Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
296 messages
starting May 31 10 and
ending May 12 10
Date index |
Thread index |
Author index
abc12345
Re: Nginx 0.8.35 Space Character Remote Source Disclosure abc12345 (May 31)
admin
clearsite Remote File Include Vulnerability admin (May 28)
advisory
SQL injection vulnerability in 360 Web Manager advisory (May 26)
XSS in Saurus CMS advisory (May 11)
SQL injection vulnerability in ImpressPages CMS advisory (May 28)
XSS vulnerability in Advanced Poll advisory (May 10)
XSS in eliteCMS advisory (May 04)
XSS vulnerability in RuubikCMS advisory (May 26)
XSS in Acuity CMS advisory (May 04)
SQL injection vulnerability in LiSK CMS advisory (May 21)
XSS vulnerability in razorCMS advisory (May 26)
XSS vulnerability in NPDS REvolution advisory (May 18)
SQL injection vulnerability in 360 Web Manager advisory (May 26)
XSS vulnerability in Jaws advisory (May 07)
XSS vulnerability in 360 Web Manager advisory (May 26)
Stored XSS vulnerability in NPDS REvolution advisory (May 18)
XSRF (CSRF) in eliteCMS advisory (May 04)
XSS in DynamiXgate Affiliate Store Builder advisory (May 11)
XSS vulnerability in LiSK CMS advisory (May 21)
XSS vulnerability in NPDS advisory (May 13)
Blind SQL injection vulnerability in NPDS REvolution advisory (May 13)
XSRF (CSRF) in NPDS REvolution advisory (May 21)
XSRF (CSRF) in Zikula Application Framework advisory (May 04)
XSRF (CSRF) in ocPortal advisory (May 21)
XSS vulnerability in gpEasy CMS advisory (May 21)
XSS vulnerability in JComments, Joomla advisory (May 18)
XSS vulnerability in LiSK CMS advisory (May 21)
SQL injection vulnerability in ImpressPages CMS advisory (May 28)
XSS vulnerability in EasyPublish CMS advisory (May 10)
SQL injection vulnerability in ImpressPages CMS advisory (May 28)
XSS vulnerability in GetSimple CMS advisory (May 26)
XSS in ecoCMS advisory (May 04)
SQL injection vulnerability in LiSK CMS advisory (May 21)
Albert Levi
CfP: GameSec 2010 - 5 days left to the deadline Albert Levi (May 26)
CfP: GameSec 2010 - Deadline extended to 31 May 2010 Albert Levi (May 14)
Alexis Tremblay
Vulnerability with Cisco ACE. A2 3.0 (probably all version) Alexis Tremblay (May 07)
angelo
New web malwares attacking big hosting providers angelo (May 06)
Bkis
[Bkis-01-2010] Multiple Vulnerabilities in BigAce - Bkis Bkis (May 25)
[Bkis-01-2010] Multiple Vulnerabilities in BigAce - Bkis Bkis (May 25)
Casper . Dik
Re: Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service Casper . Dik (May 26)
Christopher Schramm
SQL injection in OSCommerce Add-On Visitor Web Stats Christopher Schramm (May 28)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Network Building Mediator Cisco Systems Product Security Incident Response Team (May 26)
Cisco Security Advisory: Multiple vulnerabilities in Cisco PGW Softswitch Cisco Systems Product Security Incident Response Team (May 12)
Code Audit Labs
[CAL-20100204-1]Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability Code Audit Labs (May 12)
[CAL-20100204-2]Adobe Shockwave Player Director File Parsing integer overflow vulnerability Code Audit Labs (May 12)
[CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite Code Audit Labs (May 12)
Core Security Technologies Advisories
Re: [CORE-2010-0405] Adobe Director Invalid Read Core Security Technologies Advisories (May 14)
[CORE-2010-0427] Windows SMTP Service DNS query Id vulnerabilities Core Security Technologies Advisories (May 05)
Core Security Technologies Advisories Team
[CORE-2010-0405] Adobe Director Invalid Read Core Security Technologies Advisories Team (May 12)
