Mail Thread Index

• Date Index

• [FD] Multiple SQL injection vulnerabilities in dotCMS (8x CVE), Elar Lang
  • Re: [FD] Multiple SQL injection vulnerabilities in dotCMS (8x CVE), Brandon Perry
    • Re: [FD] Multiple SQL injection vulnerabilities in dotCMS (8x CVE), Elar Lang
• [FD] Vulnerabilities in D-Link DIR-300, MustLive
• [FD] Researchers Claim Wickr Patched Flaws but Didn't Pay Rewards, Vulnerability Lab
• [FD] MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616], Dawid Golunski
• [FD] CVE-2016-8583 - Alienvault OSSIM/USM Reflected XSS, Peter Lapp
• [FD] CVE-2016-8582 - Alienvault OSSIM/USM SQL Injection Vulnerability, Peter Lapp
• [FD] CVE-2016-8581 - Alienvault OSSIM/USM Stored XSS Vulnerability, Peter Lapp
• [FD] CVE-2016-8580 - Alienvault OSSIM/USM Object Injection Vulnerability, Peter Lapp
• [FD] Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details, Berend-Jan Wever
• [FD] MSIE 11 MSHTML CView::CalculateImageImmunity use-after-free details, Berend-Jan Wever
• [FD] Disclose [10 * cve] in Exponent CMS, Obfuscator
• [FD] Sparkjava Framework - Arbitrary File Read Vulnerability, aj
• [FD] MSIE 10 MSHTML CElement::GetPlainTextInScope out-of-bounds read, Berend-Jan Wever
• [FD] [oss-security] CVE request:Lynx invalid URL parsing with '?', redrain root
  • Re: [FD] [oss-security] CVE request:Lynx invalid URL parsing with '?', Thomas Dickey
  • Re: [FD] [oss-security] CVE request:Lynx invalid URL parsing with '?', Leo Famulari
  • Re: [FD] [oss-security] CVE request:Lynx invalid URL parsing with '?', Thomas Dickey
    • Re: [FD] [oss-security] CVE request:Lynx invalid URL parsing with '?', Michal Zalewski
• [FD] KL-001-2016-008 : Sophos Web Appliance Privilege Escalation, KoreLogic Disclosures
• [FD] KL-001-2016-009 : Sophos Web Appliance Remote Code Execution, KoreLogic Disclosures
• [FD] MSIE 9 MSHTML CPtsTextParaclient::CountApes out-of-bounds read, Berend-Jan Wever
• [FD] MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ), Dawid Golunski
• [FD] Bypass Imperva by confusing HTTP Pollution Normalization Engine, Nic Wiswat
• [FD] Actiontec WCB3000N (Telus Branded) Local Unauthenticated Privilege Elevation, Andrew Klaus
• [FD] WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow, hyp3rlinx
• [FD] Axessh 4.2.2 Denial Of Service, hyp3rlinx
• [FD] Rapid PHP Editor CSRF Remote Command Execution, hyp3rlinx
• [FD] Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability, Vulnerability Lab
• [FD] Edusson (Robotdon) BB - Client Side Cross Site Scripting Vulnerability, Vulnerability Lab
• [FD] Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability, Vulnerability Lab
• [FD] Intel(R) HD Graphics 10 - Unquoted Path Privilege Escalation, Vulnerability Lab
• [FD] [SYSS-2016-085] Aruba OS Improper Authentication - (CWE-287), Klaus Tichmann
• [FD] Several unpatched vulns in OwnCloud, Felix Matei
• [FD] [RootedCON 2017] Call for Papers open for RootedCON Madrid 2017!, Román Ramírez
• [FD] VBScript CRegExp..Execute use of uninitialized memory details (MSIE 8-11, IIS, CScript.exe/WScript.exe), Berend-Jan Wever
• [FD] [KIS-2016-13] Piwik <= 2.16.0 (saveLayout) PHP Object Injection Vulnerability, Egidio Romano
• [FD] [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow, Pedro Ribeiro
• [FD] Crashing Android devices with large Proxy Auto Config (PAC) Files [CVE-2016-6723], Nightwatch Cybersecurity Research
• [FD] Cross Site Scripting Vulnerability In Verint Impact 360, Sanehdeep Singh
• [FD] YITH WooCommerce Compare WordPress Plugin unauthenticated PHP Object injection vulnerability, Summer of Pwnage
• [FD] Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin, Summer of Pwnage
