Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
69 messages
starting Nov 27 18 and
ending Nov 20 18
Date index |
Thread index |
Author index
advisories
[CORE-2018-0011] - Cisco WebEx Meetings Elevation of Privilege Vulnerability advisories (Nov 27)
alphan yavaş
Disclose Vulnerability alphan yavaş (Nov 02)
Apple Product Security
APPLE-SA-2018-10-30-11 Additional information for APPLE-SA-2018-9-24-6 tvOS 12 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-9 Additional information for APPLE-SA-2018-9-24-1 macOS Mojave 10.14 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-7 iCloud for Windows 7.8 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-12 Additional information APPLE-SA-2018-10-08-2 iCloud for Windows 7.7 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-6 iTunes 12.9.1 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-8 Additional information for APPLE-SA-2018-9-24-4 iOS 12 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-10 Additional information for APPLE-SA-2018-9-24-5 watchOS 5 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-1 iOS 12.1 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-13 Additional information for APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-5 tvOS 12.1 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-3 Safari 12.0.1 Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan Apple Product Security (Nov 02)
APPLE-SA-2018-10-30-4 watchOS 5.1 Apple Product Security (Nov 02)
Asterisk Security Team
AST-2018-010: Remote crash vulnerability DNS SRV and NAPTR lookups Asterisk Security Team (Nov 14)
AST-2018-010: Asterisk Security Team (Nov 14)
Bernd Leitner
SwitchVPN Insecure Update Process and RCE Bernd Leitner (Nov 13)
Multiple Privilege Escalation Vulnerabilities in LiquidVPN for MacOS (CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859) Bernd Leitner (Nov 02)
SwitchVPN MacOS Privilege Escalation Vulnerability Bernd Leitner (Nov 13)
Black Arch
New BlackArch Linux ISOs + OVA Image (2018.12.01) with more than 2050 Tools Released. Black Arch (Nov 30)
CrazyOwl via Fulldisclosure
Cradlepoint vulnerabilities CrazyOwl via Fulldisclosure (Nov 05)
Eitan Caspi via Fulldisclosure
It is not a vulnerability. It is a feature. A Zendesk customer? Act now! Eitan Caspi via Fulldisclosure (Nov 27)
Eitan shav
Security issue in the password reset mechanism of Forcepoint Secure Messaging product (tested in version 8.5) Eitan shav (Nov 05)
Florian Bogner
Remote Code Execution Vulnerability in ELBA5 Electronic Banking Florian Bogner (Nov 16)
Francesco Servida
[CVE-2018-16222 to 16225] Multiple Vulnerabilities in QBee and iSmartAlarm Products Francesco Servida (Nov 02)
Hakan Bayır
Zoho ManageEngine OpManager 12.3 allows Self XSS Vulnerability Hakan Bayır (Nov 02)
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. Hakan Bayır (Nov 05)
Zoho ManageEngine OpManager 12.3 allows Stored XSS Hakan Bayır (Nov 02)
Hodorsec via Fulldisclosure
[CVE-2018-18006] Ricoh myPrint - Hardcoded application credentials and information disclosure via WSDL webservices Hodorsec via Fulldisclosure (Nov 20)
hyp3rlinx
CVE-2018-15437 / Cisco Immunet and Cisco AMP for Endpoints / System Scan Denial of Service hyp3rlinx (Nov 09)
CVE-2018-15516 / D- LINK Central WifiManager CWM-100 / FTP Server PORT Bounce Scan hyp3rlinx (Nov 09)
CVE-2018-15515 / D-LINK Central WifiManager CWM-100 / Trojan File SYSTEM Privilege Escalation hyp3rlinx (Nov 09)
CVE-2018-15517 / D-LINK Central WifiManager CWM-100 / Server Side Request Forgery hyp3rlinx (Nov 09)
Imre Rad
CVE-2017-9732: knc (kerberized netcat) memory exhaustion Imre Rad (Nov 30)
Jakub Palaczynski
