Full Disclosure: by date

PreviousPrevious period
Next periodNext

121 messages starting Sep 01 15 and ending Sep 30 15
Date index | Thread index | Author index

Tuesday, 01 September

[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities CORE Advisories Team
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation KoreLogic Disclosures
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation KoreLogic Disclosures

Wednesday, 02 September

PayPal Inc - Security Approval & 2FA Account Auth Bypass Session Vulnerability Vulnerability Lab
NibbleBlog 4.0.3 - CSRF - Not fixed Curesec Research Team (CRT)
NibbleBlog 4.0.3 - Code Execution - Not fixed Curesec Research Team (CRT)
Serendipity 2.0.1 - Code Execution Curesec Research Team (CRT)
Serendipity 2.0.1 - Persistent XSS Curesec Research Team (CRT)
Serendipity 2.0.1 - Blind SQL Injection Curesec Research Team (CRT)
PacSec (Tokyo Nov 11-12): PWN2OWN Mobile first casualty of Wassenaar, CFP extended to Friday September 4 Dragos Ruiu
Stored XSS in Watu PRO allows unauthenticated attackers to do almost anything an admin can (WordPress plugin) dxw Security
CSRF in Watu PRO allows unauthenticated attackers to delete quizzes (WordPress plugin) dxw Security
Stored XSS in Watu PRO Play allows unauthenticated attackers to do almost anything an admin can (WordPress plugin) dxw Security

Thursday, 03 September

Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities Vulnerability Lab

Monday, 07 September

Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability David Coomber
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability David Coomber
NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation Elliott Lewis
Checkmarx CxQL Sandbox bypass (CVE-2014-8778) Dau, Huy-Ngoc (FR - Paris)
Glibc Pointer guarding weakness Hector Marco-Gisbert
[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow Julien Ahrens
Just Don't Use or Trust Bullhorn Scott Arciszewski
Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability Praveen D
Advantech WebAccess 8.0, 3.4.3 multiple Remote Code Execution Vulnerabilities Praveen D
Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation Stefan Kanthak
Use After Free Vulnerabilities in unserialize() Taoguang Chen
Use After Free Vulnerabilities in Session Deserializer Taoguang Chen
Use After Free Vulnerability in unserialize() with GMP Taoguang Chen
Yet Another Use After Free Vulnerability in unserialize() with SplObjectStorage Taoguang Chen
Yet Another Use After Free Vulnerability in unserialize() with SplDoublyLinkedList Taoguang Chen
Re: Use After Free Vulnerabilities in unserialize() Taoguang Chen

Tuesday, 08 September

Re: Integer overflow in .NET Framework System.DirectoryServices.Protocols.Utility class Securify B.V.

Wednesday, 09 September

Synology Video Station command injection and multiple SQL injection vulnerabilities Securify B.V.
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station Securify B.V.

Thursday, 10 September

Raritan PowerIQ default credentials Brandon Perry
Silver Peak VXOA Multiple Vulnerabilities Daniel Jensen
OpenLDAP ber_get_next Denial of Service Denis Andzakovic
[ERPSCAN-15-014] SAP Mobile Platform 3 – XXE in Add Repository ERPScan inc
[ERPSCAN-15-015] SAP NetWeaver AS ABAP– Hardcoded Credentials ERPScan inc
[ERPSCAN-15-016] SAP NetWeaver – Hardcoded credentials ERPScan inc
CubeCart 6.0.6 > 5.2.12 admin hijacking vulnerability Fernando Camara
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 Onur Yilmaz
Defense in depth -- the Microsoft way (part 34): our developers and our QA still ignore our own security recommendations Stefan Kanthak
Nokia Solutions and Networks @vantage - Multiple Reflected XSS Uğur Cihan KOÇ
Re: Schneider Electric CitectSCADA Insecure DLL Loading Code Execution Vulnerability W Gillespie

Friday, 11 September

Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability Vulnerability Lab
Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability Vulnerability Lab
Magento Bug Bounty #19 - Persistent Filename Vulnerability Vulnerability Lab
PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability Vulnerability Lab
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability Egidio Romano
Re: OpenLDAP ber_get_next Denial of Service Mark Koek
Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe Stefan Kanthak

Monday, 14 September

Sunny WebBox CVE-2015-3964 Fix SCADA StrangeLove

Tuesday, 15 September

Paypal Inc - Open Redirect Web Vulnerability Vulnerability Lab
Anchor CMS 0.9.2 - XSS Curesec Research Team (CRT)
Zen Cart 1.5.4 - Code Execution and Information Leak Curesec Research Team (CRT)
ZeusCart 4.0 - XSS - not fixed Curesec Research Team (CRT)
ZeusCart 4.0: SQL Injection - not fixed Curesec Research Team (CRT)
ZeusCart 4.0: Code Execution - not fixed Curesec Research Team (CRT)
ZeusCart 4.0: CSRF - not fixed Curesec Research Team (CRT)
Kirby CMS <= 2.1.0 CSRF Content Upload and PHP Script Execution Dawid Golunski
Kirby CMS <= 2.1.0 Authentication Bypass via Path Traversal Dawid Golunski
Weeman 1.1 HTTP server for phishing | release announcement Hypsurus
(0day) IBOOKING CMS - SQL INJECTION INURL Brasil
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting Ahrens, Julien
FuzzDB updated, relocated to Github Adam Muntner
ManageEngine EventLog Analyzer SQL query execution xistence
ManageEngine OpManager multiple vulnerabilities xistence

