Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
224 messages
starting Dec 15 13 and
ending Dec 01 13
Date index |
Thread index |
Author index
0u7 5m4r7
iscripts autohoster , multiple vulns / php code injection exploit 0u7 5m4r7 (Dec 15)
Buxalert PTC , multiple vulns / SQL injection Exploit 0u7 5m4r7 (Dec 15)
Iscripts supportdesk 4.x , Multiple vulns / Sql injection exploit 0u7 5m4r7 (Dec 15)
Iscripts multicart , multiple vulns 0u7 5m4r7 (Dec 15)
Traidnt up 3 , Admin info reset exploit 0u7 5m4r7 (Dec 16)
Arabportal 2.x , Sql injection / Password reset exploit 0u7 5m4r7 (Dec 16)
adam
Re: Any not annoying help welcome adam (Dec 04)
advisories
SOJOBO-ADV-13-05: Vtiger 5.4.0 Reflected Cross Site Scripting advisories (Dec 11)
Alex Buie
CVSphoto.com Stores Passwords Unhashed Alex Buie (Dec 23)
amani
Re: Where are you guys standing re: the (full) disclosure amani (Dec 14)
Andrea Fabrizi
Synology DSM multiple directory traversal Andrea Fabrizi (Dec 20)
Anonymous
Re: Open phones for privacy/anonymity applications, Guardian Anonymous (Dec 09)
arno
[CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability arno (Dec 26)
Asterisk Security Team
AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message Asterisk Security Team (Dec 16)
AST-2013-007: Asterisk Manager User Dialplan Permission Escalation Asterisk Security Team (Dec 16)
Bart Leppens
XSS in HP Operations Orchestration Central version 9.06 Bart Leppens (Dec 19)
Ben Pfaff
cryptographic flaws in IBM SPSS data file encryption Ben Pfaff (Dec 14)
Brandon Perry
Re: Happy Holidays / Xmas Advisory Brandon Perry (Dec 26)
TouchID and !simple passcodes Brandon Perry (Dec 01)
McAfee Email Gateway multiple vulns Brandon Perry (Dec 04)
Christian Catalano
[CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin Christian Catalano (Dec 06)
[CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms Christian Catalano (Dec 18)
Christopher Dreher
Re: Any not annoying help welcome Christopher Dreher (Dec 04)
Ciaran McNally
(no subject) Ciaran McNally (Dec 02)
coderman
RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 14)
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 14)
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 16)
30c3: The Year in Crypto default engines loaded in openssl-1.x through openssl-1.0.1e] coderman (Dec 29)
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 14)
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application coderman (Dec 17)
Re: RDRAND used directly when default engines loaded in openssl-1.0.1-beta1 through openssl-1.0.1e coderman (Dec 20)
Re: Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). coderman (Dec 02)
Colm O hEigeartaigh
Apache Santuario security advisory CVE-2013-4517 released Colm O hEigeartaigh (Dec 19)
CORE Advisories Team
CORE-2013-0903 - RealPlayer Heap-based Buffer Overflow Vulnerability CORE Advisories Team (Dec 17)
CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team (Dec 11)
Re: CORE-2013-0807 - Divide Error in Windows Kernel CORE Advisories Team (Dec 11)
CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability CORE Advisories Team (Dec 10)
Curesec Research Team
Re: CVE-2013-6271 Remove Android Device Lock - App published Curesec Research Team (Dec 03)
Daniel Wood
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood (Dec 07)
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Daniel Wood (Dec 18)
Dieyu
Securely Download Google Chrome Offline Installer Dieyu (Dec 14)
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Dieyu (Dec 14)
Edward Hawkins
NEW VMSA-2013-0015 VMware ESX updates to third party libraries Edward Hawkins (Dec 05)
Florian Weimer
[SECURITY] [DSA 2830-1] ruby-i18n security update Florian Weimer (Dec 30)
Fran
[CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue Fran (Dec 03)
Francisco Amato
Release: Faraday Penetration Test IDE Francisco Amato (Dec 16)
Fyodor
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application Fyodor (Dec 17)
Gage Bystrom
Re: Happy Holidays / Xmas Advisory Gage Bystrom (Dec 26)
Gary Baribault
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13)
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13)
Fwd: NS1 ssh bad attempts Gary Baribault (Dec 21)
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13)
