Mail Index

• Thread Index

• [FD] Disclose Vulnerability
  • From: alphan yavaş
• [FD] Multiple Privilege Escalation Vulnerabilities in LiquidVPN for MacOS (CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859)
  • From: Bernd Leitner
• [FD] [CVE-2018-16222 to 16225] Multiple Vulnerabilities in QBee and iSmartAlarm Products
  • From: Francesco Servida
• [FD] Zoho ManageEngine OpManager 12.3 allows Stored XSS
  • From: Hakan Bayır
• [FD] Zoho ManageEngine OpManager 12.3 allows Self XSS Vulnerability
  • From: Hakan Bayır
• [FD] Royal TS/X - Information Disclosure
  • From: Jakub Palaczynski
• [FD] Loadbalancer.org Enterprise VA MAX - Unauthenticated Stored XSS
  • From: Jakub Palaczynski
• [FD] APPLE-SA-2018-10-30-1 iOS 12.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-3 Safari 12.0.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-4 watchOS 5.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-5 tvOS 12.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-6 iTunes 12.9.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-7 iCloud for Windows 7.8
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-8 Additional information for APPLE-SA-2018-9-24-4 iOS 12
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-10 Additional information for APPLE-SA-2018-9-24-5 watchOS 5
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-9 Additional information for APPLE-SA-2018-9-24-1 macOS Mojave 10.14
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-12 Additional information APPLE-SA-2018-10-08-2 iCloud for Windows 7.7
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-11 Additional information for APPLE-SA-2018-9-24-6 tvOS 12
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-13 Additional information for APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows
  • From: Apple Product Security
• [FD] APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
  • From: Apple Product Security
• [FD] KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities
  • From: KoreLogic Disclosures
• [FD] Cradlepoint vulnerabilities
  • From: CrazyOwl via Fulldisclosure
• [FD] Security issue in the password reset mechanism of Forcepoint Secure Messaging product (tested in version 8.5)
  • From: Eitan shav
• [FD] Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings.
  • From: Hakan Bayır
• Re: [FD] Royal TS/X - Information Disclosure
  • From: Jakub Palaczynski
• [FD] CVE-2018-15437 / Cisco Immunet and Cisco AMP for Endpoints / System Scan Denial of Service
  • From: hyp3rlinx
• [FD] CVE-2018-15516 / D- LINK Central WifiManager CWM-100 / FTP Server PORT Bounce Scan
  • From: hyp3rlinx
• [FD] CVE-2018-15517 / D-LINK Central WifiManager CWM-100 / Server Side Request Forgery
  • From: hyp3rlinx
• [FD] CVE-2018-15515 / D-LINK Central WifiManager CWM-100 / Trojan File SYSTEM Privilege Escalation
  • From: hyp3rlinx
• [FD] [CVE-2018-18619] SQL injection in Advanced comment system v1.0
  • From: Rafael Pedrero
• [FD] [CVE-2018-18940] Cross Site Scripting in default SnoopServlet servlet Netscape Enterprise 3.63
  • From: Rafael Pedrero
• [FD] [CVE-2018-18941] Security Vulnerability in Vignette Content Management version 6
  • From: Rafael Pedrero
• [FD] DSA-2018-205: Dell EMC RecoverPoint Multiple Vulnerabilities
  • From: secure
• [FD] Cradlepoint vulnerabilities
  • From: Todd Kelly via Fulldisclosure
• [FD] Sensitive Data Exposure via Battery Information Broadcasts in Android OS [CVE-2018-15835]
  • From: Nightwatch Cybersecurity Research
• [FD] Sensitive Data Exposure via RSSI Broadcasts in Android OS [CVE-2018-9581]
  • From: Nightwatch Cybersecurity Research
• [FD] DSA-2018-198: RSA® BSAFE® Micro Edition Suite Key Management Error Vulnerability
  • From: secure
• [FD] SwitchVPN MacOS Privilege Escalation Vulnerability
  • From: Bernd Leitner
• [FD] SwitchVPN Insecure Update Process and RCE
  • From: Bernd Leitner
• [FD] OCS Inventory NG ocsreports Authenticated RCE via Shell Upload (CVE-2018-15537)
  • From: Simon Uvarov via Fulldisclosure
• [FD] AST-2018-010:
  • From: Asterisk Security Team
• [FD] AST-2018-010: Remote crash vulnerability DNS SRV and NAPTR lookups
  • From: Asterisk Security Team
• [FD] Remote Code Execution Vulnerability in ELBA5 Electronic Banking
  • From: Florian Bogner
• [FD] Budabot !calc Denial of Service
  • From: Ryan Delaney
• [FD] [CVE-2018-3635] Executable installers are vulnerable^WEVIL (case 59): arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver
  • From: Stefan Kanthak
• [FD] [CVE-2018-18006] Ricoh myPrint - Hardcoded application credentials and information disclosure via WSDL webservices
  • From: Hodorsec via Fulldisclosure
• [FD] Unauthenticated Remote Code execution in WebApps using Richfaces 3.X all versions (CVE-2018-14667)
  • From: Joao F M Figueiredo
• [FD] Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
  • From: Murat Aydemir
• [FD] DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities
  • From: secure
• [FD] DSA-2018-154: Dell EMC Avamar and Integrated Data Protection Appliance Information Exposure Vulnerability
  • From: secure
• [FD] DSA-2018-155: Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability
  • From: secure
• [FD] Escalation of privilege with Intel Rapid Storage User Interface
  • From: Stefan Kanthak
• [FD] Carolina Con CFP
  • From: Trvon via Fulldisclosure
• [FD] SEC Consult SA-20181114-0 :: Denial of Service in Microsoft Skype for Business
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20181121-0 :: Signature Bypass / Authentication Bypass in Governikus Autent SDK
  • From: SEC Consult Vulnerability Lab
• [FD] CVE-2010-1910 - Multiple Consona Products Password Reset Security Bypass Vulnerability
  • From: Rafael Pedrero
• [FD] CVE-2018-19439 - Cross Site Scripting in Oracle Secure Global Desktop Administration Console - 4.4; Build: 20080807152602
  • From: Rafael Pedrero
• [FD] [CORE-2018-0011] - Cisco WebEx Meetings Elevation of Privilege Vulnerability
  • From: advisories
• [FD] It is not a vulnerability. It is a feature. A Zendesk customer? Act now!
  • From: Eitan Caspi via Fulldisclosure
• [FD] XSS Fuzzer
  • From: Poyo VL via Fulldisclosure
• [FD] CVE-2018-19505 - Impersonation may lead to incorrect user context in Remedy AR System Server in BMC Remedy 7.1
  • From: Rafael Pedrero
• [FD] New BlackArch Linux ISOs + OVA Image (2018.12.01) with more than 2050 Tools Released.
  • From: Black Arch
• [FD] Multiple OS Command Injection in Moxa NPort W2x50A products
  • From: Maxim Khazov via Fulldisclosure
• [FD] CVE-2017-9732: knc (kerberized netcat) memory exhaustion
  • From: Imre Rad
• [FD] CVE-2018-19753 - Directory Traversal in Tarantella Enterprise before 3.11
  • From: Rafael Pedrero
• [FD] CVE-2018-19754 - Security Bypass Access Control Vulnerability in Tarantella Enterprise before 3.11
  • From: Rafael Pedrero
• [FD] SEC Consult SA-20181130-0 :: Multiple Vulnerabilities in Siglent Technologies SDS 1202X-E Digital Oscilloscope
  • From: SEC Consult Vulnerability Lab