Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
286 messages
starting Jan 04 10 and
ending Jan 29 10
Date index |
Thread index |
Author index
Monday, 04 January
[USN-876-1] PostgreSQL vulnerabilities Jamie Strandboge
Secunia Research: PDF-XChange Viewer Content Parsing Memory Corruption Vulnerability Secunia Research
Java vulnerability Paul
Latest Intel Pro/10* ethernet adaptor drivers contain vulnerable MSVC runtime! Stefan Kanthak
WASC Announcement: WASC Threat Classification v2.0 Published announcements
[ GLSA 201001-02 ] Adobe Flash Player: Multiple vulnerabilities Alex Legler
[Tool] DeepToad 1.1.0 Joxean Koret
[ GLSA 201001-01 ] NTP: Denial of Service Stefan Behte
httpdx webserver v1.5 Remote Source Disclosure info
Y2K10 spamassassin bug, 2010 year mails discared as spam Eduardo Romero
Re: Y2K10 spamassassin bug, 2010 year mails discared as spam Steve Shockley
Tuesday, 05 January
SyScan'10 Call For Training (CFT) organiser () syscan org
Re: [Full-disclosure] [Tool] DeepToad 1.1.0 T Biehn
REWTERZ-20100102 - Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability rewterz security team
Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw Aditya K Sood
Re: Y2K10 spamassassin bug, 2010 year mails discared as spam Rudy Zijlstra
REWTERZ-20100101 - n.player Local Heap Overflow Vulnerability rewterz security team
REWTERZ-20100103 - Ofilter Player Local Denial of Service (DoS) Vulnerability rewterz security team
Re: [Full-disclosure] [Tool] DeepToad 1.1.0 Joxean Koret
Re: [Full-disclosure] [Tool] DeepToad 1.1.0 T Biehn
UPDATE: MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing Tom Yu
Multiple vulnerabilities in LineWeb 1.0.5 ign . sec
[ MDVSA-2009:220-1 ] davfs security
Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw Michal Zalewski
Re: Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow sales
[ GLSA 201001-03 ] PHP: Multiple vulnerabilities Tobias Heinlein
{PRL} Novell Netware CIFS And AFP Remote Memory Consumption DoS Protek Research Lab
Wednesday, 06 January
Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw Peter Watkins
[USN-879-1] Kerberos vulnerability Kees Cook
Re: [WEB SECURITY] Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw Aditya K Sood
Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2 bert hubert
[TOOL RELEASE] Microsoft SQL Server Fingerprint Too BETA-3l!!! Nelson Brito
Re: Multiple vulnerabilities in LineWeb 1.0.5 ign . sec
HTTP Digest Integrity: Another look, in light of recent attacks Timothy D. Morgan
[SECURITY] [DSA-1965-1] New phpldapadmin packages fix remote file inclusion Giuseppe Iuculano
Thursday, 07 January
FreeBSD Security Advisory FreeBSD-SA-10:01.bind FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-10:02.ntpd FreeBSD Security Advisories
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting Steffen Joeris
FreeBSD Security Advisory FreeBSD-SA-10:03.zfs FreeBSD Security Advisories
[USN-880-1] GIMP vulnerabilities Marc Deslauriers
VMSA-2010-0001 ESX Service Console updates for nss and nspr VMware Security team
[ MDVSA-2009:300-2 ] apache-conf security
[ MDVSA-2009:300-1 ] apache-conf security
[SECURITY] [DSA 1967-1] New transmission packages fix directory traversal Moritz Muehlenhoff
Security contact at Lexmark? Protek Research Lab
Friday, 08 January
ZDI-10-001: Novell iManager eDirectory Plugin Remote Code Execution Vulnerability ZDI Disclosures
[USN-877-1] Firefox 3.0 and Xulrunner 1.9 regression Jamie Strandboge
[USN-878-1] Firefox 3.5 and Xulrunner 1.9.1 regression Jamie Strandboge
Secunia Research: Adobe Illustrator Encapsulated Postscript Parsing Vulnerability Secunia Research
[HACKATTACK Advisory 080110] Windows Live Messenger 2009 ActiveX DoS Vulnerability advisory
Google Chrome 3.0.195.38 | Chrome Frame - Reloading Memory Allocation based Tab Crashing Aditya K Sood
[ MDVSA-2009:316-1 ] expat security