• [FD] Cross-Site Scripting vulnerability in Caldera Forms WordPress Plugin, Summer of Pwnage
• [FD] Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin, Summer of Pwnage
• [FD] Cross-Site Scripting in Calendar WordPress Plugin, Summer of Pwnage
• [FD] Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin, Summer of Pwnage
• [FD] Adobe Connect & Desktop v9.5.7 - Persistent Vulnerability (APSB16-35) [CVE-2016-7851], Vulnerability Lab
• [FD] VBScript RegExpComp::PnodeParse out-of-bounds read details (MSIE 8-11, IIS, CScript.exe/WScript.exe), Berend-Jan Wever
• [FD] Avira Antivirus >= 15.0.21.86 Command Execution (SYSTEM), Rio Sherri
• [FD] MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details, Berend-Jan Wever
• [FD] WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details, Berend-Jan Wever
  • Re: [FD] WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details, Berend-Jan Wever
• [FD] Vlany: A Linux (LD_PRELOAD) rootkit, eov eov
• [FD] CA20161109-02: Security Notice for CA Service Desk Manager, Williams, Ken
• [FD] CA20161109-01: Security Notice for CA Unified Infrastructure Management, Williams, Ken
• [FD] Release - Shellcode Compiler, Ionut Popescu
• [FD] MyBB 1.8.6: XSS, Curesec Research Team (CRT)
• [FD] e107 CMS <= 2.1.2 Privilege Escalation, Kacper Szurek
• [FD] [CT-2016-1110] Unauthenticated RCE in Observium network monitor, Ronald Volgers
• [FD] Persistent Cross-Site Scripting in WP Google Maps Plugin via CSRF, Summer of Pwnage
• [FD] Weak validation of Amazon SNS push messages in W3 Total Cache WordPress Plugin, Summer of Pwnage
• [FD] Information disclosure race condition in W3 Total Cache WordPress Plugin, Summer of Pwnage
• [FD] Reflected Cross-Site Scripting vulnerability in W3 Total Cache plugin, Summer of Pwnage
• [FD] Teradata Virtual Machine Community Edition v15.10 has insecure file permission, Larry W. Cashdollar
• [FD] Google Chrome blink Serializer::doSerialize bad cast details, Berend-Jan Wever
• [FD] Trango Systems hidden default root login (all models), Ian Ling
• [FD] Unexpected behavior of cmd.exe while processing .bat files leads to potential command injection vulnerabilities, Julian Horoszkiewicz
• [FD] New VMSA-2016-0019 - VMware product updates address multiple information disclosure issues, VMware Security Response Center
  • [FD] New VMSA-2016-0020 - VMware product updates address multiple information disclosure issues, VMware Security Response Center
• [FD] SEC Consult SA-20161114-0 :: Multiple vulnerabilities in I-Panda SolarEagle - Solar Controller Administration Software / MPPT Solar Controller SMART2, SEC Consult Vulnerability Lab
• [FD] CVE-2015-0040: Microsoft Internet Explorer 11 MSHTML CMapElement::Notify use-after-free details, Berend-Jan Wever
• [FD] Microsoft Edge edgehtml CAttr­Array::Destroy use-after-free details, Berend-Jan Wever
• [FD] CVE-2016-4484: - Cryptsetup Initrd root Shell, Hector Marco
  • Re: [FD] [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable, Hector Marco-Gisbert
  • Re: [FD] [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell, Leo Famulari
  • Re: [FD] [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell, Jason Cooper
• [FD] OS-S 2016-22 - Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read, Ralf Spenneberg
• [FD] OS-S 2016-21 - Local DoS: Linux Kernel Nullpointer Dereference via keyctl, Ralf Spenneberg
• [FD] Nginx (Debian-based distros) - Root Privilege Escalation Vulnerability (CVE-2016-1247), Dawid Golunski
• [FD] Cross-Site Scripting in All In One WP Security & Firewall WordPress Plugin, Summer of Pwnage
