[Full-disclosure] [ MDVSA-2014:020 ] x11-server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:020 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2014-004 - Secure Cookie Data - Faulty Hashing

View online: https://drupal.org/node/2179099 * Advisory ID: DRUPAL-SA-CONTRIB-2014-004 * Project: Secure Cookie Data [1] (third-party module) * Version: 7.x * Date: 2014-January-22 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability

[Full-disclosure] [Security-news] SA-CONTRIB-2014-005 - Leaflet - Access bypass

View online: https://drupal.org/node/2179103 * Advisory ID: DRUPAL-SA-CONTRIB-2014-005 * Project: Leaflet [1] (third-party module) * Version: 7.x * Date: 2014-January-22 * Security risk: Critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2014-003 - Doubleclick for Publishers DFP - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2179085 * Advisory ID: DRUPAL-SA-CONTRIB-2014-003 * Project: Doubleclick for Publishers (DFP) [1] (third-party module) * Version: 7.x * Date: 2014-January-22 * Security risk: Moderately critical [2] * Exploitable from: Remote

[Full-disclosure] [Security-news] SA-CONTRIB-2014-006 - Language Switcher Dropdown - Open Redirect

View online: https://drupal.org/node/2179123 * Advisory ID: DRUPAL-SA-CONTRIB-2014-006 * Project: Language Switcher Dropdown [1] (third-party module) * Version: 7.x * Date: 2014-January-22 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability

[Full-disclosure] [ MDVSA-2014:013 ] libxfont

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:013 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:014 ] php

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:014 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:011 ] java-1.7.0-openjdk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:011 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:012 ] nss

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:012 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:007 ] openssl

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:007 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:008 ] openjpeg

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:008 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:009 ] librsvg

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:009 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:010 ] memcached

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:010 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:002 ] bind

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:002 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:003 ] nrpe

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:003 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:004 ] nagios

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:004 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:005 ] ejabberd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:005 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2014:006 ] libxslt

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:006 http://www.mandriva.com/en/support/security

[Full-disclosure] NEW : VMSA-2014-0001 - VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2014-0001 Synopsis:VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security

[Full-disclosure] CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete

of 3.x should upgrade to 3.2.5 or later - Users of 4.x should upgrade to 4.0.0 or later (This is also fixed in 4.0.0-RC2 but users are recommended to use 4.0.0 or later) Credit: This issue was identified by the Spring development team. References: http://www.gopivotal.com/security/cve-2013-6429

[Full-disclosure] CVE-2013-6430 Possible XSS when using Spring MVC

: This issue was originally reported to the Spring Framework developers by Jon Passki and the security implications brough to the attention of the Pivotal security team by Arun Neelicattu. References: http://www.gopivotal.com/security/cve-2013-6430 https://jira.springsource.org/browse/SPR-9983 https

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System Advisory ID: cisco-sa-20140115-csacs Revision 1.0 For Public Release 2014 January 15 12:00 UTC (GMT

[Full-disclosure] [Security-news] SA-CORE-2014-001 - Drupal core - Multiple vulnerabilities

View online: https://drupal.org/SA-CORE-2014-001 * Advisory ID: DRUPAL-SA-CORE-2014-001 * Project: Drupal core [1] * Version: 6.x, 7.x * Date: 2014-January-15 * Security risk: Highly critical [2] * Exploitable from: Remote * Vulnerability: Multiple vulnerabilities

[Full-disclosure] [Security-news] SA-CONTRIB-2014-002 - Anonymous Posting - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2173321 * Advisory ID: DRUPAL-SA-CONTRIB-2014-002 * Project: Anonymous Posting [1] (third-party module) * Version: 7.x * Date: 2014-01-15 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross Site

[Full-disclosure] [ MDVSA-2014:001 ] kernel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:001 http://www.mandriva.com/en/support/security

[Full-disclosure] Cisco Security Advisory: Undocumented Test Interface in Cisco Small Business Devices

=== A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Cisco will release free

[Full-disclosure] [Security-news] SA-CONTRIB-2014-001 - Entity API - Access Bypass

View online: https://drupal.org/node/2169595 * Advisory ID: DRUPAL-SA-CONTRIB-2014-001 * Project: Entity API [1] (third-party module) * Version: 7.x * Date: 2014-January-08 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] PSA-2014-001 - Media - Access Bypass

View online: https://drupal.org/node/2169767 * Advisory ID: PSA-2014-001 * Project: Media [1] (third-party module) * Version: 7.x * Date: 2014-01-08 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access Bypass DESCRIPTION

[Full-disclosure] [ MDVSA-2013:302 ] pixman

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:302 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:300 ] asterisk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:300 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:301 ] nss

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:301 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:299 ] samba

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:299 http://www.mandriva.com/en/support/security

[Full-disclosure] NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2013-0016 Synopsis:VMware ESXi and ESX unauthorized file access through vCenter Server and ESX Issue date

[Full-disclosure] [ MDVSA-2013:296 ] wireshark

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:296 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:297 ] munin

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:297 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:298 ] php