[CORE-2010-0428] Microsoft Office Visio DXF File Insertion Buffer Overflow Core Security Technologies Advisories Team (May 04)
Cristofaro Mune
IS-2010-001 - Netgear WG602v4 Saved Pass Stack Overflow Cristofaro Mune (May 31)
cxib
Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service cxib (May 25)
Sun Solaris 10 libc/*convert (*cvt) buffer overflow cxib (May 25)
Sun Solaris 10 ftpd Cross-site request forgery cxib (May 25)
Daniele Bianco
[oCERT-2010-001] multiple http client unexpected download filename vulnerability Daniele Bianco (May 17)
daniel lopez
A vulnerability in Kaspersky Antivirus daniel lopez (May 03)
dann frazier
[SECURITY] [DSA 2053-1] New Linux 2.6.26 packages fix several issues dann frazier (May 25)
Dan Rosenberg
Scientific Atlanta DPC2100 WebSTAR Cable Modem vulnerabilities Dan Rosenberg (May 25)
Multiple memory corruption vulnerabilities in Ghostscript Dan Rosenberg (May 12)
Davide Canali
Re: New web malwares attacking big hosting providers Davide Canali (May 07)
David Guimaraes
SQL injection vulnerability in Zabbix <= 1.8.1 David Guimaraes (May 25)
David Mirza Ahmad
REC0N 2010 (MONTREAL) CFP Reminder & Preview David Mirza Ahmad (May 04)
developpeur
Re: XSS vulnerability in NPDS developpeur (May 18)
Devin Carraway
[SECURITY] [DSA 2044-1] New mplayer packages fix arbitrary code execution Devin Carraway (May 11)
[SECURITY] [DSA 2043-1] New vlc packages fix arbitrary code execution Devin Carraway (May 11)
dm
Re: Administrivia: Real domain names in PoC/exploit examples dm (May 28)
Administrivia: Real domain names in PoC/exploit examples dm (May 28)
donald00
Re: RE: Puntal (index.php) Remote File Inclusion Vulnerabilities donald00 (May 04)
Dragos Ruiu
EUSecWest 2010 MiniCFP (conf Jun 16/17) and PacSec 2010 CFP (conf Nov 10/11, deadline July 30) Dragos Ruiu (May 27)
eidelweiss
Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit eidelweiss (May 05)
JV2 Folder Gallery 3.1.1 (popup_slideshow.php) Multiple Vulnerability eidelweiss (May 25)
PolyPager 1.0rc10 (fckeditor) File Upload Security Issue eidelweiss (May 12)
Puntal (index.php) Remote File Inclusion Vulnerabilities eidelweiss (May 03)
Joomla Component advertising (com_aardvertiser) File Inclusion Vulnerability eidelweiss (May 13)
REZERVI (root) Remote Command Execution Vulnerability eidelweiss (May 07)
CompleteFTP Server v 4.x "PORT" command Remote DOS exploit eidelweiss (May 25)
29o3 CMS (LibDir) Multiple Remote File Inclusion Vulnerability eidelweiss (May 11)
Hustoj is HUST ACM OnlineJudge "fckeditor" file upload security issue eidelweiss (May 25)
ekoparty Security Conference
CFP for ekoparty 0x10 is now open! [ Buenos Aires, Argentina ] ekoparty Security Conference (May 12)
Eren Türkay
Re: [Full-disclosure] Month of PHP Security - Summary - 1st May - 10th May Eren Türkay (May 11)
Francis Provencher
{PRL} Microsoft Windows Outlook Express and Windows Mail Integer Overflow Francis Provencher (May 11)
Frank Habermann
Re: Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit Frank Habermann (May 06)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-10:04.jail FreeBSD Security Advisories (May 27)
FreeBSD Security Advisory FreeBSD-SA-10:06.nfsclient FreeBSD Security Advisories (May 27)
FreeBSD Security Advisory FreeBSD-SA-10:05.opie FreeBSD Security Advisories (May 27)
g1xsystem
GR Board v1.8.6.1 stab (page.php?theme) Remote File Inclusion Vulnerability g1xsystem (May 31)
Groone's Simple Contact Form (abspath) Remote File Inclusion Vulnerability g1xsystem (May 28)
GR Board v1.8.6. (theme) Local File Inclusion Vulnerability g1xsystem (May 31)
