Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

115 messages starting Sep 25 14 and ending Sep 15 14
Date index | Thread index | Author index

advisories

LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow advisories (Sep 25)
MSA-2014-02: Typo3 Extension dmmjobcontrol Multiple Vulnerabilities (typo3-ext-sa-2014-012) Advisories (Sep 25)

Árpád Magosányi

Re: SSH host key fingerprint - through HTTPS Árpád Magosányi (Sep 03)

Asterisk Security Team

AST-2014-009: Remote crash based on malformed SIP subscription requests Asterisk Security Team (Sep 18)
AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations Asterisk Security Team (Sep 18)

b4mbi

uni-konstanz.de subdomain, arbitrary file download b4mbi (Sep 26)

beloumi

Re: Laravel 2.1 Hash::make() bcrypt truncation beloumi (Sep 17)

Ben Lincoln (F7EFC8C9 - FD)

Re: Critical bash vulnerability CVE-2014-6271 (slightly OT logo discussion) Ben Lincoln (F7EFC8C9 - FD) (Sep 26)

BillV-Lists

Multiple SQL Injection Vulnerabilities in ClassApps SelectSurvey.net BillV-Lists (Sep 17)

Brandon Vincent

Re: libre office listening on port 1599 Brandon Vincent (Sep 16)

Bryan Bickford

Public WiFi Pcaps Bryan Bickford (Sep 09)

Busindre ™

Re: SSH host key fingerprint - through HTTPS Busindre ™ (Sep 09)

Christey, Steven M.

CVE ID Syntax Change - Deadline Approaching Christey, Steven M. (Sep 17)

CORE Advisories Team

[CORE-2014-0005] - Advantech WebAccess Vulnerabilities CORE Advisories Team (Sep 02)
[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow CORE Advisories Team (Sep 16)

Dolev Farhi

M/Monit - Account hijacking via CSRF Dolev Farhi (Sep 19)
Openfiler DoS via CSRF (CVE-2014-7190) Dolev Farhi (Sep 26)
Syslog LogAnalyzer persistent XSS injection CVE-2014-6070 Dolev Farhi (Sep 02)

dxw Security

Advanced Access Manager allows admin users to write arbitrary files and execute arbitrary php (WordPress plugin) dxw Security (Sep 03)
CSRF/XSS vulnerablity in Login Widget With Shortcode allows unauthenticated attackers to do anything an admin can do (WordPress plugin) dxw Security (Sep 17)
Vulnerability in WP-Ban allows visitors to bypass the IP blacklist in some configurations (WordPress plugin) dxw Security (Sep 17)
Reflected XSS in WooCommerce – excelling eCommerce allows attackers ability to do almost anything an admin user can do (WordPress plugin) dxw Security (Sep 17)

Egidio Romano

[KIS-2014-09] X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability Egidio Romano (Sep 23)
[KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability Egidio Romano (Sep 23)

Eric Rand

Re: Public WiFi Pcaps Eric Rand (Sep 09)

Evan Teitelman

Re: Critical bash vulnerability CVE-2014-6271 Evan Teitelman (Sep 25)

Fernando Mercês

Re: Fwd: Security Access Fernando Mercês (Sep 12)

g () 1337 io

Re: Critical bash vulnerability CVE-2014-6271 g () 1337 io (Sep 25)

Godin, Erik

Re: Critical bash vulnerability CVE-2014-6271 Godin, Erik (Sep 25)

gold flake

Re: Fwd: Security Access gold flake (Sep 19)

Gunnar Wolf

Re: Strength and Weakness of Methods to Confirm SSH Host Key Gunnar Wolf (Sep 24)

Jeroen van der Ham

Re: SSH host key fingerprint - through HTTPS Jeroen van der Ham (Sep 01)
Re: SSH host key fingerprint - through HTTPS Jeroen van der Ham (Sep 01)

john doe

ALCASAR <= 2.8.1 Remote Root Code Execution Vulnerability john doe (Sep 15)
ALCASAR <= 2.8 Remote Root Code Execution Vulnerability john doe (Sep 07)

