Full Disclosure: by author
35 messages
starting Jun 05 20 and
ending Jun 05 20
Date index |
Thread index |
Author index
Aaron Bishop
Castel NextGen DVR multiple CVEs Aaron Bishop (Jun 05)
Apple Product Security via Fulldisclosure
APPLE-SA-2020-06-01-2 macOS Catalina 10.15.5 Supplemental Update, Security Update 2020-003 High Sierra Apple Product Security via Fulldisclosure (Jun 02)
APPLE-SA-2020-06-01-1 iOS 13.5.1 and iPadOS 13.5.1 Apple Product Security via Fulldisclosure (Jun 02)
APPLE-SA-2020-06-01-3 tvOS 13.4.6 Apple Product Security via Fulldisclosure (Jun 02)
APPLE-SA-2020-06-01-4 watchOS 6.2.6 Apple Product Security via Fulldisclosure (Jun 02)
duykham
[Bug] Firefox privacy leakage: search term is sent to ISP without user's consent. duykham (Jun 02)
Egidio Romano
[KIS-2020-07] openSIS <= 7.4 (Bottom.php) Local File Inclusion Vulnerability Egidio Romano (Jun 30)
[KIS-2020-08] openSIS <= 7.4 Multiple SQL Injection Vulnerabilities Egidio Romano (Jun 30)
[KIS-2020-06] openSIS <= 7.4 Incorrect Access Control Vulnerabilities Egidio Romano (Jun 30)
Eldar Marcussen
Sabberworm PHP CSS parser - Code injection vulnerability Eldar Marcussen (Jun 02)
Gregory Boddin
TheBigIndexer - Index services and leaks over the ipv4 internet Gregory Boddin (Jun 12)
hyp3rlinx
CVE-2020-13432 - HFS HTTP File Server / Remote Buffer Overflow DoS hyp3rlinx (Jun 09)
WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866 hyp3rlinx (Jun 09)
Avaya IP Office v9.1.8.0 - 11 Insecure Transit Password Disclosure CVE-2020-7030 hyp3rlinx (Jun 09)
Julien Ahrens (RCE Security)
[CVE-2020-12827] MJML <= 4.6.2 mj-include "path" Path Traversal Julien Ahrens (RCE Security) (Jun 16)
KoreLogic Disclosures via Fulldisclosure
KL-001-2020-003 : Cellebrite EPR Decryption Relies on Hardcoded AES Key Material KoreLogic Disclosures via Fulldisclosure (Jun 29)
Marcin Kozlowski
BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction Marcin Kozlowski (Jun 02)
Matthias Deeg
[SYSS_2020-014]: ABUS Secvest Wireless Control Device (FUBE50001) - Missing Encryption of Sensitive Data (CWE-311) (CVE-2020-14157) Matthias Deeg (Jun 23)
michele
RoyalTS SSH Tunnel - Authentication Bypass michele (Jun 09)
Nguyen Anh Quynh
Keystone Assembler Engine 0.9.2 is out! Nguyen Anh Quynh (Jun 23)
Open-Xchange GmbH via Fulldisclosure
Open-Xchange Security Advisory 2020-06-12 Open-Xchange GmbH via Fulldisclosure (Jun 12)
Open-Xchange Security Advisory 2020-06-12 Open-Xchange GmbH via Fulldisclosure (Jun 12)
Pablo Zurro via Fulldisclosure
Pydio cells - New advisory publication Pablo Zurro via Fulldisclosure (Jun 09)
Ciphermail - New advisory publlication Pablo Zurro via Fulldisclosure (Jun 09)
Pietro Oliva
TP-LINK Cloud Cameras NCXXX DelMultiUser Stack Overflow Pietro Oliva (Jun 16)
psy
New Release: UFONet v1.5 - [MLV] "MuLTi.V3rSe!"... psy (Jun 12)
Qualys Security Advisory
Re: Remote Code Execution in qmail (CVE-2005-1513) Qualys Security Advisory (Jun 23)
Red Timmy Security
Web Application Firewall bypass - part 3 Red Timmy Security (Jun 09)
[CVE-2020-9484] Apache Tomcat RCE via PersistentManager Red Timmy Security (Jun 02)
Pulse Secure Client < 9.1R6 TOCTOU Privilege Escalation (CVE-2020-13162) Red Timmy Security (Jun 16)
Robin Meis via Fulldisclosure
WebUntis: Stored XSS (Filter Bypass) Robin Meis via Fulldisclosure (Jun 09)
Rodolfo Augusto do Nascimento Tavares
GilaCMS - CVE-2019-13364 CVE-2019-13363 Rodolfo Augusto do Nascimento Tavares (Jun 23)
Silton Renato Pereira dos Santos
DLL Hijacking at the Trend Micro Password Manager (CVE-2020–8469) Silton Renato Pereira dos Santos (Jun 23)
Stefan Kanthak
Defense in depth -- the Microsoft way (part 68): qUACkery is futile! Stefan Kanthak (Jun 05)
Defense in depth -- the Microsoft way (part 69): security remarks are as futile as the qUACkery! Stefan Kanthak (Jun 05)