Flock web browser v2.5.6 (Remote Memory Corrupt) Crash Exploit g1xsystem (May 26)
geinblues
Firefox 3.6.3 (latest) <= memory exhaustion crash vulnerabilities geinblues (May 18)
Giuseppe Iuculano
[SECURITY] [DSA-2046-1] New phpgroupware packages fix several vulnerabilities Giuseppe Iuculano (May 14)
Guillermo Marro Bruno
RE: STP mitm attack idea Guillermo Marro Bruno (May 20)
Hafez Kamal
[HITB-Announce] HITBSecConf2010 - Malaysia Call for Papers Hafez Kamal (May 20)
Hanno Böck
CMS Made Simple: backend cross site scripting (XSS), CVE-2010-1482 Hanno Böck (May 07)
pmwiki: persistent cross site scripting (XSS), CVE-2010-1481 Hanno Böck (May 07)
HD Moore
Metasploit Framework 3.4.0 Released HD Moore (May 19)
iDefense Labs
iDefense Security Advisory 05.11.10: Abobe Shockwave Player Heap Memory Indexing Vulnerability iDefense Labs (May 12)
info
Re: Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability info (May 25)
Smart Douran CMS Remote File Download info (May 20)
Nginx 0.8.35 Space Character Remote Source Disclosure info (May 31)
Jabłoński , Paweł
Re: Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability Jabłoński , Paweł (May 25)
Jamie Strandboge
[USN-945-1] ClamAV vulnerabilities Jamie Strandboge (May 28)
[USN-942-1] PostgreSQL vulnerabilities Jamie Strandboge (May 21)
[USN-938-1] KDENetwork vulnerability Jamie Strandboge (May 13)
jeromie
Palo Alto Network Vulnerability - Cross-Site Scripting (XSS) jeromie (May 12)
jerzy . patraszewski
Joomla component SimpleDownload Local File Inclusion jerzy . patraszewski (May 17)
John Smith
Re: Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 31)
Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 28)
Re: Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 28)
Justin C. Klein Keane
Re: Puntal (index.php) Remote File Inclusion Vulnerabilities Justin C. Klein Keane (May 04)
Kees Cook
[Suspected Spam][USN-939-1] X.org vulnerabilities Kees Cook (May 19)
[Suspected Spam][USN-944-1] GNU C Library vulnerabilities Kees Cook (May 26)
[Suspected Spam][USN-940-1] Kerberos vulnerabilities Kees Cook (May 20)
[USN-919-1] Emacs vulnerability Kees Cook (May 06)
Konrad Rieck
Call for Papers: EC2ND 2010 Konrad Rieck (May 17)
Krzysztof Żelechowski
Re: Ghostscript 8.64 executes random code at startup Krzysztof Żelechowski (May 26)
L4teral
Linux Mint 8 mintUpdate Insecure Temporary File Creation L4teral (May 20)
lilf
BaoFeng Storm M3U File Processing Buffer Overflow Vulnerability lilf (May 06)
lis cker
Injection of ECShop apps. lis cker (May 07)
Luciano Bello
[SECURITY] [DSA 2042-1] New iscsitarget packages fix arbitrary code execution Luciano Bello (May 06)
ma+bt
fetchmail security announcement fetchmail-SA-2010-02 (CVE-2010-1167) ma+bt (May 06)
Maciej Gojny
XSS, SQL injection vulnerability in I-Vision CMS Maciej Gojny (May 17)
SmartCMS v.2 SQL injection vulnerability Maciej Gojny (May 05)
Major Malfunction
London DEFCON May meet - DC4420 - Wed 26th May 2010 Major Malfunction (May 25)
Marc Deslauriers
[USN-936-1] dvipng vulnerability Marc Deslauriers (May 06)
[USN-941-1] MoinMoin vulnerability Marc Deslauriers (May 20)
[USN-937-1] TeX Live vulnerabilities Marc Deslauriers (May 06)
md . r00t . defacer
Turnkey Innovations SQL Injection Vulnerability md . r00t . defacer (May 10)
LinksAutomation Multiple Remote Vulnerabilities md . r00t . defacer (May 13)
michael . messner
Webby Webserver v1.01 - Buffer overflow vulnerability with overwritten structured exception handler (SEH) michael . messner (May 25)
Michael Santos
PCRE compile workspace overflow Michael Santos (May 06)
