Full Disclosure: by author
115 messages
starting Oct 10 15 and
ending Oct 21 15
Date index |
Thread index |
Author index
Adrián Ruiz
Exploit NetUSB CVE-2015-3036 Adrián Ruiz (Oct 10)
Alan Hikerell
Xen VM Escape Alan Hikerell (Oct 30)
alendal
Western Digital - My Passport / My Book self-encrypting external hard drive series - Multiple vulnerabilities alendal (Oct 19)
Alexander Georgiev
Tool: Race condition chaser on windows Alexander Georgiev (Oct 01)
Alexandre Herzog
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img Alexandre Herzog (Oct 08)
Re: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img Alexandre Herzog (Oct 08)
Andrey Loginov
UISGCON11 CFP Andrey Loginov (Oct 15)
Antonio Sanso
Apple Safari URI spoofing (CVE-2015-5764) Antonio Sanso (Oct 05)
Apple Product Security
APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 Apple Product Security (Oct 15)
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 Apple Product Security (Oct 21)
APPLE-SA-2015-10-21-5 iTunes 12.3.1 Apple Product Security (Oct 21)
APPLE-SA-2015-09-30-2 Safari 9 Apple Product Security (Oct 01)
APPLE-SA-2015-10-21-2 watchOS 2.0.1 Apple Product Security (Oct 21)
APPLE-SA-2015-10-21-1 iOS 9.1 Apple Product Security (Oct 21)
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 Apple Product Security (Oct 21)
APPLE-SA-2015-10-21-7 Xcode 7.1 Apple Product Security (Oct 21)
APPLE-SA-2015-09-30-01 iOS 9.0.2 Apple Product Security (Oct 01)
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 Apple Product Security (Oct 21)
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 Apple Product Security (Oct 01)
APPLE-SA-2015-10-21-3 Safari 9.0.1 Apple Product Security (Oct 21)
ascii
Veeam Backup & Replication Local Privilege Escalation Vulnerability ascii (Oct 08)
Berend-Jan Wever
JScript 5.7 (MSIE 8) RegExpBase::FBadHeader regular expression use-after-free Berend-Jan Wever (Oct 13)
CRT
Pligg CMS 2.0.2: Multiple SQL Injections CRT (Oct 30)
Pligg CMS 2.0.2: Directory Traversal CRT (Oct 30)
Pligg CMS 2.0.2: Code Execution & CSRF CRT (Oct 30)
Curtis Lee Bolin
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Curtis Lee Bolin (Oct 13)
dash
hackercon berlin: hack4 the year is 2015 dash (Oct 15)
David Sopas
Events Made Easy WordPress plugin CSRF + Persistent XSS David Sopas (Oct 17)
Komento Joomla! component Persistent XSS David Sopas (Oct 05)
David Stubley
CVE-2015-2342 VMware vCenter Remote Code Execution David Stubley (Oct 01)
Dawid Golunski
eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM Dawid Golunski (Oct 30)
Denis Andzakovic
KeeFarce - A KeePass 2.x database extraction tool Denis Andzakovic (Oct 30)
dxw Security
Full Path Disclosure vulnerability in JM Twitter Cards reveals the location of the WordPress installation on the server (WordPress plugin) dxw Security (Oct 13)
Eduardo Alves
Telegram - Multiple Vulnerabilities Eduardo Alves (Oct 01)
Eric Windisch
Seagate Central NAS vulnerabilities Eric Windisch (Oct 19)
ERPScan inc
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability ERPScan inc (Oct 30)
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability ERPScan inc (Oct 27)
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability ERPScan inc (Oct 27)
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability ERPScan inc (Oct 30)
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability ERPScan inc (Oct 27)
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability ERPScan inc (Oct 30)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access ERPScan inc (Oct 17)
Fernando Mercês
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Fernando Mercês (Oct 19)
Gynvael Coldwind
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Gynvael Coldwind (Oct 01)
Haifei Li
Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Haifei Li (Oct 05)
Hernan Moller
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Hernan Moller (Oct 05)
James Hodgkinson
Re: DDos Attack To Drop The Internet James Hodgkinson (Oct 08)
Javantea
Shell Injection in Pygments FontManager._get_nix_font_path Javantea (Oct 01)
Jeffrey Roberts
DDos Attack To Drop The Internet Jeffrey Roberts (Oct 05)
Jerome Athias
Back to the future EMV attacks Jerome Athias (Oct 27)
Back to the future NTP attacks new attack vector Jerome Athias (Oct 27)
Joe G
Re: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img Joe G (Oct 08)
Karn Ganeshen
PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities Karn Ganeshen (Oct 15)
netis RealTek wireless router / ADSL modem Multiple Vulnerabilities Karn Ganeshen (Oct 15)
Kenan Gms
u-design wordpress theme DOM XSS Kenan Gms (Oct 05)
Lee
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Lee (Oct 13)
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Lee (Oct 05)
lists
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome lists (Oct 13)
Luca