John Leo

Re: SSH host key fingerprint - through HTTPS John Leo (Sep 02)
Strength and Weakness of Methods to Confirm SSH Host Key John Leo (Sep 23)
SSH host key fingerprint - through HTTPS John Leo (Sep 01)
Re: SSH host key fingerprint - through HTTPS John Leo (Sep 02)

Kemble Wagner

libre office listening on port 1599 Kemble Wagner (Sep 15)

Larry W. Cashdollar

Rooted SSH/SFTP Daemon Default Login Credentials Larry W. Cashdollar (Sep 11)

Luca Carettoni

Re: ntopng 1.2.0 XSS injection using monitored network traffic Luca Carettoni (Sep 09)

Mark Maunder

Re: Wordfence v5.2.3 (Wordpress Security Plugin) - Multiple Vulnerabilities Mark Maunder (Sep 16)

Mark Thomas

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat Mark Thomas (Sep 10)

Matt Hazinski

Re: Critical bash vulnerability CVE-2014-6271 Matt Hazinski (Sep 26)

Matt Weeks

Ammyy Admin 0day Matt Weeks (Sep 10)

Mauro Risonho de Paula Assumpção

XSS Reflected JQuery 1.4.2 - Create object option in runtime client-side Mauro Risonho de Paula Assumpção (Sep 02)

maxigas

Re: SSH host key fingerprint - through HTTPS maxigas (Sep 01)

Mehdi Talbi

[TOOL] Hakabana release Mehdi Talbi (Sep 25)

Michal Zalewski

Uninit memory disclosure via truncated images in Firefox Michal Zalewski (Sep 02)
Re: Critical bash vulnerability CVE-2014-6271 Michal Zalewski (Sep 25)

MustLive

Vulnerabilities in In-Portal CMS MustLive (Sep 16)

nop nop

ccnet-server remote DoS (assert) seafile-server 3.1.5 nop nop (Sep 17)
DoS seafile-server 3.1.5 ( ccnet-server - assert) nop nop (Sep 17)

Oz Elisyan

TP-LINK WDR4300 - Stored XSS & DoS Oz Elisyan (Sep 23)

Paul Vixie

Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)
Re: Strength and Weakness of Methods to Confirm SSH Host Key Paul Vixie (Sep 24)
Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)
Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)
Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)

Pedro Ribeiro

[The ManageOwnage Series, part IV]: RCE / file upload in Eventlog Analyzer, feat. special guests h0ng10 and Mogwai Security Pedro Ribeiro (Sep 01)
Re: Mogwai Security Advisory MSA-2014-01: ManageEngine EventLog Analyzer Multiple Vulnerabilities Pedro Ribeiro (Sep 03)
Re: Mogwai Security Advisory MSA-2014-01: ManageEngine EventLog Analyzer Multiple Vulnerabilities Pedro Ribeiro (Sep 03)
[The ManageOwnage Series, part V]: RCE / file upload / arbitrary file deletion in OpManager, Social IT and IT360 Pedro Ribeiro (Sep 27)

Pedrov Jovovic

Fwd: Security Access Pedrov Jovovic (Sep 11)

Philip Cheong

Critical bash vulnerability CVE-2014-6271 Philip Cheong (Sep 25)

Pichaya Morimoto

Laravel 2.1 Hash::make() bcrypt truncation Pichaya Morimoto (Sep 16)

Pietro Minniti

[Quantum Leap Advisory] #QLA140808 Cart Engine 3.0 Multiple vulnerabilities - SQL Injection, XSS Reflected, Open Redirect Pietro Minniti (Sep 16)

rage

rcrypt 1.5 public release and website rage (Sep 10)

Rob Fuller

SingleClick Connect Rob Fuller (Sep 15)

Ryan Dewhurst

WPScan Vulnerability Database Ryan Dewhurst (Sep 27)

SCADA StrangeLove

Few bugs in Wonderware Information Server SCADA StrangeLove (Sep 01)

Securify B.V.

