Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
194 messages
starting Dec 31 13 and
ending Jan 31 14
Date index |
Thread index |
Author index
Tuesday, 31 December
[SECURITY] [DSA 2831-1] puppet security update Luciano Bello
Wednesday, 01 January
Re: Open phones for privacy/anonymity applications, Guardian coderman
Re: Open phones for privacy/anonymity applications, Guardian coderman
[SECURITY] [DSA 2832-1] memcached security update Salvatore Bonaccorso
Re: Open phones for privacy/anonymity applications, Guardian coderman
[SECURITY] [DSA 2833-1] openssl security update Moritz Muehlenhoff
Re: [SECURITY] [DSA 2833-1] openssl security update coderman
Tool Update: Bing-ip2hosts version 0.4 Andrew Horton
Targeted CSRF vulnerability on LinkedIn to delete posts [FIXED] Bhavesh Naik
Re: Open phones for privacy/anonymity applications, Guardian Lodewijk andré de la porte
[SECURITY] [DSA 2834-1] typo3-src security update Salvatore Bonaccorso
[CVE-2013-6480] Libcloud doesn't send scrub_data query parameter when destroying a DigitalOcean node Tomaz Muraus
DAVOSET v.1.1.5 MustLive
Thursday, 02 January
Re: Securelist.com (Kaspersky) released a misleading information about Kelihos Botnet actual status アドリアンヘンドリック
Saturday, 04 January
SCADA StrangeLove 30C3 releases: all in one scadastrangelove
Re: SCADA StrangeLove 30C3 releases: all in one coderman
"the Fairphone is fatally flawed for security" Bernhard Kuemel
Re: "the Fairphone is fatally flawed for security" coderman
Sunday, 05 January
[SECURITY] [DSA 2835-1] asterisk security update Moritz Muehlenhoff
Monday, 06 January
[SECURITY] [DSA 2836-1] devscripts security update Raphael Geissert
Re: DoS vulnerability in Adobe Flash Player (BSOD) sixtyvividtails
Re: Open phones for privacy/anonymity applications, Guardian Anonymous
Re: Open phones for privacy/anonymity applications, Guardian Bzzz
[HITB-Announce] HITB Magazine Issue 10 Out Now Hafez Kamal
Tuesday, 07 January
AusCERT2014 Call for Presentations and Tutorials AusCERT
Re: Open phones for privacy/anonymity applications, Guardian Daniel Corbe
[SECURITY] [DSA 2837-1] openssl security update Moritz Muehlenhoff
[SECURITY] [DSA 2838-1] libxfont security update Moritz Muehlenhoff
Re: FPU-state NULL-deref exploitation (was vm86 syscall kernel-panic and some more goodies waiting to be analyzed) halfdog
Wednesday, 08 January
Wordpress Plugin WP-Members Version 2.8.9 - Stored and reflected Cross-site Scripting vulnerabilities Stefan Schurtz
[SECURITY] [DSA 2839-1] spice security update Salvatore Bonaccorso
Re: Where are you guys standing re: the (full) disclosure Georgi Guninski
[CVE-2014-1203] Eyou Mail System Remote Code Execution conqu3r . zeng
[Wooyun] NVIDIA a SAP NETWEAVER remote command execution En.wooyun.org
[Wooyun] OVH a subsite Zabbix Sql injection En.wooyun.org
[Security-news] SA-CONTRIB-2014-001 - Entity API - Access Bypass security-news
[Security-news] PSA-2014-001 - Media - Access Bypass security-news
Thursday, 09 January
Re: [Wooyun] OVH a subsite Zabbix Sql injection thomas . soete
Security is fun(ny) again J. Oquendo
Re: Security is fun(ny) again illwill
nullcon Blackshield Awards 2014 nullcon
Friday, 10 January
[CVE -2014-1201] Lorex security DVD ActiveX control buffer overflow Pedro Ribeiro
Re: [CVE -2014-1201] Lorex security DVD ActiveX control buffer overflow Pedro Ribeiro
ObamaCare California Admin Interface Exposed to Entire Internet + more! Whitehat Whistleblower
Re: Where are you guys standing re: the (full) disclosure Pedro Luis Karrasquillo
[SECURITY] [DSA 2840-1] srtp security update Salvatore Bonaccorso
Cisco Security Advisory: Undocumented Test Interface in Cisco Small Business Devices Cisco Systems Product Security Incident Response Team
Saturday, 11 January
Dates for the opening of registration for Rooted CON 2014 Omar Benbouazza
Updated [CVE-2013-6398] CloudStack Virtual Router stop/start modifies firewall rules allowing additional access David Nalley
Updated [CVE-2014-0031] CloudStack ListNetworkACL API discloses ACLs for other users David Nalley
[SECURITY] [DSA 2841-1] movabletype-opensource security update Moritz Muehlenhoff
Yahoo Bug Bounty Program Vulnerability #2 Open Redirect Stefan Schurtz
Monday, 13 January
Sex links fail Marshall Whittaker
BlackArch Linux BlackArch Linux
Re: Yahoo Bug Bounty Program Vulnerability #2 Open Redirect Kenneth F. Belva
Re: ObamaCare California Admin Interface Exposed to Entire Internet + more! Pedro Luis Karrasquillo