Re: Royal TS/X - Information Disclosure Jakub Palaczynski (Nov 05)
Royal TS/X - Information Disclosure Jakub Palaczynski (Nov 02)
Loadbalancer.org Enterprise VA MAX - Unauthenticated Stored XSS Jakub Palaczynski (Nov 02)
Joao F M Figueiredo
Unauthenticated Remote Code execution in WebApps using Richfaces 3.X all versions (CVE-2018-14667) Joao F M Figueiredo (Nov 20)
KoreLogic Disclosures
KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities KoreLogic Disclosures (Nov 05)
Maxim Khazov via Fulldisclosure
Multiple OS Command Injection in Moxa NPort W2x50A products Maxim Khazov via Fulldisclosure (Nov 30)
Murat Aydemir
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API. Murat Aydemir (Nov 20)
Nightwatch Cybersecurity Research
Sensitive Data Exposure via Battery Information Broadcasts in Android OS [CVE-2018-15835] Nightwatch Cybersecurity Research (Nov 11)
Sensitive Data Exposure via RSSI Broadcasts in Android OS [CVE-2018-9581] Nightwatch Cybersecurity Research (Nov 11)
Poyo VL via Fulldisclosure
XSS Fuzzer Poyo VL via Fulldisclosure (Nov 27)
Rafael Pedrero
CVE-2018-19753 - Directory Traversal in Tarantella Enterprise before 3.11 Rafael Pedrero (Nov 30)
CVE-2018-19754 - Security Bypass Access Control Vulnerability in Tarantella Enterprise before 3.11 Rafael Pedrero (Nov 30)
CVE-2018-19439 - Cross Site Scripting in Oracle Secure Global Desktop Administration Console - 4.4; Build: 20080807152602 Rafael Pedrero (Nov 23)
CVE-2010-1910 - Multiple Consona Products Password Reset Security Bypass Vulnerability Rafael Pedrero (Nov 23)
CVE-2018-19505 - Impersonation may lead to incorrect user context in Remedy AR System Server in BMC Remedy 7.1 Rafael Pedrero (Nov 27)
[CVE-2018-18619] SQL injection in Advanced comment system v1.0 Rafael Pedrero (Nov 09)
[CVE-2018-18941] Security Vulnerability in Vignette Content Management version 6 Rafael Pedrero (Nov 09)
[CVE-2018-18940] Cross Site Scripting in default SnoopServlet servlet Netscape Enterprise 3.63 Rafael Pedrero (Nov 09)
Ryan Delaney
Budabot !calc Denial of Service Ryan Delaney (Nov 16)
SEC Consult Vulnerability Lab
SEC Consult SA-20181114-0 :: Denial of Service in Microsoft Skype for Business SEC Consult Vulnerability Lab (Nov 21)
SEC Consult SA-20181130-0 :: Multiple Vulnerabilities in Siglent Technologies SDS 1202X-E Digital Oscilloscope SEC Consult Vulnerability Lab (Nov 30)
SEC Consult SA-20181121-0 :: Signature Bypass / Authentication Bypass in Governikus Autent SDK SEC Consult Vulnerability Lab (Nov 21)
SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition SEC Consult Vulnerability Lab (Nov 21)
secure
DSA-2018-154: Dell EMC Avamar and Integrated Data Protection Appliance Information Exposure Vulnerability secure (Nov 20)
DSA-2018-155: Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability secure (Nov 20)
DSA-2018-198: RSA® BSAFE® Micro Edition Suite Key Management Error Vulnerability secure (Nov 11)
DSA-2018-205: Dell EMC RecoverPoint Multiple Vulnerabilities secure (Nov 09)
DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities secure (Nov 20)
Simon Uvarov via Fulldisclosure
OCS Inventory NG ocsreports Authenticated RCE via Shell Upload (CVE-2018-15537) Simon Uvarov via Fulldisclosure (Nov 13)
Stefan Kanthak
[CVE-2018-3635] Executable installers are vulnerable^WEVIL (case 59): arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver Stefan Kanthak (Nov 16)
Escalation of privilege with Intel Rapid Storage User Interface Stefan Kanthak (Nov 20)
Todd Kelly via Fulldisclosure
Cradlepoint vulnerabilities Todd Kelly via Fulldisclosure (Nov 09)
Trvon via Fulldisclosure
Carolina Con CFP Trvon via Fulldisclosure (Nov 20)