Full Disclosure: by author
54 messages
starting Oct 04 18 and
ending Oct 02 18
Date index |
Thread index |
Author index
advisories
[CORE-2010-0010] - D-Link Central WiFiManager Software Controller Multiple advisories (Oct 04)
[CORE-2018-0005] - ASRock Drivers Elevation of Privilege Vulnerabilities advisories (Oct 26)
alt3kx via Fulldisclosure
Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596) alt3kx via Fulldisclosure (Oct 08)
Apple Product Security
APPLE-SA-2018-10-08-2 iCloud for Windows 7.7 Apple Product Security (Oct 08)
APPLE-SA-2018-10-08-1 iOS 12.0.1 Apple Product Security (Oct 08)
Błażej Adamczyk
Multiple vulnerabilities in D-Link routers Błażej Adamczyk (Oct 16)
coderaptor
Re: Skype Debian package: allows complete machine takeover for Microsoft coderaptor (Oct 16)
Dancho Danchev via Fulldisclosure
Dancho Danchev's 2010 Disappearance - An Elaboration - Part Two Dancho Danchev via Fulldisclosure (Oct 08)
David Vargas
CVE-2018-15903 - Stored XSS on Claromentis David Vargas (Oct 05)
Denis Kolegov
Stored XSS in Viprinet VPN Hub Router Denis Kolegov (Oct 19)
Riverbed SteelConnect Vulnerabilities Denis Kolegov (Oct 16)
Felix Schallock
CVEs 2018-7633, 2018-7632, 2018-7631 RCE, DoS and Script Injection vulnerabilities in ADB EpiCentro Firmware 7.3.2+ Felix Schallock (Oct 26)
Frelyn SDIWC
[CFP] The Sixth International Conference on Cyber Security, Cyber Welfare and Digital Forensic (CyberSec2018) Frelyn SDIWC (Oct 09)
[CFP] The Fourth International Conference on Information Security and Digital Forensics (ISDF2018) Frelyn SDIWC (Oct 05)
Harrison Neal
HID ActivID ActivClient - JasPer DoS CVE-2017-{5499, 5500, 5502} Harrison Neal (Oct 30)
HID ActivID ActivClient - DoS or Heap Spray via SC Harrison Neal (Oct 26)
Henri Salo
Re: Information Exposure Vulnerability in WordPress Mobile Pack Wordpress Plugin v2.1.2 and below Henri Salo (Oct 02)
hyp3rlinx
CVE-2018-8533 Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / REGSRVR file handling XML Injection hyp3rlinx (Oct 16)
CVE-2018-8527 Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / xel filetype XML Injection hyp3rlinx (Oct 16)
CVE-2018-8532 / Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / XML Injection hyp3rlinx (Oct 16)
Imre Rad
CVE-2018-16789: denial of service in shellinabox Imre Rad (Oct 26)
James Hemmings via Fulldisclosure
CVE-2018-10532 - EE 4GEE HH70 Home Router Hardcoded Root SSH Credentials James Hemmings via Fulldisclosure (Oct 30)
Janek Vind via Fulldisclosure
[waraxe-2018-SA#109] - Multiple vulnerabilities in Wordfence Wordpress plugin Janek Vind via Fulldisclosure (Oct 16)
Kotas, Kevin J
CA20181017-01: Security Notice for CA Identity Governance Kotas, Kevin J (Oct 18)
Kyriakos Economou
CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution Kyriakos Economou (Oct 23)
Magnus Klaaborg Stubman
net-snmp 5.7.3 unauthenticated remote DoS Magnus Klaaborg Stubman (Oct 08)
Michael Lazin
Re: Skype Debian package: allows complete machine takeover for Microsoft Michael Lazin (Oct 05)
Murat Aydemir
Vulnerability Disclose Murat Aydemir (Oct 16)