Re: Yahoo Bug Bounty Program Vulnerability #2 Open Redirect Stefan Schurtz
[ MDVSA-2014:001 ] kernel security
List Charter John Cartwright
[SECURITY] [DSA 2842-1] libspring-java security update Moritz Muehlenhoff
Microsoft Twitter accounts, blog hijacked by SEA Georgi Guninski
[SECURITY] [DSA 2843-1] graphviz security update Salvatore Bonaccorso
Re: Microsoft Twitter accounts, blog hijacked by SEA Mohammad Hosein
Tuesday, 14 January
Rooted CON 2014 attendee registration is open! Omar Benbouazza
[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application Daniel Wood
Ubuntu, duckduckgo, and additional info silence_is_best
Re: Ubuntu, duckduckgo, and additional info Seth Arnold
Wednesday, 15 January
Re: Ubuntu, duckduckgo, and additional info Daniel Wood
CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete Pivotal Security Team
CVE-2013-6430 Possible XSS when using Spring MVC Pivotal Security Team
Re: Ubuntu, duckduckgo, and additional info Gabriel Weinberg
Re: Ubuntu, duckduckgo, and additional info silence_is_best
Collabtive Sql Injection YOGESH PHADTARE
[SECURITY] [DSA 2844-1] djvulibre security update Raphael Geissert
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System Cisco Systems Product Security Incident Response Team
Re: Ubuntu, duckduckgo, and additional info silence_is_best
[Security-news] SA-CORE-2014-001 - Drupal core - Multiple vulnerabilities security-news
[Security-news] SA-CONTRIB-2014-002 - Anonymous Posting - Cross Site Scripting (XSS) security-news
Re: Ubuntu, duckduckgo, and additional info Seth Arnold
Re: Ubuntu, duckduckgo, and additional info Jordon Bedwell
EE BrightBox router hacked - bares all if you ask nicely Scott Helme
Thursday, 16 January
Re: EE BrightBox router hacked - bares all if you ask nicely Dan Ballance
Re: EE BrightBox router hacked - bares all if you ask nicely Źmicier Januszkiewicz
Re: EE BrightBox router hacked - bares all if you ask nicely gold flake
Re: EE BrightBox router hacked - bares all if you ask nicely Źmicier Januszkiewicz
Re: EE BrightBox router hacked - bares all if you ask nicely Dan Ballance
Re: EE BrightBox router hacked - bares all if you ask nicely Źmicier Januszkiewicz
Re: EE BrightBox router hacked - bares all if you ask nicely Dan Ballance
[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL Hafez Kamal
: EE BrightBox router hacked - bares all if you ask nicely Mikhail A. Utin
[ MDVSA-2014:002 ] bind security
[ MDVSA-2014:003 ] nrpe security
[ MDVSA-2014:004 ] nagios security
[ MDVSA-2014:005 ] ejabberd security
[ MDVSA-2014:006 ] libxslt security
Re: EE BrightBox router hacked - bares all if you ask nicely Valdis . Kletnieks
Re: EE BrightBox router hacked - bares all if you ask nicely Dan Ballance
Re: EE BrightBox router hacked - bares all if you ask nicely Valdis . Kletnieks
Re: EE BrightBox router hacked - bares all if you ask nicely Dan Ballance
Re: EE BrightBox router hacked - bares all if you ask nicely Jeffrey Walton
Re: EE BrightBox router hacked - bares all if you ask nicely Dan Ballance
Re: EE BrightBox router hacked - bares all if you ask nicely Jeffrey Walton
Re: EE BrightBox router hacked - bares all if you ask nicely Tracy Reed
[CVE-2013-6838] Enghouse Interactive IVR Pro (VIP2000) remote root authentication bypass Vulnerability Fredrik Söderblom
Re: EE BrightBox router hacked - bares all if you ask nicely Daniël W . Crompton
NEW : VMSA-2014-0001 - VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues "VMware Security Response Center"
Friday, 17 January
Romanian hacker unknown string Asheesh Tripathi
Re: Romanian hacker unknown string James Condron
Re: Romanian hacker unknown string Asheesh Tripathi
Re: Romanian hacker unknown string James Condron
Re: Romanian hacker unknown string Asheesh Tripathi
Re: Romanian hacker unknown string Henri Salo
Re: Romanian hacker unknown string James Condron
Re: Romanian hacker unknown string Asheesh Tripathi
Re: Romanian hacker unknown string James Condron
[ MDVSA-2014:007 ] openssl security
[ MDVSA-2014:008 ] openjpeg security
[ MDVSA-2014:009 ] librsvg security
[ MDVSA-2014:010 ] memcached security
[SECURITY] [DSA 2845-1] mysql-5.1 security update Moritz Muehlenhoff
[SECURITY] [DSA 2831-2] puppet regression update Salvatore Bonaccorso
SI6 Networks' IPv6 Toolkit v1.5.2 released! Fernando Gont
[SECURITY] [DSA 2846-1] libvirt security update Moritz Muehlenhoff
Saturday, 18 January
