SecurityFocus

Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) 2013-02-17
Fernando Gont (fgont si6networks com)

[SECURITY] [DSA 2624-1] ffmpeg security update 2013-02-16
Moritz Muehlenhoff (jmm debian org)

SI6 Networks IPv6 Toolkit v1.3 released! 2013-02-16
Fernando Gont (fgont si6networks com)

CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities 2013-02-15
CORE Security Technologies Advisories (advisories coresecurity com)

Empirum Password Obfuscation Design Flaw 2013-02-14
otr bockcay de

[ MDVSA-2013:012 ] postgresql 2013-02-15
security mandriva com

[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption 2013-02-14
Inshell Security (info inshell net)

[SECURITY] [DSA 2623-1] openconnect security update 2013-02-14
Florian Weimer (fw deneb enyo de)

Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg 2013-02-14
devnull s3cur1ty de

Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND 2013-02-14
devnull s3cur1ty de

[security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution 2013-02-14
security-alert hp com

Re: Aastra IP Telephone encrypted .tuz configuration file leakage 2013-02-14
noreply aastra com

[slackware-security] pidgin (SSA:2013-044-01) 2013-02-14
Slackware Security Team (security slackware com)

Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability 2013-02-14
Vulnerability Lab (research vulnerability-lab com)

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities 2013-02-14
Vulnerability Lab (research vulnerability-lab com)

CA20130213-01: Security Notice for CA ControlMinder 2013-02-13
Kotas, Kevin J (Kevin Kotas ca com)

[SECURITY] [DSA 2621-1] openssl security update 2013-02-13
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 2622-1] polarssl security update 2013-02-13
Thijs Kinkhorst (thijs debian org)

Multiple Vulnerabilities in OpenPLI 2013-02-13
devnull s3cur1ty de

[ MDVSA-2013:011 ] samba 2013-02-13
security mandriva com

[SECURITY] [DSA 2620-1] rails security update 2013-02-12
Florian Weimer (fw deneb enyo de)

Simple password obfuscation in Enterprise Architect 2013-02-12
Diening, Holm (holm diening gematik de)

[slackware-security] openssl (SSA:2013-042-01) 2013-02-12
Slackware Security Team (security slackware com)

I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution 2013-02-09
aeon s flux gmail com

Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack 2013-02-11
Adam Laurie (adam algroup co uk) (1 replies)

Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack 2013-02-12
Adam Laurie (adam algroup co uk)

Multiple Vulnerabilities in Linksys WAG200G 2013-02-11
devnull s3cur1ty de

Multiple Vulnerabilities in Linksys WRT160Nv2 2013-02-11
devnull s3cur1ty de

[ MDVSA-2013:010 ] java-1.6.0-openjdk 2013-02-11
security mandriva com

[SECURITY] [DSA 2612-2] ircd-ratbox update 2013-02-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update 2013-02-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:009 ] libssh 2013-02-09
security mandriva com

Mathematica9.0.1 on Linux /tmp/MathLink vulnerability 2013-02-08
paul szabo sydney edu au

[slackware-security] curl (SSA:2013-038-01) 2013-02-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2618-1] ircd-hybrid security update 2013-02-07
Luciano Bello (luciano debian org)

DIMVA 2013 - Extended deadline for paper submission: February 17, 2013! 2013-02-07
Collin Mulliner (crm ccs neu edu)

[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏ 2013-02-06
hip insight-labs org

Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability 2013-02-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up 2013-02-06
DefenseCode (defensecode defensecode com)

[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability 2013-02-06
Egidio Romano (research karmainsecurity com)

Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin 2013-02-06
advisory htbridge com

[ MDVSA-2013:008 ] mysql 2013-02-06
security mandriva com

SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin 2013-02-06
advisory htbridge com

[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF 2013-02-06
hip insight-labs org

Multiple Vulnerabilities in Linksys E1500/E2500 2013-02-05
devnull s3cur1ty de

[PT-2012-53] Privilege Gaining in DataLife Engine 2013-02-05
noreply ptsecurity ru

CVE-2012-6451 Authentication Bypass in LOREX IP Cameras 2013-02-05
doylej ia gmail com

[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing 2013-02-05
research majorsecurity com

[security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code 2013-02-05
security-alert hp com

[ MDVSA-2013:007 ] mysql 2013-02-05
security mandriva com

APPLE-SA-2013-02-04-1 OS X Server v2.2.1 2013-02-04
Apple Product Security (product-security-noreply lists apple com)

0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities 2013-02-04
Vulnerability Lab (research vulnerability-lab com)

