Full Disclosure: by date

PreviousPrevious period
Next periodNext

128 messages starting Feb 01 16 and ending Feb 29 16
Date index | Thread index | Author index

Monday, 01 February

Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability Vulnerability Lab
File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities Vulnerability Lab

Wednesday, 03 February

Soso Transfer v1.1 iOS - Denial of Service Vulnerability Vulnerability Lab
Soso Transfer v1.1 iOS - Denial of Service Vulnerability Vulnerability Lab
File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities Vulnerability Lab
SimpleView CRM - Client Side Open Redirect Vulnerability Vulnerability Lab
Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability Vulnerability Lab
Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability Vulnerability Lab
Security Advisories Portcullis Advisories
AST-2016-001: BEAST vulnerability in HTTP server Asterisk Security Team
AST-2016-002: File descriptor exhaustion in chan_sip Asterisk Security Team
AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data. Asterisk Security Team
ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation graphx
Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities Sachin Wagh
VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability t . schughart
OpenXchange | Information Disclosure t . schughart
Equibase.com HTML Injection/Possible Reflected XSS Russell Butturini
Atutor 2.2: XSS Curesec Research Team (CRT)
Opendocman 1.3.4: CSRF Curesec Research Team (CRT)
Opendocman 1.3.4: HTML Injection Curesec Research Team (CRT)
Time-based SQL Injection in Admin panel UliCMS <= v9.8.1 Manuel Garcia Cardenas
GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Sensitive Info Vulnerabilities Karn Ganeshen
MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS Onur Yilmaz
ASUS RT-N56U Persistent XSS graphx
DLink DVG­N5402SP Multiple Vulnerabilities Karn Ganeshen
Sauter ModuWEB Vision SCADA vulnerabilities Martin Jartelius
Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability David Coomber
[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 Pedro Ribeiro
CALL FOR PAPERS - FAQin Congress - Madrid Esteban Dauksis
Apple Software Update 2.1.3 (Windows) Remote Command Execution. Rio Sherri
A tale of openssl_seal(), PHP and Apache2handle s3810
ArpON (ARP handler inspection) 3.0-ng release Andrea Di Pasquale

Thursday, 04 February

Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass Vulnerability Lab
NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers Kyriakos Economou
osTicket multiple vulnerabilities Giovanni Cerrato
Netgear RP614v3 : Authentication Bypass fulldisclosure
Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege Stefan Kanthak

Monday, 08 February

JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability Vulnerability Lab
Getdpd BB #3 - Persistent Cross Site Scripting Vulnerability Vulnerability Lab
Getdpd BB #5 - Persistent Filename Vulnerability Vulnerability Lab
Getdpd BB #4 - (name) Persistent Validation Vulnerability Vulnerability Lab
Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability Vulnerability Lab
Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities Vulnerability Lab
PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities Vulnerability Lab

Wednesday, 10 February

SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities SEC Consult Vulnerability Lab
File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab
MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability Vulnerability Lab
Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability Vulnerability Lab
Apache Sling Framework v2.3.6 (Adobe AEM) [CVE-2016-0956] - Information Disclosure Vulnerability Vulnerability Lab
NPS Datastore server DLL side loading vulnerability Securify B.V.
BDA MPEG2 Transport Information Filter DLL side loading vulnerability Securify B.V.
MapsUpdateTask Task DLL side loading vulnerability Securify B.V.
Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities Securify B.V.
D-Link router DSL-2750B firmware 1.01 to 1.03 - remote command execution no auth required p
[CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox Stefan Kanthak
Multiple vulnerabilities in Open Real Estate v 1.15.1 Simon Waters (Surevine)
SerVision HVG - Hardcoded password Richard Tafoya
Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege Stefan Kanthak
Poor UX in Asus routers can leave the web UI unintentionally exposed to the Internet David Longenecker
CVE-2016-2046 Cross Site Scripting in Sophos UTM 9 Mike Lisi
VP2016-001: Remote Command Execution in File Replication Pro Vantage Point Security
Re: Netgear GS105Ev2 - Multiple Vulnerabilities Nick Boyce

Friday, 12 February

HD Video Player v2.5 iOS - Multiple Web Vulnerabilities Vulnerability Lab
KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution KoreLogic Disclosures
Serena Business Manager < 10.01 DOM XSS Vulnerability Cosmin Maier
RVAsec 2016 CFP is now Open! Sullo
BSides Hannover 2016 Daniel Busch
Point of Sale WinREST machines remote privilege escalation Vitor Silva
[ERPSCAN-15-031] SAP MII – Encryption Downgrade vulnerability ERPScan inc
[ERPSCAN-15-032] SAP PCo agent – DoS vulnerability ERPScan inc

