Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

53 messages starting Aug 24 18 and ending Aug 24 18
Date index | Thread index | Author index

1n3--- via Fulldisclosure

Re: Jetty 6.1.6 Cross-Site Scripting (XSS) 1n3--- via Fulldisclosure (Aug 24)
Jetty 6.1.6 Cross-Site Scripting (XSS) 1n3--- via Fulldisclosure (Aug 21)
Re: Jetty 6.1.6 Cross-Site Scripting (XSS) 1n3--- via Fulldisclosure (Aug 24)

Andrey Loginov

UISGCON14 CFP Andrey Loginov (Aug 21)

Anibal Aguiar

[CONVISO-18-001] - Nasdaq BWise JMX/RMI RCE Anibal Aguiar (Aug 13)

Brian Hysell

Multiple vulnerabilities in OSCAR EMR Brian Hysell (Aug 21)

Chris

(CVE-2018-13417) Out-of-Band XXE in Vuze Bittorrent Client Chris (Aug 02)
(CVE-2018-13415) Out-of-Band XXE in Plex Media Server Chris (Aug 02)

Dell EMC Product Security Response Center

DSA-2018-112: Dell EMC Data Protection Advisor XML External Entity Vulnerability Dell EMC Product Security Response Center (Aug 03)
DSA-2018-132: RSA NetWitness Platform Server-Side Template Injection Vulnerability Dell EMC Product Security Response Center (Aug 21)
DSA-2018-144: RSA Archer SQL Injection Vulnerability within embedded WorkPoint component Dell EMC Product Security Response Center (Aug 21)

Henri Salo

Re: Full Disclosure - Responsive File Manager Henri Salo (Aug 13)

hyp3rlinx

Argus Surveillance DVR - 4.0.0.0 / SYSTEM Privilege Escalation hyp3rlinx (Aug 31)
Argus Surveillance DVR - 4.0.0.0 / Unauthenticated Directory Traversal File Disclosure hyp3rlinx (Aug 31)

kenney_lu () trendmicro com

CVE-2017-11564: multiple command inject in D-Link EyeOn Baby Monitor (DCS-825L) kenney_lu () trendmicro com (Aug 21)
CVE-2017-12577: an hardcode credential in PLANEX CS-QR20 kenney_lu () trendmicro com (Aug 21)
CVE-2017-12576: an hidden management page in PLANEX CS-QR20 kenney_lu () trendmicro com (Aug 21)
CVE-2017-11563: Remote Code Execution via stack overflow in D-Link EyeOn Baby Monitor (DCS-825L) kenney_lu () trendmicro com (Aug 21)
CVE-2017-12573: command injection in PLANEX CS-W50HD kenney_lu () trendmicro com (Aug 21)
CVE-2017-12575: information leakage in NEC Aterm WG2600HP2 kenney_lu () trendmicro com (Aug 21)
CVE-2017-12574: Hardcode credential in PLANEX CS-W50HD kenney_lu () trendmicro com (Aug 21)

Kevin R

CVE-2018-12710 Kevin R (Aug 27)

Kotas, Kevin J

CA20180802-01: Security Notice for CA API Developer Portal Kotas, Kevin J (Aug 02)

Mustafa Kaan Demirhan

SOC Battle - ARE YOU READY FOR AN EXTRAORDINARY CTF? Mustafa Kaan Demirhan (Aug 10)

MustLive

XSS and CSRF vulnerabilities in ASUS RT-N15U MustLive (Aug 21)

Nightwatch Cybersecurity Research

Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489] Nightwatch Cybersecurity Research (Aug 31)

Nikola Kojic

CVE-2018-12090 - LAMS < 3.1 Unauthenticated Cross-Site Scripting Nikola Kojic (Aug 07)

Reggie Dodd

Mutiny Monitoring Appliance < 6.1.0-5263 - Command Injection (CVE-2018-15529) Reggie Dodd (Aug 24)

SCADA StrangeLove

Silver Peak EdgeConnect < 8.1.7.x. multiple vulnerabilities SCADA StrangeLove (Aug 17)

SEC Consult Vulnerability Lab

SEC Consult SA-20180813-0 :: SQL Injection, XSS & CSRF vulnerabilities in Pimcore SEC Consult Vulnerability Lab (Aug 16)

secure

DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple Security Vulnerabilities secure (Aug 28)
DSA-2018-132: RSA NetWitness Platform Server-Side Template Injection Vulnerability secure (Aug 24)
DSA-2018-144: RSA Archer SQL Injection Vulnerability within embedded WorkPoint component secure (Aug 24)

Silton Renato

Re: Full Disclosure - Responsive File Manager Silton Renato (Aug 21)
Full Disclosure - Responsive File Manager Silton Renato (Aug 08)

Simon Uvarov via Fulldisclosure

CVE-2018-14857 (Unrestricted File Upload (RCE) in OCS Inventory NG Webconsole before 2.5) Simon Uvarov via Fulldisclosure (Aug 03)
RESPONSIVE filemanager Simon Uvarov via Fulldisclosure (Aug 21)

Simon Waters

Re: Jetty 6.1.6 Cross-Site Scripting (XSS) Simon Waters (Aug 24)
Re: Jetty 6.1.6 Cross-Site Scripting (XSS) Simon Waters (Aug 24)

Stefan Kanthak

Executable installers are vulnerable^WEVIL (case 55): escalation of privilege with VMware Player 12.5.9 Stefan Kanthak (Aug 02)
Executable installers are vulnerable^WEVIL (case 56): arbitrary code execution WITH escalation of privilege via rufus*.exe Stefan Kanthak (Aug 03)
Defense in depth -- the Microsoft way (part 57): all the latest MSVCRT installers allow escalation of privilege Stefan Kanthak (Aug 21)
CVE-2016-7085 NOT fixed in VMware-player-12.5.9-7535481.exe Stefan Kanthak (Aug 02)

Summer of Pwnage via Fulldisclosure

Seagate Media Server multiple SQL injection vulnerabilities Summer of Pwnage via Fulldisclosure (Aug 22)

Williams, Ken

CA20180829-02: Security Notice for CA Unified Infrastructure Management Williams, Ken (Aug 31)
CA20180829-03: Security Notice for CA Release Automation Williams, Ken (Aug 31)
CA20180829-01: Security Notice for CA PPM Williams, Ken (Aug 31)

X41 D-Sec GmbH Advisories

X41 D-Sec GmbH Security Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11 X41 D-Sec GmbH Advisories (Aug 21)
X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv X41 D-Sec GmbH Advisories (Aug 21)
X41 D-Sec GmbH Security Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC X41 D-Sec GmbH Advisories (Aug 21)
X41 D-Sec GmbH Security Advisory X41-2018-004: Multiple Vulnerabilities in Yubico libykneomgr X41 D-Sec GmbH Advisories (Aug 21)
X41 D-Sec GmbH Security Advisory X41-2018-005: Multiple Vulnerabilities in Apple smartcardservices X41 D-Sec GmbH Advisories (Aug 21)

x ksi

Couchbase Server - Remote Code Execution x ksi (Aug 24)

Previous period

Next period