• Re: [FD] QUANTUMSQUIRREL - attrition.org unmasked as NSA TAO OP, jericho
• [FD] Apple iOS 10.1 - Multiple Access Permission Vulnerabilities, Vulnerability Lab
  • <Possible follow-ups>
  • [FD] Apple iOS 10.1 - Multiple Access Permission Vulnerabilities, Vulnerability Lab
• [FD] Habari CMS v0.9.2 - (Backend Comments) XSS Vulnerability, Vulnerability Lab
• [FD] EditMe CMS - CSRF Privilege Escalate Web Vulnerability, Vulnerability Lab
• [FD] Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability, Vulnerability Lab
• [FD] CVE request - Samsumg Mobile Phone SVE-2016-6343: Unauthorized API access via system service call, 0xr0ot
• [FD] CVE-2015-2482 MSIE 8 jscript RegExpBase::FBadHeader use-after-free details, Berend-Jan Wever
• [FD] Microsoft Internet Explorer 11 iertutil LCIEGetTypedComponentFromThread use-after-free details, Berend-Jan Wever
• [FD] MyLittleForum 2.3.6.1: XSS & RPO, Curesec Research Team (CRT)
• [FD] SPIP 3.1: XSS & Host Header Injection, Curesec Research Team (CRT)
• [FD] Mezzanine 4.2.0: XSS, Curesec Research Team (CRT)
• [FD] MyLittleForum 2.3.6.1: CSRF, Curesec Research Team (CRT)
• [FD] MoinMoin 1.9.8: XSS, Curesec Research Team (CRT)
• [FD] Lepton 2.2.2: SQL Injection, Curesec Research Team (CRT)
• [FD] Lepton 2.2.2: CSRF, Open Redirect, Insecure Bruteforce Protection & Password Handling, Curesec Research Team (CRT)
• [FD] Lepton 2.2.2: Code Execution, Curesec Research Team (CRT)
• [FD] Jaws 1.1.1: Code Execution, Curesec Research Team (CRT)
• [FD] FUDforum 3.0.6: Multiple Persistent XSS & Login CSRF, Curesec Research Team (CRT)
• [FD] Jaws 1.1.1: Object Injection, Open Redirect, Cookie Flags, Curesec Research Team (CRT)
• [FD] FUDforum 3.0.6: LFI, Curesec Research Team (CRT)
• [FD] [ERPSCAN-16-031] SAP NetWeaver AS ABAP – directory traversal using READ DATASET, ERPScan inc
• [FD] [ERPSCAN-16-032] SAP Telnet Console – Directory traversal vulnerability, ERPScan inc
• [FD] Teradata Virtual Machine Community Edition v15.10 Insecure creation of files in /tmp, Larry W. Cashdollar
• [FD] /tmp race condition in Teradata Studio Express v15.12.00.00 studioexpressinstall, Larry W. Cashdollar
• [FD] SQL Injection in Post Indexer allows super admins to read the contents of the database (WordPress plugin), dxw Security
• [FD] Unserialisation in Post Indexer could allow man-in-the-middle to execute arbitrary code (in some circumstances) (WordPress plugin), dxw Security
• [FD] Unserialization vulnerability in Relevanssi Premium could allow admins to execute arbitrary code (in some circumstances) (WordPress plugin), dxw Security
• [FD] SQL injection and unserialization vulnerability in Relevanssi Premium could allow admins to execute arbitrary code (in some circumstances) (WordPress plugin), dxw Security
• [FD] Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody, Stefan Kanthak
• [FD] Huawei Flybox B660 3G/4G Router - Auth Bypass Vulnerability, Vulnerability Lab
• [FD] CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details, Berend-Jan Wever
• [FD] Tetris heap spraying: spraying the heap on a budget, Berend-Jan Wever
• [FD] Cross-Site Scripting in Check Email WordPress Plugin, Summer of Pwnage
• [FD] Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin, Summer of Pwnage
• [FD] Persistent Cross-Site Scripting in Instagram Feed plugin via CSRF, Summer of Pwnage
• [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin, Summer of Pwnage
  • Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin, Larry W. Cashdollar
    • Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin, Summer of Pwnage
• [FD] Joomla plugin K2 RCE via CSRF or WCI, Anti Räis
