Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
233 messages
starting Apr 09 12 and
ending Apr 16 12
Date index |
Thread index |
Author index
Aaron T. Myers
[CVE-2012-1574] Apache Hadoop user impersonation vulnerability Aaron T. Myers (Apr 09)
ACROS Security Lists
ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting ACROS Security Lists (Apr 16)
Adam Behnke
Backtrack 5 R2 priv escalation 0day found in CTF exercise Adam Behnke (Apr 11)
Erronous post concerning Backtrack 5 R2 0day Adam Behnke (Apr 13)
advisory
Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress advisory (Apr 11)
Multiple vulnerabilities in osCmax advisory (Apr 04)
Multiple vulnerabilities in Newscoop advisory (Apr 18)
Multiple XSS vulnerabilities in XOOPS advisory (Apr 18)
Multiple vulnerabilities in Piwigo advisory (Apr 25)
Akita Software Security
.NET Framework EncoderParameter integer overflow vulnerability Akita Software Security (Apr 23)
Amir
Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities Amir (Apr 30)
vBulletin 4.1.10 Sql Injection Vulnerabilitiy Amir (Apr 05)
Wordpress taggator plugin Sql Injection Vulnerabilities Amir (Apr 05)
Amos Jeffries
Re: Squid URL Filtering Bypass Amos Jeffries (Apr 23)
Ange Albertini
[CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64) Ange Albertini (Apr 19)
Apple Product Security
APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 Apple Product Security (Apr 13)
APPLE-SA-2012-04-03-1 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 Apple Product Security (Apr 04)
APPLE-SA-2012-04-13-1 Flashback malware removal tool Apple Product Security (Apr 16)
ariosrandy
PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities ariosrandy (Apr 30)
Asterisk Security Team
AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver Asterisk Security Team (Apr 23)
AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver Asterisk Security Team (Apr 23)
AST-2012-004: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Apr 23)
bede
XSS in Kaseya version 6.2.0.0 web interface bede (Apr 20)
blaszczakm
CitrusDB 2.4.1 - LFI/SQLi Vulnerability blaszczakm (Apr 09)
b . saleh
Arbor Networks Peakflow SP web interface XSS b . saleh (Apr 04)
cfp
Ruxcon 2012 Call For Papers cfp (Apr 19)
Charles Morris
Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services Charles Morris (Apr 25)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Cisco Systems Product Security Incident Response Team (Apr 04)
come2waraxe
[waraxe-2012-SA#084] - Multiple Vulnerabilities in OpenCart 1.5.2.1 come2waraxe (Apr 09)
[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0 come2waraxe (Apr 05)
[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4 come2waraxe (Apr 05)
[waraxe-2012-SA#086] - Local File Inclusion in Invision Power Board 3.3.0 come2waraxe (Apr 12)
[waraxe-2012-SA#085] - Reflected XSS in Uploadify Integration Wordpress plugin come2waraxe (Apr 09)
Crash
[DCA-2011-0016] - Tufin SecureTrack Cross Site Script Crash (Apr 04)
CrAzY_CrAcKeR
online newspaper university"newsdesc.php" SQL Injection Vulnerabilities CrAzY_CrAcKeR (Apr 12)
Total Quality Machines (productdetail.php) SQL Injection Vulnerabilities CrAzY_CrAcKeR (Apr 16)
PHPNuke Module's Name Download SQL Injection Vulnerabilities CrAzY_CrAcKeR (Apr 09)
ddivulnalert
DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal ddivulnalert (Apr 26)
DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal ddivulnalert (Apr 26)
Esteban Martinez Fayo
OCIPasswordChange API leaks information of password hash (CVE-2012-0511) Esteban Martinez Fayo (Apr 20)
Fermín J . Serna
CVE-2012-0769, the case of the perfect info leak Fermín J . Serna (Apr 09)
Fernando Gont
Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012 Fernando Gont (Apr 16)
IPv6 host scanning in IPv6 Fernando Gont (Apr 20)
New IETF I-D: Security Implications of IPv6 on IPv4 networks Fernando Gont (Apr 24)
