Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

99 messages starting Jan 17 17 and ending Jan 27 17
Date index | Thread index | Author index

Andraz Sraka

Security BSides Ljubljana 0x7E1 CFP - March 10, 2017 Andraz Sraka (Jan 17)

Andreas Stieger

Re: [oss-security] Docker 1.12.6 - Security Advisory Andreas Stieger (Jan 11)

Apple Product Security

APPLE-SA-2017-01-23-2 macOS 10.12.3 Apple Product Security (Jan 23)
APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5 Apple Product Security (Jan 24)
APPLE-SA-2017-01-23-6 iCloud for Windows 6.1.1 Apple Product Security (Jan 23)
APPLE-SA-2017-01-23-4 tvOS 10.1.1 Apple Product Security (Jan 23)
APPLE-SA-2017-01-18-2 Logic Pro X 10.3 Apple Product Security (Jan 19)
APPLE-SA-2017-01-23-5 Safari 10.0.3 Apple Product Security (Jan 23)
APPLE-SA-2017-01-23-1 iOS 10.2.1 Apple Product Security (Jan 23)
APPLE-SA-2017-01-18-1 GarageBand 10.1.5 Apple Product Security (Jan 19)
APPLE-SA-2017-01-23-3 watchOS 3.1.3 Apple Product Security (Jan 23)

bashis

Re: 0-day: QNAP NAS Devices suffer of heap overflow bashis (Jan 03)
Re: 0-day: QNAP NAS Devices suffer of heap overflow bashis (Jan 03)
0-day: QNAP NAS Devices suffer of heap overflow bashis (Jan 03)

Black Arch

New BlackArch Linux ISOs (2017.01.28) released! Black Arch (Jan 30)

Celso Bento

Hotlinking Vulnerability in PHProxy 0.5b2 Celso Bento (Jan 09)

Curesec Research Team (CRT)

Tap 'n' Sniff Curesec Research Team (CRT) (Jan 19)

Daemon Tamer

BSides Las Vegas 2017 CFP is open. Daemon Tamer (Jan 09)

Daniel Busch

BSidesHannover 2017! Daniel Busch (Jan 30)

Daniel Elebash

Digital Ocean ssh key authentication security risk -- password authentication is re-enabled Daniel Elebash (Jan 27)
Re: Digital Ocean ssh key authentication security risk -- password authentication is re-enabled Daniel Elebash (Jan 30)

David Black

Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software David Black (Jan 06)

Dawid Golunski

Zend Framework / zend-mail < 2.4.11 Remote Code Execution (CVE-2016-10034) Dawid Golunski (Jan 03)
Nginx (Debian-based + Gentoo distros) - Root Privilege Escalation [CVE-2016-1247 UPDATE] Dawid Golunski (Jan 13)

Diego

New exploit for new vulnerability in WordPress Plugin + tutorial Diego (Jan 17)

Ding Dong

Re: Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution Ding Dong (Jan 23)

dxw Security

CSRF/XSS in Responsive Poll allows unauthenticated attackers to do almost anything an admin can (WordPress plugin) dxw Security (Jan 10)
Stop User Enumeration does not stop user enumeration (WordPress plugin) dxw Security (Jan 04)

ERPScan inc

[ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 - INFORMATION DISCLOSURE ERPScan inc (Jan 19)
[ERPSCAN-16-036] SAP ASE ODATA SERVER - DENIAL OF SERVICE ERPScan inc (Jan 19)
[ERPSCAN-17-005] Oracle PeopleSoft - XSS vulnerability CVE-2017-3300 ERPScan inc (Jan 23)
CVE-2017-3241 - [ERPSCAN-17-006] Oracle OpenJDK - Java Serialization DoS ERPScan inc (Jan 23)

Estación Informática

CALL FOR PAPERS - br3aking c0de Estación Informática (Jan 19)

Fabian Fingerle

enigma2-plugin-extensions-webadmin Remote Code Execution (IoT) Fabian Fingerle (Jan 09)

Fernando Gont

ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers) Fernando Gont (Jan 12)
New mailing-list on IoT hacking Fernando Gont (Jan 23)

Fernando Mercês

pev 0.80 released Fernando Mercês (Jan 09)

filipe

Advisories Unsafe Dll in Audacity, telegram and Akamai filipe (Jan 03)

gp

Re: Digital Ocean ssh key authentication security risk -- password authentication is re-enabled gp (Jan 30)

hyp3rlinx

PEAR Base System v1.10.1 Arbitrary File Download hyp3rlinx (Jan 31)

Ian Ling

Trango Altum AC600 Default root Login Ian Ling (Jan 06)

Jens Müller

Hacking Printers Advisory 1/6: PostScript printers vulnerable to print job capture Jens Müller (Jan 30)
Hacking Printers Advisory 3/6: Brother printers vulnerable to memory access via PJL commands Jens Müller (Jan 30)
Hacking Printers Advisory 4/6: Multiple vendors buffer overflow in LPD daemon and PJL interpreter Jens Müller (Jan 30)
Hacking Printers Advisory 2/6: Various HP/OKI/Konica printers file/password disclosure via PostScript/PJL Jens Müller (Jan 30)
Hacking Printers Advisory 6/6: Multiple vendors physical NVRAM damage via PJL commands Jens Müller (Jan 30)
Hacking Printers Advisory 5/6: HP printers restoring factory defaults through PML commands Jens Müller (Jan 30)

jlss

Persisted Cross-Site Scripting (XSS) in Confluence Jira Software jlss (Jan 03)
Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software jlss (Jan 06)

Joxean Koret

EuskalHack Security Congress CFP Joxean Koret (Jan 17)

