Full Disclosure: by author
79 messages
starting Mar 23 18 and
ending Mar 13 18
Date index |
Thread index |
Author index
Agostino Panico
BSidesMilano Event and CFP Agostino Panico (Mar 23)
Alex BALAN
Re: BitDefender Total Security 2018 - Insecure Pipe Permissions Alex BALAN (Mar 13)
Apple Product Security
APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-3 tvOS 11.3 Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-1 iOS 11.3 Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-4 Xcode 9.3 Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-6 Safari 11.1 Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-2 watchOS 4.3 Apple Product Security (Mar 30)
APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows Apple Product Security (Mar 30)
Core Security Advisories Team
[CORE-2018-0003] MikroTik RouterOS SMB Buffer Overflow Core Security Advisories Team (Mar 15)
Cristiano Maruti
Tuleap SQL Injection Cristiano Maruti (Mar 09)
Defense Code
DefenseCode Security Advisory: Magento Stored Cross-Site Scripting – Downloadable Products Defense Code (Mar 06)
DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities Defense Code (Mar 06)
DefenseCode Security Advisory: Magento Stored Cross-Site Scripting – Product Attributes Defense Code (Mar 06)
DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery Defense Code (Mar 06)
EMC Product Security Response Center
DSA-2018-038: RSA Archer GRC Platform Multiple Vulnerabilities EMC Product Security Response Center (Mar 06)
DSA-2018-011: RSA Identity Governance and Lifecycle Privilege Escalation Vulnerability EMC Product Security Response Center (Mar 06)
DSA-2018-040: RSA® Authentication Agent for Web for IIS and Apache Web Server Multiple Vulnerabilities EMC Product Security Response Center (Mar 27)
DSA-2018-018: Dell EMC Isilon OneFS Multiple Vulnerabilities EMC Product Security Response Center (Mar 22)
DSA-2018-020: Dell EMC Data Protection Advisor Hardcoded Password Vulnerability EMC Product Security Response Center (Mar 09)
DSA-2018-058: Dell EMC ScaleIO Multiple Security Vulnerabilities EMC Product Security Response Center (Mar 27)
DSA-2018-037: Dell EMC NetWorker Buffer Overflow Vulnerability EMC Product Security Response Center (Mar 18)
filipe
10-Strike Network Monitor 5.4 - Unquoted Service Path filipe (Mar 09)
Rapid Scada - 5.5.0 - Insecure Permissions filipe (Mar 06)
Panda Global Security 17.0.1 - Unquoted service path filipe (Mar 09)
Hola VPN 1.79.859 - Insecure service permissions filipe (Mar 09)
WPS Free Office 10.2.0.5978 - NULL DACL grants full access filipe (Mar 09)
Panda Global Security 17.0.1 - NULL DACL grants full access filipe (Mar 09)
BitDefender Total Security 2018 - Insecure Pipe Permissions filipe (Mar 09)
Gustavo Sorondo
Multiple SQL injection vulnerabilities in Bacula-Web (CVE-2017-15367) Gustavo Sorondo (Mar 09)
Hate Shape
Blind SQL Injection in Square 9 GlobalForms <= 6.2.x (CVE-2018-8820) Hate Shape (Mar 27)
hyp3rlinx
WebLog Expert Web Server Enterprise v9.4 / Remote Denial Of Service CVE-2018-7582 hyp3rlinx (Mar 09)
DualDesk v20 "Proxy.exe" Server / Denial Of Service - CVE-2018-7583 hyp3rlinx (Mar 02)
Softros Network Time System Server v2.3.4 / Denial Of Service CVE-2018-7658 hyp3rlinx (Mar 06)
CVE-2018-7449 SEGGER embOS/IP FTP Server v3.22 / FTP CMDs Denial Of Service hyp3rlinx (Mar 02)
DEWESoft X3 SP1 (64-bit) installer / Remote Internal Command Access - CVE-2018-7756 hyp3rlinx (Mar 13)
WebLog Expert Web Server Enterprise v9.4 / Authentication Bypass CVE-2018-7581 hyp3rlinx (Mar 09)
keliikoa kirland
Re: new email; gw22067 () hotmail com | Double-free segfault bypass keliikoa kirland (Mar 27)
Re: new email; gw22067 () hotmail com | Double-free segfault bypass keliikoa kirland (Mar 27)
new email; gw22067 () hotmail com | Double-free segfault bypass keliikoa kirland (Mar 27)
Kevin R