Tuesday, 16 February

Redaxo CMS contains multiple vulnerabilities LSE-Advisories
Browser Security Tool: HTTPS Only (Why, How, Open Source, Python) David Leo
Packet Hacking Village Speaker Workshops at DEF CON 24 CFP Now Open (Modified) Ming
Tiny Tiny RSS Blind SQL Injection Kacper Szurek
Re: [oss-security] HTTPS Only (Open Source, Python) P J P
BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware Blue Frost Security Research Lab
Re: Point of Sale WinREST machines remote privilege escalation Douglas Held
Re: Point of Sale WinREST machines remote privilege escalation Vítor Hugo Silva
Re: Point of Sale WinREST machines remote privilege escalation Duarte Silva

Thursday, 18 February

Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability Necmettin COŞKUN
CVE-2016-2046 Cross Site Scripting in Sophos UTM 9 Mike Lisi
Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities Sandeep Kamble
Cisco ASA VPN - Zero Day Exploit Juan Sacco
EBAY Bugbounty: Persistent DOM Based XSS on ebay.com Alexander Korznikov

Friday, 19 February

ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability Vulnerability Lab
ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability Vulnerability Lab
Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability Vulnerability Lab
Investors Application - Client Side Cross Site Scripting Vulnerability Vulnerability Lab
Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability Vulnerability Lab
Chamilo LMS - Persistent Cross Site Scripting Vulnerability Vulnerability Lab
Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities Vulnerability Lab

Monday, 22 February

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab
Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities Vulnerability Lab
Re: Cisco ASA VPN - Zero Day Exploit Joey Maresca
Avast Virtualization Driver - Elevation Of Privileges Kyriakos Economou
BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS Adrian Hayes
PLANET IP Surveillance camera Multiple Vulnerabilities 0rwell Labs
ferretCMS– Multiple Cross-Site Scripting Vulnerabilities Sachin Wagh
Re: Cisco ASA VPN - Zero Day Exploit Mark-David McLaughlin (marmclau)
Vulnerability in WebSVN 2.3.3 Etnies
CVE Request: Fiyo CMS 2.0.2.1 - Multiple Persistent XSS Vulnerabilities Himanshu Mehta
Re: Cisco ASA VPN - Zero Day Exploit Daniel Hadfield
Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability Vulnerability Lab

Tuesday, 23 February

InstantCoder v1.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab
Prezi Bug Bounty #7 - (Charts) Persistent Vulnerability Vulnerability Lab
[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability Egidio Romano

Wednesday, 24 February

eFront Learning 3.6.15.6 CMS - (Forum) Persistent Title Web Vulnerability Vulnerability Lab
eFront 3.6.15.6 CMS – (Message Attachment) Persistent Cross Site Scripting Vulnerability Vulnerability Lab
GTA Firewall GB-OS v6.2.02 - Filter Bypass & Persistent Vulnerability Vulnerability Lab

Thursday, 25 February

CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM) Alexandre Herzog
CSNC-2016-001 - XSS in OpenAM Alexandre Herzog
CSNC-2016-002 - Open Redirect in OpenAM Alexandre Herzog
Ubiquiti Networks UniFi v3.2.10 Generic CSRF Protection Bypass Julien Ahrens
CVE ID Request : Centreon remote code execution Sysdream Labs
CVE ID Request : Proxmox VE Insecure hostname checking (remote root exploit) Sysdream Labs
CVE-2015-6541 : Multiple CSRF in Zimbra Mail interface Sysdream Labs
D-Link, Netgear Router Vulnerabiltiies Dominic Chen
XSSer v1.7b: "ZiKA-47 Swarm!" released.... psy
Re: Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege Jernej Simončič
Re: Cisco ASA VPN - Zero Day Exploit Joey Maresca
Hacking Passwords, Lesson 11, Available Now! Pete Herzog
[CVE-2015-5345] Information disclosure vulnerability in Apache Tomcat Mark Koek
Various Linux Kernel USERNS Issues halfdog
Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege Stefan Kanthak
Re: Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege Stefan Kanthak
Executable installers are vulnerable^WEVIL (case 4): InstallShield's wrapper and setup.exe Stefan Kanthak

Monday, 29 February

WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab
Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability Vulnerability Lab
PreviousPrevious period
Next periodNext