Mail Index

• Thread Index

• Re: [FD] libao memory corruption vulnerability
  • From: Henri Salo
• [FD] CIPH-2017-1: Advisory for StashCat
  • From: Karsten König
• [FD] CSRF vulnerabilities in D-Link DVG-5402SP
  • From: MustLive
• [FD] libmad memory corruption vulnerability
  • From: qflb.wu
• [FD] Stored XSS in Salutation Responsive WordPress + BuddyPress Theme could allow logged-in users to do almost anything an admin can (WordPress plugin)
  • From: dxw Security
• [FD] PaulShop CMS - Sql Injection and stored XSS
  • From: tamqm
• [FD] CVE-2017-11741 Local root privesc in Hashicorp vagrant-vmware-fusion <= 4.0.23
  • From: Mark Wadham
• [FD] CVE-2017-1500 - Relected XSS in IBM WorkLight OAuth Server Web Api
  • From: Gabriele Gristina
• [FD] [No CVE assigned] SMBLoris Windows/Samba SMB service DoS PoC
  • From: Hector Martin "marcan"
• [FD] [CVE-2017-11320] Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337
  • From: Geolado giolado
• [FD] Format Factory DLL Hijacking Vulnerability
  • From: kyaw thiha
• [FD] t2'17: Challenge – a break from tradition
  • From: Tomi Tuominen
• [FD] [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename()
  • From: Vladis Dronov
• [FD] SEC Consult SA-20170804-0 :: phpBB Server Side Request Forgery (SSRF) vulnerability
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20170804-1 :: Ubiquiti Networks UniFi Cloud Key authenticated command injection
  • From: SEC Consult Vulnerability Lab
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities
  • From: DefenseCode
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Podlove Podcast Publisher Plugin Security Vulnerability
  • From: DefenseCode
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress PressForward Plugin Security Vulnerability
  • From: DefenseCode
• [FD] SSD Advisory – Synology Photo Station Unauthenticated Remote Code Execution
  • From: Maor Shwartz
• [FD] wildmidi multiple vulnerabilities
  • From: qflb.wu
• [FD] minidjvu multiple vulnerabilities
  • From: qflb.wu
• [FD] BSides Bordeaux Call For Papers (CFP)
  • From: Ryan Dewhurst
• [FD] SQL Injection in TheoCMS <= 2.0
  • From: Manuel Garcia Cardenas
• [FD] Multiple unpatched flaws exist in NSS (CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698)
  • From: geeknik via Fulldisclosure
• [FD] SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)
  • From: Maor Shwartz
• [FD] SSD Advisory – Adobe Reader DC – execMenuItem Off-by-One Heap Buffer Overflow
  • From: Maor Shwartz
• [FD] SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution
  • From: Maor Shwartz
• Re: [FD] SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution
  • From: Maor Shwartz
• [FD] Xamarin Studio for Mac API documentation update affected by local privilege escalation
  • From: Securify B.V. via Fulldisclosure
• [FD] QuantaStor Software Define Storage mmultiple vulnerabilities
  • From: advisories
• [FD] Apple iOS 10.3 - UI SMS Access Permission Vulnerability
  • From: Vulnerability Lab
• [FD] Microsoft Resnet - DNS Configuration Web Vulnerability
  • From: Vulnerability Lab
• [FD] NoviFlow NoviWare <= NW400.2.6 multiple vulnerabilities
  • From: Francois Goichon via Fulldisclosure
• [FD] SSD Advisory – Chrome Turbofan Remote Code Execution
  • From: Maor Shwartz
• [FD] CVE-2017-6327: Symantec Messaging Gateway <= 10.6.3-2 unauthenticated root RCE
  • From: Philip Pettersson
• [FD] NetRipper - Smart Traffic Sniffing - Support for x64
  • From: Poyo VL via Fulldisclosure
• [FD] Executable installers are vulnerable^WEVIL (case 53): escalation of privilege with QNAP's installers for Windows
  • From: Stefan Kanthak
• [FD] [RT-SA-2015-008] WebClientPrint Processor 2.0: Remote Code Execution via Print Jobs
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2015-009] WebClientPrint Processor 2.0: Remote Code Execution via Updates
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2015-010] WebClientPrint Processor 2.0: Unauthorised Proxy Modification
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2015-011] WebClientPrint Processor 2.0: No Validation of TLS Certificates
  • From: RedTeam Pentesting GmbH
• [FD] SEC Consult SA-20170822-0 :: Multiple vulnerabilities in Progress Sitefinity CMS
  • From: SEC Consult Vulnerability Lab
• [FD] Backdrop CMS <= 1.7.1 - Persistent Cross-Site Scripting
  • From: Manuel Garcia Cardenas
• Re: [FD] NoviFlow NoviWare <= NW400.2.6 multiple vulnerabilities
  • From: Francois Goichon via Fulldisclosure
• [FD] BlackBoard LMS (9.1.140152.0) Stored XSS/Arbitrary File Upload
  • From: Ismail Doe
• [FD] libgig-LinuxSampler multiple vulnerabilities
  • From: qflb.wu
• [FD] Trend Micro Hosted Email Security (HES) - Email Interception and Direct Object Reference
  • From: Patrick Webster
• [FD] CVE-2017-13671 - MISP Stored XSS
  • From: NL Deloitte Zero Day (NL - Amsterdam)
• [FD] ConnMan #ConnManDo Vulnerability
  • From: "Daisuke Noguchi[NRIセキュア　野口]"