Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

46 messages starting Jun 01 18 and ending Jun 08 18
Date index | Thread index | Author index

Aleix Sala Bach

DisplayLink Installer 8.2.1956 DLL Hijack to privilege escalation CVE-2018-7884 Aleix Sala Bach (Jun 01)

Apple Product Security

APPLE-SA-2018-06-01-7 iTunes 12.7.5 for Windows Apple Product Security (Jun 05)
APPLE-SA-2018-06-13-01 Xcode 9.4.1 Apple Product Security (Jun 14)
APPLE-SA-2018-06-01-4 iOS 11.4 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-3 iCloud for Windows 7.5 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-5 watchOS 4.3.1 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-2 Safari 11.1.1 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-6 tvOS 11.4 Apple Product Security (Jun 05)
APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan Apple Product Security (Jun 05)

Asterisk Security Team

AST-2018-008: PJSIP endpoint presence disclosure when using ACL Asterisk Security Team (Jun 11)
AST-2018-007: Infinite loop when reading iostreams Asterisk Security Team (Jun 11)

Black Arch

New BlackArch Linux ISOs+OVA Image (2018.06.01, high-quality) Released! Black Arch (Jun 01)

Branco, Rodrigo

CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018 Branco, Rodrigo (Jun 14)

David Fifield

CSRF on piazza.com (fixed as of 2018-06-01) David Fifield (Jun 01)

Defense Code

DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities (XSS and SQLi) Defense Code (Jun 14)
DefenseCode ThunderScan SAST Advisory: WordPress Contact Form Maker Plugin Multiple Security Vulnerabilities Defense Code (Jun 08)
DefenseCode ThunderScan SAST Advisory: WordPress WP Google Map Plugin Multiple SQL injection Security Vulnerabilities Defense Code (Jun 14)
DefenseCode ThunderScan SAST Advisory: WordPress Form Maker Plugin Multiple Security Vulnerabilities Defense Code (Jun 08)

dxw Security

ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem (WordPress plugin) dxw Security (Jun 12)
CSRF in Tooltipy (tooltips for WP) could allow anybody to duplicate posts (WordPress plugin) dxw Security (Jun 12)
Unserialization vulnerability in Redirection could allow admin to execute arbitrary code in some circumstances (WordPress plugin) dxw Security (Jun 15)
Reflected XSS in Tooltipy (tooltips for WP) could allow anybody to do almost anything an admin can (WordPress plugin) dxw Security (Jun 12)

EdTech Secure via Fulldisclosure

ClassLink browser extension vulnerable to UXSS; ClassLink Agent vulnerable to Remote Code Execution. EdTech Secure via Fulldisclosure (Jun 08)

EMC Product Security Response Center

DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities EMC Product Security Response Center (Jun 14)
DSA-2018-085: RSA Web Threat Detection SQL Injection Vulnerability EMC Product Security Response Center (Jun 01)

Harry Sintonen

MagniComp SysInfo Information Exposure [CVE-2018-7268] Harry Sintonen (Jun 19)

Hate Shape

Multiple Automated Logic Corporation WebCTRL XML External Entity Injection (CVE-2018-8819) Hate Shape (Jun 08)

Ismail Doe

ESPN Reflected XSS Ismail Doe (Jun 08)

Manuel Garcia Cardenas

WordPress Plugin Pie Register 3.0.9 - Blind SQL Injection Manuel Garcia Cardenas (Jun 14)

Michael Rossberg

Multiple Security Issues in Ecos Secure Boot Stick (SBS) Michael Rossberg (Jun 14)

MustLive

Vulnerabilities in TP-Link TL-WR841N and TL-WR841ND MustLive (Jun 01)

Open-Xchange GmbH

Open-Xchange Security Advisory 2018-06-08 Open-Xchange GmbH (Jun 08)

oststrom (public)

CVE-2018-10058 and CVE-2018-10057 - cgminer <=4.10.0 and bfgminer <=5.5.0 remote management api post-auth buffer overflow and path traversal oststrom (public) (Jun 05)

RYT

XSS in Canopy login page RYT (Jun 19)

Security Explorations

[SRP-2018-01] Reverse engineering tools for ST DVB chipsets (public release) Security Explorations (Jun 08)

Simon Waters

Re: Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) Simon Waters (Jun 08)

Vangelis Stykas

Tapplock api multiple vulnerabilities Vangelis Stykas (Jun 16)

Vulnerability Report

Major Vulnerabilities in Foscam IP Cameras Vulnerability Report (Jun 08)

Williams, Ken

CA20180614-01: Security Notice for CA Privileged Access Manager Williams, Ken (Jun 16)

yavuz atlas

Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) CVE-2018-11689 yavuz atlas (Jun 14)
Gridbox extension for Joomla! <= 2.4.0 Reflected Cross Site Scripting (XSS) yavuz atlas (Jun 08)
Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) yavuz atlas (Jun 05)

熊文彬

libfsntfs 20180420 vulns 熊文彬 (Jun 08)
libpff 20180428 vulnerability 熊文彬 (Jun 08)
liblnk 20180419 vulns 熊文彬 (Jun 14)
libmobi 0.3 vulnerabilities 熊文彬 (Jun 08)

Previous period

Next period