Writing Cisco IOS Rootkits Luca (Oct 10)
Lyon Yang
Vantage Point Security Advisory 2015-003 Lyon Yang (Oct 13)
Vantage Point Security Advisory 2015-002 Lyon Yang (Oct 13)
Manuel Garcia Cardenas
Blind SQL Injection in admin panel PHP-Fusion <= v7.02.07 Manuel Garcia Cardenas (Oct 05)
Marcin Probola
Simple PHP static code analysis for security researchers Marcin Probola (Oct 21)
Mark Felder
Charter Spectrum Business HTTP MITM Mark Felder (Oct 05)
Matteo Beccati
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati (Oct 08)
Mohamed A. Baset
Firefox FindMyDevice Critical ClickJacking Security Vulnerability Mohamed A. Baset (Oct 19)
MustLive
Vulnerabilities in Callisto 821+R3 ADSL Router MustLive (Oct 01)
AoF and CSRF vulnerabilities in D-Link DCS-2103 MustLive (Oct 27)
CSRF vulnerabilities in Callisto 821+R3 ADSL Router MustLive (Oct 08)
Necmettin COŞKUN
DirectAdmin (1.44.3) CSRF Vulnerability Necmettin COŞKUN (Oct 10)
Nguyen Anh Quynh
Unicorn CPU Emulator Framework is out! Nguyen Anh Quynh (Oct 15)
omarbv
RootedCON 2016 CFP omarbv (Oct 27)
Onur Yilmaz
TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391 Onur Yilmaz (Oct 08)
TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390 Onur Yilmaz (Oct 08)
Pascal Cuoq
Buffer overflow in tiny-AES128-C Pascal Cuoq (Oct 13)
Phil Ashby
Re: DDos Attack To Drop The Internet Phil Ashby (Oct 08)
Philip Pettersson
Mac OS X local root (rsh/libmalloc) Philip Pettersson (Oct 01)
Pierre Kim
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE Pierre Kim (Oct 08)
Portcullis Advisories
CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver Portcullis Advisories (Oct 29)
CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver Portcullis Advisories (Oct 29)
Qualys Security Advisory
Qualys Security Advisory - OpenSMTPD Audit Report Qualys Security Advisory (Oct 05)
Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Qualys Security Advisory (Oct 15)
RedTeam Pentesting GmbH
[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass RedTeam Pentesting GmbH (Oct 08)
research
IntelliSec Advisory - Multiple Vulnerabilities in Kerio Control Firewall research (Oct 13)
Rio Sherri
WinRar Settings Import Command Execution Rio Sherri (Oct 05)
rio.sherri
WinRar Expired Notification - OLE Remote Command Execution rio.sherri (Oct 01)
rotem kerner
Timing attack vulnerability in most Zeus server-sides rotem kerner (Oct 27)
Sandeep Kamble
Drupal 8.0.0-beta14 Vendor Script Vulnerable to XSS Sandeep Kamble (Oct 08)
CVE-2015-2652 – Unauthenticated File Upload in Oracle E-business Suite. Sandeep Kamble (Oct 08)
SEC Consult Vulnerability Lab
SEC Consult SA-20151022-0 :: Lime Survey Multiple Critical Vulnerabilities SEC Consult Vulnerability Lab (Oct 22)
Security Explorations
[SE-2014-02] Google App Engine Java security sandbox bypasses (Issue 42) Security Explorations (Oct 21)
Shawn McMahon
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Shawn McMahon (Oct 08)
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Shawn McMahon (Oct 15)
Specto
CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability Specto (Oct 05)
Stefan Kanthak
Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE Stefan Kanthak (Oct 30)
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Stefan Kanthak (Oct 08)
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Stefan Kanthak (Oct 05)
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Stefan Kanthak (Oct 05)
Re: Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome Stefan Kanthak (Oct 13)
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability Stefan Kanthak (Oct 10)
Mozilla extensions: a security nightmare (part 2) Stefan Kanthak (Oct 13)
Takeshi Terada
CakePHP Xml class SSRF Vulnerability Takeshi Terada (Oct 15)
Tim Schughart
Sicherheitslücke - Liferay Portal Enterprise Edition Tim Schughart (Oct 05)
Persistent XSS - Liferay Portal Enterprise Edition Tim Schughart (Oct 05)
Uni Sec
Re: Telegram - Multiple Vulnerabilities Uni Sec (Oct 05)
Vic Vandal
CarolinaCon-12 - March 2016 - Call for Speakers/Papers/Presenters/Demos Vic Vandal (Oct 17)
Vulnerability Lab
WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability Vulnerability Lab (Oct 09)
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability Vulnerability Lab (Oct 09)
W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability Vulnerability Lab (Oct 09)
PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability Vulnerability Lab (Oct 09)
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability Vulnerability Lab (Oct 15)
PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability Vulnerability Lab (Oct 15)
xistence
ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal xistence (Oct 05)
Zach C
Broken, Abandoned, and Forgotten Code, Part 13 Zach C (Oct 08)
ZoRLu Bugrahan
SiteWIX - (edit_photo2.php id) SQL Injection Exploit ZoRLu Bugrahan (Oct 21)