Mail Index

• Thread Index

• [FD] Out-of-Band XXE in Universal Media Server's SSDP Processing
  • From: Chris
• [FD] CA20180802-01: Security Notice for CA API Developer Portal
  • From: Kotas, Kevin J
• [FD] (CVE-2018-13415) Out-of-Band XXE in Plex Media Server
  • From: Chris
• [FD] (CVE-2018-13417) Out-of-Band XXE in Vuze Bittorrent Client
  • From: Chris
• [FD] CVE-2016-7085 NOT fixed in VMware-player-12.5.9-7535481.exe
  • From: Stefan Kanthak
• [FD] Executable installers are vulnerable^WEVIL (case 55): escalation of privilege with VMware Player 12.5.9
  • From: Stefan Kanthak
• [FD] DSA-2018-112: Dell EMC Data Protection Advisor XML External Entity Vulnerability
  • From: Dell EMC Product Security Response Center
• [FD] CVE-2018-14857 (Unrestricted File Upload (RCE) in OCS Inventory NG Webconsole before 2.5)
  • From: Simon Uvarov via Fulldisclosure
• [FD] Executable installers are vulnerable^WEVIL (case 56): arbitrary code execution WITH escalation of privilege via rufus*.exe
  • From: Stefan Kanthak
• [FD] CVE-2018-12090 - LAMS < 3.1 Unauthenticated Cross-Site Scripting
  • From: Nikola Kojic
• [FD] Full Disclosure - Responsive File Manager
  • From: Silton Renato
• [FD] SOC Battle - ARE YOU READY FOR AN EXTRAORDINARY CTF?
  • From: Mustafa Kaan Demirhan
• [FD] [CONVISO-18-001] - Nasdaq BWise JMX/RMI RCE
  • From: Anibal Aguiar
• Re: [FD] Full Disclosure - Responsive File Manager
  • From: Henri Salo
• [FD] SEC Consult SA-20180813-0 :: SQL Injection, XSS & CSRF vulnerabilities in Pimcore
  • From: SEC Consult Vulnerability Lab
• [FD] Silver Peak EdgeConnect < 8.1.7.x. multiple vulnerabilities
  • From: SCADA StrangeLove
• [FD] Jetty 6.1.6 Cross-Site Scripting (XSS)
  • From: 1n3--- via Fulldisclosure
• [FD] X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv
  • From: X41 D-Sec GmbH Advisories
• [FD] X41 D-Sec GmbH Security Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC
  • From: X41 D-Sec GmbH Advisories
• [FD] X41 D-Sec GmbH Security Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11
  • From: X41 D-Sec GmbH Advisories
• [FD] X41 D-Sec GmbH Security Advisory X41-2018-004: Multiple Vulnerabilities in Yubico libykneomgr
  • From: X41 D-Sec GmbH Advisories
• [FD] X41 D-Sec GmbH Security Advisory X41-2018-005: Multiple Vulnerabilities in Apple smartcardservices
  • From: X41 D-Sec GmbH Advisories
• [FD] UISGCON14 CFP
  • From: Andrey Loginov
• [FD] Multiple vulnerabilities in OSCAR EMR
  • From: Brian Hysell
• [FD] CVE-2017-11563: Remote Code Execution via stack overflow in D-Link EyeOn Baby Monitor (DCS-825L)
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] CVE-2017-11564: multiple command inject in D-Link EyeOn Baby Monitor (DCS-825L)
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] CVE-2017-12573: command injection in PLANEX CS-W50HD
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] CVE-2017-12574: Hardcode credential in PLANEX CS-W50HD
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] CVE-2017-12575: information leakage in NEC Aterm WG2600HP2
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] CVE-2017-12576: an hidden management page in PLANEX CS-QR20
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] CVE-2017-12577: an hardcode credential in PLANEX CS-QR20
  • From: kenney_lu@xxxxxxxxxxxxxx
• [FD] XSS and CSRF vulnerabilities in ASUS RT-N15U
  • From: MustLive
• [FD] DSA-2018-144: RSA Archer SQL Injection Vulnerability within embedded WorkPoint component
  • From: Dell EMC Product Security Response Center
• [FD] DSA-2018-132: RSA NetWitness Platform Server-Side Template Injection Vulnerability
  • From: Dell EMC Product Security Response Center
• Re: [FD] Full Disclosure - Responsive File Manager
  • From: Silton Renato
• [FD] RESPONSIVE filemanager
  • From: Simon Uvarov via Fulldisclosure
• [FD] Defense in depth -- the Microsoft way (part 57): all the latest MSVCRT installers allow escalation of privilege
  • From: Stefan Kanthak
• [FD] Seagate Media Server multiple SQL injection vulnerabilities
  • From: Summer of Pwnage via Fulldisclosure
• Re: [FD] Jetty 6.1.6 Cross-Site Scripting (XSS)
  • From: 1n3--- via Fulldisclosure
• Re: [FD] Jetty 6.1.6 Cross-Site Scripting (XSS)
  • From: 1n3--- via Fulldisclosure
• [FD] Mutiny Monitoring Appliance < 6.1.0-5263 - Command Injection (CVE-2018-15529)
  • From: Reggie Dodd
• [FD] Couchbase Server - Remote Code Execution
  • From: x ksi
• [FD] DSA-2018-144: RSA Archer SQL Injection Vulnerability within embedded WorkPoint component
  • From: secure
• [FD] DSA-2018-132: RSA NetWitness Platform Server-Side Template Injection Vulnerability
  • From: secure
• Re: [FD] Jetty 6.1.6 Cross-Site Scripting (XSS)
  • From: Simon Waters
• Re: [FD] Jetty 6.1.6 Cross-Site Scripting (XSS)
  • From: Simon Waters
• [FD] CVE-2018-12710
  • From: Kevin R
• [FD] DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple Security Vulnerabilities
  • From: secure