Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

52 messages starting Jan 28 20 and ending Jan 03 20
Date index | Thread index | Author index

Alexander Lashkov via Fulldisclosure

Become a speaker at Positive Hack Days 10. Call for Papers is now open Alexander Lashkov via Fulldisclosure (Jan 28)

Alphan YAVAS

Microsoft Exchange Server, External Service Interaction (DNS) Alphan YAVAS (Jan 03)

Andrew Klaus

Fortinet FortiSIEM Hardcoded SSH Key Andrew Klaus (Jan 07)

Apple Product Security via Fulldisclosure

APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2 Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4 Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1 Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17 Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-28-5 Safari 13.0.5 Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-28-3 watchOS 6.1.2 Apple Product Security via Fulldisclosure (Jan 31)
APPLE-SA-2020-1-28-4 tvOS 13.3.1 Apple Product Security via Fulldisclosure (Jan 31)

Black Arch

New BlackArch Linux ISOs + OVA Image available! Black Arch (Jan 03)

Błażej Adamczyk

Re: Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routers Błażej Adamczyk (Jan 31)
Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routers Błażej Adamczyk (Jan 24)

CarolinaCon

CarolinaCon CFP CarolinaCon (Jan 21)

Daniel Bishtawi

Multiple Reflected Cross-site Scripting Vulnerabilities in ERPNext 11.1.47 Daniel Bishtawi (Jan 07)

Enrico Weigelt, metux IT consult

[PATCH] (security) launcher: don't attempt to execute arbitrary binaries Enrico Weigelt, metux IT consult (Jan 10)

Fortinet PSIRT

Re: Fortinet FortiSIEM Hardcoded SSH Key Fortinet PSIRT (Jan 17)

Hackira

[CFP] leHACK - June 26 - June 27, 2020 Hackira (Jan 31)

hyp3rlinx

CVE-2019-20357 / Trend Micro Security (Consumer) / Persistent Arbitrary Code Execution hyp3rlinx (Jan 17)
CVE-2019-19697 / Trend Micro Security 2019 (Consumer) / Security Bypass Protected Service Tampering hyp3rlinx (Jan 17)
[UPDATED - POC] Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857 hyp3rlinx (Jan 24)
Microsoft Windows VCF Card / Mailto Link Denial Of Service hyp3rlinx (Jan 07)
Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857 hyp3rlinx (Jan 21)
Microsoft Windows .Group File / URL Field Code Execution hyp3rlinx (Jan 03)

Imre Rad

.diagcab directory traversal leading to arbitrary code execution Imre Rad (Jan 17)

Kevin Kotas via Fulldisclosure

CA20191218-01: Security Notice for CA Client Automation Agent for Windows Kevin Kotas via Fulldisclosure (Jan 03)

Marco Ivaldi

CVE-2020-2656 - Low impact information disclosure via Solaris xlock Marco Ivaldi (Jan 17)
CVE-2020-2696 - Local privilege escalation via CDE dtsession Marco Ivaldi (Jan 17)

Matteo Beccati via Fulldisclosure

[REVIVE-SA-2020-001] Revive Adserver Vulnerability Matteo Beccati via Fulldisclosure (Jan 21)

Open-Xchange GmbH via Fulldisclosure

Open-Xchange Security Advisory 2020-01-02 Open-Xchange GmbH via Fulldisclosure (Jan 03)

Pentagrid AG

CVE-2019-19363 - Local Privilege Escalation in many Ricoh Printer Drivers for Windows Pentagrid AG (Jan 24)

Q C

Two vulnerabilities found in MikroTik's RouterOS Q C (Jan 07)

Qualys Security Advisory

LPE and RCE in OpenSMTPD (CVE-2020-7247) Qualys Security Advisory (Jan 31)

RedTeam Pentesting GmbH

[RT-SA-2019-016] IceWarp: Cross-Site Scripting in Notes RedTeam Pentesting GmbH (Jan 02)
[RT-SA-2019-015] IceWarp: Cross-Site Scripting in Notes for Contacts RedTeam Pentesting GmbH (Jan 02)

SEC Consult Vulnerability Lab

SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS SEC Consult Vulnerability Lab (Jan 23)
SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus SEC Consult Vulnerability Lab (Jan 22)

Stefan Kanthak

[CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED Stefan Kanthak (Jan 31)
Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong) Stefan Kanthak (Jan 31)
Executable installers are vulnerable^WEVIL (case 58): Intel® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege Stefan Kanthak (Jan 31)

Thierry Zoller

[TZO-08-2020] Bitdefender Generic Malformed Archive Bypass (ZIP GPFLAG) Thierry Zoller (Jan 13)
[TZO-01-2020] AVIRA Generic Malformed Container bypass (ISO) Thierry Zoller (Jan 03)
[TZO-06-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN) Thierry Zoller (Jan 13)
[TZO-07-2020] Bitdefender Generic Malformed Archive Bypass (RAR HOST_OS) Thierry Zoller (Jan 10)
[TZO-05-2020] Kaspersky Generic Malformed Archive Bypass (ZIP Compressed Size) Thierry Zoller (Jan 10)
[TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information) Thierry Zoller (Jan 03)
[TOOL] Permanent SD Card Locker (Read Only) Thierry Zoller (Jan 13)
[TZO-09-2020] - Bitdefender Malformed Archive bypass (RAR Uncompressed Size) Thierry Zoller (Jan 17)
[TZO-10-2020] - Bitdefender Malformed Archive bypass (RAR Compression Information) Thierry Zoller (Jan 17)
[TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2) Thierry Zoller (Jan 07)
[TZO-02-2020] Kaspersyk Generic Malformed Archive Bypass (ZIP GFlag) Thierry Zoller (Jan 03)

Previous period

Next period