Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

97 messages starting Mar 20 16 and ending Mar 09 16
Date index | Thread index | Author index

0x3d5157636b525761 iddqd

Netgear DGNv2200 multiple vulnerabilities (Bezeq firmware) 0x3d5157636b525761 iddqd (Mar 20)
A novel persistent injection to Windows machines 0x3d5157636b525761 iddqd (Mar 20)
AsusTEK asio.sys unsafe operation 0x3d5157636b525761 iddqd (Mar 20)

Agazzini Maurizio

McAfee VirusScan Enterprise security restrictions bypass Agazzini Maurizio (Mar 04)

Ajin Abraham

Releasing Mobile Security Framework (MobSF) v0.9 Ajin Abraham (Mar 14)

alendal

Vipps by DNB for Android - cryptographic vulnerabilities alendal (Mar 03)

Andrew Deck

Re: Security contact @ Gigabyte Andrew Deck (Mar 14)

Apple Product Security

APPLE-SA-2016-03-21-1 iOS 9.3 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-7 OS X Server 5.1 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-6 Safari 9.1 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-3 tvOS 9.2 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-4 Xcode 7.3 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-2 watchOS 2.2 Apple Product Security (Mar 23)

Benedikt Westermann

Re: Netgear GS105Ev2 - Multiple Vulnerabilities Benedikt Westermann (Mar 09)

Berend-Jan Wever

Microsoft Edge CDOMTextNode::get_data type confusion Berend-Jan Wever (Mar 12)

CORE Advisories Team

[CORE-2016-0004] - SAP Download Manager Password Weak Encryption CORE Advisories Team (Mar 09)
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CORE Advisories Team (Mar 16)
[CORE-2016-0003] - Samsung SW Update Tool MiTM CORE Advisories Team (Mar 09)

cr0hn

New Security Tool: Enteletaor - Broker & MQ Injection tool cr0hn (Mar 17)

Curesec Research Team (CRT)

BigTree 4.2.8: Object Injection & Improper Filename Sanitation Curesec Research Team (CRT) (Mar 17)
Zenphoto 1.4.11: RFI Curesec Research Team (CRT) (Mar 17)
PivotX 2.3.11: Reflected XSS Curesec Research Team (CRT) (Mar 17)
PivotX 2.3.11: Directory Traversal Curesec Research Team (CRT) (Mar 17)
PivotX 2.3.11: Code Execution Curesec Research Team (CRT) (Mar 17)

Daniel Jensen

Kaltura Community Edition Multiple Vulnerabilities Daniel Jensen (Mar 12)

David Coomber

Panda SM Manager iOS Application - MITM SSL Certificate Vulnerability David Coomber (Mar 03)

David Leo

HTTPS Only 3.1 (Detailed Analysis, Browser Security, Open Source, Python) David Leo (Mar 23)
Browser Security Tool: HTTPS Only 2.1 (Major Release, Open Source, Python) David Leo (Mar 03)

Dawid Golunski

Exim < 4.86.2 Local Root Privilege Escalation Dawid Golunski (Mar 12)
Re: Exim < 4.86.2 Local Root Privilege Escalation Dawid Golunski (Mar 14)

Egidio Romano

Hacking Magento eCommerce For Fun And 17.000 USD Egidio Romano (Mar 03)
Hacking Magento eCommerce For Fun And 17.000 USD Egidio Romano (Mar 03)

Fyodor

Re: Security contact @ Gigabyte Fyodor (Mar 14)

Genevieve Southwick

[CFP] BSides Las Vegas Genevieve Southwick (Mar 14)

Gustavo Sorondo

Re: Security contact @ Gigabyte Gustavo Sorondo (Mar 14)
Security contact @ Gigabyte Gustavo Sorondo (Mar 09)

Himanshu Mehta

CVE Request: Fiyo CMS 2.0.6.1 - Multiple XSS Vulnerabilities Himanshu Mehta (Mar 03)

INTREST SEC

CVE-2016-3115 - OpenSSH <=7.2p1 xauth injection INTREST SEC (Mar 14)
CVE-2016-3116 - Dropbear SSH xauth injection INTREST SEC (Mar 14)

Javier Nieto

FortiOS (Fortinet) - Open Redirect and Cross Site Scripting Javier Nieto (Mar 20)

Jeffrey Walton

Re: Security contact @ Gigabyte Jeffrey Walton (Mar 14)
Re: Security contact @ Gigabyte Jeffrey Walton (Mar 14)

Jesse Jacobs

Latest Tegile security updates include tomcat examples package containing many security flaws. Jesse Jacobs (Mar 14)

Jonathan Brossard

Shakacon 2016 CFP - July 11-14 / Hawaii Jonathan Brossard (Mar 03)

jungle Boogie

Re: [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow jungle Boogie (Mar 17)

