> system overlord

Blog
Projects
Security 101
Resources
About

Advisories

2019

CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry Aug 23

2018

Playing with the Gigastone Media Streamer Plus Jan 28
TP-Link Kasa App: SSL Verification Disabled (Fixed) Jan 16

2017

[CVE-2017-17704] Broken Cryptography in iStar Ultra & IP ACM by Software House Dec 18
Belden Garrettcom 6K/10K Switches: Auth Bypasses, Memory Corruption May 19
Security Issues in Alerton Webtalk (Auth Bypass, RCE) Apr 27

2016

ObiHai ObiPhone: Multiple Vulnerabilties Aug 22

2014

[CVE-2014-5204] Wordpress nonce Issues Sep 10
CVE-2014-4182 & CVE-2014-4183: XSS & XSRF in Wordpress 'Diagnostic Tool' Plugin Jul 4