Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

54 messages starting Oct 04 18 and ending Oct 02 18
Date index | Thread index | Author index

advisories

[CORE-2010-0010] - D-Link Central WiFiManager Software Controller Multiple advisories (Oct 04)
[CORE-2018-0005] - ASRock Drivers Elevation of Privilege Vulnerabilities advisories (Oct 26)

alt3kx via Fulldisclosure

Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596) alt3kx via Fulldisclosure (Oct 08)

Apple Product Security

APPLE-SA-2018-10-08-2 iCloud for Windows 7.7 Apple Product Security (Oct 08)
APPLE-SA-2018-10-08-1 iOS 12.0.1 Apple Product Security (Oct 08)

Błażej Adamczyk

Multiple vulnerabilities in D-Link routers Błażej Adamczyk (Oct 16)

coderaptor

Re: Skype Debian package: allows complete machine takeover for Microsoft coderaptor (Oct 16)

Dancho Danchev via Fulldisclosure

Dancho Danchev's 2010 Disappearance - An Elaboration - Part Two Dancho Danchev via Fulldisclosure (Oct 08)

David Vargas

CVE-2018-15903 - Stored XSS on Claromentis David Vargas (Oct 05)

Denis Kolegov

Stored XSS in Viprinet VPN Hub Router Denis Kolegov (Oct 19)
Riverbed SteelConnect Vulnerabilities Denis Kolegov (Oct 16)

Felix Schallock

CVEs 2018-7633, 2018-7632, 2018-7631 RCE, DoS and Script Injection vulnerabilities in ADB EpiCentro Firmware 7.3.2+ Felix Schallock (Oct 26)

Frelyn SDIWC

[CFP] The Sixth International Conference on Cyber Security, Cyber Welfare and Digital Forensic (CyberSec2018) Frelyn SDIWC (Oct 09)
[CFP] The Fourth International Conference on Information Security and Digital Forensics (ISDF2018) Frelyn SDIWC (Oct 05)

Harrison Neal

HID ActivID ActivClient - JasPer DoS CVE-2017-{5499, 5500, 5502} Harrison Neal (Oct 30)
HID ActivID ActivClient - DoS or Heap Spray via SC Harrison Neal (Oct 26)

Henri Salo

Re: Information Exposure Vulnerability in WordPress Mobile Pack Wordpress Plugin v2.1.2 and below Henri Salo (Oct 02)

hyp3rlinx

CVE-2018-8533 Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / REGSRVR file handling XML Injection hyp3rlinx (Oct 16)
CVE-2018-8527 Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / xel filetype XML Injection hyp3rlinx (Oct 16)
CVE-2018-8532 / Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / XML Injection hyp3rlinx (Oct 16)

Imre Rad

CVE-2018-16789: denial of service in shellinabox Imre Rad (Oct 26)

James Hemmings via Fulldisclosure

CVE-2018-10532 - EE 4GEE HH70 Home Router Hardcoded Root SSH Credentials James Hemmings via Fulldisclosure (Oct 30)

Janek Vind via Fulldisclosure

[waraxe-2018-SA#109] - Multiple vulnerabilities in Wordfence Wordpress plugin Janek Vind via Fulldisclosure (Oct 16)

Kotas, Kevin J

CA20181017-01: Security Notice for CA Identity Governance Kotas, Kevin J (Oct 18)

Kyriakos Economou

CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution Kyriakos Economou (Oct 23)

Magnus Klaaborg Stubman

net-snmp 5.7.3 unauthenticated remote DoS Magnus Klaaborg Stubman (Oct 08)

Michael Lazin

Re: Skype Debian package: allows complete machine takeover for Microsoft Michael Lazin (Oct 05)

Murat Aydemir

Vulnerability Disclose Murat Aydemir (Oct 16)
Zoho ManageEngine OpManager 12.3 allows Unrestricted Arbitrary File Upload Murat Aydemir (Oct 19)

omarbv

RootedCON 2019 Call For Papers is open! omarbv (Oct 23)