Karn Ganeshen

Schneider Electric Building Operation Automation Server Multiple Vulnerabilities Karn Ganeshen (Mar 03)
WAGO IO PLC 758-870, 750-849, 750-849 vulnerabilities Karn Ganeshen (Mar 03)

Laël Cellier

server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier (Mar 17)
Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier (Mar 20)

loon

Re: Exim < 4.86.2 Local Root Privilege Escalation loon (Mar 14)
Re: Exim < 4.86.2 Local Root Privilege Escalation loon (Mar 14)

LSE-Advisories

LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities LSE-Advisories (Mar 08)

Matteo Beccati

[REVIVE-SA-2016-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati (Mar 03)

Mustafa Al-Bassam

Re: Security contact @ Gigabyte Mustafa Al-Bassam (Mar 12)

MustLive

Vulnerabilities in Mobile Safari MustLive (Mar 03)

Nick Boyce

Re: Netgear GS105Ev2 - Multiple Vulnerabilities Nick Boyce (Mar 04)

op7ic \x00

Open Vulnerablity ID tracker instead of CVE. Maybe op7ic \x00 (Mar 09)

oststrom (public)

CVE-2016-2563 - PuTTY/PSCP <=0.66 buffer overflow - vuln-pscp-sink-sscanf oststrom (public) (Mar 09)

paul . szabo

Netgear CG3000 modem/router set password vulnerability paul . szabo (Mar 14)

Rafa Sanchez

New Security Tool: MrLooquer - IPv6 Intelligence Rafa Sanchez (Mar 09)

RedTeam Pentesting GmbH

[RT-SA-2016-002] Cross-site Scripting in Securimage 3.6.2 RedTeam Pentesting GmbH (Mar 22)

rotem kerner

Remote Code Execution in DVR affecting over 70 different vendors rotem kerner (Mar 23)

Ryan Dewhurst

[CFP] EuskalHack (San Sebastian / Donostia) 2016 Ryan Dewhurst (Mar 03)

Sachin Wagh

WordPress Bulletproof Security Plugin Multiple Cross Site Scripting Vulnerabilities Sachin Wagh (Mar 17)

Sean Wright

Facebook Messenger (iOS) Certificate Validation Vulnerability Sean Wright (Mar 23)

Sebastian Perez

Thomson TWG850 Wireless Router Multiple Vulnerabilities Sebastian Perez (Mar 09)

SECUPENT Research Center

Achievo Cross Site Scripting vulnerability SECUPENT Research Center (Mar 20)
DORG - Disc Organization System SQL Injection And Cross Site Scripting SECUPENT Research Center (Mar 20)

Securify B.V.

Re: Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 09)
Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 08)

Security Explorations

[SE-2012-01] Broken security fix in Oracle Java SE 7/8/9 Security Explorations (Mar 09)

Stefan Kanthak

Re: Windows Mail Find People DLL side loading vulnerability Stefan Kanthak (Mar 09)
Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing Stefan Kanthak (Mar 17)
Executable installers are vulnerable^WEVIL (case 32): Comodo's installers allow arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 23)
Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 09)
Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 09)
Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 04)

Steffen Rogge

Wordpress Configuration Error on XDA-Developers.com led to full Web-Server Access and shut down website Steffen Rogge (Mar 12)

Sysdream Labs

Netgear ReadyNAS Surveillance: Unauthenticated Remote Command Execution Sysdream Labs (Mar 12)

VMware Security Response Center

NEW VMSA-2016-0003 - VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues VMware Security Response Center (Mar 15)

Vulnerability Lab

ChitaSoft (Web-Application) - SQL Injection Vulnerability Vulnerability Lab (Mar 14)
Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability Vulnerability Lab (Mar 31)
Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Vulnerability Lab (Mar 07)
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability Vulnerability Lab (Mar 14)
Patron Info System - SQL Injection Vulnerability Vulnerability Lab (Mar 31)
WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Mar 31)
Docker UI v0.10.0 - Multiple Persistent Vulnerabilities Vulnerability Lab (Mar 31)
PayPal Bug Bounty #121 - (Profile) Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Mar 30)
Dorsa Web CMS - Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Python v2.7 v1.5.4 iOS - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Mar 31)
Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities Vulnerability Lab (Mar 31)
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability Vulnerability Lab (Mar 14)
Hi Technology & Services CMS - SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)

Weidenhamer, Andrew

OWASP AppSec USA 2016 Call for Papers Released Weidenhamer, Andrew (Mar 17)

X41 D-Sec GmbH Advisories

Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" X41 D-Sec GmbH Advisories (Mar 09)

Previous period

Next period