Full Disclosure: by author
115 messages
starting Apr 15 15 and
ending Apr 30 15
Date index |
Thread index |
Author index
Akhil Das
Arbitary Code Execution in Apache Spark Cluster Akhil Das (Apr 15)
An Onion
[Tool] nsec3map v0.3 - DNSSEC Zone Enumerator An Onion (Apr 09)
Anthony Ferrara
Re: WordPress 4.2 stored XSS Anthony Ferrara (Apr 27)
Antonio Quina
Re: [Tool] SPARTA 1.0 BETA Antonio Quina (Apr 01)
Asterisk Security Team
AST-2015-003: TLS Certificate Common name NULL byte exploit Asterisk Security Team (Apr 08)
Bhadresh Patel
HotExBilling Manager – Cross-site scripting (XSS) vulnerability Bhadresh Patel (Apr 07)
C0r3dump3d
Re: WordPress 4.2 stored XSS C0r3dump3d (Apr 28)
Calum Hutton
[Additional vectors] Multiple vulnerabilities in Untangle NGFW 9-11 Calum Hutton (Apr 27)
CORE Advisories Team
[CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities CORE Advisories Team (Apr 27)
Cristiano Maruti
Network Solutions Webmail - A tale about chained web vulnerabilities Cristiano Maruti (Apr 09)
csirt
CVE-ID 2015-1188: Swisscom DSL Router Centro Grande (ADB) csirt (Apr 29)
Denis Andzakovic
TestDisk 6.14 Check_OS2MB Stack Buffer Overflow Denis Andzakovic (Apr 29)
Open Litespeed Use After Free Vulnerability Denis Andzakovic (Apr 16)
Doug
Surveillance system used for censorship in Europe - Censorship attack combines packet injection and Heartbleed Doug (Apr 26)
dxw Security
Reflected XSS in Citizen Space allows attackers to view sensitive information of the attacker’s choosing (WordPress plugin) dxw Security (Apr 16)
CSRF and stored XSS in WordPress Content Slide allow an attacker to have full admin privileges (WordPress plugin) dxw Security (Apr 16)
Emilio Casbas
[Tool/API] desenmascara.me - Fingerprinting and assessing the web security awareness of websites Emilio Casbas (Apr 15)
endeavor
Netgear WNR2000v4 Multiple Vulnerabilities endeavor (Apr 21)
Fyodor
Re: WordPress 4.2 stored XSS Fyodor (Apr 27)
Gsunde Orangen
Re: [oss-security] Advisory: CVE-2014-9708: Appweb Web Server Gsunde Orangen (Apr 07)
Hanno Böck
Re: several issues in SQLite (+ catching up on several other bugs) Hanno Böck (Apr 16)
Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015) Hanno Böck (Apr 30)
Re: WordPress 4.2 stored XSS Hanno Böck (Apr 27)
Hector Marco-Gisbert
Linux ASLR mmap weakness: Reducing entropy by half Hector Marco-Gisbert (Apr 21)
AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5% Hector Marco-Gisbert (Apr 21)
Ian Neal
Re: Mysterious CVE-2008-568 (Solaris) Ian Neal (Apr 30)
Imre RAD
CVE-2014-7951 adb backup archive path traversal file overwrite Imre RAD (Apr 17)
CVE-2014-7954 MTP path traversal vulnerability in Android Imre RAD (Apr 17)
CVE-2014-7953 Android backup agent code execution Imre RAD (Apr 17)
ITAS Team
Wordpress plugin Simple Ads Manager - Arbitrary File Upload ITAS Team (Apr 04)
Wordpress plugin Simple Ads Manager - SQL Injection ITAS Team (Apr 04)
Multiple SQL Injection ITAS Team (Apr 04)
Wordpress plugin Simple Ads Manager - Information Disclosure ITAS Team (Apr 04)
Jaanus
Stored XSS in ebay messages Jaanus (Apr 28)
Jeffrey Walton
Hidden backdoor API to root privileges in Apple OS X Jeffrey Walton (Apr 10)
Re: several issues in SQLite (+ catching up on several other bugs) Jeffrey Walton (Apr 19)
Re: several issues in SQLite (+ catching up on several other bugs) Jeffrey Walton (Apr 19)
Jing Wang
Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 14)
Comsenz SupeSite CMS 7.0 Stored XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 14)
6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Jing Wang (Apr 04)
6kbbs v8.0 XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 04)
Opoint Media Intelligence Unvalidated Redirects and Forwards (URL Redirection) Security Vulnerabilities Jing Wang (Apr 14)
ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 04)
NetCat CMS 3.12 HTML Injection Security Vulnerabilities Jing Wang (Apr 14)
6kbbs v8.0 SQL Injection Security Vulnerabilities Jing Wang (Apr 04)
NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities Jing Wang (Apr 14)
Proverbs Web Calendar 2.1.2 XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 04)
Johnny Five
Vulnerability in site leads to source code dump Johnny Five (Apr 01)
John Page
Wing FTP Server Admin 4.4.5 CSRF & XSS Vulnerabilties John Page (Apr 28)
Jouko Pynnonen
WordPress 4.2 stored XSS Jouko Pynnonen (Apr 26)
Google Analytics by Yoast stored XSS #2 Jouko Pynnonen (Apr 21)
Safari iOS/OS X/Windows cookie access vulnerability Jouko Pynnonen (Apr 13)
jungle Boogie
Re: several issues in SQLite (+ catching up on several other bugs) jungle Boogie (Apr 19)
Re: several issues in SQLite (+ catching up on several other bugs) jungle Boogie (Apr 19)
Larry W. Cashdollar
Re: Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Larry W. Cashdollar (Apr 04)
Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 Larry W. Cashdollar (Apr 01)
Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Larry W. Cashdollar (Apr 01)
Levon Kayan
