campana.cz Cross Site Scripting vulnerability OBB-2382561

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Fedora 26 : flatpak (2018-b5ecac9405)

This is a security fix release that fixes a sandbox escape in the flatpak dbus proxy. This issue was found by Gabriel Campana of The Google Security Team. Major changes in 0.10.3 - Fix dbus proxy vulnerability in authentication phase - Make permission handling ignore unknown permissions for...

Critical: Red Hat Security Advisory: dnsmasq security update

An update for dnsmasq is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Debian Security Advisory DSA 3672-1 (irssi - security update)

Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely exploitable crash and heap corruption vulnerabilities in the format parsing code in Irssi, a terminal based IRC client. OpenVAS Vulnerability Test $Id: deb3672.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from...

USN-2782-1 apport vulnerability

Gabriel Campana discovered that Apport incorrectly handled Python module imports. A local attacker could use this issue to elevate privileges...

T.J. Campana on the Waledac Botnet Takedown

Dennis Fisher and Ryan Naraine talk with Microsoft’s T.J. Campana about the company’s work to disrupt and take down the Waledac botnet and the other work being done by Microsoft’s Digital Crimes Unit. Podcast audio courtesy of sykboy65 Subscribe to the Digital Underground podcast on...