Full Disclosure: by author
73 messages
starting May 15 18 and
ending May 28 18
Date index |
Thread index |
Author index
Akshay Sharma
Multiple Arris Touchstone Gateway Vulnerabilities Akshay Sharma (May 15)
Alan Coopersmith
Re: taglib 1.11.1 vuln Alan Coopersmith (May 29)
Alfredo Ortega
CVE-2018-10994: HTML tag injection in Signal-desktop Alfredo Ortega (May 15)
CVE-2018-11101: Signal-desktop HTML tag injection variant 2 Alfredo Ortega (May 16)
Amine Taouirsa
MachForm Multiple Vulnerabilities CVE-2018-6409/CVE-2018-6410/CVE-2018-6411 Amine Taouirsa (May 28)
MachForm Multiple Vulnerabilities CVE-2018-6409/CVE-2018-6410/CVE-2018-6411 Amine Taouirsa (May 28)
Apple Product Security
APPLE-SA-2018-05-04-1 Security Update 2018-001 Swift 4.1.1 for Ubuntu 14.04 Apple Product Security (May 07)
APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001 Apple Product Security (May 08)
bear.xiong
vcftools 0.1.15 vuln bugs bear.xiong (May 16)
PDFParser vulnerability bear.xiong (May 16)
Core Security Advisories Team
[CORE-2018-0001] TP-Link EAP Controller Multiple Vulnerabilities Core Security Advisories Team (May 03)
[CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities Core Security Advisories Team (May 31)
[CORE-2018-0004] - Quest KACE System Management Appliance Multiple Vulnerabilities Core Security Advisories Team (May 31)
Davide Lombardo
Privilege escalation on Windows10/x by shortcut alteration. Davide Lombardo (May 16)
debug
airgapping kvm switch debug (May 01)
Derrek Bertrand
Re: Unvalidated Redirect in Shibboleth component of Blackboard Derrek Bertrand (May 01)
dxw Security
CSRF in WP User Groups allows anybody to modify user groups and types (WordPress plugin) dxw Security (May 11)
Stored XSS in WP ULike allows unauthorised users to do almost anything an admin can (WordPress plugin) dxw Security (May 14)
CSRF in Metronet Tag Manager allows anybody to do almost anything an admin can (WordPress plugin) dxw Security (May 15)
WP ULike allows anybody to delete any row in any WordPress table (WordPress plugin) dxw Security (May 14)
EMC Product Security Response Center
DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities EMC Product Security Response Center (May 28)
DSA-2018-063: Dell EMC Unity Family OS Command Injection Vulnerability EMC Product Security Response Center (May 03)
DSA-2018-086: RSA® Authentication Manager Multiple Vulnerabilities EMC Product Security Response Center (May 04)
Emin Ghuliev
WindScribe VPN 1.81 Privilege Escalation Emin Ghuliev (May 28)
Harry Sintonen
foilChat sign up email PIN confirmation bypass Harry Sintonen (May 29)
GNU Wget Cookie Injection [CVE-2018-0494] Harry Sintonen (May 07)
Himanshu Mehta
CVE-2018-11551 AXON PBX DLL Loading Arbitrary Code Execution & Privilege Escalation Vulnerability Himanshu Mehta (May 30)
CVE-2018-11552 AXON PBX 2.02 Cross Site Scripting Himanshu Mehta (May 30)
hyp3rlinx
Microsoft Windows "FxCop" v10-12 / XML External Entity Injection hyp3rlinx (May 11)
Imre Rad
CVE-2018-10759/CVE-2018-10760: Project Pier 0.8.8 vulnerabilities Imre Rad (May 13)
Javier Bernardo
CVE-2018-10201 – Ncomputing vSpace Pro Directory Traversal Vulnerability Javier Bernardo (May 08)
jerinjoy
Authentication Bypass in Accellion Kiteworks jerinjoy (May 28)
Joe Gray
Insecure Authentication Practices in D-LINK DIR-601 Router, Hardware version A1, Firmware Version 1.02NA (CVE-2018-10641) Joe Gray (May 04)
Kotas, Kevin J
CA20180501-01: Security Notice for CA Spectrum Kotas, Kevin J (May 03)
matthew f
ASUSTOR ADM 3.1.0.RFQ3 and below vulnerabilities matthew f (May 01)
Mohd Hanafie
Buffer overflow in xls2csv (xlsparse.c:716) - catdoc Mohd Hanafie (May 13)
n0ipr0cs
XSS in Flexense DiskSavvy, affects all versions n0ipr0cs (May 01)
XSS in Flexense SyncBreeze, affects all versions n0ipr0cs (May 01)
XSS in Flexense DupScout, affects all versions n0ipr0cs (May 01)
XSS in Flexense DiskSorter, affects all versions n0ipr0cs (May 01)
XSS in Flexense VX Search, affects all versions n0ipr0cs (May 01)
XSS in Flexense DiskPulse, affects all versions n0ipr0cs (May 01)
XSS-Flexense-DiskBoss-Enterprise-all-versions n0ipr0cs (May 01)
Nightwatch Cybersecurity Research
Android OS Didn’t use FLAG_SECURE for Sensitive Settings [CVE-2017-13243] Nightwatch Cybersecurity Research (May 28)
nullbyte
Reptile: a LKM rootkit written for evil purposes nullbyte (May 28)
Pedro Ribeiro
[CVE-2018-1418] IBM QRadar SIEM unauthenticated remote code execution as root Pedro Ribeiro (May 28)
pzpcve180528
SharePoint Site User Enumeration pzpcve180528 (May 28)
Qualys Security Advisory
Qualys Security Advisory - Procps-ng Audit Report Qualys Security Advisory (May 28)
Sebastian Neuner via Fulldisclosure
Re: Vulnerabilities in IBMs Flashsystems and Storwize Products Sebastian Neuner via Fulldisclosure (May 13)
Vulnerabilities in IBMs Flashsystems and Storwize Products Sebastian Neuner via Fulldisclosure (May 11)
SEC Consult Vulnerability Lab
SEC Consult SA-20180529-0 :: Unprotected WiFi access & Unencrypted data transfer in Vgate iCar2 OBD2 Dongle SEC Consult Vulnerability Lab (May 29)
SEC Consult SA-20180503-0 :: Authentication Bypass in Oracle Access Manager (OAM) SEC Consult Vulnerability Lab (May 03)
Re: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet SEC Consult Vulnerability Lab (May 14)
SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet SEC Consult Vulnerability Lab (May 14)
SEC Consult SA-20180516-0 :: XXE & XSS vulnerabilities in RSA Authentication Manager SEC Consult Vulnerability Lab (May 16)
service () baimaohui net
Backdoor in Tpshop <= 2.0.8 (CVE-2018-9919) service () baimaohui net (May 01)
SSRF(Server Side Request Forgery) in Cockpit 0.4.4-0.5.5 (CVE-2018-9302) service () baimaohui net (May 01)
sosumi
Keeper Commander sosumi (May 15)
Stefan Kanthak
[ADV170017] Defense in depth -- the Microsoft way (part 54): escalation of privilege during installation of Microsoft Office 20xy Stefan Kanthak (May 08)
Stephen Shkardoon
Multiple issues in WatchGuard AP100 AP102 AP200 result in remote code execution Stephen Shkardoon (May 01)
Sysdream Labs
[CVE-2018-10094] Dolibarr SQL Injection vulnerability Sysdream Labs (May 28)
Dolibarr XSS Injection vulnerability Sysdream Labs (May 28)
[CVE-2018-10092] Dolibarr admin panel authenticated Remote Code Execution (RCE) vulnerability Sysdream Labs (May 28)
Tomi Tuominen
t2'18: Call For Papers 2018 (Helsinki, Finland) Tomi Tuominen (May 11)
Vadim Zhukov
Re: Buffer overflow in xls2csv (xlsparse.c:716) - catdoc Vadim Zhukov (May 15)
Vangelis Stykas
Calamp.com Incorrect privilege assignment could lead to full user and vehicle compromise Vangelis Stykas (May 15)
Calamp.com Incorrect privilege assignment could lead to full user compromise Vangelis Stykas (May 13)
Xiaoran Wang via Fulldisclosure
JDA Warehouse Management System (WMS) Multiple Critical Vulnerabilities Xiaoran Wang via Fulldisclosure (May 28)
JDA Connect Multiple Critical Vulnerabilities Xiaoran Wang via Fulldisclosure (May 28)
xiaotian.wang
NUUO NVRmini2 / NVRsolo Arbitrary File Upload Vulnerability xiaotian.wang (May 28)
Yavuz Atlas
Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting Yavuz Atlas (May 28)
熊文彬
libmobi 0.3 vulns 熊文彬 (May 28)
taglib 1.11.1 vuln 熊文彬 (May 28)