Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
115 messages
starting Oct 01 15 and
ending Oct 30 15
Date index |
Thread index |
Author index
Thursday, 01 October
Tool: Race condition chaser on windows Alexander Georgiev
CVE-2015-2342 VMware vCenter Remote Code Execution David Stubley
Telegram - Multiple Vulnerabilities Eduardo Alves
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Gynvael Coldwind
Shell Injection in Pygments FontManager._get_nix_font_path Javantea
Vulnerabilities in Callisto 821+R3 ADSL Router MustLive
Mac OS X local root (rsh/libmalloc) Philip Pettersson
APPLE-SA-2015-09-30-01 iOS 9.0.2 Apple Product Security
APPLE-SA-2015-09-30-2 Safari 9 Apple Product Security
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 Apple Product Security
WinRar Expired Notification - OLE Remote Command Execution rio.sherri
Monday, 05 October
Komento Joomla! component Persistent XSS David Sopas
Charter Spectrum Business HTTP MITM Mark Felder
Sicherheitslücke - Liferay Portal Enterprise Edition Tim Schughart
ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal xistence
Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Haifei Li
Qualys Security Advisory - OpenSMTPD Audit Report Qualys Security Advisory
CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability Specto
Re: Telegram - Multiple Vulnerabilities Uni Sec
Apple Safari URI spoofing (CVE-2015-5764) Antonio Sanso
WinRar Settings Import Command Execution Rio Sherri
Persistent XSS - Liferay Portal Enterprise Edition Tim Schughart
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Hernan Moller
Blind SQL Injection in admin panel PHP-Fusion <= v7.02.07 Manuel Garcia Cardenas
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Lee
u-design wordpress theme DOM XSS Kenan Gms
DDos Attack To Drop The Internet Jeffrey Roberts
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Stefan Kanthak
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Stefan Kanthak
Thursday, 08 October
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img Alexandre Herzog
Re: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img Joe G
Re: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img Alexandre Herzog
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati
CSRF vulnerabilities in Callisto 821+R3 ADSL Router MustLive
TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390 Onur Yilmaz
TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391 Onur Yilmaz
CVE-2015-2652 – Unauthenticated File Upload in Oracle E-business Suite. Sandeep Kamble
Drupal 8.0.0-beta14 Vendor Script Vulnerable to XSS Sandeep Kamble
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Shawn McMahon
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE Pierre Kim
Re: DDos Attack To Drop The Internet Phil Ashby
Re: DDos Attack To Drop The Internet James Hodgkinson
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Stefan Kanthak
[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass RedTeam Pentesting GmbH
Veeam Backup & Replication Local Privilege Escalation Vulnerability ascii
Broken, Abandoned, and Forgotten Code, Part 13 Zach C
Friday, 09 October
WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability Vulnerability Lab
PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability Vulnerability Lab
W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability Vulnerability Lab
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability Vulnerability Lab
Saturday, 10 October
Exploit NetUSB CVE-2015-3036 Adrián Ruiz
DirectAdmin (1.44.3) CSRF Vulnerability Necmettin COŞKUN
Writing Cisco IOS Rootkits Luca
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Stefan Kanthak
Tuesday, 13 October
JScript 5.7 (MSIE 8) RegExpBase::FBadHeader regular expression use-after-free Berend-Jan Wever
Buffer overflow in tiny-AES128-C Pascal Cuoq
Vantage Point Security Advisory 2015-003 Lyon Yang
Vantage Point Security Advisory 2015-002 Lyon Yang
IntelliSec Advisory - Multiple Vulnerabilities in Kerio Control Firewall research
Full Path Disclosure vulnerability in JM Twitter Cards reveals the location of the WordPress installation on the server (WordPress plugin) dxw Security
Mozilla extensions: a security nightmare (part 2) Stefan Kanthak
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome lists
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Lee
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Stefan Kanthak
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Curtis Lee Bolin
Thursday, 15 October
PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability Vulnerability Lab
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability Vulnerability Lab
Unicorn CPU Emulator Framework is out! Nguyen Anh Quynh
hackercon berlin: hack4 the year is 2015 dash
netis RealTek wireless router / ADSL modem Multiple Vulnerabilities Karn Ganeshen
PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities Karn Ganeshen
UISGCON11 CFP Andrey Loginov
CakePHP Xml class SSRF Vulnerability Takeshi Terada
APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 Apple Product Security
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Shawn McMahon
Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Qualys Security Advisory
Saturday, 17 October
Events Made Easy WordPress plugin CSRF + Persistent XSS David Sopas
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access ERPScan inc
CarolinaCon-12 - March 2016 - Call for Speakers/Papers/Presenters/Demos Vic Vandal
Monday, 19 October
Western Digital - My Passport / My Book self-encrypting external hard drive series - Multiple vulnerabilities alendal
Seagate Central NAS vulnerabilities Eric Windisch
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Fernando Mercês
Firefox FindMyDevice Critical ClickJacking Security Vulnerability Mohamed A. Baset
Wednesday, 21 October
[SE-2014-02] Google App Engine Java security sandbox bypasses (Issue 42) Security Explorations
APPLE-SA-2015-10-21-1 iOS 9.1 Apple Product Security
APPLE-SA-2015-10-21-2 watchOS 2.0.1 Apple Product Security
APPLE-SA-2015-10-21-3 Safari 9.0.1 Apple Product Security
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 Apple Product Security
APPLE-SA-2015-10-21-5 iTunes 12.3.1 Apple Product Security
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 Apple Product Security
APPLE-SA-2015-10-21-7 Xcode 7.1 Apple Product Security
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 Apple Product Security
SiteWIX - (edit_photo2.php id) SQL Injection Exploit ZoRLu Bugrahan
Simple PHP static code analysis for security researchers Marcin Probola
Thursday, 22 October
SEC Consult SA-20151022-0 :: Lime Survey Multiple Critical Vulnerabilities SEC Consult Vulnerability Lab
Tuesday, 27 October
Back to the future NTP attacks new attack vector Jerome Athias
Back to the future EMV attacks Jerome Athias
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability ERPScan inc
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability ERPScan inc
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability ERPScan inc
AoF and CSRF vulnerabilities in D-Link DCS-2103 MustLive
Timing attack vulnerability in most Zeus server-sides rotem kerner
RootedCON 2016 CFP omarbv
Thursday, 29 October
CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver Portcullis Advisories
CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver Portcullis Advisories
Friday, 30 October
eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM Dawid Golunski
KeeFarce - A KeePass 2.x database extraction tool Denis Andzakovic
Pligg CMS 2.0.2: Code Execution & CSRF CRT
Pligg CMS 2.0.2: Directory Traversal CRT
Pligg CMS 2.0.2: Multiple SQL Injections CRT
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability ERPScan inc
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability ERPScan inc
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability ERPScan inc
Xen VM Escape Alan Hikerell
Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE Stefan Kanthak