Patrick Costa

Multiple vulnerabilities in NPLUG wireless repeater Patrick Costa (Oct 08)

Pedro Ribeiro

[CVE-2018-15379] Unauth RCE as root in Cisco Prime Infrastructure Pedro Ribeiro (Oct 08)

Ron Bowes

Critical vulnerability in Cisco WebEx - "WebExec" Ron Bowes (Oct 24)

SBA Research Advisory

[SBA-ADV-20180410-01] CVE-2018-17533: Teltonika RUT9XX Reflected Cross-Site Scripting (XSS) SBA Research Advisory (Oct 11)
[SBA-ADV-20180319-02] CVE-2018-17534: Teltonika RUT9XX Missing Access Control to UART Root Terminal SBA Research Advisory (Oct 11)
[SBA-ADV-20180319-01] CVE-2018-17532: Teltonika RUT9XX Unauthenticated OS Command Injection SBA Research Advisory (Oct 11)

SCADA StrangeLove

Vulnerabilities in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4 SCADA StrangeLove (Oct 22)
SD-WAN Harvester v 0.99 SCADA StrangeLove (Oct 10)

SEC Consult Vulnerability Lab

SEC Consult SA-20181001-0 :: Password disclosure vulnerability & XSS in PTC ThingWorx (CVE-2018-17216, CVE-2018-17217, CVE-2018-17218) SEC Consult Vulnerability Lab (Oct 01)
SEC Consult SA-20181009-0 :: Remote Code Execution via XMeye P2P Cloud in Xiongmai IP Cameras, NVRs and DVRs incl. 3rd party OEM devices (CVE-2018-17915, CVE-2018-17917, CVE-2018-17919) SEC Consult Vulnerability Lab (Oct 09)

secure

DSA-2018-136: Dell EMC Integrated Data Protection Appliance Undocumented Accounts Vulnerability secure (Oct 30)
DSA-2018-157: Dell EMC ESRS Virtual Edition Multiple Vulnerabilities secure (Oct 16)

Securify B.V. via Fulldisclosure

Ivanti Workspace Control Application Whitelist bypass via PowerGrid /SEE command line argument Securify B.V. via Fulldisclosure (Oct 01)
Ivanti Workspace Control Application Whitelist bypass via PowerGrid /RWS command line argument Securify B.V. via Fulldisclosure (Oct 01)
Ivanti Workspace Control Data Security bypass via localhost UNC path Securify B.V. via Fulldisclosure (Oct 01)
Stored credentials Ivanti Workspace Control can be retrieved from Registry Securify B.V. via Fulldisclosure (Oct 01)
Ivanti Workspace Control local privilege escalation via Named Pipe Securify B.V. via Fulldisclosure (Oct 01)

Seth Arnold

Re: Skype Debian package: allows complete machine takeover for Microsoft Seth Arnold (Oct 02)

Simon Uvarov via Fulldisclosure

Cockpit CMS Multiple Vulnerabilities (CVE-2018-15538, CVE-2018-15539, CVE-2018-15540) Simon Uvarov via Fulldisclosure (Oct 11)

Stefan Pietsch

e2 Security GmbH Advisory 2018-01: MensaMax Android app / Unencrypted transmission and usage of hardcoded encryption key Stefan Pietsch (Oct 02)

Vulnerability Lab

Facebook Platform Hack - Critical Access Token Vulnerabilities Vulnerability Lab (Oct 04)

yavuz atlas

Responsive Filemanager 9.8.1 Authentication Bypass yavuz atlas (Oct 09)
Responsive Filemanager 9.8.1 Reflected Cross Site Scripting (XSS) yavuz atlas (Oct 09)

Yuliya Pliavaka

Nullcon Goa 2019 Call For Papers is Open - 10th Anniversary edition! Yuliya Pliavaka (Oct 02)

Previous period

Next period