CVE-2018-5708 Kevin R (Mar 30)
Kirill Shipulin
Another TCP based IDS bypass technique. CVE-2018-6794 Kirill Shipulin (Mar 02)
KoreLogic Disclosures
KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service KoreLogic Disclosures (Mar 06)
KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service KoreLogic Disclosures (Mar 02)
Kotas, Kevin J
CA20180328-01: Security Notice for CA API Developer Portal Kotas, Kevin J (Mar 30)
Manuel Garcia Cardenas
SQL Injection in Textpattern <= 4.6.2 Manuel Garcia Cardenas (Mar 13)
Matthew Fernandez
Re: new email; gw22067 () hotmail com | Double-free segfault bypass Matthew Fernandez (Mar 30)
Michał Kędzior
LDAP Account Manager (6.2) CVE-2018-8763, CVE-2018-8764 Michał Kędzior (Mar 22)
Mohamed A. Baset
Multiple Cross-Site Scripting Vulnerabilities in Crea8Social Social Network Script Mohamed A. Baset (Mar 30)
MustLive
CSRF vulnerabilities in D-Link DGS-3000-10TC MustLive (Mar 02)
nicolas.buzy-debat
[CVE-2018-7422] Local File Inclusion (LFI) vulnerability in WordPress Site Editor Plugin nicolas.buzy-debat (Mar 18)
Nightwatch Cybersecurity Research
Content Injection in Samsung Display Solutions Application for Android [CVE-2018-6019] Nightwatch Cybersecurity Research (Mar 02)
okan coskun
ManageEngine Service Desk Plus < 9403 Cross-Site Scripting okan coskun (Mar 27)
Prajwal Panchmahalkar
c0c0n XI | The cy0ps c0n - Call For Papers & Call For Workshops 2018 Open Prajwal Panchmahalkar (Mar 18)
psy
New release: UFONet v1.0 "TachY0n!" psy (Mar 22)
RedTeam Pentesting GmbH
[RT-SA-2018-001] Arbitrary Redirect in Tuleap RedTeam Pentesting GmbH (Mar 08)
[RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites RedTeam Pentesting GmbH (Mar 13)
(RS) Tyler Schroder
RedCoded ISR: Abine Blur Password Manager Insecure Permissions (CVE-2018-8213) (RS) Tyler Schroder (Mar 18)
Sandro Gauci
ES2018-05 Kamailio heap overflow Sandro Gauci (Mar 22)
SEC Consult Vulnerability Lab
SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net) SEC Consult Vulnerability Lab (Mar 14)
SEC Consult SA-20180312-0 :: Multiple Critical Vulnerabilities in SecurEnvoy SecurMail SEC Consult Vulnerability Lab (Mar 12)
Securify B.V. via Fulldisclosure
Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links Securify B.V. via Fulldisclosure (Mar 24)
service () baimaohui net
SSRF(Server Side Request Forgery) in Tpshop <= 2.0.6 (CVE-2017-16614) service () baimaohui net (Mar 30)
spinfoo via Fulldisclosure
CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor spinfoo via Fulldisclosure (Mar 02)
CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor spinfoo via Fulldisclosure (Mar 06)
Sydream Labs
[CVE-2018-5233] Grav CMS admin plugin Reflected Cross Site Scripting (XSS) vulnerability Sydream Labs (Mar 18)
Vulnerability Lab
Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities Vulnerability Lab (Mar 27)
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability Vulnerability Lab (Mar 27)
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities Vulnerability Lab (Mar 27)
PayPal Inc Increases Bug Bounty Payments in 2018 up to 30.000$ Vulnerability Lab (Mar 13)
Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability Vulnerability Lab (Mar 27)
PayPal Inc - New Venmo Bug Bounty Program Vulnerability Lab (Mar 13)
Williams, Ken
CA20180329-01: Security Notice for CA Workload Automation AE and CA Workload Control Center Williams, Ken (Mar 30)
WTS Research Team
Null Pointer Deference (Denial of Service)-Kingsoft Internet Security 9+ Kernel Driver KWatch3.sys WTS Research Team (Mar 30)
x ksi
ModSecurity WAF 3.0 for Nginx - Denial of Service x ksi (Mar 22)
Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation x ksi (Mar 22)
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal x ksi (Mar 22)
Yuliya Pliavaka
hardwear.io CFP is Open & New Security Training in Berlin! Yuliya Pliavaka (Mar 13)