Full Disclosure: by author

Previous period
Next period

128 messages starting Feb 22 16 and ending Feb 23 16
Date index | Thread index | Author index

0rwell Labs

PLANET IP Surveillance camera Multiple Vulnerabilities 0rwell Labs (Feb 22)

Adrian Hayes

BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS Adrian Hayes (Feb 22)

Alexander Korznikov

EBAY Bugbounty: Persistent DOM Based XSS on ebay.com Alexander Korznikov (Feb 18)

Alexandre Herzog

CSNC-2016-002 - Open Redirect in OpenAM Alexandre Herzog (Feb 25)
CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM) Alexandre Herzog (Feb 25)
CSNC-2016-001 - XSS in OpenAM Alexandre Herzog (Feb 25)

Andrea Di Pasquale

ArpON (ARP handler inspection) 3.0-ng release Andrea Di Pasquale (Feb 03)

Asterisk Security Team

AST-2016-002: File descriptor exhaustion in chan_sip Asterisk Security Team (Feb 03)
AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data. Asterisk Security Team (Feb 03)
AST-2016-001: BEAST vulnerability in HTTP server Asterisk Security Team (Feb 03)

Blue Frost Security Research Lab

BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware Blue Frost Security Research Lab (Feb 16)

Cosmin Maier

Serena Business Manager < 10.01 DOM XSS Vulnerability Cosmin Maier (Feb 12)

Curesec Research Team (CRT)

Opendocman 1.3.4: HTML Injection Curesec Research Team (CRT) (Feb 03)
Atutor 2.2: XSS Curesec Research Team (CRT) (Feb 03)
Opendocman 1.3.4: CSRF Curesec Research Team (CRT) (Feb 03)

Daniel Busch

BSides Hannover 2016 Daniel Busch (Feb 12)

Daniel Hadfield

Re: Cisco ASA VPN - Zero Day Exploit Daniel Hadfield (Feb 22)

David Coomber

Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability David Coomber (Feb 03)

David Leo

Browser Security Tool: HTTPS Only (Why, How, Open Source, Python) David Leo (Feb 16)

David Longenecker

Poor UX in Asus routers can leave the web UI unintentionally exposed to the Internet David Longenecker (Feb 10)

Dominic Chen

D-Link, Netgear Router Vulnerabiltiies Dominic Chen (Feb 25)

Douglas Held

Re: Point of Sale WinREST machines remote privilege escalation Douglas Held (Feb 16)

Duarte Silva

Re: Point of Sale WinREST machines remote privilege escalation Duarte Silva (Feb 16)

Egidio Romano

[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability Egidio Romano (Feb 23)

ERPScan inc

[ERPSCAN-15-032] SAP PCo agent – DoS vulnerability ERPScan inc (Feb 12)
[ERPSCAN-15-031] SAP MII – Encryption Downgrade vulnerability ERPScan inc (Feb 12)

Esteban Dauksis

CALL FOR PAPERS - FAQin Congress - Madrid Esteban Dauksis (Feb 03)

Etnies

Vulnerability in WebSVN 2.3.3 Etnies (Feb 22)

fulldisclosure

Netgear RP614v3 : Authentication Bypass fulldisclosure (Feb 04)

Giovanni Cerrato

osTicket multiple vulnerabilities Giovanni Cerrato (Feb 04)

graphx

ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation graphx (Feb 03)
ASUS RT-N56U Persistent XSS graphx (Feb 03)

halfdog

Various Linux Kernel USERNS Issues halfdog (Feb 25)

Himanshu Mehta

CVE Request: Fiyo CMS 2.0.2.1 - Multiple Persistent XSS Vulnerabilities Himanshu Mehta (Feb 22)

Jernej Simončič

Re: Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege Jernej Simončič (Feb 25)

Joey Maresca

Re: Cisco ASA VPN - Zero Day Exploit Joey Maresca (Feb 25)
Re: Cisco ASA VPN - Zero Day Exploit Joey Maresca (Feb 22)