mike
phpvidz Administrative Password Disclosure mike (May 17)
Moritz Muehlenhoff
[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities Moritz Muehlenhoff (May 25)
[SECURITY] [DSA 2051-1] New postgresql-8.3 packages fix several vulnerabilities Moritz Muehlenhoff (May 25)
MustLive
Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 28)
[Suspected Spam]Vulnerability in ArtDesign CMS MustLive (May 31)
DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 18)
[Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera MustLive (May 28)
Re: Vulnerability in 3D user cloud for Joomla MustLive (May 18)
Vulnerability in tagcloud for Kasseler CMS MustLive (May 16)
Cross-Site Scripting vulnerability in Mango MustLive (May 03)
Vulnerability in widget Cumulus for BlogEngine.NET MustLive (May 12)
Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 20)
Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera MustLive (May 31)
Vulnerability in widget Flash Tag Cloud for Blogsa and other ASP.NET engines MustLive (May 21)
Vulnerabilities in t3m_cumulus_tagcloud for TYPO3 MustLive (May 05)
New vulnerabilities in plugin DS-Syndicate for Joomla MustLive (May 25)
Vulnerability in 3D user cloud for Joomla MustLive (May 17)
Re: Vulnerabilities in Sebo - webstore MustLive (May 11)
Vulnerabilities in DS-Syndicate for Joomla MustLive (May 25)
Vulnerabilities in Sebo - webstore MustLive (May 10)
Nate Eldredge
Re: Administrivia: Real domain names in PoC/exploit examples Nate Eldredge (May 28)
ne01026
Ghostscript 8.64 executes random code at startup ne01026 (May 25)
noloader
Re: KHOBE - 8.0 earthquake for Windows desktop security software noloader (May 07)
Packet Storm
Re: SQL injection vulnerability in 360 Web Manager Packet Storm (May 27)
Patroklos Argyroudis
CVE-2010-2020: FreeBSD kernel NFS client local vulnerabilities Patroklos Argyroudis (May 28)
paul . szabo
Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 26)
Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 26)
Mathematica on Linux /tmp/MathLink vulnerability paul . szabo (May 14)
Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 27)
Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 31)
Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 28)
Pete Herzog
OSSTMM 3 STAR Released! Pete Herzog (May 25)
Security Awareness for kids Pete Herzog (May 18)
Re: The New ISO Hacking Standard Pete Herzog (May 21)
Mastering Trust in Security Assessments Pete Herzog (May 21)
The New ISO Hacking Standard Pete Herzog (May 19)
OSSTMM 3 based Home Security Vacation Guide v.2! Pete Herzog (May 21)
praveen_recker
Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability praveen_recker (May 21)
Denial of Dervice vulnerability in Helix Mobile Server (RealNetworks) (14.0.0.348) with long string to PluginDirectory in rmserver.cfg file praveen_recker (May 25)
Raphael Geissert
[SECURITY] [DSA-2041-1] New mediawiki packages fix cross-site request forgery Raphael Geissert (May 04)
research
PR10-03: Authenticated Cross-Site Scripting (XSS) within the Apache Axis2 administration console research (May 21)
Multiple vulnerabilities within 3Com* iMC (Intelligent Management Center) research (May 21)
Rodrigo Branco
HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039 Rodrigo Branco (May 21)
rPath Update Announcements
rPSA-2010-0039-1 openssl openssl-scripts rPath Update Announcements (May 25)
rPSA-2010-0037-1 kernel rPath Update Announcements (May 10)
rPSA-2010-0036-1 openssl openssl-scripts rPath Update Announcements (May 10)
rPSA-2010-0034-1 ntp ntp-utils rPath Update Announcements (May 10)
