Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Advisories

This area contains detailed advisories for vulnerabilities that have been discovered and reported to vendors.

This information is given to allow for accurate testing and resolution of issues, and not for malicious purposes.

Advisory ID

Description

Severity

Published

(c22-2013-03/04)

CVE-2013-5112

Vulnerability: Evernote Android Insecure Storage of PIN data / Bypass of PIN protection

  • Evernote (Android) ver. 5.5.0 (and prior)
Medium
07-12-2013
(c22-2013-02)

CVE-2013-5113
CVE-2013-5114

Vulnerability: LastPass Android container PIN and auto-wipe security feature bypass

  • LastPass (Android) ver. 2.0.4 (and prior)
Medium
13-11-2013
(c22-2013-01)

CVE-2013-2503

Vulnerability: Credential Exposure

  • Privoxy 3.0.20 (and prior)
Medium
11-03-2013
TYPO3-EXT-SA-2012-003 Vulnerability: Path Traversal

  • Typo3 eXtplorer (t3extplorer)
Low
23-02-2012
(c22-2011-02)

SurveyMonkey: IP Spoofing

Vulnerability:

  • IP Spoofing (via X-Forwarded-For)

Low / Medium

(estimated)

22-04-2011
(c22-2011-01)

SAP Management Console

Vulnerability:

  • Information Disclosure
  • BASIC auth
  • Code Execution (through OSexecute)
High
09-01-2011
(c22-2010-02)

scr.im

Vulnerability:

  • Incorrect use of Captchas
  • Captcha Bypass
Medium

(estimated)

07-10-2009

(reviewed 12-10-2010)

TYPO3-SA-2010-009 Vulnerability: Cross-site Scripting

  • Frontend User Registration (sr_feuser_register)
Medium 14-04-2010
TYPO3-SA-2009-016 Vulnerability: Cross-site Scripting

  • Frontend Login (felogin)
Medium 22-10-2009
TYPO3-SA-2009-016 Vulnerability: Cross-site Scripting

  • Install Tool
Medium 22-10-2009
TYPO3-SA-2009-001 Vulnerability: Insecure Randomness

  • TYPO3 CORE
High 20-01-2009
Follow

Get every new post delivered to your Inbox.

Join 129 other followers

%d bloggers like this: