Full Disclosure: by author

Previous period
Next period

51 messages starting Nov 01 17 and ending Nov 28 17
Date index | Thread index | Author index

Apple Product Security

APPLE-SA-2017-10-31-8 Additional information for APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-5 Safari 11.1 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-1 iOS 11.1 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-4 watchOS 4.1 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-3 tvOS 11.1 Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows Apple Product Security (Nov 01)
APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan Apple Product Security (Nov 01)

Asterisk Security Team

AST-2017-011: Memory leak in pjsip session resource Asterisk Security Team (Nov 08)
AST-2017-010: Buffer overflow in CDR's set user Asterisk Security Team (Nov 08)
AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk Asterisk Security Team (Nov 08)

bashis

Vivotek IP Cameras - Remote Stack Overflow bashis (Nov 14)

Black Arch

New BlackArch Linux ISOs (2017.11.24) with over 1900 tools released! Black Arch (Nov 28)

EMC Product Security Response Center

ESA-2017-152: RSA® Authentication Manager Software Stored Cross-Site Scripting Vulnerability EMC Product Security Response Center (Nov 21)
ESA-2017-145: RSA® Authentication Agent for Web for Apache Web Server Authentication Bypass Vulnerability EMC Product Security Response Center (Nov 28)
ESA-2017-146: RSA® Authentication Agent SDK for C Error Handling Vulnerability EMC Product Security Response Center (Nov 28)
ESA-2017-094: EMC ScaleIO Multiple Vulnerabilities EMC Product Security Response Center (Nov 21)

Florian Bogner

Getting Local Admin by Abusing the Anti-Virus Quarantine #AVGater Florian Bogner (Nov 14)

Francisco Amato

Faraday v2.7: Collaborative Penetration Test & Vulnerability Management Platform Francisco Amato (Nov 14)

hyp3rlinx

CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow hyp3rlinx (Nov 05)
CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow hyp3rlinx (Nov 05)
Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 hyp3rlinx (Nov 14)

IOT Sec

CVE-2017-14953 - Hikvision Wi-Fi IP Cameras associate to a default unencrypted rogue SSIDs in a wired configuration IOT Sec (Nov 28)

jericho

Re: CSC-Cart RCE - CVE-2017-15673 jericho (Nov 28)

KoreLogic Disclosures

KL-001-2017-022 : Splunk Local Privilege Escalation KoreLogic Disclosures (Nov 03)

Kotas, Kevin J

CA20171114-01: Security Notice for CA Identity Governance Kotas, Kevin J (Nov 14)

Maor Shwartz

SSD Advisory – Linux Kernel XFRM Privilege Escalation Maor Shwartz (Nov 24)
SSD Advisory – ZTE ZXDSL Configuration Reset Maor Shwartz (Nov 28)
SSD Advisory – GraphicsMagick Multiple Vulnerabilities Maor Shwartz (Nov 01)
SSD Advisory – Cambium Multiple Vulnerabilities Maor Shwartz (Nov 24)
SSD Advisory – DblTek Multiple Vulnerabilities Maor Shwartz (Nov 21)
SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution Maor Shwartz (Nov 28)
SSD Advisory – Cisco UCS Platform Emulator Remote Code Execution Maor Shwartz (Nov 01)

Mark Wadham

CVE-2017-15918: Sera 1.2 local root privesc and password disclosure Mark Wadham (Nov 01)

oric one

CSC-Cart RCE - CVE-2017-15673 oric one (Nov 24)
Re: CSC-Cart RCE - CVE-2017-15673 oric one (Nov 28)

pop shark

Re: An anti theft system allowing attackers to kill remotely the engine in electric scooters made by by INOKIM/MyWay, affected model - model Quick 3 pop shark (Nov 10)

qflb.wu

mkvalidator libebml2 mkclean multiple vulnerabilities qflb.wu (Nov 06)

RedTeam Pentesting GmbH

[RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice RedTeam Pentesting GmbH (Nov 03)

SEC Consult Vulnerability Lab

SEC Consult SA-20171114-0 :: Authentication bypass, cross-site scripting & code execution in Siemens SICAM RTUs SM-2556 COM Modules SEC Consult Vulnerability Lab (Nov 14)
SEC Consult SA-20171116-0 :: Broken access control & LINQ injection in Progress Sitefinity SEC Consult Vulnerability Lab (Nov 16)

Securify B.V. via Fulldisclosure

bugtraq () securityfocus com Securify B.V. via Fulldisclosure (Nov 22)
Clickjacking vulnerability in CSRF error page pfSense Securify B.V. via Fulldisclosure (Nov 22)

Security Explorations

[SE-2011-01] Some ideas regarding security of ST DVB chipsets Security Explorations (Nov 13)

Vulnerability Lab

Edward Snowden free speech at JBFone - Future, Data Security & Privacy Vulnerability Lab (Nov 23)

X41 D-Sec GmbH Advisories

Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server X41 D-Sec GmbH Advisories (Nov 14)

Ziyahan Albeniz

Multiple Issues in CMS Made Simple Ziyahan Albeniz (Nov 28)
Previous period
Next period