IPv6 stable privacy addresses Fernando Gont (Apr 04)
Filip Palian
Sourcefire Defense Center - multiple vulnerabilities. Filip Palian (Apr 04)
Florent Daigniere
[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 Florent Daigniere (Apr 05)
Florian Weimer
[SECURITY] [DSA 2459-1] quagga security update Florian Weimer (Apr 26)
[SECURITY] [DSA 2442-2] openarena regression Florian Weimer (Apr 04)
[SECURITY] [DSA 2398-2] curl regression Florian Weimer (Apr 04)
[SECURITY] [DSA 2445-1] typo3-src security update Florian Weimer (Apr 04)
gab . mnunes
Sony Bravia Remote Denial of Service - CVE-2012-2210 gab . mnunes (Apr 05)
Gabriel Menezes Nunes
Squid URL Filtering Bypass Gabriel Menezes Nunes (Apr 18)
Re: Squid URL Filtering Bypass Gabriel Menezes Nunes (Apr 23)
Re: Squid URL Filtering Bypass Gabriel Menezes Nunes (Apr 19)
McAfee Web Gateway URL Filtering Bypass Gabriel Menezes Nunes (Apr 18)
h1kari
ToorCamp 2012: The American Hacker Camp h1kari (Apr 26)
Hafez Kamal
[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) Hafez Kamal (Apr 23)
Henri Salo
Re: Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities Henri Salo (Apr 18)
Re: Wordpress 1-jquery-photo-gallery-slideshow-flash plugin Cross-Site Scripting Vulnerabilities Henri Salo (Apr 18)
Re: Wordpress advanced-text-widget Plugin Vulnerabilities Henri Salo (Apr 18)
info
Re: Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Are Fixed! info (Apr 11)
InterN0T Advisories
Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise InterN0T Advisories (Apr 13)
irancrash
DokuWiki Ver.2012/01/25 CSRF Add User Exploit irancrash (Apr 18)
Ivan Buetler
OWASP 2012 Online Competition with Hacking-Lab Ivan Buetler (Apr 30)
ivan_terkin
SQL injection in Wordpress plugin Buddypress ivan_terkin (Apr 04)
Jacopo Cappellato
[CVE-2012-1621] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)
Jamie Riden
Re: Erronous post concerning Backtrack 5 R2 0day Jamie Riden (Apr 13)
jc
RuggedCom - Backdoor Accounts in my SCADA network? You don't say... jc (Apr 24)
Jelmer Kuperus
Liferay 6.1 can be compromised in its default configuration Jelmer Kuperus (Apr 20)
Specially crafted webdav request allows reading of local files on liferay 6.0.x Jelmer Kuperus (Apr 20)
Specially crafted Json service request allows full control over a Liferay portal instance Jelmer Kuperus (Apr 20)
Jesús Olmos
linux privileged and arbitrary chdir() (fixed at 5.4 cifs release) Jesús Olmos (Apr 25)
Jim Harrison
RE: We're now paying up to $20,000 for web vulns in our services Jim Harrison (Apr 25)
RE: Squid URL Filtering Bypass Jim Harrison (Apr 20)
RE: McAfee Web Gateway URL Filtering Bypass Jim Harrison (Apr 24)
Jonathan Brossard
Hackito 2012 Crypto Challenge Jonathan Brossard (Apr 04)
Jonathan Wiltshire
[SECURITY] [DSA 2448-1] inspircd security update Jonathan Wiltshire (Apr 10)
Jose Nazario
Re: Arbor Networks Peakflow SP web interface XSS Jose Nazario (Apr 04)
Re: Arbor Networks Peakflow SP web interface XSS Jose Nazario (Apr 05)
Joxean Koret
The history of a -probably- 13 years old Oracle bug: TNS Poison Joxean Koret (Apr 19)
Oracle TNS Poison vulnerability is actually a 0day with no patch available Joxean Koret (Apr 26)
laurenz . albe
Re: The history of a -probably- 13 years old Oracle bug: TNS Poison laurenz . albe (Apr 26)
Lostmon
Re: phpMyBible 0.5.1 Mutiple XSS Lostmon (Apr 23)
LpSolit
Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9 LpSolit (Apr 19)
Luigi Auriemma
Vulnerabilities in Samsung TV (remote controller protocol) Luigi Auriemma (Apr 19)
Major Malfunction
DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 Major Malfunction (Apr 20)
Mario Vilas
Re: Squid URL Filtering Bypass Mario Vilas (Apr 19)
Mark Stanislav
'Hotel Booking Portal' SQL Injection (CVE-2012-1672) Mark Stanislav (Apr 04)
'e-ticketing' SQL Injection (CVE-2012-1673) Mark Stanislav (Apr 04)