Free Monthly Websites v2.0 - Multiple Web Vulnerabilities 2013-02-04
Vulnerability Lab (research vulnerability-lab com)

Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) 2013-02-04
devnull s3cur1ty de

[IMF 2013] Call for Participation 2013-02-04
Oliver Goebel (goebel cert uni-stuttgart de)

[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU 2013-02-04
Security Explorations (contact security-explorations com) (1 replies)

Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU 2013-02-05
Security Explorations (contact security-explorations com)

NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation 2013-02-04
NCC Group Research (research nccgroup com)

NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation 2013-02-04
NCC Group Research (research nccgroup com)

[SECURITY] [DSA 2616-1] nagios3 security update 2013-02-03
Jonathan Wiltshire (jmw debian org)

[SECURITY] [DSA 2617-1] samba security update 2013-02-02
Luciano Bello (luciano debian org)

[SECURITY] [DSA 2615-1] libupnp4 security update 2013-02-02
Yves-Alexis Perez (corsac debian org)

Directory Traversal - EasyITSP <= 2.0.7 2013-02-04
MichaÅ? BÅ?aszczak (blaszczakm gmail com)

[SECURITY] [DSA 2614-1] libupnp security update 2013-02-02
Yves-Alexis Perez (corsac debian org)

APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12 2013-02-02
Apple Product Security (product-security-noreply lists apple com)

DC++ 0.802 and below incorrectly registers URI schemes in Windows 2013-02-01
ullner gmail com

[security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) 2013-02-01
security-alert hp com

[ MDVSA-2013:006 ] freetype2 2013-02-01
security mandriva com

FreeBSD 9.1 ftpd Remote Denial of Service 2013-02-01
max cxsecurity com

Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install 2013-02-01
larry0 me com

[HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions 2013-02-01
Hafez Kamal (aphesz hackinthebox org)

ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities 2013-01-31
Security Alert (Security_Alert emc com)

Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images 2013-01-31
Major Malfunction (majormal pirate-radio org)

DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability 2013-01-31
DefenseCode (defensecode defensecode com)

[security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS) 2013-01-30
security-alert hp com

marc4dasm - Atmel MARC microprocessor disassembler published 2013-01-30
Adam Laurie (adam algroup co uk)

OWASP Zed Attack Proxy 2.0.0 2013-01-30
psiinon (psiinon gmail com)

CFP Observe. Hack. Make. 2013-01-30
Walter Belgers walter+bugtraq@belgers.com (walter+bugtraq belgers com)

Buffalo TeraStation TS-Series multiple vulnerabilities 2013-01-30
Andrea Fabrizi (andrea fabrizi gmail com)

[SECURITY] [DSA 2613-1] rails security update 2013-01-30
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities 2013-01-29
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Re: Wordpress Valums Uploader - File Upload Vulnerability 2013-01-29
fineuploader garstasio com

Adobe Reader XI versions are vulnerable to a heap overflow 2013-01-29
n1s0o gmail com

XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget") 2013-01-29
Moritz Naumann (security moritz-naumann com)

APPLE-SA-2013-01-28-2 Apple TV 5.2 2013-01-28
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2013-01-28-1 iOS 6.1 Software Update 2013-01-28
Apple Product Security (product-security-noreply lists apple com)

[KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability 2013-01-28
Egidio Romano (research karmainsecurity com)

Kohana Framework v2.3.3 - Directory Traversal Vulnerability 2013-01-28
Vulnerability Lab (research vulnerability-lab com)

ESA-2013-010: EMC AlphaStor Buffer Overflow Vulnerability 2013-01-28
Security Alert (Security_Alert emc com)

Unauthenticated remote access to D-Link DCS cameras 2013-01-28
roberto greyhats it

Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities 2013-01-28
Vulnerability Lab (research vulnerability-lab com)

nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities 2013-01-28
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2013:005 ] perl 2013-01-28
security mandriva com

[SE-2012-01] An issue with new Java SE 7 security features 2013-01-27
Security Explorations (contact security-explorations com)

WordPress SolveMedia 1.1.0 CSRF Vulnerability 2013-01-24
illSecResearchGroup Gmail com

[SECURITY] [DSA 2612-1] ircd-ratbox security update 2013-01-24
Moritz Muehlenhoff (jmm debian org)

SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products 2013-01-24
SEC Consult Vulnerability Lab (research sec-consult com)

IPv6: How to avoid security issues with VPN leaks on dual-stack networks 2013-01-24
Fernando Gont (fgont si6networks com)

New Blog Post: Attacking the Windows 7/8 Address Space Randomization 2013-01-24
king cope (isowarez isowarez isowarez googlemail com)