Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

60 messages starting May 08 20 and ending May 15 20
Date index | Thread index | Author index

admin () evolution-sec com

Tiny MySQL - Cross Site Scripting Vulnerability admin () evolution-sec com (May 08)
Wordpress Theme Dosimple v2.0 - XSS Web Vulnerability admin () evolution-sec com (May 08)
Creative Zone - (id) Remote SQL Injection Vulnerability admin () evolution-sec com (May 08)
Fishing Reservation System - Multiple Remote SQL Injection Vulnerabilities admin () evolution-sec com (May 05)

Advisories

CVE-2020-1113 - Windows Task Scheduler - Security Feature Bypass Advisories (May 15)

Aki Tuomi

Multiple vulnerabilities in Dovecot IMAP server Aki Tuomi (May 19)

Apple Product Security via Fulldisclosure

APPLE-SA-2020-05-20-1 Xcode 11.5 Apple Product Security via Fulldisclosure (May 22)
APPLE-SA-2020-05-26-7 Safari 13.1.1 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-6 watchOS 5.3.7 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-9 iCloud for Windows 11.2 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-11 Windows Migration Assistant 2.2.0.0 (v. 1A11) Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-8 iTunes 12.10.7 for Windows Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-4 tvOS 13.4.5 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-5 watchOS 6.2.5 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-2 iOS 12.4.7 Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra Apple Product Security via Fulldisclosure (May 29)
APPLE-SA-2020-05-26-10 iCloud for Windows 7.19 Apple Product Security via Fulldisclosure (May 29)

Black Arch

New BlackArch Linux ISOs + OVA Image released! Black Arch (May 29)

Callum Murphy

ChopSlider3 Wordpress Plugin SQL Injection Callum Murphy (May 08)

Fabian Krone

[SYSS-2020-012] Improper Access Control (CWE-284) in xt:Commerce (CVE-2020-12101) Fabian Krone (May 01)

Georgi Guninski

Short notes on qmail security guarantee Georgi Guninski (May 22)

Giuseppe Cocomazzi

[IAIK JCE] Timing Attack Side Channel in DSA Implementation Giuseppe Cocomazzi (May 22)

Imre Rad

CVE-2020-1967: proving sigalg != NULL Imre Rad (May 01)

Jack Misiura via Fulldisclosure

Reflected XSS in WordPress - WooCommerce - Advanced Order Export 3.1.3 plugin disclosure Jack Misiura via Fulldisclosure (May 05)

Jens Regel

SolarWinds MSP PME Cache Service - Insecure File Permissions / Code Execution Jens Regel (May 08)

KoreLogic Disclosures via Fulldisclosure

KL-001-2020-002 : Cellebrite Restricted Desktop Escape and Escalation of User Privilege KoreLogic Disclosures via Fulldisclosure (May 14)

Manuel Garcia Cardenas

Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting Manuel Garcia Cardenas (May 22)

Moritz Bechler

[SYSS-2019-039] Smartbear ReadyAPI/SoapUI Pro/jProductivity Licensing Unsafe Deserialization Moritz Bechler (May 19)

Nguyen Anh Quynh

Capstone 4.0.2 is out! Nguyen Anh Quynh (May 08)

Nightwatch Cybersecurity Research

Two vulnerabilities in Oracle’s iPlanet Web Server (CVE-2020-9315 and CVE-2020-9314) Nightwatch Cybersecurity Research (May 12)

Pedro Ribeiro

Multiple 0days in IBM Data Risk Manager Pedro Ribeiro (May 01)

Pietro Oliva

TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection Pietro Oliva (May 01)
TP-LINK Cloud Cameras NCXXX Bonjour Command Injection Pietro Oliva (May 01)
TP-LINK Cloud Cameras NCXXX Hardcoded Encryption Key Pietro Oliva (May 01)

Q C

Two vulnerabilities found in MikroTik's RouterOS Q C (May 12)

Qualys Security Advisory

Remote Code Execution in qmail (CVE-2005-1513) Qualys Security Advisory (May 22)

raki ben hamouda

Webmin (Upload Module) Remote Command Injection Vulnerability raki ben hamouda (May 08)

socket_0x03

Konica Minolta FTP Utility v1.0 - 'LIST' Denial of Service (PoC) socket_0x03 (May 22)
Filetto v1.0 - 'FEAT' Denial of Service (PoC) socket_0x03 (May 22)
Konica Minolta FTP Utility v1.0 - 'NLST' Denial of Service (PoC) socket_0x03 (May 22)

Thierry Zoller

[CDPWE-0001] - RocketReach Thierry Zoller (May 29)

Vulnerability Lab

Creative Zone - (id) Remote SQL Injection Vulnerability Vulnerability Lab (May 07)
iJoomla com_adagency v6.0.9 - SQL Injection Vulnerabilities Vulnerability Lab (May 03)
OpenZ v3.6.60 ERP - Employee Persistent XSS Vulnerability Vulnerability Lab (May 06)
LANCOM WLAN Controller - Multiple Cross Site Vulnerabilities Vulnerability Lab (May 08)
Joomla com_content v1.5 - Blind SQL-Injection Vulnerability Vulnerability Lab (May 03)
Sellacious eCommerce - Multiple Persistent Vulnerabilities Vulnerability Lab (May 13)
Tryton v5.4 - (Name) Persistent Cross Site Vulnerability Vulnerability Lab (May 13)
File Explorer v1.4 iOS - Multiple Persistent Vulnerabilities Vulnerability Lab (May 04)
LANCOM WLAN Controller - Multiple Cross Site Scripting Vulnerabilities Vulnerability Lab (May 07)
Sentrifugo v3.2 CMS - Persistent XSS Web Vulnerability Vulnerability Lab (May 06)
Fishing Reservation System - Multiple Remote SQL Injection Vulnerabilities Vulnerability Lab (May 04)
Draytek VigorAP - (RADIUS) Persistent XSS Vulnerability Vulnerability Lab (May 07)
Qik Chat v3.0 iOS - (Name) Command Inject Vulnerability Vulnerability Lab (May 06)
KeeWeb v1.14.0 - (Notes) Html Inject Web Vulnerability Vulnerability Lab (May 06)

xen1thLabs

Asset Explorer Windows Agent - Remote Code Execution xen1thLabs (May 08)
DataSecurity Plus Xnode Server - Authentication Bypass xen1thLabs (May 08)
DataSecurity Plus Xnode Server - Remote Code Execution via Path Traversal xen1thLabs (May 08)
Asset Explorer (Windows & Linux) - Authenticated Command Execution xen1thLabs (May 15)

Previous period

Next period