'phpPaleo' Local File Inclusion (CVE-2012-1671) Mark Stanislav (Apr 04)
Michal Zalewski
FYI: We're now paying up to $20,000 for web vulns in our services Michal Zalewski (Apr 23)
Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 25)
Re: We're now paying up to $20,000 for web vulns in our services Michal Zalewski (Apr 25)
Moritz Muehlenhoff
[SECURITY] [DSA 2457-1] iceweasel security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2447-1] tiff security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2461-1] spip security update Moritz Muehlenhoff (Apr 27)
[SECURITY] [DSA 2460-1] asterisk security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2456-1] dropbear security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2446-1] libpng security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2462-1] imagemagick security update Moritz Muehlenhoff (Apr 30)
[SECURITY] [DSA 2548-1] iceape security update Moritz Muehlenhoff (Apr 25)
n0b0d13s
WebCalendar <= 1.2.4 Two Security Vulnerabilities n0b0d13s (Apr 23)
Netsparker Advisories
XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Netsparker Advisories (Apr 23)
Nico Golde
[SECURITY] [DSA 2453-1] gajim security update Nico Golde (Apr 16)
[SECURITY] [DSA 2449-1] sqlalchemy security update Nico Golde (Apr 12)
[SECURITY] [DSA 2451-1] puppet security update Nico Golde (Apr 13)
[SECURITY] [DSA 2453-2] gajim regression Nico Golde (Apr 19)
[SECURITY] [DSA 2455-1] typo3-src security update Nico Golde (Apr 23)
nospam
Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite nospam (Apr 05)
Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite nospam (Apr 05)
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability nospam (Apr 30)
paul . szabo
Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 16)
Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 17)
Per Thorsheim
Passwords^12 : Call for Presentations Per Thorsheim (Apr 16)
psiinon
OWASP ZAP 1.4.0 released psiinon (Apr 09)
Raphael Geissert
[SECURITY] [DSA 2454-2] openssl incomplete fix Raphael Geissert (Apr 25)
[SECURITY] [DSA 2454-1] openssl security update Raphael Geissert (Apr 20)
Research
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 27)
[Spam] Chengdu Bureau of Commerce - SQL Injection Vulnerability Research (Apr 23)
[Suspected Spam] IPhone TreasonSMS - HTML Inject & File Include Vulnerability Research (Apr 23)
[Suspected Spam] K-Meleon Browser v1.5.4 - Denial of Service Vulnerability Research (Apr 16)
PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability Research (Apr 23)
Crystal Office Suite v1.43 - Buffer Overflow Vulnerability Research (Apr 12)
osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Research (Apr 09)
[Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 09)
[Suspected Spam] AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities Research (Apr 09)
Pritlog v0.821 CMS - Multiple Web Vulnerabilities Research (Apr 30)
[Suspected Spam] DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities Research (Apr 12)
ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities Research (Apr 04)
Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities Research (Apr 16)
[Suspected Spam] Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities Research (Apr 09)
Opial CMS v2.0 - Multiple Web Vulnerabilities Research (Apr 30)
[Suspected Spam] Havalite CMS v1.0.4 - Multiple Web Vulnerabilities Research (Apr 23)
GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities Research (Apr 10)
idev Game Site CMS v1.0 - Multiple Web Vulnerabilites Research (Apr 09)
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities Research (Apr 12)
[Suspected Spam] Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities Research (Apr 16)
CsForum v0.8 - Cross Site Scripting Vulnerability Research (Apr 09)
Car Portal CMS v3.0 - Multiple Web Vulnerabilities Research (Apr 27)
[Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 04)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 30)
DirectAdmin v1.403 - Cross Site Scripting Vulnerability Research (Apr 04)
Landshop v0.9.2 - Multiple Web Vulnerabilities Research (Apr 04)
Matterdaddy Market v1.1 - SQL Injection Vulnerabilities Research (Apr 10)
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Research (Apr 27)
Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Research (Apr 04)
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites Research (Apr 13)
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities Research (Apr 27)
Research@NGSSecure
NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM Research@NGSSecure (Apr 30)
NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI Research@NGSSecure (Apr 30)
NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI Research@NGSSecure (Apr 30)
NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation Research@NGSSecure (Apr 30)
NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI Research@NGSSecure (Apr 30)
NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM Research@NGSSecure (Apr 30)
NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow Research@NGSSecure (Apr 30)
Richard Barrett
Re: Squid URL Filtering Bypass Richard Barrett (Apr 19)
Secunia Research
Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue Secunia Research (Apr 09)
Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities Secunia Research (Apr 09)
security
[ MDVSA-2012:056 ] rpm security (Apr 12)
[ MDVSA-2012:032-1 ] mozilla security (Apr 18)
[ MDVSA-2012:060 ] openssl security (Apr 19)
[ MDVSA-2012:058 ] curl security (Apr 13)
[ MDVSA-2012:062 ] openoffice.org security (Apr 23)
[ MDVSA-2012:066 ] mozilla security (Apr 27)
[ MDVSA-2012:065 ] php security (Apr 27)
[ MDVSA-2012:061 ] raptor security (Apr 23)
[ MDVSA-2012:059 ] python-sqlalchemy security (Apr 16)
[ MDVSA-2012:053 ] ocsinventory security (Apr 04)
[ MDVSA-2012:052 ] libvorbis security (Apr 04)
[ MDVSA-2012:054 ] libtiff security (Apr 05)
[ MDVSA-2012:048 ] mutt security (Apr 04)
[ MDVSA-2012:055 ] samba security (Apr 11)
[ MDVSA-2012:046 ] libpng security (Apr 04)
[ MDVSA-2012:049 ] nagios security (Apr 04)
[ MDVSA-2012:051 ] libvorbis security (Apr 04)
[ MDVSA-2012:063 ] libreoffice security (Apr 23)
[ MDVSA-2012:047 ] freeradius security (Apr 04)
[ MDVSA-2012:050 ] phpmyadmin security (Apr 04)
[ MDVSA-2012:057 ] freetype2 security (Apr 12)
[ MDVSA-2012:064 ] openssl0.9.8 security (Apr 24)
Security_Alert
ESA-2012-018: EMC Data Protection Advisor Multiple Vulnerabilities Security_Alert (Apr 19)
security-alert
[security bulletin] HPSBPV02754 SSRT100803 rev.1 - HP ProCurve 5400 zl Switch, Compact flash card virus security-alert (Apr 11)
[security bulletin] HPSBMU02766 SSRT100624 rev.1 - HP Onboard Administrator (OA), Remote Denial of Service (DoS) security-alert (Apr 18)
[security bulletin] HPSBMU02759 SSRT100817 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access, Unauthorized Information Disclosure, Denial of Service (DoS), URL Redirection security-alert (Apr 04)
[security bulletin] HPSBPI02728 SSRT100692 rev.6 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert (Apr 26)
[security bulletin] HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities security-alert (Apr 20)
[security bulletin] HPSBPV02754 SSRT100803 rev.2 - HP ProCurve 5400 zl Switch, Compact flash card contains trojan malware security-alert (Apr 27)
[security bulletin] HPSBMU02753 SSRT100782 rev.1 - HP Business Availability Center (BAC) Running Apache, Remote Execution of Arbitrary Commands, Denial of Service (DoS) security-alert (Apr 04)
[security bulletin] HPSBMU02749 SSRT100793 rev.1 - HP Business Availability Center (BAC) Running on Windows, Remote Cross Site Scripting (XSS) security-alert (Apr 04)