Julien Ahrens

[RCESEC-2016-012] Mattermost <= 3.5.1 "/error" Unauthenticated Reflected Cross-Site Scripting / Content Injection Julien Ahrens (Jan 19)

Kacper Szurek

WD My Cloud Mirror 2.11.153 RCE and Authentication Bypass Kacper Szurek (Jan 24)

Kurt Seifried

Re: [oss-security] Docker 1.12.6 - Security Advisory Kurt Seifried (Jan 10)

Luiz Eduardo

YSTS 11th Edition - CFP Luiz Eduardo (Jan 06)

Matteo Beccati

[REVIVE-SA-2017-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati (Jan 31)

Moritz Naumann

Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software Moritz Naumann (Jan 04)

Nathan McCauley

Docker 1.12.6 - Security Advisory Nathan McCauley (Jan 10)

Netgear Security

Re: [0-day] RCE and admin credential disclosure in NETGEAR WNR2000 Netgear Security (Jan 31)

Nguyen Anh Quynh

Announce Keypatch v2.1, a better assembler for IDA Pro! Nguyen Anh Quynh (Jan 18)

Olivier Bilodeau

Re: Announcing NorthSec 2017 CFP + Reg - Montreal, May 16-21 Olivier Bilodeau (Jan 30)

Open Security

Multiple vulnerabilities in cPanel <= 60.0.34 Open Security (Jan 12)

Patrick

Persistent XSS in Ghost 0.11.3 Patrick (Jan 19)

Pedro Ribeiro

Multiple RCE in ZyXEL / Billion / TrueOnline routers Pedro Ribeiro (Jan 17)
Re: [0-day] RCE and admin credential disclosure in NETGEAR WNR2000 Pedro Ribeiro (Jan 30)

psy

CINtruder v0.3 released... psy (Jan 03)

Roberto Soares

Reflected Cross-Site Scripting (XSS) in Atlassian Jira Software Roberto Soares (Jan 17)

Russell Sanford

Sophos Web Appliance - Block & Unblock IPs Remote Command Injection (CVE-2016-9553) Russell Sanford (Jan 30)

Sandra Evans

Call for Papers: DigitalSec2017 in Kuala Lumpur, Malaysia on July 11-13, 2017 Sandra Evans (Jan 26)

SEC Consult Vulnerability Lab

SEC Consult SA-20170130-0 :: XSS & CSRF in multiple Ubiquiti Networks products SEC Consult Vulnerability Lab (Jan 30)
SEC Consult SA-20170117-0 :: XSS in Recommend Page extension for TYPO3 CMS (pb_recommend_page) SEC Consult Vulnerability Lab (Jan 17)

Simon Bieber

secuvera-SA-2017-01: Privilege escalation in an OPSI Managed Client environment ("rise of the machines") Simon Bieber (Jan 30)

Sparc Flow

Free ebook to learn ethical hacking techniques Sparc Flow (Jan 30)

Stefan Kanthak

Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution Stefan Kanthak (Jan 22)
Executable installers are vulnerable^WEVIL (case 44): SoftMaker's FlexiPDF installers allow escalation of privilege Stefan Kanthak (Jan 15)
Re: Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution Stefan Kanthak (Jan 24)
Executable installers are vulnerable^WEVIL (case 45): ReadPDF's installers allow escalation of privilege Stefan Kanthak (Jan 03)
Executable installers are vulnerable^WEVIL (case 43): SoftMaker's Office service pack installers allow escalation of privilege Stefan Kanthak (Jan 03)
Executable installers are vulnerable^WEVIL (case 47): Heimdal Security's SetupLauncher vulnerable to DLL hijacking Stefan Kanthak (Jan 31)

Sullo

RVAsec 2017 Call for Presentations Sullo (Jan 23)

Summer of Pwnage

Cross-Site Request Forgery vulnerability in FormBuilder WordPress Plugin allows plugin permissions modification Summer of Pwnage (Jan 28)
InfiniteWP Client WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Jan 25)
Persistent Cross-Site Scripting vulnerability in User Access Manager WordPress Plugin Summer of Pwnage (Jan 28)
Multiple blind SQL injection vulnerabilities in FormBuilder WordPress Plugin Summer of Pwnage (Jan 28)
Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Jan 25)
CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Jan 25)

Sysdream Labs

[CVE-2016-3403] [Zimbra] Multiple CSRF in Administration interface - all versions Sysdream Labs (Jan 12)

Taoguang Chen

GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability] Taoguang Chen (Jan 22)

Vic Vandal

CarolinaCon-13 - May 2017 - Call for Papers/Presenters and Attendees Vic Vandal (Jan 06)

Vulnerability Lab

Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability Vulnerability Lab (Jan 11)
Huawei Flybox B660 - (POST Reboot) CSRF Vulnerability Vulnerability Lab (Jan 11)
BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability Vulnerability Lab (Jan 11)
Huawei Flybox B660 - (POST SMS) CSRF Web Vulnerability Vulnerability Lab (Jan 16)
Apple (iTunes Notify) - Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Jan 16)
Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability Vulnerability Lab (Jan 11)
Boxoft Wav v1.1.0.0 - Buffer Overflow Vulnerability Vulnerability Lab (Jan 11)
Bit Defender #39 - Auth Token Bypass Vulnerability Vulnerability Lab (Jan 11)
Apple iOS 10.2 (Notify - iTunes) - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Jan 20)
Salesforce (Event Registration) - Persistent Vulnerability Vulnerability Lab (Jan 16)

Wolfgang

Privilege Escalation in VirtualBox (CVE-2017-3316) Wolfgang (Jan 27)

Previous period

Next period