Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

40 messages starting Jul 23 19 and ending Jul 09 19
Date index | Thread index | Author index

Apple Product Security via Fulldisclosure

APPLE-SA-2019-7-22-5 tvOS 12.4 Apple Product Security via Fulldisclosure (Jul 23)
APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6 Apple Product Security via Fulldisclosure (Jul 26)
APPLE-SA-2019-7-22-4 watchOS 5.3 Apple Product Security via Fulldisclosure (Jul 23)
APPLE-SA-2019-7-22-1 iOS 12.4 Apple Product Security via Fulldisclosure (Jul 23)
APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra Apple Product Security via Fulldisclosure (Jul 23)
APPLE-SA-2019-7-23-1 iCloud for Windows 7.13 Apple Product Security via Fulldisclosure (Jul 26)
APPLE-SA-2019-7-23-3 iCloud for Windows 10.6 Apple Product Security via Fulldisclosure (Jul 26)
APPLE-SA-2019-7-22-3 Safari 12.1.2 Apple Product Security via Fulldisclosure (Jul 23)

Asterisk Security Team

AST-2019-003: Remote Crash Vulnerability in chan_sip channel driver Asterisk Security Team (Jul 11)
AST-2019-002: Remote crash vulnerability with MESSAGE messages Asterisk Security Team (Jul 11)

bo0od

Whonix Anonymous OS 15 Released bo0od (Jul 26)

csirt

Tufin SecureChange uses Richfaces 4.3.5, vulnerable to CVE-2015-0279 (unauthenticated RCE) csirt (Jul 23)

Daniel Bishtawi

Out of Band Code Evaluation Vulnerability in Zurmo 3.2.6 Daniel Bishtawi (Jul 26)
Stored Cross-site Scripting Vulnerability in Zurmo 3.2.6 Daniel Bishtawi (Jul 26)
Reflected Cross-site Scripting Vulnerability in Ponzu CMS 0.9.4 Daniel Bishtawi (Jul 12)
Code Evaluation Vulnerability in Zurmo 3.2.6 Daniel Bishtawi (Jul 26)
Reflected Cross-site Scripting Vulnerability in Zurmo 3.2.6 Daniel Bishtawi (Jul 26)
Open Redirection Vulnerability in Zurmo 3.2.6 Daniel Bishtawi (Jul 26)
Frame Injection Vulnerability in Zurmo 3.2.6 Daniel Bishtawi (Jul 26)

David Dillard

VTS19-002: Multiple Vulnerabilities in Veritas Resiliency Platform (VRP) David Dillard (Jul 30)

Eitan shav

Polycom RealPresence Touch device vulnerable to Slowloris attack (hardware version 7; OS version 2.1.2-255) Eitan shav (Jul 09)

gionreale

KEYNTO Team Password Manager 1.5.0 - Cross Site Scripting [CVE-2019-13380] gionreale (Jul 09)

hyp3rlinx

Trend Micro Deep Discovery Inspector IDS / Percent Encoding IDS Bypass hyp3rlinx (Jul 26)
Microsoft File Checksum Integrity Verifier "fciv.exe" v2.05 / DLL Hijack Arbitrary Code Execution hyp3rlinx (Jul 05)
Re: Microsoft Compiled HTML Help / Uncompiled .chm File XML External Entity hyp3rlinx (Jul 16)
CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day hyp3rlinx (Jul 16)

Joey Lane via Fulldisclosure

PowerPanel Business Edition 3.4.0 - Cross Site Request Forgery Joey Lane via Fulldisclosure (Jul 09)

Jonathan Leitschuh

Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website! Jonathan Leitschuh (Jul 09)

Marcin Kozlowski

CVE-2019-2107 a.k.a "Hevcfright" Proof of Concept exploit (Denial of Service PoC) Marcin Kozlowski (Jul 16)

Marco Ivaldi

Re: local privilege escalation via CDE dtprintinfo Marco Ivaldi (Jul 18)

Matthias Deeg

UPDATE: [SYSS-2019-021]: WolfVision Cynap - Use of Hard-coded Cryptographic Key (CWE-321) [CVE-2019-13352] Matthias Deeg (Jul 09)
[SYSS-2019-004]: ABUS Secvest (FUAA50000) - Message Transmission - Unchecked Error Condition (CWE-391) (CVE-2019-14261) Matthias Deeg (Jul 26)
[SYSS-2019-021]: WolfVision Cynap - Use of Hard-coded Cryptographic Key (CWE-321) Matthias Deeg (Jul 05)

MustLive

Vulnerabilities in TP-Link TL-WR940N and TL-WR941ND MustLive (Jul 09)

No One

Razer Synapse 3, Laptops Ship with Re-used Root Certificate with Private Key No One (Jul 09)

Pedro Ribeiro

Cisco Data Center Manager multiple vulns; RCE as root Pedro Ribeiro (Jul 09)

Q C

Two vulnerabilities found in MikroTik's RouterOS Q C (Jul 23)

RedTeam Pentesting GmbH

[RT-SA-2019-012] Information Disclosure in REDDOXX Appliance RedTeam Pentesting GmbH (Jul 01)

Stefan Kanthak

Mozilla's MSI installers: FUBAR (that's spelled "fucked-up beyond all repair") Stefan Kanthak (Jul 09)

xen1thLabs

Two vulnerabilities found in Sony BRAVIA Smart TVs xen1thLabs (Jul 09)

Previous period

Next period