[security bulletin] HPSBOV02763 SSRT100826 rev.1 - HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification security-alert (Apr 17)
[security bulletin] HPSBUX02761 SSRT100823 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Privilege security-alert (Apr 20)
[security bulletin] HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS) security-alert (Apr 18)
[security bulletin] HPSBUX02758 SSRT100774 rev.1 - HP-UX running DCE, Remote Denial of Service (DoS) security-alert (Apr 05)
[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA, Remote Denial of Service (DoS), Unauthorized Access, Privilege Escalation, Unauthorized Disclosure of Information, Unauthorized Modification security-alert (Apr 17)
[security bulletin] HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities security-alert (Apr 17)
[security bulletin] HPSBUX02760 SSRT100805 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Apr 05)
[security bulletin] HPSBUX02757 SSRT100779 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Apr 05)
[security bulletin] HPSBUX02768 SSRT100664 rev.1 - CIFS Server (Samba), Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS) security-alert (Apr 24)
Security Explorations
[SE-2012-01] Security vulnerabilities in Java SE Security Explorations (Apr 04)
[SE-2012-01] Security weakness in Apple Quicktime Java extensions Security Explorations (Apr 12)
Shatter
TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command Shatter (Apr 12)
Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) Shatter (Apr 20)
HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) Shatter (Apr 20)
SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525) Shatter (Apr 20)
HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) Shatter (Apr 20)
SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512) Shatter (Apr 20)
Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511) Shatter (Apr 20)
Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528) Shatter (Apr 20)
OCIPasswordChange API leaks information of password hash (CVE-2012-0511) Shatter (Apr 20)
Stefan Fritsch
[SECURITY] [DSA 2452-1] apache2 security update Stefan Fritsch (Apr 16)
sumanj
Android information leak sumanj (Apr 11)
Thijs Kinkhorst
[SECURITY] [DSA 2450-1] samba security update Thijs Kinkhorst (Apr 13)
Thomas Richards
phpMyBible 0.5.1 Mutiple XSS Thomas Richards (Apr 23)
PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Thomas Richards (Apr 26)
Fwd: PHP Gift Registry 1.5.5 SQL Injection Thomas Richards (Apr 17)
ChurchCMS 0.0.1 'admin.php' Multiple SQLi Thomas Richards (Apr 23)
PHP Ticket System Beta 1 'p' SQL Injection Thomas Richards (Apr 24)
Tobias Glemser
TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0 Tobias Glemser (Apr 18)
Trustwave Advisories
TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Apr 12)
v . hirve
ClubHack Magazine's April 2012 Issue is released. v . hirve (Apr 18)
Vikram Dhillon
Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability Vikram Dhillon (Apr 17)
Re: McAfee Web Gateway URL Filtering Bypass Vikram Dhillon (Apr 23)
VMware Security Team
VMSA-2012-0006 VMware ESXi and ESX address several security issues VMware Security Team (Apr 04)
VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation VMware Security Team (Apr 13)
VMSA-2012-0008 VMware ESX updates to ESX Service Console VMware Security Team (Apr 27)
VSR Advisories
HTC IQRD Android Permission Leakage (CVE-2012-2217) VSR Advisories (Apr 23)
VUPEN Security Research
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172) VUPEN Security Research (Apr 18)
VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vulnerability (APSB12-07 / CVE-2012-0773) VUPEN Security Research (Apr 19)
YGN Ethical Hacker Group
Acuity CMS 2.6.x <= Cross Site Scripting YGN Ethical Hacker Group (Apr 18)
FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)