Juan Sacco

Cisco ASA VPN - Zero Day Exploit Juan Sacco (Feb 18)

Julien Ahrens

Ubiquiti Networks UniFi v3.2.10 Generic CSRF Protection Bypass Julien Ahrens (Feb 25)

Kacper Szurek

Tiny Tiny RSS Blind SQL Injection Kacper Szurek (Feb 16)

Karn Ganeshen

DLink DVG­N5402SP Multiple Vulnerabilities Karn Ganeshen (Feb 03)
GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Sensitive Info Vulnerabilities Karn Ganeshen (Feb 03)

KoreLogic Disclosures

KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution KoreLogic Disclosures (Feb 12)

Kyriakos Economou

Avast Virtualization Driver - Elevation Of Privileges Kyriakos Economou (Feb 22)
NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers Kyriakos Economou (Feb 04)

LSE-Advisories

Redaxo CMS contains multiple vulnerabilities LSE-Advisories (Feb 16)

Manuel Garcia Cardenas

Time-based SQL Injection in Admin panel UliCMS <= v9.8.1 Manuel Garcia Cardenas (Feb 03)

Mark-David McLaughlin (marmclau)

Re: Cisco ASA VPN - Zero Day Exploit Mark-David McLaughlin (marmclau) (Feb 22)

Mark Koek

[CVE-2015-5345] Information disclosure vulnerability in Apache Tomcat Mark Koek (Feb 25)

Martin Jartelius

Sauter ModuWEB Vision SCADA vulnerabilities Martin Jartelius (Feb 03)

Mike Lisi

CVE-2016-2046 Cross Site Scripting in Sophos UTM 9 Mike Lisi (Feb 10)
CVE-2016-2046 Cross Site Scripting in Sophos UTM 9 Mike Lisi (Feb 18)

Ming

Packet Hacking Village Speaker Workshops at DEF CON 24 CFP Now Open (Modified) Ming (Feb 16)

Necmettin COŞKUN

Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability Necmettin COŞKUN (Feb 18)

Nick Boyce

Re: Netgear GS105Ev2 - Multiple Vulnerabilities Nick Boyce (Feb 10)

Onur Yilmaz

MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS Onur Yilmaz (Feb 03)

p

D-Link router DSL-2750B firmware 1.01 to 1.03 - remote command execution no auth required p (Feb 10)

Pedro Ribeiro

[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 Pedro Ribeiro (Feb 03)

Pete Herzog

Hacking Passwords, Lesson 11, Available Now! Pete Herzog (Feb 25)

P J P

Re: [oss-security] HTTPS Only (Open Source, Python) P J P (Feb 16)

Portcullis Advisories

Security Advisories Portcullis Advisories (Feb 03)

psy

XSSer v1.7b: "ZiKA-47 Swarm!" released.... psy (Feb 25)

Richard Tafoya

SerVision HVG - Hardcoded password Richard Tafoya (Feb 10)

Rio Sherri

Apple Software Update 2.1.3 (Windows) Remote Command Execution. Rio Sherri (Feb 03)

Russell Butturini

Equibase.com HTML Injection/Possible Reflected XSS Russell Butturini (Feb 03)

s3810

A tale of openssl_seal(), PHP and Apache2handle s3810 (Feb 03)

Sachin Wagh

ferretCMS– Multiple Cross-Site Scripting Vulnerabilities Sachin Wagh (Feb 22)
Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities Sachin Wagh (Feb 03)

Sandeep Kamble

Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities Sandeep Kamble (Feb 18)

SEC Consult Vulnerability Lab

SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities SEC Consult Vulnerability Lab (Feb 10)

Securify B.V.

