Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

93 messages starting Apr 04 16 and ending Apr 04 16
Date index | Thread index | Author index

Apple Product Security

APPLE-SA-2016-03-31-1 iBooks Author 2.4.1 Apple Product Security (Apr 04)

Árpád Magosányi

end of useable crypto in browsers? Árpád Magosányi (Apr 09)
Re: end of useable crypto in browsers? Árpád Magosányi (Apr 14)

Asterisk Security Team

AST-2016-004: Long Contact URIs in REGISTER requests can crash Asterisk Asterisk Security Team (Apr 14)
AST-2016-005: TCP denial of service in PJProject Asterisk Security Team (Apr 14)

David Leo

Lock Browser 5.3 (Browser Security, Open Source, Python) David Leo (Apr 20)
Request For Comment: Possible Flaw of Bypassing CAPTCHA in AWS Login? David Leo (Apr 26)

David Longenecker

Unauthenticated CSRF reboot flaw in ARRIS (Motorola) SURFboard modems David Longenecker (Apr 04)

David Vieira-Kurz

Remote Code Execution in Shopware <5.1.5 (CVE-2016-3109) David Vieira-Kurz (Apr 26)

dev

Multiple Vulnerabilities in Voo branded Netgear CG3700b dev (Apr 26)

ERPScan inc

[ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues ERPScan inc (Apr 16)
[ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) – XSS vulnerability ERPScan inc (Apr 20)
[ERPSCAN-16-002] SAP HANA - log injection and no size restriction ERPScan inc (Apr 15)
[ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability ERPScan inc (Apr 15)
[ERPSCAN-16-005] SAP HANA hdbxsengine JSON – DoS vulnerability ERPScan inc (Apr 20)

exploits4coins.com 2

Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit exploits4coins.com 2 (Apr 04)

Francesco Oddo

PfSense Community Edition Multiple Vulnerabilities Francesco Oddo (Apr 15)

Francisco Amato

Check out faraday v1.0.18! New CLI mode, Jira support & bug fixes! Francisco Amato (Apr 06)

Francisco Javier Santiago Vázquez

Tradukka affected by Cross-Site Scripting Francisco Javier Santiago Vázquez (Apr 04)

Hans Jerry Illikainen

CVE-2016-2191: optipng: invalid write Hans Jerry Illikainen (Apr 04)
CVE-2016-3074: libgd: signedness vulnerability Hans Jerry Illikainen (Apr 21)

Hardwear Team

hardwear.io CFP 2016 - Hardware Security Conference Call for Papers Hardwear Team (Apr 06)

Hector Marco-Gisbert

CVE-2016-3672 - Unlimiting the stack not longer disables ASLR Hector Marco-Gisbert (Apr 06)

Imre RAD

Monsta Box WebFTP 1.8.2 and below arbitrary file read and path traversal vulnerabilities Imre RAD (Apr 07)

Kyriakos Economou

Avast SandBox Escape via IOCTL Requests Kyriakos Economou (Apr 20)
Panda Security Multiple Business Products - Privilege Escalation Kyriakos Economou (Apr 06)
Panda Security 2016 Home User Products - Privilege Escalation Kyriakos Economou (Apr 06)

Manuel Garcia Cardenas

Time-based SQL Injection in Admin panel ImpressCMS <= v1.3.9 Manuel Garcia Cardenas (Apr 21)

Manuel Mancera

Fireware XTM Web UI - Open Redirect Manuel Mancera (Apr 06)

Milos Krasojevic

Call for Papers for 4th Balkan Computer Congress – BalCCon2k16 Milos Krasojevic (Apr 14)

MustLive

Daily Edition theme for WordPress MustLive (Apr 04)
Daily Edition theme for WordPress MustLive (Apr 04)
DAVOSET v.1.2.8 MustLive (Apr 14)

p0x2015

DotCMS injection Vulnerability p0x2015 (Apr 04)

Paget Philippe

[CFP] GreHack 2016 Paget Philippe (Apr 26)

Pierre-David / NorthSec Conference

Announcing NorthSec 2016 - Montreal, May 19-22 Pierre-David / NorthSec Conference (Apr 16)

Pierre Kim

Multiple vulnerabilities found in Quanta LTE routers (backdoor, backdoor accounts, RCE, weak WPS ...) Pierre Kim (Apr 04)

Raphael Ernst

Xerox Phaser 6700 - Remote Root-Exploits utilizing Clone Files Raphael Ernst (Apr 27)

Reindl Harald

Re: end of useable crypto in browsers? Reindl Harald (Apr 15)

research () rv3lab org

Multiple Reflected XSS vulnerabilities in Oliver (formerly Webshare) v1.3.1 research () rv3lab org (Apr 20)

Rio Sherri

Express Zip <= 2.40 Path Traversal Rio Sherri (Apr 08)

robert mccurdy

Reprint your I$ACA CPE's using Burp Suite! ( the no refund addition ! ) robert mccurdy (Apr 04)