MacOS X 10.5/10.6 libc/strtod(3) buffer overflow cxib
TELUS Security Labs VR - ACDSee Systems ACDSee Products XBM File Handling Buffer Overflow noreply
Monday, 11 January
NSOADV-2010-001: Panda Security Local Privilege Escalation NSO Research
Re: TELUS Security Labs VR - ACDSee Systems ACDSee Products XBM File Handling Buffer Overflow Steve Shockley
[CORELAN-10-001] Audiotran 1.4.1 buffer overflow Security
[SECURITY] [DSA 1968-1] New pdns-recursor packages fix potential code execution Florian Weimer
Cross-Site Scripting vulnerability in JVClouds3D for Joomla MustLive
[ MDVSA-2009:316-2 ] expat security
Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection ascii
[ MDVSA-2009:316-3 ] expat security
XSS vulnerabilities in 34 millions flash files MustLive
[ MDVSA-2010:000 ] firefox security
[ MDVSA-2009:227-1 ] freeradius security
XSS Vulnerability in Active Calendar 1.2.0 Marty Barbella
[ MDVSA-2009:293-1 ] squidGuard security
[ MDVSA-2009:241-1 ] squid security
Tuesday, 12 January
[ MDVSA-2010:001 ] pidgin security
[ MDVSA-2010:002 ] pidgin security
HITB Ezine 'Reloaded' - Issue #001 Hafez Kamal
Invitation: nullcon Goa 2010 International Security & Hacking Conference nullcon
Wednesday, 13 January
Secunia Research: Microsoft Windows Flash Player Movie Unloading Vulnerability Secunia Research
ZDI-10-002: Oracle Secure Backup observiced.exe Remote Code Execution Vulnerability ZDI Disclosures
[CORELAN-10-004] TurboFTP Server 1.00.712 remote DoS Security
Cross Site Identification (CSID) attack. Description and demonstration. Ronen Z
iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability iDefense Labs
[USN-882-1] PHP vulnerabilities Marc Deslauriers
[ MDVSA-2010:003 ] sendmail security
MITKRB5-SA-2009-004 [CVE-2009-4212] integer underflow in AES and RC4 decryption Tom Yu
[SECURITY] [DSA-1969-1] New krb5 packages fix denial of service Giuseppe Iuculano
[USN-881-1] Kerberos vulnerability Kees Cook
[USN-883-1] network-manager-applet vulnerabilities Marc Deslauriers
Yoono Firefox Extension - Privileged Code Injection Nick Freeman
[ MDVSA-2010:004 ] bash security
[CORE-2009-1209] Google SketchUp 'lib3ds' 3DS Importer Memory Corruption CORE Security Advisories
[security bulletin] HPSBPI02500 SSRT090263 rev.1 - HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service (DoS) security-alert
[SECURITY] [DSA-1970-1] New openssl packages fix denial of service Stefan Fritsch
Thursday, 14 January
[ GLSA 201001-06 ] aria2: Multiple vulnerabilities Stefan Behte
[ MDVSA-2010:006 ] krb5 security
RE: All China, All The Time Thor (Hammer of God)
[ MDVSA-2010:005 ] krb5 security
[ GLSA 201001-08 ] SquirrelMail: Multiple vulnerabilities Stefan Behte
Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability karakorsankara
[ GLSA 201001-04 ] VirtualBox: Multiple vulnerabilities Stefan Behte
XSS Vulnerability in Drupal's Node Blocks contributed module (6.x-1.3 and 5.x-1.1) Marty Barbella
[ GLSA 201001-07 ] Blender: Untrusted search path Stefan Behte
[ GLSA 201001-09 ] Ruby: Terminal Control Character Injection Alex Legler
All China, All The Time Thor (Hammer of God)
[USN-884-1] OpenSSL vulnerability Kees Cook
[ GLSA 201001-05 ] net-snmp: Authorization bypass Stefan Behte
[security bulletin] HPSBMA02433 SSRT090084 rev.2 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Unauthorized Access, Execution of Arbitrary Code security-alert
[USN-885-1] Transmission vulnerabilities Jamie Strandboge
Friday, 15 January
[SECURITY] [DSA-1971-1] New libthai packages fix arbitrary code execution Giuseppe Iuculano
C4 SCADA Security Advisory - Rockwell Automation (Allen Bradley) Multiple Vulnerabilities in Micrologix 1100 & 1400 Series Controllers Eyal Udassin
SEC Consult SA-20100115-0 :: Local file inclusion/execution and multiple CSRF vulnerabilities in LetoDMS (formerly MyDMS) Lukas Weichselbaum
Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker Adam Baldwin
