Next Last 1. 2016-06-30 [2] [FD] Samsung SW Update - Insecure ACLs on SW Update Service Directory - full-disclos Benjamin Gnahm 2. 2016-06-28 [1] [FD] KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Com full-disclos KoreLogic Disclosures 3. 2016-06-28 [1] [FD] [KIS-2016-10] Concrete5 <= 5.7.3.1 (Application::dispatch) Local Fi full-disclos Egidio Romano 4. 2016-06-28 [1] [FD] [KIS-2016-09] Concrete5 <= 5.7.3.1 Multiple Stored Cross-Site Scrip full-disclos Egidio Romano 5. 2016-06-28 [1] [FD] [KIS-2016-08] Concrete5 <= 5.7.3.1 Multiple Cross-Site Request Forg full-disclos Egidio Romano 6. 2016-06-28 [1] [FD] Iranian Weblog Services v3.3 CMS - Multiple Web Vulnerabilities full-disclos Vulnerability Lab 7. 2016-06-28 [1] [FD] Alfine CMS v2.6 - (Login) Auth Bypass Vulnerability full-disclos Vulnerability Lab 8. 2016-06-28 [1] [FD] Mutualaid CMS v4.3.1 - SQL Injection Web Vulnerability full-disclos Vulnerability Lab 9. 2016-06-28 [1] [FD] Ladesk Agent #1 (Bug Bounty) - Session Reset Password Vulnerability full-disclos Vulnerability Lab 10. 2016-06-27 [1] [FD] Craft CMS affected by server side template injection full-disclos Securify B.V. 11. 2016-06-27 [1] [FD] Aramadito remote arbitrary file write in case of MiTM full-disclos thedeadcow 12. 2016-06-27 [1] [FD] Riverbed SteelCentral NetProfiler & NetExpress Multiple Vulnerabili full-disclos Francesco Oddo 13. 2016-06-26 [1] [FD] Panda Security Privilege Escalation full-disclos Ash 14. 2016-06-25 [2] Re: [FD] [oss-security] libical 0.47 SEGV on unknown address full-disclos Brandon Perry 15. 2016-06-24 [1] [FD] libical 0.47 SEGV on unknown address full-disclos Brandon Perry 16. 2016-06-24 [1] [FD] #146416 Ruby:HTTP Header injection in 'net/http' full-disclos redrain root 17. 2016-06-24 [1] [FD] SEC Consult SA-20160624-0 :: ASUS DSL-N55U router XSS and informati full-disclos SEC Consult Vulnerabi 18. 2016-06-23 [1] [FD] [KIS-2016-07] SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Objec full-disclos Egidio Romano 19. 2016-06-23 [1] [FD] [KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fop full-disclos Egidio Romano 20. 2016-06-23 [1] [FD] [KIS-2016-05] SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabili full-disclos Egidio Romano 21. 2016-06-23 [1] [FD] [KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulner full-disclos Egidio Romano 22. 2016-06-23 [1] [FD] [KIS-2016-03] SugarCRM <= 6.5.18 (SAML Authentication) XML External full-disclos Egidio Romano 23. 2016-06-23 [1] [FD] EdgeCore - ES3526XA Manager - Multiple Vulnerabilities full-disclos Karn Ganeshen 24. 2016-06-22 [3] [FD] Magic values in 32-bit processes on 64-bit OS-es and how to exploit full-disclos Berend-Jan Wever 25. 2016-06-22 [1] [FD] Sierra Wireless AirLink Raven XE Industrial 3G Gateway - Multiple V full-disclos Karn Ganeshen 26. 2016-06-21 [1] [FD] Faraday v1.0.21 with our new GTK interface! full-disclos Francisco Amato 27. 2016-06-21 [1] [FD] [ERPSCAN-16-018] SAP Application server for Javat - DoS vulnerabili full-disclos ERPScan inc 28. 2016-06-21 [1] [FD] [ERPSCAN-16-017] SAP JAVA AS icman - DoS vulnerability full-disclos ERPScan inc 29. 2016-06-21 [1] [FD] [ERPSCAN-16-015] SAP NetWeaver Java AS - multiple XSS vulnerabiliti full-disclos ERPScan inc 30. 2016-06-21 [1] [FD] [ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT - Information disclo full-disclos ERPScan inc Next Last