Sandro Poppi

Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability Sandro Poppi (Apr 16)

Sebastian

Re: end of useable crypto in browsers? Sebastian (Apr 14)
Re: end of useable crypto in browsers? Sebastian (Apr 15)
Re: end of useable crypto in browsers? Sebastian (Apr 14)

Sebastian Perez

ManageEngine Password Manager Pro Multiple Vulnerabilities Sebastian Perez (Apr 04)

SEC Consult Vulnerability Lab

SEC Consult SA-20160422-1 :: Multiple vulnerabilities in Digitalstrom Konfigurator SEC Consult Vulnerability Lab (Apr 22)
SEC Consult SA-20160422-0 :: Insecure credential storage in my devolo Android app SEC Consult Vulnerability Lab (Apr 22)

Securify B.V.

.NET Framework 4.6 allows side loading of Windows API Set DLL Securify B.V. (Apr 12)
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection Securify B.V. (Apr 27)

Security Explorations

[SE-2012-01] Broken security fix in IBM Java 7/8 Security Explorations (Apr 04)
Re: [SE-2012-01] Broken security fix in IBM Java 7/8 Security Explorations (Apr 05)
[SE-2012-01] Yet another broken security fix in IBM Java 7/8 Security Explorations (Apr 12)

Seth Arnold

Re: end of useable crypto in browsers? Seth Arnold (Apr 14)

Simon Waters (Surevine)

Blind SQL injections in CivicRM Simon Waters (Surevine) (Apr 08)

Stefan Kanthak

Executable installers are vulnerable^WEVIL (case 33): GData's installers allow escalation of privilege Stefan Kanthak (Apr 20)

Sysdream Labs

Wordpress iThemes Security (Better WP Security) Insecure Backup/Logfile Generation (access rights) Sysdream Labs (Apr 21)
Wordpress iThemes Security (Better WP Security) Insecure Backup/Logfile Generation (predicatable filename) Sysdream Labs (Apr 21)

test111 tesla

Bug bounty submission test111 tesla (Apr 27)

Tony Arcieri

Re: end of useable crypto in browsers? Tony Arcieri (Apr 15)

Vulnerability Lab

C & C++ for OS - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Apr 25)
Eight Webcom CMS (2016 Q2) - SQL Injection Vulnerability Vulnerability Lab (Apr 07)
Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Apr 25)
FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability Vulnerability Lab (Apr 04)
Techsoft Web Solutions CMS 2016 Q2 - SQL Injection Web Vulnerability Vulnerability Lab (Apr 04)
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Apr 25)
Wordpress Scoreme Theme - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Apr 04)
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Apr 29)
Quicksilver HQ VoHo Concept4E CMS v1.0 - Multiple SQL Injection Web Vulnerabilities Vulnerability Lab (Apr 07)
Wordpress Robo Gallery v2.0.14 - Code Execution Vulnerability Vulnerability Lab (Apr 12)
Negin Group CMS - (v) Multiple Web Vulnerabilities Vulnerability Lab (Apr 25)
Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Apr 07)
Oracle Discoverer Viewer BI - Open Redirect Vulnerability Vulnerability Lab (Apr 27)
WP Multiple Meta Box v1.0 - SQL Injection Vulnerability Vulnerability Lab (Apr 08)
Virtual Freer v1.58 - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Apr 07)
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Apr 14)
Apple iOS 9.3.1 (iPhone 6S & iPhone Plus) - (3D Touch) Passcode Bypass Vulnerability Vulnerability Lab (Apr 05)
Trend Micro (Account) - Email Spoofing Web Vulnerability Vulnerability Lab (Apr 26)
UBNT Bug Bounty #2 - XML External Entity Vulnerability Vulnerability Lab (Apr 25)
Techsoft WS CMS (2016 Q2) - SQL Injection Web Vulnerability Vulnerability Lab (Apr 07)
Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities Vulnerability Lab (Apr 25)
Webline CMS (2016Q2) - SQL Injection Vulnerability Vulnerability Lab (Apr 13)
Sophos XG Firewall (SF01V) - Persistent Web Vulnerability Vulnerability Lab (Apr 26)
VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability Vulnerability Lab (Apr 26)
AccelSite Content Manager v1.0 - SQL Injection Vulnerability Vulnerability Lab (Apr 08)

xiaotian.wang () dbappsecurity com cn

[CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability xiaotian.wang () dbappsecurity com cn (Apr 04)

xiong piaox

[CVE-2016-3972]DotCMS Directory traversal vulnerability xiong piaox (Apr 08)
MeshCMS 3.6 – Multiple vulnerabilities xiong piaox (Apr 06)
[CVE-2016-3971]DotCMS xss vulnerability xiong piaox (Apr 08)
SQL Injection Vulnerability in DotCms v3.3 xiong piaox (Apr 04)
MeshCMS Command Execution Vulnerability xiong piaox (Apr 04)
Pulse CMS Multiple Vulnerabilities xiong piaox (Apr 04)

Previous period

Next period