Full Disclosure: by author
97 messages
starting Mar 20 16 and
ending Mar 09 16
Date index |
Thread index |
Author index
0x3d5157636b525761 iddqd
Netgear DGNv2200 multiple vulnerabilities (Bezeq firmware) 0x3d5157636b525761 iddqd (Mar 20)
A novel persistent injection to Windows machines 0x3d5157636b525761 iddqd (Mar 20)
AsusTEK asio.sys unsafe operation 0x3d5157636b525761 iddqd (Mar 20)
Agazzini Maurizio
McAfee VirusScan Enterprise security restrictions bypass Agazzini Maurizio (Mar 04)
Ajin Abraham
Releasing Mobile Security Framework (MobSF) v0.9 Ajin Abraham (Mar 14)
alendal
Vipps by DNB for Android - cryptographic vulnerabilities alendal (Mar 03)
Andrew Deck
Re: Security contact @ Gigabyte Andrew Deck (Mar 14)
Apple Product Security
APPLE-SA-2016-03-21-1 iOS 9.3 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-7 OS X Server 5.1 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-6 Safari 9.1 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-3 tvOS 9.2 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-4 Xcode 7.3 Apple Product Security (Mar 23)
APPLE-SA-2016-03-21-2 watchOS 2.2 Apple Product Security (Mar 23)
Benedikt Westermann
Re: Netgear GS105Ev2 - Multiple Vulnerabilities Benedikt Westermann (Mar 09)
Berend-Jan Wever
Microsoft Edge CDOMTextNode::get_data type confusion Berend-Jan Wever (Mar 12)
CORE Advisories Team
[CORE-2016-0004] - SAP Download Manager Password Weak Encryption CORE Advisories Team (Mar 09)
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CORE Advisories Team (Mar 16)
[CORE-2016-0003] - Samsung SW Update Tool MiTM CORE Advisories Team (Mar 09)
cr0hn
New Security Tool: Enteletaor - Broker & MQ Injection tool cr0hn (Mar 17)
Curesec Research Team (CRT)
BigTree 4.2.8: Object Injection & Improper Filename Sanitation Curesec Research Team (CRT) (Mar 17)
Zenphoto 1.4.11: RFI Curesec Research Team (CRT) (Mar 17)
PivotX 2.3.11: Reflected XSS Curesec Research Team (CRT) (Mar 17)
PivotX 2.3.11: Directory Traversal Curesec Research Team (CRT) (Mar 17)
PivotX 2.3.11: Code Execution Curesec Research Team (CRT) (Mar 17)
Daniel Jensen
Kaltura Community Edition Multiple Vulnerabilities Daniel Jensen (Mar 12)
David Coomber
Panda SM Manager iOS Application - MITM SSL Certificate Vulnerability David Coomber (Mar 03)
David Leo
HTTPS Only 3.1 (Detailed Analysis, Browser Security, Open Source, Python) David Leo (Mar 23)
Browser Security Tool: HTTPS Only 2.1 (Major Release, Open Source, Python) David Leo (Mar 03)
Dawid Golunski
Exim < 4.86.2 Local Root Privilege Escalation Dawid Golunski (Mar 12)
Re: Exim < 4.86.2 Local Root Privilege Escalation Dawid Golunski (Mar 14)
Egidio Romano
Hacking Magento eCommerce For Fun And 17.000 USD Egidio Romano (Mar 03)
Hacking Magento eCommerce For Fun And 17.000 USD Egidio Romano (Mar 03)
Fyodor
Re: Security contact @ Gigabyte Fyodor (Mar 14)
Genevieve Southwick
[CFP] BSides Las Vegas Genevieve Southwick (Mar 14)
Gustavo Sorondo
Re: Security contact @ Gigabyte Gustavo Sorondo (Mar 14)
Security contact @ Gigabyte Gustavo Sorondo (Mar 09)
Himanshu Mehta
CVE Request: Fiyo CMS 2.0.6.1 - Multiple XSS Vulnerabilities Himanshu Mehta (Mar 03)
INTREST SEC
CVE-2016-3115 - OpenSSH <=7.2p1 xauth injection INTREST SEC (Mar 14)
CVE-2016-3116 - Dropbear SSH xauth injection INTREST SEC (Mar 14)
Javier Nieto
FortiOS (Fortinet) - Open Redirect and Cross Site Scripting Javier Nieto (Mar 20)
Jeffrey Walton
Re: Security contact @ Gigabyte Jeffrey Walton (Mar 14)
Re: Security contact @ Gigabyte Jeffrey Walton (Mar 14)
Jesse Jacobs
Latest Tegile security updates include tomcat examples package containing many security flaws. Jesse Jacobs (Mar 14)
Jonathan Brossard
Shakacon 2016 CFP - July 11-14 / Hawaii Jonathan Brossard (Mar 03)
jungle Boogie
Re: [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow jungle Boogie (Mar 17)
Karn Ganeshen
Schneider Electric Building Operation Automation Server Multiple Vulnerabilities Karn Ganeshen (Mar 03)
WAGO IO PLC 758-870, 750-849, 750-849 vulnerabilities Karn Ganeshen (Mar 03)
Laël Cellier
server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier (Mar 17)
Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier (Mar 20)
loon