Re: [CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application Daniel Wood
Ubuntu, duckduckgo, and additional info Patrick O'Keeffe
Sunday, 19 January
Multiple vulnerabilities at president.gov.ua MustLive
Monday, 20 January
Hackito Ergo Sum 2014 CFP Alexandre De Oliveira
[ MDVSA-2014:011 ] java-1.7.0-openjdk security
[ MDVSA-2014:012 ] nss security
[SECURITY] [DSA 2847-1] drupal7 security update Salvatore Bonaccorso
Tuesday, 21 January
0day - MuPDF Stack-based Buffer Overflow in xps_parse_color() Jean-Jamil Khalifé
TWSL2014-001: Multiple Vulnerabilities in Franklin Fueling's TS-550 evo Trustwave Advisories
TWSL2014-002: Buffer Overflow Vulnerability in DaumGame ActiveX Trustwave Advisories
[ MDVSA-2014:013 ] libxfont security
[ MDVSA-2014:014 ] php security
DDoS against Gamerfirst dave
22 January 2014, SEA : M$ = 3 : 0 Georgi Guninski
Wednesday, 22 January
[CVE-2013-6040] MW6 Technologies ActiveX buffer overflows and remote code execution Pedro Ribeiro
Chrome (and Safari) antiXSS filter bypass vulns () 11paths com
Capstone 2.0 is released! Nguyen Anh Quynh
SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) SEC Consult Vulnerability Lab
[ MDVSA-2014:015 ] cups security
[ MDVSA-2014:016 ] spice security
[ MDVSA-2014:017 ] net-snmp security
[ MDVSA-2014:018 ] net-snmp security
[ MDVSA-2014:019 ] elinks security
Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
[ MDVSA-2014:020 ] x11-server security
[Security-news] SA-CONTRIB-2014-003 - Doubleclick for Publishers DFP - Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2014-004 - Secure Cookie Data - Faulty Hashing security-news
[Security-news] SA-CONTRIB-2014-005 - Leaflet - Access bypass security-news
[Security-news] SA-CONTRIB-2014-006 - Language Switcher Dropdown - Open Redirect security-news
Thursday, 23 January
[SECURITY] [DSA 2848-1] mysql-5.5 security update Salvatore Bonaccorso
How a teenager helpfully reported a government security flaw – and could be charged in return Ivan .Heca
[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) nullcon
Friday, 24 January
Fwd: Trustlook discovered Microsoft’s first high risk Android Vulnerability Raymond Zhang
Contact PSIRT Fortinet William Costa
Remote Command Injection Vulnerability in SkyBlueCanvas CMS Scott Parish
[SECURITY] [DSA 2826-2] denyhosts regression update Yves-Alexis Perez
CALL FOR PAPERS - NUIT DU HACK - 28/29 JUNE 2014 freeman
[CVE-2013-6030]Emerson Network Power Avocent MergePoint Unity 2016 KVM switches contain a directory traversal vulnerability shady . liu
Healthcare.gov noise truthinallthings
[CVE-2013-6235] - Multiple Reflected XSS vulnerabilities in JAMon v2.7 Christian Catalano
Re: Chrome (and Safari) antiXSS filter bypass Pedro Worcel
ADV: IBM QRadar SIEM Thomas Pollet
DAVOSET v.1.1.6 MustLive
[ MDVSA-2014:021 ] perl-Proc-Daemon security
[ MDVSA-2014:022 ] augeas security
[ MDVSA-2014:023 ] hplip security
[ MDVSA-2014:024 ] graphviz security
Dictatorial laws in Ukraine MustLive
Saturday, 25 January
ssl.bing.com - Cross-site Scripting vulnerability Stefan Schurtz
Re: RFP: FOIA with privacy waivers[0] for oversight coderman
Sunday, 26 January
Making waves on Twitter! David Kennedy
Satellite Security - A story NASA would love to see. Nicholas Lemonias.
Monday, 27 January
Re: Making waves on Twitter! Brandon Perry
Re: Making waves on Twitter! David Kennedy
Re: Making waves on Twitter! Brandon Perry
Re: Making waves on Twitter! David Kennedy
DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 Major Malfunction
Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability Vulnerability Lab
RVAsec 2014 CFP Sullo
Sentinel beta version released Nicolas A. Economou
[CVE-2014-1673] Check Point Session Authentication Agent vulnerability Jakub Jozwiak
Tuesday, 28 January
Oracle Reports Exploit - Remote Shell/Dump Passwords NI @root
pfSense 2.1 Privilege Escalation from less privileged users (LFI/RCE) Pichaya Morimoto
Wednesday, 29 January
SimplyShare v1.4 iOS - Multiple Web Vulnerabilities Vulnerability Lab
[Security-news] SA-CONTRIB-2014-007 - Services - Multiple access bypass vulnerabilities security-news
[Security-news] SA-CONTRIB-2014-008 - Tribune - Cross Site Scripting (XSS) security-news
Friday, 31 January
[SECURITY] [DSA 2849-1] curl security update Florian Weimer
[SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service Security Explorations
[SECURITY] [DSA 2850-1] libyaml security update Salvatore Bonaccorso