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13)
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13)
Re: Where are you guys standing re: the (full) disclosure Gary Baribault (Dec 13)
Georgi Guninski
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Georgi Guninski (Dec 13)
Re: Where are you guys standing re: the (full) disclosure Georgi Guninski (Dec 13)
Re: Where are you guys standing re: the (full) disclosure Georgi Guninski (Dec 13)
Merry Christmas and all the best in the new year Georgi Guninski (Dec 23)
halfdog
Re: vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog (Dec 29)
vm86 syscall kernel-panic and some more goodies waiting to be analyzed halfdog (Dec 28)
Henri Salo
Re: Happy Holidays / Xmas Advisory Henri Salo (Dec 27)
Re: Happy Holidays / Xmas Advisory Henri Salo (Dec 24)
ICSS Security
Re: Any not annoying help welcome ICSS Security (Dec 04)
Any not annoying help welcome ICSS Security (Dec 04)
imipak
Re: Where are you guys standing re: the (full) disclosure imipak (Dec 13)
iPwn
Re: Kaspersky Internet Security - fake av. iPwn (Dec 16)
Phact iPwn (Dec 31)
I)ruid
BodyHacking Convention 2014 I)ruid (Dec 16)
ISSW CFP
InfoSec Southwest 2014 CFP now open! ISSW CFP (Dec 18)
Jakob Lell
Multiple vulnerabilities in SMF forum software Jakob Lell (Dec 13)
Practical malleability attack against CBC-Encrypted LUKS partitions Jakob Lell (Dec 22)
Jann Horn
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Jann Horn (Dec 12)
Jasper Kips
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips (Dec 14)
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Jasper Kips (Dec 15)
Jeffrey Walton
Re: Where are you guys standing re: the (full) disclosure Jeffrey Walton (Dec 13)
Jerome Athias
Security by destruction Jerome Athias (Dec 23)
joernchen
Happy Holidays / Xmas Advisory joernchen (Dec 24)
John Cartwright
List Charter John Cartwright (Dec 11)
Jordon Bedwell
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 15)
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 14)
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 14)
Re: Where are you guys standing re: the (full) disclosure Jordon Bedwell (Dec 14)
Julius Kivimäki
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Julius Kivimäki (Dec 09)
Krzysztof Kotowicz
OpenText Exceed On Demand 8 multiple vulnerabilities Krzysztof Kotowicz (Dec 16)
Kurt Seifried
Re: WordPress OptimizePress Theme - File Upload Vulnerability Kurt Seifried (Dec 16)
l
Re: Open phones for privacy/anonymity applications, Guardian l (Dec 31)
Larry W. Cashdollar
Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W. Cashdollar (Dec 15)
Command injection in Ruby Gem Webbynode 1.0.5.3 Larry W. Cashdollar (Dec 12)
Command injection vulnerability in Ruby Gem sprout 0.7.246 Larry W. Cashdollar (Dec 02)
Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line Larry W. Cashdollar (Dec 14)
Luciano Bello
[SECURITY] [DSA 2817-1] libtar security update Luciano Bello (Dec 14)
Luiz Eduardo
Call for Papers -YSTS 8 - Information Security Conference, Brazil Luiz Eduardo (Dec 14)
Marc Nimmerrichter
Re: Seems like Coinbase Security Team doesn't know how their cookie works Marc Nimmerrichter (Dec 01)
Mario Vilas
WinAppDbg 1.5 is out! Mario Vilas (Dec 20)
Martin Wundram
Ditto Forensic FieldStation, multiple vulnerabilities Martin Wundram (Dec 13)
Matteo Beccati
[REVIVE-SA-2013-001] Revive Adserver 3.0.2 fixes SQL injection vulnerability Matteo Beccati (Dec 20)
Matthew Gow
Re: Happy Holidays / Xmas Advisory Matthew Gow (Dec 29)
metropolis haxor
RBS Change v3.6.8 XSS Vulnerability metropolis haxor (Dec 26)
Michael Gilbert
[SECURITY] [DSA 2811-1] chromium-browser security update Michael Gilbert (Dec 08)
Michael von Dach
Re: Any not annoying help welcome Michael von Dach (Dec 04)
Michal Zalewski
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 12)
Re: Clickjacking (?) on Facebook.com (Question) Michal Zalewski (Dec 12)
Microsoft Security Response Center
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Microsoft Security Response Center (Dec 14)
Mikhail A. Utin
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering Mikhail A. Utin (Dec 19)
Re: Where are you guys standing re: the (full) disclosure Mikhail A. Utin (Dec 13)
Moritz Muehlenhoff