Major security risk in the unlock pattern for Android devices Dan Dascalescu
VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow Vulnerability VUPEN Security Research
rPSA-2010-0004-1 openssl openssl-scripts rPath Update Announcements
RE: Major security risk in the unlock pattern for Android devices Francis, Shannon
Re: Major security risk in the unlock pattern for Android devices Brian Altenhofel
Re: All China, All The Time Gadi Evron
RE: All China, All The Time Thor (Hammer of God)
[security bulletin] HPSBUX02495 SSRT090151 rev.2 - HP-UX Running sendmail, Remote Denial of Service (DoS) security-alert
Monday, 18 January
[ MDVSA-2010:007 ] php security
[ MDVSA-2010:008 ] php security
[ MDVSA-2010:009 ] php security
Re: [Full-disclosure] Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker A. Ramos
[ATHCON2010] CFP/1st Call for Papers - AthCon IT Security Conference Kyprianos Vasilopoulos
Code to mitigate IE event zero-day (CVE-2010-0249) ds . adv . pub
RE: All China, All The Time Jim Harrison
GDT and LDT in Windows kernel vulnerability exploitation (paper) Gynvael Coldwind
Browser Fuzzer 3 krakowlabs
[USN-886-1] Pidgin vulnerabilities Marc Deslauriers
Re: [Full-disclosure] Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker Adam Baldwin
[ MDVSA-2010:010 ] libthai security
AOL 9.5 ActiveX Heap Overflow Vulnerability karakorsankara
[ MDVSA-2010:011 ] mysql security
[ MDVSA-2010:012 ] mysql security
Reminder: Campus Party EU 2010 Call For Participants Campus Party EU Spain
[ MDVSA-2010:013 ] transmission security
[ MDVSA-2010:014 ] transmission security
Re: All China, All The Time Steven J. Koch
[USN-887-1] LibThai vulnerability Marc Deslauriers
[USN-885-1] LibThai vulnerability Marc Deslauriers
0day vulnerability Sogou input method to obtain system privileges k4mr4n_st
Zenoss Multiple Admin CSRF Adam Baldwin
[SECURITY] [DSA-1972-1] New audiofile packages fix buffer overflow Stefan Fritsch
QvodPlayer ColorFilter Codec ActiveX Remote Exec info
Re: All China, All The Time Marcello Magnifico
Study of BlackBerry Proof-of-Concept Malicious Applications (Whitepaper) Mayank Aggarwal
facebook 'routing flaw'? Michael Scheidell
Tuesday, 19 January
JBroFuzz 1.9 Fuzzer Released! subere
OpenOffice for Windows ".slk" File Parsing Null Pointer Vulnerability karakorsankara
Re: facebook 'routing flaw'? Manny Ponce
Re: All China, All The Time Neil Dickey
Multiple Vulnerabilities in XOOPS 2.4.3 and earlier CodeScan Labs Advisories
[ MDVSA-2010:015 ] roundcubemail security
Baidu Security Center FireFoxProxy ActiveX Remote Exec 0day POC superli
Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC superli
ezContents CMS Multiple Vulnerabilities admin
Blaze Apps Multiple Vulnerabilities admin
RE: facebook 'routing flaw'? Sacks, Cailan C
Re: facebook 'routing flaw'? Suramya Tomar
[security bulletin] HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code security-alert
[ MDVSA-2010:017 ] ruby security
Re: facebook 'routing flaw'? Matthew Leeds
[ MDVSA-2010:018 ] phpMyAdmin security
[ MDVSA-2010:016 ] wireshark security
[CORELAN-10-006] BOF Vulnerability in S.O.M.P.L. Player Security
Xunlei XPPlayer ActiveX Remote Exec 0day POC superli
Wednesday, 20 January
Secunia Research: Adobe Shockwave Player Four Integer Overflow Vulnerabilities Secunia Research
[SECURITY] [DSA 1973-1] New glibc packages fix information disclosure Aurelien Jarno
Cisco Security Advisory: Cisco IOS XR Software SSH Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Secunia Research: HP Power Manager "formExportDataLogs" Buffer Overflow Secunia Research
[security bulletin] HPSBMA02474 SSRT090107 rev.2 - HP Power Manager, Remote Execution of Arbitrary Code security-alert
Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability Secunia Research
Secunia Research: Adobe Shockwave Player 3D Model Two Integer Overflows Secunia Research
Re: Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC hanzhengqi
vBulletin nulled (validator.php) files/directories disclosure kw3rln
[Onapsis Security Advisory 2010-001] SAP WebAS Integrated ITS Remote Command Execution Onapsis Research Labs
Secunia Research: Adobe Shockwave Player 3D Model Buffer Overflow Secunia Research
[SECURITY] [DSA 1974-1] New gzip packages fix arbitrary code execution Steffen Joeris
Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability Cisco Systems Product Security Incident Response Team
Secunia Research: HP Power Manager "formExportDataLogs" Directory Traversal Secunia Research
Re: All China, All The Time Lawrence Pingree
RE: All China, All The Time Tim Mullen
[ MDVSA-2010:019 ] gzip security
[USN-888-1] Bind vulnerabilities Marc Deslauriers
[USN-889-1] gzip vulnerabilities Marc Deslauriers
[ MDVSA-2010:020 ] gzip security
[USN-890-1] Expat vulnerabilities Jamie Strandboge
[UPDATE] NSOADV-2010-001: Panda Security Local Privilege Escalation NSO Research
[ MDVSA-2010:021 ] bind security
Thursday, 21 January
[SECURITY] [DSA-1975-1] Security Support for Debian 4.0 to be discontinued on February 15th Stefan Fritsch
Insufficient User Input Validation in VP-ASP 6.50 Demo Code CodeScan Labs Advisories
ZDI-10-003: Novell ZENworks Asset Management docfiledownload Remote SQL Injection Vulnerability ZDI Disclosures
RE: All China, All The Time Jim Harrison
TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security Advisory - SOS-10-001 Lists
eWebeditor Directory Traversal Vulnerability info
[ MDVSA-2010:022 ] openssl security
ZDI-10-009: RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability ZDI Disclosures
[ MDVSA-2010:023 ] phpldapadmin security
ZDI-10-004: Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability ZDI Disclosures
[SECURITY] [DSA-1972-2] New audiofile packages fix buffer overflow Stefan Fritsch
ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability ZDI Disclosures
Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack Tavis Ormandy
ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-013: Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability ZDI Disclosures
Friday, 22 January
FortiGuard Advisory: Microsoft Internet Explorer Remote Memory Corruption Vulnerability noreply-secresearch () fortinet com
[USN-890-3] Python 2.4 vulnerabilities Jamie Strandboge
[USN-890-2] Python 2.5 vulnerabilities Jamie Strandboge
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities Giuseppe Iuculano
IdeaCMS v1.0 (fck) Remote Arbitrary File Upload whh_iran
iBoutique v4.0 flashcreazione
Kayako SupportSuite Multiple Persistent Cross Site Scripting (Current Versions) pen-test
Monday, 25 January
Silverstripe <= v2.3.4: two XSS vulnerabilities Moritz Naumann
Abusing weak PRNGs in PHP applications gat3way
London DEFCON January meet - DC4420 - Wed 27th Jan 2010 Major Malfunction
Publique! CMS SQL Injection Vulnerabilities Christophe dlf
e107 latest download link is backdoored Bogdan Calin
Safari 4.0.4 Crash systemx00
[SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration Mark Thomas
CVE-2009-3583, confirming problem and adding info Chris Travers
[SECURITY] CVE-2009-2902 Apache Tomcat unexpected file deletion in work directory Mark Thomas
[SECURITY] CVE-2009-2901 Apache Tomcat insecure partial deploy after failed undeploy Mark Thomas
[ MDVSA-2010:025 ] php-pear-Mail security
Re: e107 latest download link is backdoored Chris Travers
Security improvements of Microsoft Silverlight Build 3.0.50106.0? Juha-Matti Laurio
Re: e107 latest download link is backdoored Valery Marchuk
[ MDVSA-2010:024 ] coreutils security
DDIVRT-2009-27 F2L-3000 files2links SQL Injection Vulnerability ddivulnalert
FWD: LedgerSMB Security Advisory: Multiple Vulnerabilities Chris Travers
Tuesday, 26 January
[SECURITY] [DSA-1977-1] New python packages fix several vulnerabilities Giuseppe Iuculano