s2-security
CVE-2010-1454: SpringSource tc Server unauthenticated remote access to JMX interface s2-security (May 17)
Salvatore Fresta aka Drosophila
Family Connections 2.2.3 Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (May 10)
Re: Vulnerabilities in Sebo - webstore Salvatore Fresta aka Drosophila (May 11)
Re: Vulnerabilities in Sebo - webstore Salvatore Fresta aka Drosophila (May 11)
Sebastien Delafond
[SECURITY] [DSA 2040-1] New squidguard packages fix several vulnerabilities Sebastien Delafond (May 03)
[SECURITY] [DSA 2045-1] New libtheora packages fix arbitrary code execution Sebastien Delafond (May 12)
[SECURITY] [DSA 2052-1] New krb5 packages fix denial of service Sebastien Delafond (May 25)
[SECURITY] [DSA 2048-1] New dvipng packages fix arbitrary code execution Sebastien Delafond (May 25)
Secunia Research
Secunia Research: Adobe Shockwave Player Signedness Error Vulnerability Secunia Research (May 12)
Secunia Research: KDE KGet Insecure File Operation Vulnerability Secunia Research (May 13)
Secunia Research: TomatoCMS Script Insertion Vulnerabilities Secunia Research (May 12)
Secunia Research: Adobe Shockwave Player Font Processing Buffer Overflow Secunia Research (May 12)
Secunia Research: IrfanView PSD Image Parsing Sign-Extension Vulnerability Secunia Research (May 12)
Secunia Research: Adobe Shockwave Player Asset Entry Parsing Vulnerability Secunia Research (May 12)
Secunia Research: Adobe Shockwave Player 3D Parsing Memory Corruption Secunia Research (May 12)
Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability Secunia Research (May 12)
Secunia Research: IrfanView PSD RLE Decompression Buffer Overflow Secunia Research (May 12)
Secunia Research: Orbit Downloader metalink "name" Directory Traversal Secunia Research (May 19)
Secunia Research: aria2 metalink "name" Directory Traversal Vulnerability Secunia Research (May 13)
Secunia Research: Ziproxy Two Integer Overflow Vulnerabilities Secunia Research (May 25)
Secunia Research: Free Download Manager metalink "name" Directory Traversal Secunia Research (May 13)
Secunia Research: KDE KGet metalink "name" Directory Traversal Vulnerability Secunia Research (May 13)
Secunia Research: TomatoCMS "q" SQL Injection Vulnerability Secunia Research (May 12)
Secunia Research: Free Download Manager Four Buffer Overflow Vulnerabilities Secunia Research (May 13)
Secunia Research: Adobe Shockwave Player Array Indexing Vulnerability Secunia Research (May 12)
security
[ MDVSA-2010:100 ] krb5 security (May 19)
[ MDVSA-2010:089 ] gnutls security (May 03)
[ MDVSA-2010:090 ] samba security (May 04)
[ MDVSA-2010:098 ] kdenetwork4 security (May 19)
[ MDVSA-2010:096 ] tetex security (May 17)
[ MDVSA-2010:095 ] libxext security (May 13)
[ MDVSA-2010:097 ] pidgin security (May 18)
[ MDVSA-2010:092 ] cacti security (May 07)
[ MDVSA-2010:093 ] mysql security (May 10)
[ MDVSA-2010:110 ] clamav security (May 27)
[ MDVSA-2010:082-1 ] clamav security (May 20)
[ MDVSA-2010:109 ] gtk+2.0 security (May 27)
[ MDVSA-2010:102 ] ghostscript security (May 20)
[ MDVSA-2010:108 ] kolab-horde-framework security (May 26)
[ MDVSA-2010:090-1 ] samba security (May 11)
[ MDVSA-2010:108 ] kolab-horde-framework security (May 26)
[ MDVSA-2010:106 ] aria2 security (May 25)
[ MDVSA-2010:101 ] mysql security (May 19)
[ MDVSA-2010:107 ] mysql security (May 26)
[ MDVSA-2010:105 ] openoffice.org security (May 25)
[ MDVSA-2010:091 ] openoffice.org security (May 05)
[ MDVSA-2010:104 ] dovecot security (May 21)
[ MDVSA-2010:099 ] wireshark security (May 18)
[ MDVSA-2010:108 ] kolab-horde-framework security (May 26)
