Advisories

• CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry (23 Aug 2019)
• Playing with the Gigastone Media Streamer Plus (28 Jan 2018)
• TP-Link Kasa App: SSL Verification Disabled (Fixed) (16 Jan 2018)
• [CVE-2017-17704] Broken Cryptography in iStar Ultra & IP ACM by Software House (18 Dec 2017)
• Belden Garrettcom 6K/10K Switches: Auth Bypasses, Memory Corruption (19 May 2017)
• Security Issues in Alerton Webtalk (Auth Bypass, RCE) (27 Apr 2017)
• ObiHai ObiPhone: Multiple Vulnerabilties (22 Aug 2016)
• [CVE-2014-5204] Wordpress nonce Issues (10 Sep 2014)
• CVE-2014-4182 & CVE-2014-4183: XSS & XSRF in Wordpress 'Diagnostic Tool' Plugin (04 Jul 2014)