Full Disclosure: by thread
108 messages
starting May 01 17 and
ending May 29 17
Date index |
Thread index |
Author index
- Re: SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options Securify B.V. (May 01)
- Super File Explorer 1.0.1 - Arbitrary File Upload Vulnerability Vulnerability Lab (May 03)
- Icecream v4.53 & Pro - File Permission Privilege Escalation Vulnerability Lab (May 03)
- Hola VPN v1.34 - Privilege Escalation Vulnerability Vulnerability Lab (May 03)
- Joomla com_tag v1.7.6 - (tag) SQL Injection Vulnerability Vulnerability Lab (May 03)
- Re: Joomla com_tag v1.7.6 - (tag) SQL Injection Vulnerability Brandon Perry (May 04)
- Arachni v1.5-0.5.11 - Persistent Cross Site Vulnerability Vulnerability Lab (May 03)
- Zenario v7.6 - Persistent Cross Site Scripting Vulnerability Vulnerability Lab (May 03)
- Zenario v7.6 - (Delete) Persistent Cross Site Vulnerability Vulnerability Lab (May 03)
- Re: 360 security android app snoops data to China Unicom network via insecure HTTP Daniel Wood (May 04)
- [oss-security]Sourcetree arbitrary command execution 洪宇 (May 04)
- [CVE-2017-6086] Multiple CSRF vulnerabilities in ViMbAdmin version 3.0.15 Sysdream Labs (May 04)
- [CVE-2017-5870] Multiple XSS vulnerabilities in ViMbAdmin Sysdream Labs (May 04)
- DefenseCode ThunderScan SAST Advisory: WordPress Facebook Plugin SQL Injection Vulnerability DefenseCode (May 04)
- DefenseCode ThunderScan SAST Advisory: WordPress Spider Event Calendar Plugin SQL Injection Vulnerability DefenseCode (May 04)
- DefenseCode ThunderScan SAST Advisory: WordPress WebDorado Gallery Plugin SQL Injection Vulnerability DefenseCode (May 04)
- SSD Advisory – Serviio Media Server Multiple Vulnerabilities Maor Shwartz (May 04)
- https://blogs.securiteam.com/index.php/archives/3171 Maor Shwartz (May 04)
- Aleph Research: Google Nexus 9 Cypress SAR Firmware Injection via I2C (CVE-2017-0563) Roee Hay (May 04)
- ES File Explorer android app snoops data to China Unicom network via insecure HTTP seclists (May 04)
- Re: 360 security android app snoops data to China Unicom network via insecure HTTP seclists () email tg (May 04)
- <Possible follow-ups>
- Re: 360 security android app snoops data to China Unicom network via insecure HTTP Craig Young (May 07)
- Executable installers are vulnerable^Wdefective^WEVIL (case 49): xampp-win32-7.1.1-0-VC14-installer.exe allows escalation of privilege Stefan Kanthak (May 05)
- CSRF in wordpress plugin clean login allows remote attacker change wordpress login redirect url or logout redirect url to evil address Zeng Wester (May 09)
- Aleph Research: Google Nexus 9 SensorHub Firmware Downgrade Vulnerability (CVE-2017-0582) Roee Hay (May 09)
- CSRF/Stored XSS in MSMC – Redirect After Comment could allow unauthenticated individuals to do almost anything (WordPress plugin) dxw Security (May 09)
- Veritas Netbackup v8.0 - Multiple Vulnerabilities Sven Blumenstein via Fulldisclosure (May 09)
- SEC Consult SA-20170509-0 :: Multiple vulnerabilities in I, Librarian PDF manager SEC Consult Vulnerability Lab (May 09)
- Numerous FreeTDS crashes fixed on master Brandon Perry (May 09)
- Re: Numerous FreeTDS crashes fixed on master Brandon Perry (May 10)
- Re: Numerous FreeTDS crashes fixed on master Brandon Perry (May 11)
- SEC Consult SA-20170510-0 :: Insecure Handling Of URI Schemes in Microsoft OneDrive iOS App SEC Consult Vulnerability Lab (May 10)
- [CORE-2017-0001] - SAP SAPCAR Heap Based Buffer Overflow Vulnerability Core Security Advisories Team (May 10)
- [FOXMOLE SA 2017-02-23] Dolibarr ERP & CRM - Multiple Issues FOXMOLE Advisories (May 10)
- QNAP PhotoStation 5.2.4 and MusicStation 4.8.4 Authentication Bypass Kacper Szurek (May 10)
- Gemalto SmartDiag Diagnosis Tool <= v2.5 - Buffer Overflow - SEH Overwrite - Code Execution Majid Alqabandi (May 10)
- Multiple Vulnerabilities in ASUS Routers [CVE-2017-5891 and CVE-2017-5892] Nightwatch Cybersecurity Research (May 10)
- SEC Consult SA-20170511-0 :: Stack-based buffer overflow vulnerability in Guidance Software EnCase Forensic Imager SEC Consult Vulnerability Lab (May 11)
- trashbilling.com and Trashflow 3.0.0 Multiple Issues g00se--- via Fulldisclosure (May 11)
- DefenseCode ThunderScan SAST Advisory: WordPress Tracking Code Manager Plugin Multiple Security Vulnerabilities DefenseCode (May 11)
- DefenseCode WebScanner DAST Advisory: WordPress User Access Manager Plugin Security Vulnerability DefenseCode (May 11)
- DefenseCode ThunderScan SAST Advisory: GOOGLE google-api-php-client Multiple Security Vulnerabilities DefenseCode (May 11)
- CVE-2017-8798 - miniupnpc integer signedness error when parsing a chunked encoded http response oststrom (public) (May 12)
- Multiple crashes in OpenEXR Brandon Perry (May 15)
- Message not available
- Message not available
- Re: [oss-security] Multiple crashes in OpenEXR Brandon Perry (May 22)
- Message not available
- Message not available
- Ceragon FibeAir IP-10 Hidden User Backdoor Ian Ling via Fulldisclosure (May 19)
- Re: [oss-security] Dolibarr ERP & CRM - Multiple Issues Brandon Perry (May 19)
- Re: CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal hyp3rlinx (May 22)