[FD] CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry

"in the upcoming months" - 2019-05-28: Pinging again about release. - 2019-06-24: Asked again, asked for CVE number assigned. No update on timeline. - 2019-08-22: Disclosure posted. This vulnerability was discovered by David Tomaschik of the Google Security Team. -- David Tomaschi

[FD] [CVE-2017-17704] Broken Cryptography in iStar Ultra & IP ACM by Software House

ure. Credit -- These issues were discovered by David Tomaschik of the Google Security Team. -- David Tomaschik Security Engineer ISA Assessments Team Google, Inc. ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fu

[FD] Belden Garrettcom 6K/10K Switches: Auth Bypasses, Memory Corruption

advisory. 2017/05/15 - Disclosure published Discovery - These issues were discovered by Andrew Griffiths, David Tomaschik, and Xiaoran Wang of the Google Security Assessments Team. -- David Tomaschik Security Engineer ISA Assessments

[FD] Security Issues in Alerton Webtalk (Auth Bypass, RCE)

30 - Initial response from Alerton confirming receipt. 2017/02/04 - Alerton reports Webtalk is EOL and issues will not be fixed. 2017/04/26 - This disclosure Discovery - These issues were discovered by David Tomaschik of the Google ISA Assessments team. Appendix A: Script to Ex

[FD] ObiHai ObiPhone - Multiple Vulnerabilities

=> 0x138250 : strbr1, [r3, r2] 0x138254 : ldr r1, [r4, #24] 0x138258 : ldr r0, [r4, #88] ; 0x58 0x13825c : bl 0x135a98 0x138260 : ldr r0, [r4, #88] ; 0x58 (gdb) i r r3 r2 r3 0xafcc7000 2949410816 r2

Re: [FD] heartbleed OpenSSL bug CVE-2014-0160

-- > --\___ > ingo.schm...@binarysignals.net - GnuPG ID: 0xAFD687D2 | > FP: 7418 77A6 4B59 AF90 4A11 1CCE 91C9 FF1B AFD6 87D2 | > > _______ > Sent through the Full Disclosure mailing list > http://