[SECURITY] [DSA 2829-1] hplip security update Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 2822-1] xorg-server security update Moritz Muehlenhoff (Dec 18)
[SECURITY] [DSA 2819-1] End-of-life announcement for iceape Moritz Muehlenhoff (Dec 16)
[SECURITY] [DSA 2812-1] samba security update Moritz Muehlenhoff (Dec 09)
[SECURITY] [DSA 2825-1] wireshark security update Moritz Muehlenhoff (Dec 20)
[SECURITY] [DSA 2813-1] gimp security update Moritz Muehlenhoff (Dec 09)
[SECURITY] [DSA 2823-1] pixman security update Moritz Muehlenhoff (Dec 18)
Mr OverBlue
Re: Any not annoying help welcome Mr OverBlue (Dec 05)
MustLive
Vulnerabilities in plugins for WordPress, Joomla and Plone with Dewplayer MustLive (Dec 26)
Re: DAVOSET v.1.1.4 MustLive (Dec 04)
DoS vulnerability in Adobe Flash Player (BSOD) MustLive (Dec 31)
CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler MustLive (Dec 31)
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive (Dec 22)
URL Redirector Abuse and XSS vulnerabilities in WordPress MustLive (Dec 19)
Information Leakage and Backdoor vulnerabilities in WordPress MustLive (Dec 16)
CSRF, DoS and IL vulnerabilities in WordPress MustLive (Dec 17)
DAVOSET v.1.1.4 MustLive (Dec 03)
Re: Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 MustLive (Dec 06)
Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 MustLive (Dec 08)
Vulnerabilities in Dewplayer MustLive (Dec 23)
Nahuel Grisolía
Re: Clickjacking (?) on Facebook.com (Question) Nahuel Grisolía (Dec 13)
Nguyen Anh Quynh
Capstone 1.0 disassembly framework release! Nguyen Anh Quynh (Dec 17)
Nicolas Grégoire
Vulnerabilities in Apache Solr < 4.6.0 Nicolas Grégoire (Dec 09)
Omar Benbouazza
CFP RootedCON 2014 Omar Benbouazza (Dec 05)
Onapsis Research Labs
[Onapsis Research Labs] New SAP Security In-Depth issue: "Transport Management System: Highway to Production" Onapsis Research Labs (Dec 11)
Osama Alrashid
Adobe Flash Player and Shockwave Player security updates Osama Alrashid (Dec 11)
Paul Ammann
Re: Where are you guys standing re: the (full) disclosure Paul Ammann (Dec 14)
Pedro Luis Karrasquillo
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo (Dec 14)
Re: Where are you guys standing re: the (full) disclosure Pedro Luis Karrasquillo (Dec 15)
<b>Where are you guys standing re: the (full) disclosure question?</b> Pedro Luis Karrasquillo (Dec 13)
Pete Herzog
E-mail Hacking - Hacker Highschool Pete Herzog (Dec 14)
PHD
PHDays IV Call for Papers is Open PHD (Dec 02)
PsychoBilly
Re: Happy Holidays / Xmas Advisory PsychoBilly (Dec 26)
Raphael Geissert
[SECURITY] [DSA 2808-1] openjpeg security update Raphael Geissert (Dec 03)
[SECURITY] [DSA 2820-1] nspr security update Raphael Geissert (Dec 17)
ReVuln
Owning Render Farms via NVIDIA mental ray ReVuln (Dec 10)
Rodrigo Rubira Branco (BSDaemon)
CALL FOR PAPERS - Hackers 2 Hackers Conference 11th edition Rodrigo Rubira Branco (BSDaemon) (Dec 28)
Roee Hay
Android Fragment Injection vulnerability Roee Hay (Dec 10)
Rustein, Fara Denise (LATCO - Buenos Aires)
Tftpd32 Client Side Format String Vulnerability Rustein, Fara Denise (LATCO - Buenos Aires) (Dec 03)
Salvatore Bonaccorso
[SECURITY] [DSA 2810-1] ruby1.9.1 security update Salvatore Bonaccorso (Dec 04)
[SECURITY] [DSA 2809-1] ruby1.8 security update Salvatore Bonaccorso (Dec 04)
[SECURITY] [DSA 2828-1] drupal6 security update Salvatore Bonaccorso (Dec 28)
[SECURITY] [DSA 2814-1] varnish security update Salvatore Bonaccorso (Dec 09)
[SECURITY] [DSA 2818-1] mysql-5.5 security update Salvatore Bonaccorso (Dec 16)
[SECURITY] [DSA 2824-1] curl security update Salvatore Bonaccorso (Dec 19)
[SECURITY] [DSA 2815-1] munin security update Salvatore Bonaccorso (Dec 09)
[SECURITY] [DSA 2827-1] libcommons-fileupload-java security update Salvatore Bonaccorso (Dec 23)
ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt
D-Link DIR-XXX remote root access exploit. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt (Dec 02)
Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt (Dec 02)
FBTest remote command execution. ScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt (Dec 02)
Sean Lynch
Re: Open phones for privacy/anonymity applications, Guardian Sean Lynch (Dec 11)
SEC Consult Vulnerability Lab
SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection SEC Consult Vulnerability Lab (Dec 27)
security
[ MDVSA-2013:294 ] gimp security (Dec 18)
