2009:187 ] nagios security (Aug 03)
[ MDVSA-2009:161-1 ] squid security (Aug 10)
[ MDVSA-2009:218 ] w3c-libwww security (Aug 24)
[ MDVSA-2009:190 ] OpenEXR security (Aug 03)
[ MDVSA-2009:198 ] firefox security (Aug 10)
[ MDVSA-2009:221 ] libneon0.27 security (Aug 25)
[ MDVSA-2009:188 ] php4-eaccelerator security (Aug 03)
[ MDVSA-2009:185 ] firefox security (Aug 03)
[ MDVSA-2009:200 ] libxml security (Aug 12)
[ MDVSA-2009:194 ] wireshark security (Aug 06)
[ MDVSA-2009:193 ] ruby security (Aug 06)
[ MDVSA-2009:196 ] samba security (Aug 07)
[ MDVSA-2009:214 ] python-celementtree security (Aug 24)
[ MDVSA-2009:213 ] wxgtk security (Aug 24)
[ MDVSA-2009:224 ] postfix security (Aug 31)
[ MDVSA-2009:186 ] firebird security (Aug 03)
[ MDVSA-2009:213 ] wxgtk security (Aug 24)
[ MDVSA-2009:203 ] curl security (Aug 17)
[ MDVSA-2009:216 ] mozilla-thunderbird security (Aug 24)
[ MDVSA-2009:208 ] libgadu security (Aug 20)
[ MDVSA-2009:199 ] subversion security (Aug 10)
[ MDVSA-2009:211 ] expat security (Aug 24)
[ MDVSA-2009:201 ] fetchmail security (Aug 12)
[ MDVSA-2009:222 ] squirrelmail security (Aug 28)
[ MDVSA-2009:219 ] kompozer security (Aug 24)
[ MDVSA-2009:191 ] OpenEXR security (Aug 03)
[ MDVSA-2009:212 ] python security (Aug 24)
[ MDVSA-2009:210 ] gnutls security (Aug 21)
[ MDVSA-2009:195-1 ] apr security (Aug 06)
[ MDVSA-2009:204 ] wxgtk security (Aug 17)
[ MDVSA-2009:223 ] xerces-c security (Aug 31)
[ MDVSA-2009:205 ] kernel security (Aug 18)
[ MDVSA-2009:215 ] audacity security (Aug 24)
[ MDVSA-2009:189 ] apache-mod_auth_mysql security (Aug 03)
[ MDVSA-2009:217 ] mozilla-thunderbird security (Aug 24)
[ MDVSA-2009:202 ] memcached security (Aug 14)
[ MDVSA-2009:212 ] python security (Aug 24)
[ MDVSA-2009:192 ] phpmyadmin security (Aug 05)
[ MDVSA-2009:220 ] davfs security (Aug 24)
[ MDVSA-2009:195 ] apr security (Aug 06)
security-alert
[security bulletin] HPSBTU02453 SSRT091037 rev.2 - HP Tru64 UNIX or HP Tru64 Internet Express Running BIND Server, Denial of Service (DoS) security-alert (Aug 25)
[security bulletin] HPSBOV02452 SSRT090161 rev.1 - HP TCP/IP Services for OpenVMS BIND Server Remote Denial of Service (DoS) security-alert (Aug 07)
[security bulletin] HPSBUX02437 SSRT090038 rev.2 - HP-UX Running XNTP, Remote Execution of Arbitrary Code security-alert (Aug 12)
[security bulletin] HPSBMA02448 SSRT061231 rev.1 - HP Network Node Manager (NNM) Remote Console Running on Windows, Local Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Aug 18)
[security bulletin] HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Aug 07)
[security bulletin] HPSBTU02453 SSRT091037 rev.1 - HP Tru64 UNIX BIND Server, Denial of Service (DoS) security-alert (Aug 07)
[security bulletin] HPSBUX02450 SSRT090141 rev1 - HP-UX ttrace(2), Local Denial of Service (DoS) security-alert (Aug 11)
[security bulletin] HPSBTU02454 SSRT080172 rev.1 - HP Internet Express for Tru64 UNIX Running Samba, Remote Information Disclosure security-alert (Aug 11)
[security bulletin] HPSBMA02445 SSRT090058 rev.1 - HP Serviceguard Manager, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Aug 03)
[security bulletin] HPSBUX02181 SSRT061289 rev.4 - HP-UX Running IPFilter, Remote Denial of Service (DoS) security-alert (Aug 03)
[security bulletin] HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS), and Other Vulnerabilities security-alert (Aug 13)
security curmudgeon
Re: Elkapax CMS Cross site scripting vulnerability security curmudgeon (Aug 19)
Security Research Publications
Windows 7 Firewire Attacks - and Defense Techniques Security Research Publications (Aug 13)
Shatter
Team SHATTER Security Advisory: Multiple SQL Injection vulnerabilities in Oracle Enterprise Manager Shatter (Aug 04)
Team SHATTER Security Advisory: Buffer Overflow in Resource Manager of Oracle Database - Plan name parameter Shatter (Aug 28)
s . leberre
Local Kernel Buffer Overflow vulnerability in Avast! s . leberre (Aug 24)
spymeta
DUgallery 3.0 / Remote Admin Bug spymeta (Aug 17)
ss_contacts
ICQ 6.5 HTML-injection vulnerability ss_contacts (Aug 14)
starchang
Re: Multiple vulnerabilities in several ATEN IP KVM Switches starchang (Aug 12)