Secunia Research: Google Chrome Pop-Up Block Menu Handling Vulnerability Secunia Research
Setting arbitrary Personas without user interaction in Firefox 3.6 Artur Janc
Re: e107 latest download link is backdoored Carsten Eilers
Re: [Full-disclosure] e107 latest download link is backdoored David Sopas
Re: [Full-disclosure] e107 latest download link is backdoored Gregor Schneider
Microsoft IE 6&7 Crash Exploit info
[IBM Datapower XS40] Denial of Service erik
[security bulletin] HPSBMA02477 SSRT090177 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert
Netsupport gateway remote DoS watcher60
[ MDVSA-2010:026 ] openldap security
Paper: Weaning the Web off of Session Cookies Timothy D. Morgan
Cross-Site Scripting vulnerability in 3D Cloud for Joomla MustLive
The future of XSS attacks MustLive
More information on CVE-2009-3580 Chris Travers
[SECURITY] [DSA 1978-1] New phpgroupware packages fix several vulnerabilities Moritz Muehlenhoff
Re: [Full-disclosure] e107 latest download link is backdoored Fernando Augusto
Re: Re: e107 latest download link is backdoored track
RE: Microsoft IE 6&7 Crash Exploit Santhosh
[USN-890-4] PyXML vulnerabilities Jamie Strandboge
Wednesday, 27 January
Re: Microsoft IE 6&7 Crash Exploit Berend-Jan Wever
[InterN0T] ShareTronix 1.0.4 - HTML Injection Vulnerability advisories
PR09-02 Multiple Cross-Site Scripting (XSS) / Cross Domain redirects and Server path information disclosure on SAP BusinessObjects version 12 Rolando Fuentes
Re: RE: Microsoft IE 6&7 Crash Exploit sdasdasd
[security bulletin] HPSBMA02502 SSRT090171 rev.1 - HP OpenView Storage Data Protector, Local Unauthorized Access security-alert
Re: [Full-disclosure] e107 latest download link is backdoored Gregor Schneider
[ MDVSA-2010:027 ] kdelibs4 security
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Cisco Systems Product Security Incident Response Team
[ MDVSA-2010:028 ] kdelibs4 security
Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow. pi3
[RT-SA-2010-001] Geo++(R) GNCASTER: Insecure handling of long URLs RedTeam Pentesting GmbH
[RT-SA-2010-002] Geo++(R) GNCASTER: Insecure handling of NMEA-data RedTeam Pentesting GmbH
[USN-803-2] Dhcp vulnerability Jamie Strandboge
[RT-SA-2010-003] Geo++(R) GNCASTER: Faulty implementation of HTTP Digest Authentication RedTeam Pentesting GmbH
[SECURITY] [DSA-1979-1] New lintian packages fix multiple vulnerabilities Raphael Geissert
PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager) research
[SECURITY] [DSA 1980-1] New ircd-hybrid/ircd-ratbox packages fix arbitrary code execution Steffen Joeris
Thursday, 28 January
Firefox Observation Plugin Attack Ivan Buetler
[security bulletin] HPSBMA02502 SSRT090171 rev.1 - HP OpenView Storage Data Protector, Local Unauthorized Access security-alert
[USN-891-1] lintian vulnerabilities Kees Cook
Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit dlrow1991
Friday, 29 January
[SECURITY] [DSA 1981-1] New maildrop packages fix privilege escalation Steffen Joeris
PR09-19: Cross-Site Scripting (XSS) on CommonSpot server research
[USN-893-1] Samba vulnerability Marc Deslauriers
[SECURITY] [DSA 1981-2] New maildrop packages fix regression Steffen Joeris
[USN-892-1] FUSE vulnerability Kees Cook
[SECURITY] [DSA 1968-2] New pdns-recursor packages fix cache poisoning Florian Weimer
Re: Microsoft IE 6&7 Crash Exploit k4mr4n_st
Re: [Webappsec] Paper: Weaning the Web off of Session Cookies James Landis
Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Arian J. Evans
Multiple vulnerabilities in XAMPP (advisories #1 and #2) MustLive
Multiple vulnerabilities in XAMPP (advisories #3 and #4) MustLive
Multiple vulnerabilities in XAMPP (advisories #5 and #6) MustLive
Multiple vulnerabilities in XAMPP (advisory #7) MustLive
[ MDVSA-2010:029 ] rootcerts security
OCS Inventory NG Server <= 1.3b3 (login) Remote Authentication Bypass Nicolas DEROUET