Full Disclosure: by author
46 messages
starting Jun 01 18 and
ending Jun 08 18
Date index |
Thread index |
Author index
Aleix Sala Bach
DisplayLink Installer 8.2.1956 DLL Hijack to privilege escalation CVE-2018-7884 Aleix Sala Bach (Jun 01)
Apple Product Security
APPLE-SA-2018-06-01-7 iTunes 12.7.5 for Windows Apple Product Security (Jun 05)
APPLE-SA-2018-06-13-01 Xcode 9.4.1 Apple Product Security (Jun 14)
APPLE-SA-2018-06-01-4 iOS 11.4 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-3 iCloud for Windows 7.5 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-5 watchOS 4.3.1 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-2 Safari 11.1.1 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-6 tvOS 11.4 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan Apple Product Security (Jun 05)
Asterisk Security Team
AST-2018-008: PJSIP endpoint presence disclosure when using ACL Asterisk Security Team (Jun 11)
AST-2018-007: Infinite loop when reading iostreams Asterisk Security Team (Jun 11)
Black Arch
New BlackArch Linux ISOs+OVA Image (2018.06.01, high-quality) Released! Black Arch (Jun 01)
Branco, Rodrigo
CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018 Branco, Rodrigo (Jun 14)
David Fifield
CSRF on piazza.com (fixed as of 2018-06-01) David Fifield (Jun 01)
Defense Code
DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities (XSS and SQLi) Defense Code (Jun 14)
DefenseCode ThunderScan SAST Advisory: WordPress Contact Form Maker Plugin Multiple Security Vulnerabilities Defense Code (Jun 08)
DefenseCode ThunderScan SAST Advisory: WordPress WP Google Map Plugin Multiple SQL injection Security Vulnerabilities Defense Code (Jun 14)
DefenseCode ThunderScan SAST Advisory: WordPress Form Maker Plugin Multiple Security Vulnerabilities Defense Code (Jun 08)
dxw Security
ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem (WordPress plugin) dxw Security (Jun 12)
CSRF in Tooltipy (tooltips for WP) could allow anybody to duplicate posts (WordPress plugin) dxw Security (Jun 12)
Unserialization vulnerability in Redirection could allow admin to execute arbitrary code in some circumstances (WordPress plugin) dxw Security (Jun 15)
Reflected XSS in Tooltipy (tooltips for WP) could allow anybody to do almost anything an admin can (WordPress plugin) dxw Security (Jun 12)
EdTech Secure via Fulldisclosure
ClassLink browser extension vulnerable to UXSS; ClassLink Agent vulnerable to Remote Code Execution. EdTech Secure via Fulldisclosure (Jun 08)
EMC Product Security Response Center
DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities EMC Product Security Response Center (Jun 14)
DSA-2018-085: RSA Web Threat Detection SQL Injection Vulnerability EMC Product Security Response Center (Jun 01)
Harry Sintonen
MagniComp SysInfo Information Exposure [CVE-2018-7268] Harry Sintonen (Jun 19)
Hate Shape
Multiple Automated Logic Corporation WebCTRL XML External Entity Injection (CVE-2018-8819) Hate Shape (Jun 08)
Ismail Doe
ESPN Reflected XSS Ismail Doe (Jun 08)
Manuel Garcia Cardenas
WordPress Plugin Pie Register 3.0.9 - Blind SQL Injection Manuel Garcia Cardenas (Jun 14)
Michael Rossberg
Multiple Security Issues in Ecos Secure Boot Stick (SBS) Michael Rossberg (Jun 14)
MustLive
Vulnerabilities in TP-Link TL-WR841N and TL-WR841ND MustLive (Jun 01)
Open-Xchange GmbH
Open-Xchange Security Advisory 2018-06-08 Open-Xchange GmbH (Jun 08)
oststrom (public)
CVE-2018-10058 and CVE-2018-10057 - cgminer <=4.10.0 and bfgminer <=5.5.0 remote management api post-auth buffer overflow and path traversal oststrom (public) (Jun 05)
RYT
XSS in Canopy login page RYT (Jun 19)
Security Explorations
[SRP-2018-01] Reverse engineering tools for ST DVB chipsets (public release) Security Explorations (Jun 08)
Simon Waters
Re: Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) Simon Waters (Jun 08)
Vangelis Stykas
Tapplock api multiple vulnerabilities Vangelis Stykas (Jun 16)
Vulnerability Report
Major Vulnerabilities in Foscam IP Cameras Vulnerability Report (Jun 08)
Williams, Ken
CA20180614-01: Security Notice for CA Privileged Access Manager Williams, Ken (Jun 16)
yavuz atlas
Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) CVE-2018-11689 yavuz atlas (Jun 14)
Gridbox extension for Joomla! <= 2.4.0 Reflected Cross Site Scripting (XSS) yavuz atlas (Jun 08)
Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) yavuz atlas (Jun 05)
熊文彬
libfsntfs 20180420 vulns 熊文彬 (Jun 08)
libpff 20180428 vulnerability 熊文彬 (Jun 08)
liblnk 20180419 vulns 熊文彬 (Jun 14)
libmobi 0.3 vulnerabilities 熊文彬 (Jun 08)