Re: Exim < 4.86.2 Local Root Privilege Escalation loon (Mar 14)
Re: Exim < 4.86.2 Local Root Privilege Escalation loon (Mar 14)
LSE-Advisories
LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities LSE-Advisories (Mar 08)
Matteo Beccati
[REVIVE-SA-2016-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati (Mar 03)
Mustafa Al-Bassam
Re: Security contact @ Gigabyte Mustafa Al-Bassam (Mar 12)
MustLive
Vulnerabilities in Mobile Safari MustLive (Mar 03)
Nick Boyce
Re: Netgear GS105Ev2 - Multiple Vulnerabilities Nick Boyce (Mar 04)
op7ic \x00
Open Vulnerablity ID tracker instead of CVE. Maybe op7ic \x00 (Mar 09)
oststrom (public)
CVE-2016-2563 - PuTTY/PSCP <=0.66 buffer overflow - vuln-pscp-sink-sscanf oststrom (public) (Mar 09)
paul . szabo
Netgear CG3000 modem/router set password vulnerability paul . szabo (Mar 14)
Rafa Sanchez
New Security Tool: MrLooquer - IPv6 Intelligence Rafa Sanchez (Mar 09)
RedTeam Pentesting GmbH
[RT-SA-2016-002] Cross-site Scripting in Securimage 3.6.2 RedTeam Pentesting GmbH (Mar 22)
rotem kerner
Remote Code Execution in DVR affecting over 70 different vendors rotem kerner (Mar 23)
Ryan Dewhurst
[CFP] EuskalHack (San Sebastian / Donostia) 2016 Ryan Dewhurst (Mar 03)
Sachin Wagh
WordPress Bulletproof Security Plugin Multiple Cross Site Scripting Vulnerabilities Sachin Wagh (Mar 17)
Sean Wright
Facebook Messenger (iOS) Certificate Validation Vulnerability Sean Wright (Mar 23)
Sebastian Perez
Thomson TWG850 Wireless Router Multiple Vulnerabilities Sebastian Perez (Mar 09)
SECUPENT Research Center
Achievo Cross Site Scripting vulnerability SECUPENT Research Center (Mar 20)
DORG - Disc Organization System SQL Injection And Cross Site Scripting SECUPENT Research Center (Mar 20)
Securify B.V.
Re: Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 09)
Windows Mail Find People DLL side loading vulnerability Securify B.V. (Mar 08)
Security Explorations
[SE-2012-01] Broken security fix in Oracle Java SE 7/8/9 Security Explorations (Mar 09)
Stefan Kanthak
Re: Windows Mail Find People DLL side loading vulnerability Stefan Kanthak (Mar 09)
Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing Stefan Kanthak (Mar 17)
Executable installers are vulnerable^WEVIL (case 32): Comodo's installers allow arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 23)
Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 09)
Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 09)
Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak (Mar 04)
Steffen Rogge
Wordpress Configuration Error on XDA-Developers.com led to full Web-Server Access and shut down website Steffen Rogge (Mar 12)
Sysdream Labs
Netgear ReadyNAS Surveillance: Unauthenticated Remote Command Execution Sysdream Labs (Mar 12)
VMware Security Response Center
NEW VMSA-2016-0003 - VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues VMware Security Response Center (Mar 15)
Vulnerability Lab
ChitaSoft (Web-Application) - SQL Injection Vulnerability Vulnerability Lab (Mar 14)
Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability Vulnerability Lab (Mar 31)
Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Vulnerability Lab (Mar 07)
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability Vulnerability Lab (Mar 14)
Patron Info System - SQL Injection Vulnerability Vulnerability Lab (Mar 31)
WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Mar 31)
Docker UI v0.10.0 - Multiple Persistent Vulnerabilities Vulnerability Lab (Mar 31)
PayPal Bug Bounty #121 - (Profile) Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Mar 30)
Dorsa Web CMS - Multiple SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Python v2.7 v1.5.4 iOS - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Mar 31)
Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities Vulnerability Lab (Mar 31)
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability Vulnerability Lab (Mar 14)
Hi Technology & Services CMS - SQL Injection Vulnerabilities Vulnerability Lab (Mar 31)
Weidenhamer, Andrew
OWASP AppSec USA 2016 Call for Papers Released Weidenhamer, Andrew (Mar 17)
X41 D-Sec GmbH Advisories
Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" X41 D-Sec GmbH Advisories (Mar 09)