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:298 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:295 ] gnupg

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:295 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:289 ] owncloud

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:289 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:291 ] kernel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:291 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:291 ] kernel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:291 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:290 ] mediawiki

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:290 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:292 ] links

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:292 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:293 ] gimp

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:293 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:294 ] gimp

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:294 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability

View online: https://drupal.org/node/2158651 * Advisory ID: DRUPAL-SA-CONTRIB-2013-098 * Project: Ubercart [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-12-18 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Session Fixation

[Full-disclosure] [ MDVSA-2013:288 ] subversion

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:288 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:287-1 ] drupal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:287-1 http://www.mandriva.com/en/support/security

[Full-disclosure] AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message

Asterisk Project Security Advisory - AST-2013-006 ProductAsterisk SummaryBuffer Overflow when receiving odd length 16 bit SMS message

[Full-disclosure] AST-2013-007: Asterisk Manager User Dialplan Permission Escalation

Asterisk Project Security Advisory - AST-2013-007 ProductAsterisk SummaryAsterisk Manager User Dialplan Permission Escalation Nature of Advisory Permission Escalation

Re: [Full-disclosure] bWhere are you guys standing re: the (full) disclosure question?/b

Microsoft takes security vulnerability reports at sec...@microsoft.com, as Dieyu mentioned on Friday. -Original Message- From: Full-Disclosure [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Pedro Luis Karrasquillo Sent: Friday, December 13, 2013 9:04 PM To: full

[Full-disclosure] Any not annoying help welcome

Making a turn here, let's see what turns out! I know that using Wireshark we can capture traffic in/out of the routers interfaces.I don't want to dig up the routers concept because face it i already know how it works and so do you. I have only a few questions to ask. 1) The traffic on any device

Re: [Full-disclosure] Any not annoying help welcome

of it human-readable? On Tue, Dec 3, 2013 at 3:06 PM, ICSS Security ctrlaltdel...@outlook.pt wrote: Making a turn here, let's see what turns out! I know that using Wireshark we can capture traffic in/out of the routers interfaces.I don't want to dig up the routers concept because face it i

[Full-disclosure] [Security-news] SA-CONTRIB-2013-097 - OG Features - Access bypass

View online: https://drupal.org/node/2149791 * Advisory ID: DRUPAL-SA-CONTRIB-2013-097 * Project: OG Features [1] (third-party module) * Version: 6.x * Date: 2013-December-04 * Security risk: Not Critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2013-0014 Synopsis:VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege

[Full-disclosure] [ MDVSA-2013:285 ] bugzilla

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:285 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:286 ] ruby

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:286 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:287 ] drupal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:287 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:282 ] perl-HTTP-Body

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:282 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:283 ] glibc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:283 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:284 ] glibc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:284 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:281 ] nginx

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:281 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:279 ] wireshark

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:279 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:280 ] memcached

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:280 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:272 ] poppler

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:272 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:273 ] libjpeg

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:273 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:274 ] libjpeg

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:274 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:275 ] krb5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:275 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:276 ] curl

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:276 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:277 ] lighttpd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:277 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:278 ] samba

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:278 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:269 ] firefox

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:269 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:270 ] nss

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:270 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-093 - Invitation - Access Bypass

View online: https://drupal.org/node/2140097 * Advisory ID: DRUPAL-SA-CONTRIB-2013-093 * Project: Invitation [1] (third-party module) * Version: 7.x * Date: 2013-November-20 * Security risk: Critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-094 - EU Cookie Compliance - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2140123 * Advisory ID: DRUPAL-SA-CONTRIB-2013-094 * Project: EU Cookie Compliance [1] (third-party module) * Version: 7.x * Date: 2013-November-20 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross

[Full-disclosure] [Security-news] SA-CONTRIB-2013-096 - Entity reference - Access bypass

View online: https://drupal.org/node/2140237 * Advisory ID: DRUPAL-SA-CONTRIB-2013-096 * Project: Entity reference [1] (third-party module) * Version: 7.x * Date: 2013-November-20 * Security risk: Not critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-095 - Organic Groups - Access bypass

View online: https://drupal.org/node/2140217 * Advisory ID: DRUPAL-SA-CONTRIB-2013-095 * Project: Organic groups [1] (third-party module) * Version: 7.x * Date: 2013-November-20 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities

View online: https://drupal.org/SA-CORE-2013-003 * Advisory ID: DRUPAL-SA-CORE-2013-003 * Project: Drupal core [1] * Version: 6.x, 7.x * Date: 2013-November-20 * Security risk: Highly critical [2] * Exploitable from: Remote * Vulnerability: Multiple vulnerabilities

[Full-disclosure] [ MDVSA-2013:266 ] java-1.6.0-openjdk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:266 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:267 ] java-1.7.0-openjdk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:267 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:268 ] torque

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:268 http://www.mandriva.com/en/support/security

[Full-disclosure] NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - VMware Security Advisory Advisory ID: VMSA-2013-0013 Synopsis:VMware Workstation host privilege escalation vulnerability Issue date: 2013-11-14 Updated

