Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

54 messages starting Feb 20 19 and ending Feb 21 19
Date index | Thread index | Author index

Adam Gowdiak

[SRP-2018-02] Details of a vulnerability in STMicroelectronics' chipset Adam Gowdiak (Feb 20)

advisories

[SAUTH-2019-0001] - Micro Focus Filr Multiple Vulnerabilities advisories (Feb 21)

Apple Product Security via Fulldisclosure

APPLE-SA-2019-2-07-1 iOS 12.1.4 Apple Product Security via Fulldisclosure (Feb 08)
APPLE-SA-2019-2-07-2 macOS Mojave 10.14.3 Supplemental Update Apple Product Security via Fulldisclosure (Feb 08)
APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS Apple Product Security via Fulldisclosure (Feb 08)

Asterisk Security Team

AST-2019-001: Remote crash vulnerability with SDP protocol violation Asterisk Security Team (Feb 28)

Chris

Reflected XSS in n SolarWinds Serv-U FTP Server Chris (Feb 01)
Privilege Escalation + Remote Code Execution in SolarWinds Serv-U FTP Server Chris (Feb 01)

CUJ0 FAIL

Multiple APIs Vulnerabilities in CUJO Firewall CUJ0 FAIL (Feb 01)

Daniel Bishtawi

Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4 Daniel Bishtawi (Feb 21)
Open Redirection Vulnerability in GetSimpleCMS 3.3.13 Daniel Bishtawi (Feb 21)
Reflected Cross-site Scripting Vulnerability in Collabtive 3.1 Daniel Bishtawi (Feb 01)
Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2 Daniel Bishtawi (Feb 01)

David Coomber

Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702) David Coomber (Feb 08)

Geeknik Labs via Fulldisclosure

CVE-2019-8939: XSS in Tautulli Geeknik Labs via Fulldisclosure (Feb 22)

Henri Salo

Re: Reflected Cross-site Scripting Vulnerability in Collabtive 3.1 Henri Salo (Feb 21)

Kevin Kotas via Fulldisclosure

CA20190212-01: Security Notice for CA Privileged Access Manager Kevin Kotas via Fulldisclosure (Feb 21)

Kingkaustubh via Fulldisclosure

KSA-Dev-007:CVE-2019-7386:DoS and gecko reboot in the nokia 8810 4G handset Kingkaustubh via Fulldisclosure (Feb 12)
KSA-Dev-003:CVE-2019-7383 : Remote Code Execution Via shell upload in all systorme ISG products Kingkaustubh via Fulldisclosure (Feb 12)
KSA-Dev-002: CVE-2018-19525 : Account takeover via XSRF in All ISG Series Firewall Kingkaustubh via Fulldisclosure (Feb 12)
KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals. Kingkaustubh via Fulldisclosure (Feb 12)
KSA-Dev-005:CVE-2019-7384: Authenticated Remote Code Execution in Raisecom GPON Devices Kingkaustubh via Fulldisclosure (Feb 12)
KSA-Dev-006:CVE-2019-7385: Authenticated remote code execution on Multiple Raisecom GPON Devices Kingkaustubh via Fulldisclosure (Feb 12)

Nightwatch Cybersecurity Research

Content Injection in Amazon's FireOS [CVE-2019-7399] Nightwatch Cybersecurity Research (Feb 08)

Pedro Ribeiro

[Multiple CVE] - Cisco Identity Services Engine unauth stored XSS to RCE as root Pedro Ribeiro (Feb 05)

Rafael Pedrero

[CVE-2019-9083] Blind SQL injection in SQLiteManager 1.2.0 (and 1.2.4) Rafael Pedrero (Feb 26)
[CVE-2019-8923, CVE-2019-8924] SQL injection and persistent Cross Site Scripting in XAMPP 5.6.8 (and previous) Rafael Pedrero (Feb 21)
[CVE-2019-7416] Client Side URL Redirect (OTG-CLIENT-004) in OpenText Documentum Webtop 5.3 SP2 Rafael Pedrero (Feb 08)
[CVE-2018-18845] Cross Site Scripting in Advanced comment system v1.0 Rafael Pedrero (Feb 21)
[CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Rafael Pedrero (Feb 08)
[CVE-2019-7417] Cross Site Scripting in Ericsson Active Library Explorer Server Version 14.3 Rafael Pedrero (Feb 08)
[CVE-2019-8938] Cross Site Scripting in VertrigoServ 2.17 Rafael Pedrero (Feb 21)
[CVE-2019-7418, CVE-2019-7419, CVE-2019-7420, CVE-2019-7421] Cross Site Scripting in SAMSUNG X7400GX Sync Thru Web Service Rafael Pedrero (Feb 08)
[CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Rafael Pedrero (Feb 21)

Sebastian Neef

CVE-2019-1000032: Memory corruption / DoS in nanosvg Sebastian Neef (Feb 26)

SEC Consult Vulnerability Lab

SEC Consult SA-20190205-0 :: Multiple vulnerabilities in OSCI-Transport Library 1.2 for German e-Government SEC Consult Vulnerability Lab (Feb 05)

secure

DSA-2019-010: Dell EMC VNX2 Family OS Command Injection Vulnerability secure (Feb 05)

Security Explorations

Re: [SRP-2018-02] Security of NC+ SAT TV platform and ST chipsets Security Explorations (Feb 13)

Stefan Kanthak

Defense in depth -- the Microsoft way (part 60): same old sins and incompetence! Stefan Kanthak (Feb 26)

Stephen Shkardoon

Multiple issues in Teracue ENC-400 including pre-authenticated remote code execution Stephen Shkardoon (Feb 21)

Sysdream Labs

[CVE-2018-14013] Reflected Cross-Site Scripting (XSS) vulnerabilities in Zimbra Collaboration Sysdream Labs (Feb 01)

Tim Coen

Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin) Tim Coen (Feb 05)
Give 2.3.0 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
Font_Organizer 2.1.1 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection (WordPress Plugin) Tim Coen (Feb 05)
KingComposer 2.7.6 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
wpGoogleMaps 7.10.41 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
YOP Poll 6.0.2 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
Blog2Social 5.0.2 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
NextScripts: Social Networks Auto-Poster 4.2.7 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)
WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin) Tim Coen (Feb 05)

Vic Vandal

CarolinaCon-15 is April 26-28, 2019 in Charlotte NC - Call For Papers/Presenters is now open Vic Vandal (Feb 05)

Will Boucher via Fulldisclosure

Kanboard 1.2.7 Multiple Vulnerabilities Will Boucher via Fulldisclosure (Feb 21)

Previous period

Next period