New tool: smalisca - Static Code Analysis tool for Smali files Levon Kayan (Apr 07)
Mario Vilas
Re: Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability Mario Vilas (Apr 21)
Mark Felder
Mysterious CVE-2008-568 (Solaris) Mark Felder (Apr 30)
Martin Jartelius
CVE-2015-0984 SCADA - Gaining remote shell on Honeywell Falcon XLWEB Martin Jartelius (Apr 22)
ma sh
Android 0-day vulnerability - Drive by download ma sh (Apr 22)
Melchior Limacher
IKE Aggressive Mode Downgrade Attack? Melchior Limacher (Apr 30)
Michal Zalewski
Re: Mysterious CVE-2008-568 (Solaris) Michal Zalewski (Apr 30)
Re: several issues in SQLite (+ catching up on several other bugs) Michal Zalewski (Apr 19)
Re: several issues in SQLite (+ catching up on several other bugs) Michal Zalewski (Apr 19)
several issues in SQLite (+ catching up on several other bugs) Michal Zalewski (Apr 14)
MustLive
XSS and CSRF vulnerabilities in ASUS RT-G32 MustLive (Apr 26)
SQL Injection, XSS and FPD vulnerabilities Nodes Studio CMS MustLive (Apr 16)
Paris Zoumpouloglou
libarchive - Out of bounds read using malformed cpio archive Paris Zoumpouloglou (Apr 28)
Paul Vixie
Re: several issues in SQLite (+ catching up on several other bugs) Paul Vixie (Apr 14)
Pedro Ribeiro
[CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution Pedro Ribeiro (Apr 07)
Pichaya Morimoto
phpSFP - Schedule Facebook Posts 1.5.6 Pre-auth SQL Injection (0-day) Pichaya Morimoto (Apr 04)
PIN
#WorldPenguinDay or this cant be right, can it? PIN (Apr 26)
Re: #WorldPenguinDay or this cant be right, can it? PIN (Apr 30)
Portcullis Advisories
CVE-2014-5370 - Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet Portcullis Advisories (Apr 17)
Reed Loden
Re: several issues in SQLite (+ catching up on several other bugs) Reed Loden (Apr 20)
Rehan Ahmed
OrangeHRM Blind SQL Injection & XSS Vulnerabilities Rehan Ahmed (Apr 11)
Ryan Dewhurst
Re: WordPress 4.2 stored XSS Ryan Dewhurst (Apr 27)
Scott Arciszewski
Re: WordPress 4.2 stored XSS Scott Arciszewski (Apr 26)
Laravel - PHP Object Injection - 4.1, 4.2, 5.0, master Scott Arciszewski (Apr 19)
Re: WordPress 4.2 stored XSS Scott Arciszewski (Apr 27)
Re: WordPress 4.2 stored XSS Scott Arciszewski (Apr 27)
SEC Consult Vulnerability Lab
SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035) SEC Consult Vulnerability Lab (Apr 10)
SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows SEC Consult Vulnerability Lab (Apr 09)
Securify B.V.
Reflected Cross-Site Scripting vulnerability in asdoc generated documentation Securify B.V. (Apr 07)
Shahar Tal
Magento Unauthenticated RCE Shahar Tal (Apr 22)
Takeshi Terada
whitepaper: Identifier based XSSI attacks Takeshi Terada (Apr 14)
Taoguang Chen
Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception Taoguang Chen (Apr 29)
Type Confusion Infoleak Vulnerability in unserialize() with SoapFault Taoguang Chen (Apr 29)
Tavis Ormandy
Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 14)
Tod Beardsley
Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936) Tod Beardsley (Apr 01)
Uğur Cihan KOÇ
Huawei SEQ Analyst - XML External Entity Injection (XXE) Uğur Cihan KOÇ (Apr 15)
Huawei SEQ Analyst - Multiple Reflected Cross Site Scripting (XSS) Uğur Cihan KOÇ (Apr 15)
VMware Security Response Center
NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE VMware Security Response Center (Apr 02)
Vulnerability Lab
Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability Vulnerability Lab (Apr 21)
PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Apr 21)
Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability Vulnerability Lab (Apr 21)
PayPal Inc Bug Bounty #114 - JDWP Remote Code Execution Vulnerability Vulnerability Lab (Apr 28)
Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability Vulnerability Lab (Apr 21)
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities Vulnerability Lab (Apr 21)
Mobile Drive HD v1.8 - File Include Web Vulnerability Vulnerability Lab (Apr 21)
iPassword Manager v2.6 iOS - Persistent Vulnerabilities Vulnerability Lab (Apr 22)
Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability Vulnerability Lab (Apr 21)
Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability Vulnerability Lab (Apr 21)
HomeAdvisor Bug Bounty #1 - Filter Bypass & Client Side Exception Handling Vulnerability Vulnerability Lab (Apr 22)
Socrata Bug Bounty #1 - Persistent Encoding Vulnerability Vulnerability Lab (Apr 23)
SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Apr 28)
Photo Manager Pro v4.4.0 iOS - File Include Vulnerability Vulnerability Lab (Apr 21)
SevDesk v1.1 iOS - Persistent Dashboard Vulnerability Vulnerability Lab (Apr 30)
Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability Vulnerability Lab (Apr 22)
Why Know
Fusion Engage v1.0.5 (WordPress Plugin) Local File Disclosure Why Know (Apr 10)
Winni Neessen
Re: WordPress 4.2 stored XSS Winni Neessen (Apr 27)
朱东海
[ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow 朱东海 (Apr 23)
魏诺德
OS X 0day - works on latest verz 魏诺德 (Apr 30)