Mail Index

• Thread Index

• [FD] SolarWinds SFTP Vulnerabilities
  • From: Alex Craggs
• [FD] CVE-2018-11741 / CVE-2018-11742 / NEC Univerge Sv9100 WebPro - 6.00 / Predictable Session ID / Clear Text Password Storage
  • From: hyp3rlinx
• [FD] Multiple Reflected Cross-site Scripting Vulnerabilities in Seopanel 3.13.0
  • From: Daniel Bishtawi
• [FD] Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1
  • From: Daniel Bishtawi
• [FD] Reflected Cross-site Scripting Vulnerability in CubeCart 6.2.2
  • From: Daniel Bishtawi
• [FD] Reflected Cross-site Scripting Vulnerability in Typesetter 5.1
  • From: Daniel Bishtawi
• [FD] SQL Injection and Cross-site Scripting Vulnerabilities in Chamilo 1.11.6
  • From: Daniel Bishtawi
• [FD] Multiple Cross-site Scripting Vulnerabilities in OSclass 3.7.4
  • From: Daniel Bishtawi
• [FD] Multiple Cross-site Scripting and Blind SQL Injection Vulnerabilities in Plikli 4.0.0
  • From: Daniel Bishtawi
• [FD] SEC Consult SA-20181205-0 :: Inadequate cryptography implementation in Kerio Control VPN protocol
  • From: SEC Consult Vulnerability Lab
• [FD] Cross-Site Scripting in Adiscon LogAnalyzer (CVE-2018-19877)
  • From: Gustavo Sorondo
• [FD] APPLE-SA-2018-12-05-1 iOS 12.1.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-05-2 macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-05-3 tvOS 12.1.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-05-4 Safari 12.0.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-05-5 iTunes 12.9.2 for Windows
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-05-7 Shortcuts 2.1.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-05-6 iCloud for Windows 7.9
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2018-12-06-1 watchOS 5.1.2
  • From: Apple Product Security via Fulldisclosure
• [FD] [CVE-2018-19861, CVE-2018-19862] Buffer overflow in MiniShare 1.4.1 HEAD and POST method
  • From: Rafael Pedrero
• [FD] [CVE-2018-19649, CVE-2018-19765 to CVE-2018-19775, CVE-2018-19809 to CVE-2018-19822] - Multiple Cross Site Scripting in VistaPortal SE Version 5.1 (build 51029)
  • From: Rafael Pedrero
• [FD] Multiple vulnerabilities found in Trendnet routers and IP Cameras.
  • From: Prashast Srivastava
• [FD] [CFP] Security BSides Ljubljana 0x7E3 | March 16, 2019
  • From: Andraz Sraka
• [FD] Vmware airwatch feature
  • From: Jacek Lipkowski
• [FD] Dynamic Loader Oriented Programming - Wiedergaenger PoC (Proof of Concept) on Ubuntu 16.04.5 LTS - 2018
  • From: Marcin Kozlowski
• [FD] Zoho ManageEngine OpManager 12.3 before Build 123237 has XSS via the domainController API.
  • From: Murat Aydemir
• [FD] CVE-2018-7690 | The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities
  • From: alt3kx via Fulldisclosure
• [FD] CVE-2018-7691 | The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities
  • From: alt3kx via Fulldisclosure
• [FD] Mikrotik RouterOS telnet arbitrary root file creation 0day
  • From: Hacker Fantastic via Fulldisclosure
• [FD] GNU inetutils <= 1.9.4 telnet.c multiple overflows
  • From: Hacker Fantastic via Fulldisclosure
• [FD] YSTS 13th Edition - CFP
  • From: Luiz Eduardo
• [FD] Tracking Linux Kernel Vulnerabilities
  • From: Nicholas Luedtke
• [FD] LibTIFF 4.0.8 has multiple memory leak vulnerabilities (CVE-2017-16232)
  • From: =?gb18030?b?enp0MDkwNw==?=
• [FD] Buffer Overflow in function match() PCRE 8.41 (CVE-2017-16231)
  • From: =?gb18030?b?enp0MDkwNw==?=
• [FD] [CORE-2017-0012] - ASUS Drivers Elevation of Privilege Vulnerabilities
  • From: advisories
• [FD] [CORE-2018-0007] - GIGABYTE Driver Elevation of Privilege Vulnerabilities
  • From: advisories
• [FD] Capstone disassembler v4.0 is out!
  • From: Nguyen Anh Quynh
• [FD] Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API
  • From: Murat Aydemir
• [FD] Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section
  • From: Murat Aydemir
• [FD] Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section
  • From: Murat Aydemir
• [FD] New vulnerabilities in Transcend Wi-Fi SD Card
  • From: MustLive
• [FD] DAVOSET v.1.3.7
  • From: MustLive
• [FD] CVE-2018-20193 - Privilege escalation in Juniper Secure Access SSL VPN - SA-4000, 5.1R5 (build 9627) 4.2 Release (build 7631)
  • From: Rafael Pedrero
• [FD] CVE-2018-20211 - DLL Hijacking in Exiftool v8.3.2.0
  • From: Rafael Pedrero
• [FD] [CVE-2018-18007] atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials
  • From: Tyler Cui
• [FD] [CVE-2018-18008] spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials
  • From: Tyler Cui
• [FD] [CVE-2018-18009] dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials
  • From: Tyler Cui
• Re: [FD] LibTIFF 4.0.8 has multiple memory leak vulnerabilities (CVE-2017-16232)
  • From: Henri Salo