[Full-disclosure] [Security-news] SA-CONTRIB-2013-091 - Groups, Communities and Co (GCC) - Access Bypass

View online: https://drupal.org/node/2135267 * Advisory ID: DRUPAL-SA-CONTRIB-2013-091 * Project: Groups, Communities and Co (GCC) [1] (third-party module) * Version: 7.x * Date: 2013-November-13 * Security risk: Moderately critical [2] * Exploitable from: Remote

[Full-disclosure] [Security-news] SA-CONTRIB-2013-090 - Revisioning - Access Bypass

View online: https://drupal.org/node/2135257 * Advisory ID: DRUPAL-SA-CONTRIB-2013-090 * Project: Revisioning [1] (third-party module) * Version: 7.x * Date: 2013-November-13 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-092 - Misery - Denial of Service (DOS) vulnerability.

View online: https://drupal.org/node/2135273 * Advisory ID: DRUPAL-SA-CONTRIB-2013-092 * Project: Misery [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-November-13 * Security risk: Not critical [2] * Exploitable from: Remote * Vulnerability: Multiple

[Full-disclosure] n.runs-SA-2013.006 - Microsoft Outlook/Crypto API - Design Bug

n.runs professionals GmbH http://www.nruns.com/ security(at)nruns.com n.runs-SA-2013.006 12-Nov-2013 Vendor: Microsoft, http

[Full-disclosure] [ MDVSA-2013:265 ] kernel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:265 http://www.mandriva.com/en/support/security

[Full-disclosure] Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Advisory ID: cisco-sa-20131106-tvxca Revision 1.0 For Public Release 2013 November 6 16:00 UTC (GMT

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20131106-sip Revision 1.0 For Public Release 2013 November 6 16:00 UTC (GMT

[Full-disclosure] Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory Cisco WAAS Mobile Remote Code Execution Vulnerability Advisory ID: cisco-sa-20131106-waasm Revision 1.0 For Public Release 2013 November 6 16:00 UTC (GMT

[Full-disclosure] [Security-news] SA-CONTRIB-2013-087 - Payment for Webform - Access Bypass

View online: https://drupal.org/node/2129373 * Advisory ID: DRUPAL-SA-CONTRIB-2013-087 * Project: Payment for Webform [1] (third-party module) * Version: 7.x * Date: 2013-November-06 * Security risk: Not critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-089 - Node Access Keys - Access Bypass

View online: https://drupal.org/node/2129379 * Advisory ID: DRUPAL-SA-CONTRIB-2013-089 * Project: Node Access Keys [1] (third-party module) * Version: 7.x * Date: 2013-November-06 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access

[Full-disclosure] [Security-news] SA-CONTRIB-2013-088 - Secure Pages - Missing Encryption of Sensitive Data

View online: https://drupal.org/node/2129381 * Advisory ID: DRUPAL-SA-CONTRIB-2013-088 * Project: Secure Pages [1] (third-party module) * Version: 6.x * Date: 2013-November-06 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Missing Encryption

[Full-disclosure] [ISecAuditors Security Advisories] SQL Injection vulnerability in Project'Or RIA allow arbitrary access to the database and the file system

= INTERNET SECURITY AUDITORS ALERT 2013-017 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 6.8/10 (CVSSv2 Base Scored) - CVE-ID: CVE-2013-6164

[Full-disclosure] [ISecAuditors Security Advisories] Multiple XSS vulnerabilities in Project'Or RIA

= INTERNET SECURITY AUDITORS ALERT 2013-018 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) - CVE-ID: CVE-2013-6163

[Full-disclosure] [ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability

= INTERNET SECURITY AUDITORS ALERT 2013-005 - Original release date: 3rd March 2013 - Last revised: 10th March 2013 - Discovered by: Eduardo Garcia Melia - Severity: 5.2/10 (CVSS Base Scored) = I

[Full-disclosure] [ MDVSA-2013:264 ] firefox

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:264 http://www.mandriva.com/en/support/security

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Advisory ID: cisco-sa-20131030-asr1000 Revision 1.0 For Public Release 2013 October 30 16:00 UTC (GMT

[Full-disclosure] [Security-news] SA-CONTRIB-2013-084 - FileField Sources - Access Bypass

View online: https://drupal.org/node/2124241 * Advisory ID: DRUPAL-SA-CONTRIB-2013-084 * Project: FileField Sources [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-Oct-30 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-083 - Quiz - Access Bypass

View online: https://drupal.org/node/2123995 * Advisory ID: DRUPAL-SA-CONTRIB-2013-083 * Project: Quiz [1] (third-party module) * Version: 6.x * Date: 2013-October-30 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass, Information

[Full-disclosure] [Security-news] SA-CONTRIB-2013-085 - Feed Element Mapper - Cross Site Scripting

View online: https://drupal.org/node/2124279 * Advisory ID: DRUPAL-SA-CONTRIB-2013-085 * Project: Feed Element Mapper [1] (third-party module) * Version: 6.x * Date: 2013-October-30 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

<    1   2   3   4   5   6   7   8   9   10   >