Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

115 messages starting Apr 15 15 and ending Apr 30 15
Date index | Thread index | Author index

Akhil Das

Arbitary Code Execution in Apache Spark Cluster Akhil Das (Apr 15)

An Onion

[Tool] nsec3map v0.3 - DNSSEC Zone Enumerator An Onion (Apr 09)

Anthony Ferrara

Re: WordPress 4.2 stored XSS Anthony Ferrara (Apr 27)

Antonio Quina

Re: [Tool] SPARTA 1.0 BETA Antonio Quina (Apr 01)

Asterisk Security Team

AST-2015-003: TLS Certificate Common name NULL byte exploit Asterisk Security Team (Apr 08)

Bhadresh Patel

HotExBilling Manager – Cross-site scripting (XSS) vulnerability Bhadresh Patel (Apr 07)

C0r3dump3d

Re: WordPress 4.2 stored XSS C0r3dump3d (Apr 28)

Calum Hutton

[Additional vectors] Multiple vulnerabilities in Untangle NGFW 9-11 Calum Hutton (Apr 27)

CORE Advisories Team

[CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities CORE Advisories Team (Apr 27)

Cristiano Maruti

Network Solutions Webmail - A tale about chained web vulnerabilities Cristiano Maruti (Apr 09)

csirt

CVE-ID 2015-1188: Swisscom DSL Router Centro Grande (ADB) csirt (Apr 29)

Denis Andzakovic

TestDisk 6.14 Check_OS2MB Stack Buffer Overflow Denis Andzakovic (Apr 29)
Open Litespeed Use After Free Vulnerability Denis Andzakovic (Apr 16)

Doug

Surveillance system used for censorship in Europe - Censorship attack combines packet injection and Heartbleed Doug (Apr 26)

dxw Security

Reflected XSS in Citizen Space allows attackers to view sensitive information of the attacker’s choosing (WordPress plugin) dxw Security (Apr 16)
CSRF and stored XSS in WordPress Content Slide allow an attacker to have full admin privileges (WordPress plugin) dxw Security (Apr 16)

Emilio Casbas

[Tool/API] desenmascara.me - Fingerprinting and assessing the web security awareness of websites Emilio Casbas (Apr 15)

endeavor

Netgear WNR2000v4 Multiple Vulnerabilities endeavor (Apr 21)

Fyodor

Re: WordPress 4.2 stored XSS Fyodor (Apr 27)

Gsunde Orangen

Re: [oss-security] Advisory: CVE-2014-9708: Appweb Web Server Gsunde Orangen (Apr 07)

Hanno Böck

Re: several issues in SQLite (+ catching up on several other bugs) Hanno Böck (Apr 16)
Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015) Hanno Böck (Apr 30)
Re: WordPress 4.2 stored XSS Hanno Böck (Apr 27)

Hector Marco-Gisbert

Linux ASLR mmap weakness: Reducing entropy by half Hector Marco-Gisbert (Apr 21)
AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5% Hector Marco-Gisbert (Apr 21)

Ian Neal

Re: Mysterious CVE-2008-568 (Solaris) Ian Neal (Apr 30)

Imre RAD

CVE-2014-7951 adb backup archive path traversal file overwrite Imre RAD (Apr 17)
CVE-2014-7954 MTP path traversal vulnerability in Android Imre RAD (Apr 17)
CVE-2014-7953 Android backup agent code execution Imre RAD (Apr 17)

ITAS Team

Wordpress plugin Simple Ads Manager - Arbitrary File Upload ITAS Team (Apr 04)
Wordpress plugin Simple Ads Manager - SQL Injection ITAS Team (Apr 04)
Multiple SQL Injection ITAS Team (Apr 04)
Wordpress plugin Simple Ads Manager - Information Disclosure ITAS Team (Apr 04)

Jaanus

Stored XSS in ebay messages Jaanus (Apr 28)

Jeffrey Walton

Hidden backdoor API to root privileges in Apple OS X Jeffrey Walton (Apr 10)
Re: several issues in SQLite (+ catching up on several other bugs) Jeffrey Walton (Apr 19)
Re: several issues in SQLite (+ catching up on several other bugs) Jeffrey Walton (Apr 19)

Jing Wang

Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 14)
Comsenz SupeSite CMS 7.0 Stored XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 14)
6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Jing Wang (Apr 04)
6kbbs v8.0 XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 04)
Opoint Media Intelligence Unvalidated Redirects and Forwards (URL Redirection) Security Vulnerabilities Jing Wang (Apr 14)
ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 04)
NetCat CMS 3.12 HTML Injection Security Vulnerabilities Jing Wang (Apr 14)
6kbbs v8.0 SQL Injection Security Vulnerabilities Jing Wang (Apr 04)
NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities Jing Wang (Apr 14)
Proverbs Web Calendar 2.1.2 XSS (Cross-site Scripting) Security Vulnerabilities Jing Wang (Apr 04)

Johnny Five

Vulnerability in site leads to source code dump Johnny Five (Apr 01)

John Page

Wing FTP Server Admin 4.4.5 CSRF & XSS Vulnerabilties John Page (Apr 28)

Jouko Pynnonen

WordPress 4.2 stored XSS Jouko Pynnonen (Apr 26)
Google Analytics by Yoast stored XSS #2 Jouko Pynnonen (Apr 21)
Safari iOS/OS X/Windows cookie access vulnerability Jouko Pynnonen (Apr 13)

jungle Boogie

Re: several issues in SQLite (+ catching up on several other bugs) jungle Boogie (Apr 19)
Re: several issues in SQLite (+ catching up on several other bugs) jungle Boogie (Apr 19)

Larry W. Cashdollar

Re: Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Larry W. Cashdollar (Apr 04)
Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 Larry W. Cashdollar (Apr 01)
Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Larry W. Cashdollar (Apr 01)