[ MDVSA-2013:288 ] subversion security (Dec 17)
[ MDVSA-2013:290 ] mediawiki security (Dec 18)
[ MDVSA-2013:293 ] gimp security (Dec 18)
[ MDVSA-2013:302 ] pixman security (Dec 26)
[ MDVSA-2013:289 ] owncloud security (Dec 18)
[ MDVSA-2013:292 ] links security (Dec 18)
[ MDVSA-2013:287-1 ] drupal security (Dec 17)
[ MDVSA-2013:301 ] nss security (Dec 23)
[ MDVSA-2013:296 ] wireshark security (Dec 20)
[ MDVSA-2013:295 ] gnupg security (Dec 19)
[ MDVSA-2013:300 ] asterisk security (Dec 23)
[ MDVSA-2013:291 ] kernel security (Dec 18)
[ MDVSA-2013:299 ] samba security (Dec 22)
[ MDVSA-2013:291 ] kernel security (Dec 18)
[ MDVSA-2013:298 ] php security (Dec 20)
[ MDVSA-2013:297 ] munin security (Dec 20)
security-news
[Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability security-news (Dec 18)
[Security-news] SA-CONTRIB-2013-097 - OG Features - Access bypass security-news (Dec 04)
silence_is_best
China's tool of the year silence_is_best (Dec 06)
Re: Fwd: NS1 ssh bad attempts silence_is_best (Dec 23)
Re: <b>Where are you guys standing re: the (full) disclosure question?</b> silence_is_best (Dec 14)
Stefan Esser
Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability Stefan Esser (Dec 13)
Stefan Schurtz
Re: Clickjacking (?) on Facebook.com (Question) Stefan Schurtz (Dec 12)
Clickjacking (?) on Facebook.com (Question) Stefan Schurtz (Dec 11)
Thijs Kinkhorst
[SECURITY] [DSA 2821-1] gnupg security update Thijs Kinkhorst (Dec 19)
[SECURITY] [DSA 2816-1] php5 security update Thijs Kinkhorst (Dec 13)
Tony Naggs
DC4420 - DefCon London: Christmas Social (= no talks), Tuesday 17th December 2013 Tony Naggs (Dec 13)
Valdis . Kletnieks
Re: Vulnerabilities hiddenly fixed in WordPress 3.5 and 3.5.1 Valdis . Kletnieks (Dec 24)
Vic Vandal
CarolinaCon-10 / 2014 - Call for Presenters/Speakers Vic Vandal (Dec 02)
VMw4r3
Fw: xss VMw4r3 (Dec 17)
"VMware Security Response Center"
NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation "VMware Security Response Center" (Dec 03)
NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX "VMware Security Response Center" (Dec 22)
Vulnerability Lab
Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 02)
Re: Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability #full Vulnerability Lab (Dec 10)
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab (Dec 15)
Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability Vulnerability Lab (Dec 08)
QuickHeal AntiVirus 7.0.0.1 - Stack Overflow Vulnerability Vulnerability Lab (Dec 16)
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities Vulnerability Lab (Dec 12)
Microsoft Yammer - Persistent Profile Vulnerabilities Vulnerability Lab (Dec 12)
Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Dec 05)
Print n Share v5.5 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 08)
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 05)
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities Vulnerability Lab (Dec 10)
Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 04)
FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Dec 16)
Microsoft Online, Office & Cloud - Persistent Encoding Vulnerabilities Vulnerability Lab (Dec 13)
Microsoft PhotoStory - CS Cross Site Scripting Vulnerability Vulnerability Lab (Dec 12)
Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities Vulnerability Lab (Dec 19)
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities Vulnerability Lab (Dec 11)
vx Indy
Kaspersky Internet Security - fake av. vx Indy (Dec 16)
William Costa
Reflected XSS Attacks XSS vulnerabilities in NagiosQL 3.2.0 Servicepack 2 (CVE: CVE-2013-6039) William Costa (Dec 05)
William Scott Lockwood III
Re: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application William Scott Lockwood III (Dec 17)
Wooyun.org
[Wooyun]Amazon elasticbeanstalk code execution Wooyun.org (Dec 26)
[Wooyun] Safari for windows PhishingAlert bypass vuln Wooyun.org (Dec 26)
xin . wang
[CVE-2013-6985]SQL Injection Vulnerability In Enorth Webpublisher CMS xin . wang (Dec 06)
yuange
Re: MS13-102: NtConnectPort() LPC yuange (Dec 19)
Yvan Janssens
phrack.org being spammed Yvan Janssens (Dec 18)
Yves-Alexis Perez
[SECURITY] [DSA 2826-1] denyhosts security update Yves-Alexis Perez (Dec 23)
Zenny
Re: Day of bugs in WordPress 3 Zenny (Dec 01)