Glype proxy privacy settings can be disabled via CSRF Securify B.V. (Sep 22)
Glype proxy local address filter bypass Securify B.V. (Sep 22)
Glype proxy cookie jar path traversal allows code execution Securify B.V. (Sep 22)
Glype proxy privacy settings can be disabled via CSRF Securify B.V. (Sep 22)

Seth Arnold

Re: Critical bash vulnerability CVE-2014-6271 Seth Arnold (Sep 25)

Stefan Kanthak

Defense in depth -- the Microsoft way (part 19): still no "perfect forward secrecy" per default in Windows 8/7/Vista/Server 2012/Server 2008 [R2] Stefan Kanthak (Sep 06)
Defense in depth -- the Microsoft way (part 18): Microsoft Office 2010 registers command lines with unquoted pathnames Stefan Kanthak (Sep 02)

Steffen Bauch

CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser Steffen Bauch (Sep 23)
Re: ntopng 1.2.0 XSS injection using monitored network traffic Steffen Bauch (Sep 03)

Stephanie Daugherty

Re: SSH host key fingerprint - through HTTPS Stephanie Daugherty (Sep 01)

Tim

Re: Critical bash vulnerability CVE-2014-6271 Tim (Sep 25)

Tony Arcieri

Re: Critical bash vulnerability CVE-2014-6271 Tony Arcieri (Sep 25)

uname -a

Re: Public WiFi Pcaps uname -a (Sep 09)

VMware Security Response Center

NEW VMSA-2014-0009 VMware NSX and vCNS product updates address a critical information disclosure vulnerability VMware Security Response Center (Sep 11)
NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries VMware Security Response Center (Sep 09)

Voxel@Night

WordPress Plugin Vulnerability Dump - Part 2 Voxel@Night (Sep 09)
Wordfence v5.2.3 (Wordpress Security Plugin) - Multiple Vulnerabilities Voxel@Night (Sep 15)
Wordpress Plugin Vulnerability Dump - Part 1 Voxel@Night (Sep 02)

VSR Advisories

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw VSR Advisories (Sep 18)

Vulnerability Lab

Briefcase 4.0 iOS - Code Execution & File Include Vulnerability Vulnerability Lab (Sep 15)
Paypal Inc Bug Bounty #16 - Persistent Mail Encoding Vulnerability Vulnerability Lab (Sep 26)
Oracle Corporation MyOracle - Persistent Vulnerability Vulnerability Lab (Sep 18)
GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability Vulnerability Lab (Sep 26)
WWW File Share Pro v7.0 - Denial of Service Vulnerability Vulnerability Lab (Sep 01)
PayPal Inc Bug Bounty #71 PPM - Persistent Filter Vulnerability Vulnerability Lab (Sep 30)
Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities Vulnerability Lab (Sep 26)
PayPal Inc Bug Bounty #59 - Persistent Mail Encoding Vulnerability Vulnerability Lab (Sep 30)
Oracle Corporation MyOracle - Persistent Vulnerability Vulnerability Lab (Sep 26)
Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability Vulnerability Lab (Sep 02)
Photorange v1.0 iOS - File Include Web Vulnerability Vulnerability Lab (Sep 11)
Avira License Application - Cross Site Request Forgery Vulnerability Vulnerability Lab (Sep 01)
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability Vulnerability Lab (Sep 11)
USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability Vulnerability Lab (Sep 16)
All In One Wordpress Firewall 3.8.3 - Persistent Vulnerability Vulnerability Lab (Sep 30)
SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability Vulnerability Lab (Sep 26)

Wesley Spikes

Re: Public WiFi Pcaps Wesley Spikes (Sep 10)

William Costa

Reflected XSS Attacks vulnerabilities used MIME Sniffing in Facebook Messenger and Facebook App for iOS. William Costa (Sep 02)
Reflected XSS Attacks vulnerabilities in WatchGuard XTM 11.8.3 (CVE-2014-6413) William Costa (Sep 18)
XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite (CVE-2014-7157, CVE-2014-7158) William Costa (Sep 26)
CSRF vulnerabilities in CacheGuard-OS v5.7.7 (CVE-2014-4865) William Costa (Sep 10)

Wire Ghoul

Mpay24 prestashop payment module multiple vulnerabilities Wire Ghoul (Sep 03)

Yvan Janssens

Re: Critical bash vulnerability CVE-2014-6271 Yvan Janssens (Sep 25)

Артур Истомин

Re: Fwd: Security Access Артур Истомин (Sep 15)

Previous period

Next period