Levon Kayan

New tool: smalisca - Static Code Analysis tool for Smali files Levon Kayan (Apr 07)

Mario Vilas

Re: Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability Mario Vilas (Apr 21)

Mark Felder

Mysterious CVE-2008-568 (Solaris) Mark Felder (Apr 30)

Martin Jartelius

CVE-2015-0984 SCADA - Gaining remote shell on Honeywell Falcon XLWEB Martin Jartelius (Apr 22)

ma sh

Android 0-day vulnerability - Drive by download ma sh (Apr 22)

Melchior Limacher

IKE Aggressive Mode Downgrade Attack? Melchior Limacher (Apr 30)

Michal Zalewski

Re: Mysterious CVE-2008-568 (Solaris) Michal Zalewski (Apr 30)
Re: several issues in SQLite (+ catching up on several other bugs) Michal Zalewski (Apr 19)
Re: several issues in SQLite (+ catching up on several other bugs) Michal Zalewski (Apr 19)
several issues in SQLite (+ catching up on several other bugs) Michal Zalewski (Apr 14)

MustLive

XSS and CSRF vulnerabilities in ASUS RT-G32 MustLive (Apr 26)
SQL Injection, XSS and FPD vulnerabilities Nodes Studio CMS MustLive (Apr 16)

Paris Zoumpouloglou

libarchive - Out of bounds read using malformed cpio archive Paris Zoumpouloglou (Apr 28)

Paul Vixie

Re: several issues in SQLite (+ catching up on several other bugs) Paul Vixie (Apr 14)

Pedro Ribeiro

[CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution Pedro Ribeiro (Apr 07)

Pichaya Morimoto

phpSFP - Schedule Facebook Posts 1.5.6 Pre-auth SQL Injection (0-day) Pichaya Morimoto (Apr 04)

PIN

#WorldPenguinDay or this cant be right, can it? PIN (Apr 26)
Re: #WorldPenguinDay or this cant be right, can it? PIN (Apr 30)

Portcullis Advisories

CVE-2014-5370 - Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet Portcullis Advisories (Apr 17)

Reed Loden

Re: several issues in SQLite (+ catching up on several other bugs) Reed Loden (Apr 20)

Rehan Ahmed

OrangeHRM Blind SQL Injection & XSS Vulnerabilities Rehan Ahmed (Apr 11)

Ryan Dewhurst

Re: WordPress 4.2 stored XSS Ryan Dewhurst (Apr 27)

Scott Arciszewski

Re: WordPress 4.2 stored XSS Scott Arciszewski (Apr 26)
Laravel - PHP Object Injection - 4.1, 4.2, 5.0, master Scott Arciszewski (Apr 19)
Re: WordPress 4.2 stored XSS Scott Arciszewski (Apr 27)
Re: WordPress 4.2 stored XSS Scott Arciszewski (Apr 27)

SEC Consult Vulnerability Lab

SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035) SEC Consult Vulnerability Lab (Apr 10)
SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows SEC Consult Vulnerability Lab (Apr 09)

Securify B.V.

Reflected Cross-Site Scripting vulnerability in asdoc generated documentation Securify B.V. (Apr 07)

Shahar Tal

Magento Unauthenticated RCE Shahar Tal (Apr 22)

Takeshi Terada

whitepaper: Identifier based XSSI attacks Takeshi Terada (Apr 14)

Taoguang Chen

Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception Taoguang Chen (Apr 29)
Type Confusion Infoleak Vulnerability in unserialize() with SoapFault Taoguang Chen (Apr 29)

Tavis Ormandy

Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 14)

Tod Beardsley

Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936) Tod Beardsley (Apr 01)

Uğur Cihan KOÇ

Huawei SEQ Analyst - XML External Entity Injection (XXE) Uğur Cihan KOÇ (Apr 15)
Huawei SEQ Analyst - Multiple Reflected Cross Site Scripting (XSS) Uğur Cihan KOÇ (Apr 15)

VMware Security Response Center

NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE VMware Security Response Center (Apr 02)

Vulnerability Lab

Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability Vulnerability Lab (Apr 21)
PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Apr 21)
Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability Vulnerability Lab (Apr 21)
PayPal Inc Bug Bounty #114 - JDWP Remote Code Execution Vulnerability Vulnerability Lab (Apr 28)
Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability Vulnerability Lab (Apr 21)
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities Vulnerability Lab (Apr 21)
Mobile Drive HD v1.8 - File Include Web Vulnerability Vulnerability Lab (Apr 21)
iPassword Manager v2.6 iOS - Persistent Vulnerabilities Vulnerability Lab (Apr 22)
Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability Vulnerability Lab (Apr 21)
Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability Vulnerability Lab (Apr 21)
HomeAdvisor Bug Bounty #1 - Filter Bypass & Client Side Exception Handling Vulnerability Vulnerability Lab (Apr 22)
Socrata Bug Bounty #1 - Persistent Encoding Vulnerability Vulnerability Lab (Apr 23)
SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Apr 28)
Photo Manager Pro v4.4.0 iOS - File Include Vulnerability Vulnerability Lab (Apr 21)
SevDesk v1.1 iOS - Persistent Dashboard Vulnerability Vulnerability Lab (Apr 30)
Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability Vulnerability Lab (Apr 22)

Why Know

Fusion Engage v1.0.5 (WordPress Plugin) Local File Disclosure Why Know (Apr 10)

Winni Neessen

Re: WordPress 4.2 stored XSS Winni Neessen (Apr 27)

朱东海

[ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow 朱东海 (Apr 23)

魏诺德

OS X 0day - works on latest verz 魏诺德 (Apr 30)

Previous period

Next period