Mail Thread Index

Date Index

[FD] SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range, SEC Consult Vulnerability Lab
[FD] IPSwitch MoveIt Stored Cross Site Scripting (XSS), 1n3
[FD] Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key, cfpmontreal2018
[FD] Claymore Dual Gpu Miner <= 10.5 Format Strings Vulnerability, disclosure
[FD] CFP: EuroSec 2018, 11th European Workshop on Systems Security (Extended Deadline: February 9, 2018), Fengwei Zhang
[FD] Geovision Inc. IP Camera/Video/Access Control Multiple Remote Command Execution - Multiple Stack Overflow - Double free - Unauthorized Access, bashis
[FD] New vulnerabilities in D-Link DIR-100, MustLive
[FD] Flexense SyncBreeze Entreprise 10.3.14 Buffer Overflow (SEH-bypass), RYT
Re: [FD] Banknotes Misproduction security & biometric weakness, Ben Tasker
- Re: [FD] Banknotes Misproduction security & biometric weakness, InterN0T via Fulldisclosure
  - Message not available
    - Re: [FD] Banknotes Misproduction security & biometric weakness, Vulnerability Lab
- Message not available
  - Re: [FD] Banknotes Misproduction security & biometric weakness, Vulnerability Lab
- <Possible follow-ups>
- Re: [FD] Banknotes Misproduction security & biometric weakness, Vulnerability Lab
[FD] SSD Advisory – Hotspot Shield Information Disclosure, Maor Shwartz
[FD] Microsoft Anti Ransomware mitigation bypass, Yago Jesus
[FD] ESA-2018-015: EMC RecoverPoint Command Injection Vulnerabilities, EMC Product Security Response Center
[FD] [CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities, Core Security Advisories Team
[FD] EuskalHack Security Congress Call For Papers, Joxean Koret
[FD] CFP for Packet Hacking Village Talks at DEF CON 26, Ming
[FD] IBM Tivoli Monitoring CVE-2017-1635 Remote Code Execution Vulnerability, p
[FD] Defense in depth -- the Microsoft way (part 50); Windows Update shoves unsafe crap as "important" updates to unsuspecting users, Stefan Kanthak
[FD] [SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform, Security Explorations
[FD] SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip, SEC Consult Vulnerability Lab
[FD] SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro, SEC Consult Vulnerability Lab
[FD] CVS Suite 2009R2 Insecure Library Loading CVE-2018-6461, hyp3rlinx
[FD] Formstack Webhook HMAC Advisory, Derrek Bertrand
[FD] KL-001-2018-002 : NetEx HyperIP Authentication Bypass, KoreLogic Disclosures
[FD] KL-001-2018-003 : NetEx HyperIP Post-Auth Command Execution, KoreLogic Disclosures
[FD] KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability, KoreLogic Disclosures
[FD] KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability, KoreLogic Disclosures
[FD] KL-001-2018-006 : Trend Micro IMSVA Management Portal Authentication Bypass, KoreLogic Disclosures
[FD] SoapUI v5.3.0 Code Execution, Ismail Doe
- Re: [FD] SoapUI v5.3.0 Code Execution, Ismail Doe
[FD] libreoffice remote arbitrary file disclosure, Mikhail Klementev
[FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM, Stefan Kanthak
- Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM, Jeffrey Walton
  - Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM, Stefan Kanthak
    - Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM, Kevin Beaumont
      - Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM, Stefan Kanthak
[FD] CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow, hyp3rlinx
[FD] Multiple SQL injection vulnerabilities in dotCMS (2x CVE), Elar Lang
[FD] RootedCON Security Conference - 1-3 March, Madrid (Spain), omarbv
[FD] DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple Vulnerabilities, EMC Product Security Response Center
- <Possible follow-ups>
- [FD] DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple Vulnerabilities, EMC Product Security Response Center
[FD] SSD Advisory – CloudMe Unauthenticated Remote Buffer Overflow, SecuriTeam SSD
[FD] [CORE-2017-0009] - Dell EMC Isilon OneFS Multiple Vulnerabilities, Core Security Advisories Team
[FD] SSD Advisory – TrendNet AUTHORIZED_GROUP Information Disclosure, SecuriTeam SSD
[FD] Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS, Stefan Kanthak
[FD] : Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF, Arvind Vishwakarma
[FD] F-Secure Radar Persistent Cross-Site Scripting Vulnerability, Oscar Hjelm
[FD] F-Secure Radar Login Page Unvalidated Redirect Vulnerability, Oscar Hjelm
[FD] Local Privilege Escalation in CrashPlan’s Windows Client Version 4, Florian Bogner
[FD] [CVE-2018-5767] Remote Code Execution Walkthrough on Tenda AC15 Router, Kurtis
[FD] [SE-2011-01] Regarding liabilities in SW / HW (ST chipsets flaws' case), Security Explorations
[FD] [Project] Patton: The clever vulnerability knowledge store, cr0hn
[FD] Navarino Infinity onship unit multiple vulnerabilities, Vangelis Stykas
[FD] APPLE-SA-2018-02-19-1 iOS 11.2.6, Apple Product Security
[FD] APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update, Apple Product Security
[FD] APPLE-SA-2018-02-19-3 tvOS 11.2.6, Apple Product Security
[FD] APPLE-SA-2018-02-19-4 watchOS 4.2.3, Apple Product Security
[FD] Mozilla's executable installers: FUBAR (that's spelled "fucked-up beyond all repair"), Stefan Kanthak
[FD] SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors, SEC Consult Vulnerability Lab
[FD] [CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities, Core Security Advisories Team
[FD] AST-2018-001: Crash when receiving unnegotiated dynamic payload, Asterisk Security Team
[FD] AST-2018-002: Crash when given an invalid SDP media format description, Asterisk Security Team
[FD] AST-2018-003: Crash with an invalid SDP fmtp attribute, Asterisk Security Team
[FD] AST-2018-004: Crash when receiving SUBSCRIBE request, Asterisk Security Team
[FD] AST-2018-005: Crash when large numbers of TCP connections are closed suddenly, Asterisk Security Team
[FD] AST-2018-006: WebSocket frames with 0 sized payload causes DoS, Asterisk Security Team
[FD] DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability, Defense Code
[FD] BSides Denver 2018 CFP is open, Jeff Pettorino
[FD] [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5, Justin Bull
- Re: [FD] [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5, Justin Bull
[FD] Search engine of leaks, Gustavo Sánchez
[FD] SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket, SEC Consult Vulnerability Lab
[FD] ActivePDF Toolkit < 8.1.0 multiple RCE, François Goichon via Fulldisclosure
[FD] Auto-detection of Compressed Files in Apple’s macOS, Nightwatch Cybersecurity Research
[FD] Download Protection Bypass in Google’s Chrome (multiple), Nightwatch Cybersecurity Research
[FD] ES2018-01 Asterisk pjsip subscribe stack corruption, Sandro Gauci
[FD] ES2018-02 Asterisk pjsip sdp invalid fmtp segfault, Sandro Gauci
[FD] ES2018-03 Asterisk pjsip sdp invalid media format description segfault, Sandro Gauci
[FD] ES2018-04 Asterisk pjsip tcp segfault, Sandro Gauci
[FD] AxxonSoft Axxon Next - AxxonSoft Client Directory Traversal via an initial /css//..%2f substring in a URI. CVE-2018-7467, Anthony Cicalla
[FD] SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management, SEC Consult Vulnerability Lab

Mail converted by MHonArc