.@attritionorg current pace is 9453 by Dec 31 - too close 4 comfort, + plus IDs don't stop in 2015 #didCVEbreak10Kyet @wireghoul
-
-
Replying to @SushiDude
@SushiDude@attritionorg@wireghoul I need to find 547 tmp vulns then, how are we scoring http://github.org projects for CVE again? =)1 reply 0 retweets 0 likes -
Replying to @kurtseifried
@kurtseifried@SushiDude@wireghoul you can race codevigilant's WP plugin XSS marathon for numbers1 reply 0 retweets 0 likes -
Replying to @attritionorg
@attritionorg@kurtseifried@wireghoul codevigilant was a large-scale experiment with, shall we say, mixed results. Might not repeat4 replies 0 retweets 0 likes -
Replying to @SushiDude
@SushiDude@attritionorg@kurtseifried@wireghoul If i may say so@CodeVigilant second lot will be out soon with another 100+ issues.1 reply 0 retweets 0 likes -
Replying to @anantshri
@anantshri@SushiDude@kurtseifried@wireghoul@CodeVigilant if you have influence, can future advisories indicate stored vs reflected?3 replies 0 retweets 0 likes -
Replying to @attritionorg
@CodeVigilant also, plugins may inherit vulns from 3rd-party components (magpie?) which need more investigation@anantshri@attritionorg1 reply 0 retweets 0 likes -
Replying to @SushiDude
I agree
@SushiDude that we have started some checks at our end and next set will take care of it.@anantshri@attritionorg1 reply 0 retweets 0 likes -
Replying to @CodeVigilant
@SushiDude@attritionorg There is a section http://codevigilant.com/category/a9-using-components-with-known-vulnerabilities/ … to deal with such disclosures specifically@anantshri2 replies 0 retweets 0 likes -
Replying to @CodeVigilant
.
@CodeVigilant e.g. you have mult products using same swfupload.swf vuln, so those would all map to same CVEA@attritionorg@anantshri1 reply 0 retweets 0 likes
@SushiDude @CodeVigilant @anantshri yep. most researchers do not clearly identify the base component when that is the case
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.