Stefan Kanthak
Vulnerable MSVC++ runtime distributed with OpenOffice.org 3.1.1 for Windows Stefan Kanthak (Aug 31)
Steffen Joeris
[SECURITY] [DSA 1866-1] New kdegraphics packages fix several vulnerabilities Steffen Joeris (Aug 19)
[SECURITY] [DSA 1871-2] New wordpress packages fix regression Steffen Joeris (Aug 27)
[SECURITY] [DSA 1867-1] New kdelibs packages fix several vulnerabilities Steffen Joeris (Aug 19)
[SECURITY] [DSA 1851-1] New gst-plugins-bad0.10 packages fix arbitrary code execution Steffen Joeris (Aug 06)
[SECURITY] [DSA 1868-1] New kde4libs packages fix several vulnerabilities Steffen Joeris (Aug 19)
[SECURITY] [DSA 1857-1] New camlimages packages fix arbitrary code execution Steffen Joeris (Aug 10)
[SECURITY] [DSA 1850-1] New libmodplug packages fix arbitrary code execution Steffen Joeris (Aug 04)
[SECURITY] [DSA 1871-1] New wordpress packages fix several vulnerabilities Steffen Joeris (Aug 24)
Tavis Ormandy
Linux NULL pointer dereference due to incorrect proto_ops initializations Tavis Ormandy (Aug 13)
the_3dit0r
EesySec Personal Firewall Remote Buffer Overflow Exploit the_3dit0r (Aug 25)
WM Downloader (.Smi/ .Ram/ .pls/ .smil/ .wax/ .wpl File) Local Buffer Overflow Exploit the_3dit0r (Aug 24)
AiO ( All into One) Flash Mixer 3 (.afp File) Crash Vulnerability Exploit the_3dit0r (Aug 24)
FLIP Flash Album Deluxe 1.8.407.1 (.fft File) Crash Vulnerability Exploit the_3dit0r (Aug 24)
Thijs Kinkhorst
[SECURITY] [DSA 1856-1] New mantis packages fix information leak Thijs Kinkhorst (Aug 10)
Thor (Hammer of God)
H4RDW4RE presentations updated Thor (Hammer of God) (Aug 25)
RE: H4RDW4RE presentations updated Thor (Hammer of God) (Aug 26)
Timothy (Thor) Mullen
Chris Paget Defcon RFID Presentation Slides Now Online Timothy (Thor) Mullen (Aug 13)
Tobias Heinlein
[ GLSA 200908-01 ] OpenSC: Multiple vulnerabilities Tobias Heinlein (Aug 03)
Tomi Tuominen
t2?09 Challenge - Free Tickets Available Tomi Tuominen (Aug 20)
Vadim Okun
Static analysis tool exposition (SATE) 2009 - call for participation Vadim Okun (Aug 13)
Valery Marchuk
[PT-2008-09] Microsoft Windows MSMQ Privilege Escalation Vulnerability Valery Marchuk (Aug 12)
[PT-2009-05] CA Internet Security Suite Denial of Service Vulnerability Valery Marchuk (Aug 26)
VMware Security team
VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server VMware Security team (Aug 21)
Walter Sprenger
Authentication Bypass of Snom Phone Web Interface Walter Sprenger (Aug 13)
wojwar
Re: Multiple Flaws in Huawei D100 wojwar (Aug 04)
XiaShing
HyperVM File Permissions Local Vulnerability XiaShing (Aug 25)
ZDI Disclosures
ZDI-09-051: EMC Replication Manager Client Control Service Remove Code Execution Vulnerability ZDI Disclosures (Aug 07)
ZDI-09-049: Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability ZDI Disclosures (Aug 05)
ZDI-09-050: Sun Java Web Start JPEG Header Parsing Integer Overflow Vulnerability ZDI Disclosures (Aug 05)
ZDI-09-048: Microsoft Internet Explorer CSS Behavior Memory Corruption Vulnerability ZDI Disclosures (Aug 05)
ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities ZDI Disclosures (Aug 19)
ZDI-09-056: Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability ZDI Disclosures (Aug 11)
ZDI-09-055: Microsoft Office OWC10 ActiveX Control Loading and Unloading Heap Corruption Vulnerability ZDI Disclosures (Aug 11)
ZDI-09-052: CA Unicenter Software Delivery dtscore.dll Stack Overflow Vulnerability ZDI Disclosures (Aug 07)
ZDI-09-057: Microsoft Remote Desktop Client Arbitrary Code Execution Vulnerability ZDI Disclosures (Aug 11)
ZDI-09-054: Microsoft Office OWC10.Spreadsheet ActiveX msDataSourceObject() Heap Corruption Vulnerability ZDI Disclosures (Aug 11)
ZDI-09-058: Oracle Secure Backup Administration Server Authentication Bypass Vulnerability ZDI Disclosures (Aug 19)
ZDI-09-053: Microsoft Windows WINS Service Heap Overflow Vulnerability ZDI Disclosures (Aug 11)
ZDI-09-047: Microsoft Internet Explorer getElementsByTagName Memory Corruption Vulnerability ZDI Disclosures (Aug 05)
ziad
Re: SQL Injection vulnerabilities in Subdreamer CMS ziad (Aug 24)