MapsUpdateTask Task DLL side loading vulnerability Securify B.V. (Feb 10)
Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities Securify B.V. (Feb 10)
BDA MPEG2 Transport Information Filter DLL side loading vulnerability Securify B.V. (Feb 10)
NPS Datastore server DLL side loading vulnerability Securify B.V. (Feb 10)

Simon Waters (Surevine)

Multiple vulnerabilities in Open Real Estate v 1.15.1 Simon Waters (Surevine) (Feb 10)

Stefan Kanthak

[CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox Stefan Kanthak (Feb 10)
Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege Stefan Kanthak (Feb 04)
Re: Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege Stefan Kanthak (Feb 25)
Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege Stefan Kanthak (Feb 10)
Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege Stefan Kanthak (Feb 25)
Executable installers are vulnerable^WEVIL (case 4): InstallShield's wrapper and setup.exe Stefan Kanthak (Feb 25)

Sullo

RVAsec 2016 CFP is now Open! Sullo (Feb 12)

Sysdream Labs

CVE ID Request : Proxmox VE Insecure hostname checking (remote root exploit) Sysdream Labs (Feb 25)
CVE-2015-6541 : Multiple CSRF in Zimbra Mail interface Sysdream Labs (Feb 25)
CVE ID Request : Centreon remote code execution Sysdream Labs (Feb 25)

t . schughart

VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability t . schughart (Feb 03)
OpenXchange | Information Disclosure t . schughart (Feb 03)

Vantage Point Security

VP2016-001: Remote Command Execution in File Replication Pro Vantage Point Security (Feb 10)

Vítor Hugo Silva

Re: Point of Sale WinREST machines remote privilege escalation Vítor Hugo Silva (Feb 16)

Vitor Silva

Point of Sale WinREST machines remote privilege escalation Vitor Silva (Feb 12)

Vulnerability Lab

File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Feb 10)
File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Feb 03)
GTA Firewall GB-OS v6.2.02 - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Feb 24)
InstantCoder v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Feb 22)
Prezi Bug Bounty #7 - (Charts) Persistent Vulnerability Vulnerability Lab (Feb 23)
SimpleView CRM - Client Side Open Redirect Vulnerability Vulnerability Lab (Feb 03)
Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability Vulnerability Lab (Feb 08)
Chamilo LMS - Persistent Cross Site Scripting Vulnerability Vulnerability Lab (Feb 19)
HD Video Player v2.5 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Feb 12)
Getdpd BB #5 - Persistent Filename Vulnerability Vulnerability Lab (Feb 08)
Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities Vulnerability Lab (Feb 22)
Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability Vulnerability Lab (Feb 19)
Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities Vulnerability Lab (Feb 08)
Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability Vulnerability Lab (Feb 03)
Getdpd BB #3 - Persistent Cross Site Scripting Vulnerability Vulnerability Lab (Feb 08)
Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Feb 19)
Investors Application - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Feb 19)
ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability Vulnerability Lab (Feb 19)
Soso Transfer v1.1 iOS - Denial of Service Vulnerability Vulnerability Lab (Feb 03)
JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability Vulnerability Lab (Feb 08)
ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability Vulnerability Lab (Feb 19)
eFront Learning 3.6.15.6 CMS - (Forum) Persistent Title Web Vulnerability Vulnerability Lab (Feb 24)
Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability Vulnerability Lab (Feb 22)
Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability Vulnerability Lab (Feb 10)
PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities Vulnerability Lab (Feb 08)
File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities Vulnerability Lab (Feb 01)
eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability Vulnerability Lab (Feb 24)
Soso Transfer v1.1 iOS - Denial of Service Vulnerability Vulnerability Lab (Feb 03)
WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Feb 29)
Getdpd BB #4 - (name) Persistent Validation Vulnerability Vulnerability Lab (Feb 08)
Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass Vulnerability Lab (Feb 04)
MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability Vulnerability Lab (Feb 10)
Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Feb 01)
Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability Vulnerability Lab (Feb 29)
Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability Vulnerability Lab (Feb 19)
Apache Sling Framework v2.3.6 (Adobe AEM) [CVE-2016-0956] - Information Disclosure Vulnerability Vulnerability Lab (Feb 10)
Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability Vulnerability Lab (Feb 03)
InstantCoder v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Feb 23)
Previous period
Next period