• [FD] [RCESEC-2016-007] AppFusions Doxygen for Atlassian Confluence v1.3.0 getTemporaryDirectory() tempId Path Traversal/Remote Code Execution, Julien Ahrens
• [FD] [RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure, Julien Ahrens
• [FD] [RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting, Julien Ahrens
• [FD] Multiple issues in OpManager 12100 & 12200, Michael Heydon
• [FD] Reflected XSS in WonderCMS <= v0.9.8, Manuel Garcia Cardenas
• [FD] PHDays VII Call for Papers: How to Stand Up at the Standoff, Alexander Lashkov
• [FD] MSIE8 MSHTML Ptls5::Ls­Find­Span­Visual­Boundaries memory corruption, Berend-Jan Wever
• [FD] [x33fcon] Call for Papers (and Trainers), x33fcon.office
• [FD] [ERPSCAN-16-033] SAP NetWeaver AS JAVA icman - DoS vulnerability, ERPScan inc
• [FD] [ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component, ERPScan inc
• [FD] [CVE-2016-7434] ntpd remote pre-auth DoS, Magnus Stubman
• [FD] [CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities, CORE Advisories Team
• [FD] Stored Cross-Site Scripting in Gallery - Image Gallery WordPress Plugin, Summer of Pwnage
• [FD] [RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler, RedTeam Pentesting GmbH
• [FD] MobSF v0.9.3 is Released: Now supports Windows APPX Static Analysis, Ajin Abraham
• [FD] CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details, Berend-Jan Wever
• [FD] CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details, Berend-Jan Wever
• [FD] Microsoft Internet Explorer 11 MSHTML CGeneratedContent::HasGeneratedSVGMarker type confusion, Berend-Jan Wever
• [FD] CVE-2013-3120 MSIE 10 MSHTML CEditAdorner::Detach use-after-free details, Berend-Jan Wever
• [FD] The HS-110 Smart Plug aka Projekt Kasa, Curesec Research Team (CRT)
• [FD] [CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition, Dawid Golunski
• [FD] Faraday v2.2: Collaborative Penetration Test and Vulnerability Management Platform, Francisco Amato
• [FD] Red Hat JBoss EAP deserialization of untrusted data, Agazzini Maurizio
• [FD] [SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307), Matthias Deeg
• [FD] [SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks, Matthias Deeg
• [FD] [SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks, Matthias Deeg
• [FD] [SYSS-2016-072] Olypmia Protect 9061 - Missing Protection against Replay Attacks, Matthias Deeg
• [FD] [SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks, Matthias Deeg
• [FD] [SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310), Matthias Deeg
• [FD] NEW VMSA-2016-0022 VMware product updates address information disclosure vulnerabilities, VMware Security Response Center
• [FD] NEW VMSA-2016-0021 VMware product updates address partial information disclosure vulnerability, VMware Security Response Center
• [FD] UCanCode multiple vulnerabilities, Carlo Di Dato
• [FD] Schoolhos CMS v2.29 - userberita SQL injection Vulnerability, Vulnerability Lab
• [FD] Burden TMA v2.1.1 - (Task) Persistent Web Vulnerability, Vulnerability Lab
• [FD] Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability, Vulnerability Lab
  • Re: [FD] Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability, Simon Waters (Surevine)
• [FD] SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic, SEC Consult Vulnerability Lab
• [FD] CVE-2016-0063: MSIE 8-11 MSHTML DOMImplementation type confusion details, Berend-Jan Wever
• [FD] [ndhXV] Call For Paper - 15th anniversary - 24-25 June 2017, Freeman
• [FD] CFP - BloomCON 0x02 - March 24-25, 2017 Bloomsburg, PA, Philip Polstra
• [FD] Cross-Site Request Forgery in Insert Html Snippet WordPress Plugin, Summer of Pwnage