[ MDVSA-2010:094 ] tetex security (May 12)
[ MDVSA-2010:103 ] postgresql security (May 21)
Security_Alert
ESA-2010-007: EMC Avamar Denial Of Service Vulnerability Security_Alert (May 26)
security-alert
[security bulletin] HPSBMA02201 SSRT071328 rev.1 - HP LoadRunner Agent on Windows, Remote Unauthenticated Arbitrary Code Execution security-alert (May 06)
[security bulletin] HPSBMA02520 SSRT100071 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Unauthorized Access to Data security-alert (May 12)
[security bulletin] HPSBUX02523 SSRT100036 rev.2 - HP-UX Running ONCplus rpc.pcnfsd, Remote Denial of Service (DoS), Increase in Privilege security-alert (May 31)
[security bulletin] HPSBGN02511 SSRT100022 rev.3 - Certain HP Small Form Factor, Microtower and Workstations PC's with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code security-alert (May 18)
[security bulletin] HPSBMA02528 SSRT100106 rev.1 - HP Performance Center Agent on Windows, Remote Unauthenticated Arbitrary Code Execution security-alert (May 11)
[security bulletin] HPSBMA02400 SSRT080144 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 05)
[security bulletin] HPSBMA02535 SSRT100029 rev.1 - HP Performance Manager, Remote Unauthorized Access, Cross Site Scripting (XSS), Denial of Service (DoS) security-alert (May 18)
[security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 11)
[security bulletin] HPSBOV02497 SSRT090245 rev.3 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (May 18)
[security bulletin] HPSBGN02315 SSRT071487 rev.1 - HP TestDirector for Quality Center running on AIX, Linux and Solaris, Remote Unauthorized Access security-alert (May 26)
[security bulletin] HPSBPI02532 SSRT100111 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Unauthorized Access security-alert (May 13)
[security bulletin] HPSBMA02522 SSRT100086 rev.1 - HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS) security-alert (May 12)
[security bulletin] HPSBMA02534 SSRT090180 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS) security-alert (May 18)
[security bulletin] HPSBUX02523 SSRT100036 rev.1 - HP-UX Running ONCPlus, Remote Denial of Service (DoS), Increase in Privilege security-alert (May 19)
[security bulletin] HPSBMA02442 SSRT090108 rev.1 - HP Business Availability Center Running Apache, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Denial of Service (DoS) security-alert (May 26)
[security bulletin] HPSBMA02483 SSRT090257 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 05)
[security bulletin] HPSBMA02416 SSRT090008 rev.5 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 05)
security curmudgeon
Re: IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability security curmudgeon (May 25)
sh4v
XSS bug in US Robotics firmware USR5463-v0_06.bin sh4v (May 20)
Simon Kilvington
Re: The New ISO Hacking Standard Simon Kilvington (May 20)
Stefan Esser
Month of PHP Security - Summary - 1st May - 10th May Stefan Esser (May 10)
Month of PHP Security - Summary - 11st May - 21th Stefan Esser (May 21)
Steffen Joeris
[SECURITY] [DSA 2049-1] New barnowl packages fix arbitrary code execution Steffen Joeris (May 25)
subs
Cross Site URL Hijacking by using Error Object in Mozilla Firefox subs (May 27)
Susan Bradley
Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 18)
Re: [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera Susan Bradley (May 28)
Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 20)
The Dark Tangent
DEF CON 18 CFP closing in two weeks The Dark Tangent (May 17)
Thijs Kinkhorst