Zoho ManageEngine OpManager 12.3 allows Unrestricted Arbitrary File Upload Murat Aydemir (Oct 19)
omarbv
RootedCON 2019 Call For Papers is open! omarbv (Oct 23)
Patrick Costa
Multiple vulnerabilities in NPLUG wireless repeater Patrick Costa (Oct 08)
Pedro Ribeiro
[CVE-2018-15379] Unauth RCE as root in Cisco Prime Infrastructure Pedro Ribeiro (Oct 08)
Ron Bowes
Critical vulnerability in Cisco WebEx - "WebExec" Ron Bowes (Oct 24)
SBA Research Advisory
[SBA-ADV-20180410-01] CVE-2018-17533: Teltonika RUT9XX Reflected Cross-Site Scripting (XSS) SBA Research Advisory (Oct 11)
[SBA-ADV-20180319-02] CVE-2018-17534: Teltonika RUT9XX Missing Access Control to UART Root Terminal SBA Research Advisory (Oct 11)
[SBA-ADV-20180319-01] CVE-2018-17532: Teltonika RUT9XX Unauthenticated OS Command Injection SBA Research Advisory (Oct 11)
SCADA StrangeLove
Vulnerabilities in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4 SCADA StrangeLove (Oct 22)
SD-WAN Harvester v 0.99 SCADA StrangeLove (Oct 10)
SEC Consult Vulnerability Lab
SEC Consult SA-20181001-0 :: Password disclosure vulnerability & XSS in PTC ThingWorx (CVE-2018-17216, CVE-2018-17217, CVE-2018-17218) SEC Consult Vulnerability Lab (Oct 01)
SEC Consult SA-20181009-0 :: Remote Code Execution via XMeye P2P Cloud in Xiongmai IP Cameras, NVRs and DVRs incl. 3rd party OEM devices (CVE-2018-17915, CVE-2018-17917, CVE-2018-17919) SEC Consult Vulnerability Lab (Oct 09)
secure
DSA-2018-136: Dell EMC Integrated Data Protection Appliance Undocumented Accounts Vulnerability secure (Oct 30)
DSA-2018-157: Dell EMC ESRS Virtual Edition Multiple Vulnerabilities secure (Oct 16)
Securify B.V. via Fulldisclosure
Ivanti Workspace Control Application Whitelist bypass via PowerGrid /SEE command line argument Securify B.V. via Fulldisclosure (Oct 01)
Ivanti Workspace Control Application Whitelist bypass via PowerGrid /RWS command line argument Securify B.V. via Fulldisclosure (Oct 01)
Ivanti Workspace Control Data Security bypass via localhost UNC path Securify B.V. via Fulldisclosure (Oct 01)
Stored credentials Ivanti Workspace Control can be retrieved from Registry Securify B.V. via Fulldisclosure (Oct 01)
Ivanti Workspace Control local privilege escalation via Named Pipe Securify B.V. via Fulldisclosure (Oct 01)
Seth Arnold
Re: Skype Debian package: allows complete machine takeover for Microsoft Seth Arnold (Oct 02)
Simon Uvarov via Fulldisclosure
Cockpit CMS Multiple Vulnerabilities (CVE-2018-15538, CVE-2018-15539, CVE-2018-15540) Simon Uvarov via Fulldisclosure (Oct 11)
Stefan Pietsch
e2 Security GmbH Advisory 2018-01: MensaMax Android app / Unencrypted transmission and usage of hardcoded encryption key Stefan Pietsch (Oct 02)
Vulnerability Lab
Facebook Platform Hack - Critical Access Token Vulnerabilities Vulnerability Lab (Oct 04)
yavuz atlas
Responsive Filemanager 9.8.1 Authentication Bypass yavuz atlas (Oct 09)
Responsive Filemanager 9.8.1 Reflected Cross Site Scripting (XSS) yavuz atlas (Oct 09)
Yuliya Pliavaka
Nullcon Goa 2019 Call For Papers is Open - 10th Anniversary edition! Yuliya Pliavaka (Oct 02)