Wednesday, 16 September

APPLE-SA-2015-09-16-1 iOS 9 Apple Product Security
APPLE-SA-2015-09-16-2 Xcode 7.0 Apple Product Security
APPLE-SA-2015-09-16-3 iTunes 12.3 Apple Product Security
APPLE-SA-2015-09-16-4 OS X Server 5.0.3 Apple Product Security
Re: Use After Free Vulnerabilities in unserialize() Christian Kujau

Thursday, 17 September

KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation KoreLogic Disclosures

Saturday, 19 September

On Huawei advisory for MBB (Mobile Broadband) product E3272s. SCADA StrangeLove
New release of testssl.sh Dirk
s/party/hack like it's 1999 up201407890

Monday, 21 September

Defense in depth -- the Microsoft way (part 35): Windows Explorer ignores "Run as administrator" ... Stefan Kanthak
Broken, Abandoned, and Forgotten Code, Part 12 Zach C

Tuesday, 22 September

Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability Vulnerability Lab
UDID v1.0 iOS - Persistent Mail Encode Vulnerability Vulnerability Lab
Cisco AnyConnect elevation of privileges via DLL side loading Securify B.V.
[Onapsis Security Advisory 2015-013] SAP Business Objects Memory Corruption Onapsis Research Team
Obtaining LAN IP from JavaScript for CSRF Craig Young

Wednesday, 23 September

Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability Vulnerability Lab
WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability Vulnerability Lab
UltraEdit v22.20 - Buffer Overflow Vulnerability Vulnerability Lab
Cisco AnyConnect elevation of privileges via DMG install script Securify B.V.
CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth Antoine Neuenschwander
An iOS oversight: exploiting device trust and backups David Longenecker
APPLE-SA-2015-09-21-1 watchOS 2 Apple Product Security

Thursday, 24 September

Flowdock API Bug Bounty #2 - Persistent Web Vulnerability Vulnerability Lab

Friday, 25 September

CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine Portcullis Advisories
CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine Portcullis Advisories
CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine Portcullis Advisories
RomPager ShellShock RCE Vulnerability? 1n3
Stored XSS in 4images <= v1.7.11 Manuel Garcia Cardenas
VuFind 1.0 Web Application Reflected XSS (Cross-site Scripting) 0-Day Bug Security Issue Jing Wang
Re: An iOS oversight: exploiting device trust and backups Luis 'Pope' Gómez
CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization Profundis Labs
CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization Profundis Labs

Sunday, 27 September

Re: RomPager ShellShock RCE Vulnerability? 1n3
Apport kernel_crashdump symlink vulnerability exploitation halfdog
Unauthorized Data Manipulation Vulnerability in Orange HRM vishnu raju

Monday, 28 September

My.WiFi USB Drive v1.0 iOS - File Include Vulnerability Vulnerability Lab
Flowdock API Bug Bounty #3 - (Invite) Persistent Web Vulnerability Vulnerability Lab
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability Vulnerability Lab
WinRAR SFX v5.21 - Remote Code Execution Vulnerability Vulnerability Lab
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability Vulnerability Lab
IconLover v5.4.5 - Stack Buffer Overflow Vulnerability Vulnerability Lab

Tuesday, 29 September

[Onapsis Security Advisory 2015-009] SAP HANA hdbsql Multiple Memory Corruption Vulnerabilities Onapsis Research Team
[Onapsis Security Advisory 2015-015] SAP HANA SQL injection in _modifyUser function Onapsis Research Team
[Onapsis Security Advisory 2015-016] SAP HANA SQL injection in _newUser function Onapsis Research Team
[Onapsis Security Advisory 2015-017] SAP HANA XSJS Code Injection in test-net.xsjs Onapsis Research Team
[Onapsis Security Advisory 2015-018] SAP HANA SQL injection in, setTraceLevelsForXsApps function Onapsis Research Team
[Onapsis Security Advisory 2015-019] SAP HANA XSS in role deletion through Web-based development workbench Onapsis Research Team
[Onapsis Security Advisory 2015-020] SAP HANA Trace configuration SQL injection Onapsis Research Team
[Onapsis Security Advisory 2015-021] SAP HANA XSS in user creation through Web-based development workbench Onapsis Research Team
[Onapsis Security Advisory 2015-022] SAP HANA SQL injection in getSqlTraceConfiguration function Onapsis Research Team
[Onapsis Security Advisory 2015-023] SAP HANA Drop Credentials SQL injection Onapsis Research Team

Wednesday, 30 September

Re: Cisco AnyConnect elevation of privileges via DLL side loading Securify B.V.
Re: Cisco AnyConnect elevation of privileges via DMG install script Securify B.V.
PreviousPrevious period
Next periodNext