[SECURITY] [DSA 2038-2] New pidgin packages fix regression Thijs Kinkhorst (May 18)
[SECURITY] [DSA 2052-1] New krb5 packages fix denial of service Thijs Kinkhorst (May 25)
[SECURITY] [DSA 2047-1] New aria2 packages fix directory traversal Thijs Kinkhorst (May 17)
Tim Starling
Arbitrary UNC file read in IE 8 Tim Starling (May 25)
Tom Walsh - lists
RE: Puntal (index.php) Remote File Inclusion Vulnerabilities Tom Walsh - lists (May 03)
Tom Yu
MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref Tom Yu (May 18)
unknown user
[Kil13r-SA-20100513] Adobe Flash Player 10.0 Denial Of Service Vulnerability unknown user (May 20)
Vadim Okun
Static analysis tool exposition (SATE) 2010 Call for participation Vadim Okun (May 27)
Vladimir '3APA3A' Dubrovin
Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Vladimir '3APA3A' Dubrovin (May 31)
Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Vladimir '3APA3A' Dubrovin (May 28)
Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability Vladimir '3APA3A' Dubrovin (May 14)
VMware Security team
VMSA-2010-0009 ESXi ntp and ESX Service Console third party updates VMware Security team (May 28)
VMSA-2010-0008 VMware View 3.1.3 addresses an important cross-site scripting vulnerability VMware Security team (May 06)
vulns
[Wintercore Research] Consona Products - Multiple vulnerabilities vulns (May 07)
VUPEN Security Research
VUPEN Security Research - Adobe Shockwave IML32 Multiple Code Execution Vulnerabilities (CVE-2010-0129) VUPEN Security Research (May 12)
VUPEN Security Research - Adobe Shockwave 3D Two Remote Code Execution Vulnerabilities (CVE-2010-1284) VUPEN Security Research (May 12)
VUPEN Security Research - Adobe Shockwave 3D Blocks Field Code Execution Vulnerability (CVE-2010-1283) VUPEN Security Research (May 12)
VUPEN Security Research - Adobe Shockwave DIRAPI Multiple Code Execution Vulnerabilities (CVE-2010-1280) VUPEN Security Research (May 12)
VUPEN Web Security
Cacti Multiple Parameter Cross Site Scripting Vulnerabilities VUPEN Web Security (May 21)
PHP-Calendar "description" and "lastaction" Cross Site Scripting Vulnerabilities VUPEN Web Security (May 21)
phpGroupWare SQL Injections and Local File Inclusion Vulnerabilities (CVE-2010-0403 and CVE-2010-0404) VUPEN Web Security (May 14)
Wasim Halani
Cyberoam SSL VPN Client - Plain-text Storage of Username and Password Wasim Halani (May 26)
wsn1983
DM Database Server Memory Corruption Vulnerability wsn1983 (May 31)
www.matousec.com - Research
KHOBE - 8.0 earthquake for Windows desktop security software www.matousec.com - Research (May 06)
xuanmumu
Caucho Technology Resin digest.php Cross Site Scripting Vulnerability xuanmumu (May 19)
yicong2010
Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability yicong2010 (May 25)
Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability yicong2010 (May 25)
Zakar Miklós
SA00001-2010 Zakar Miklós (May 10)
ZDI Disclosures
ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-082: HP OpenView NNM netmon sel CGI Variable Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-081: HP OpenView NNM ovet_demandpoll sel CGI Variable Format String Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-080: HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability ZDI Disclosures (May 06)
ZDI-10-087: Adobe Shockwave Invalid Offset Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability ZDI Disclosures (May 12)
ZDI-10-089: Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability ZDI Disclosures (May 12)
ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability ZDI Disclosures (May 12)