Mail Thread Index

• Date Index

• [FD] AST-2019-001: Remote crash vulnerability with SDP protocol violation, Asterisk Security Team
• [FD] [CORE-2018-0012] - Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2, advisories
• [FD] SHAREit for Android Authentication Bypass and Remote File Download, RedForce Advisory
• [FD] Apache UNO API RCE, Axel Boesenach
• [FD] [CVE-2019-9206, CVE-2019-9207] Cross Site Scripting in PRTG Network Monitor v7.1.3.3378, Rafael Pedrero
• [FD] DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities, secure
  • <Possible follow-ups>
  • [FD] DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities, secure
• [FD] DSA-2019-038: RSA® Authentication Manager Insecure Credential Management Vulnerability, secure
• [FD] SAP J2EE Engine/7.01/Portal/EPP Reflected Cross Site Scripting (XSS), Ece örsel
  • <Possible follow-ups>
  • [FD] SAP J2EE Engine/7.01/Portal/EPP Reflected Cross Site Scripting (XSS), Ece örsel
• [FD] SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS), Ece örsel
  • <Possible follow-ups>
  • [FD] SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS), Ece örsel
  • [FD] SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS), Ece örsel
  • [FD] SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS), Ece örsel
• Re: [FD] Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection (WordPress Plugin), Henri Salo
• [FD] Open Redirection vulnerability in Babel (CMSMS Module), Jan Kopriva
• [FD] Sagemcom router insufficient default PSK entropy, Ryan Delaney
• [FD] Sparkasse - Multiple Persistent Cross Site Scripting Web Vulnerabilities, Vulnerability Lab
• [FD] UFONet v-1.3 - [SLY] SingularitY!, psy
• [FD] CVE-2019-6726: Arbitrary File Deletion in WP fastest Cache <= 0.8.9.0, Sebastian Neef
• Re: [FD] Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] Blog2Social 5.0.2 - Reflected XSS (WordPress Plugin), Henri Salo
• [FD] Microsoft Windows .Reg File / Dialog Box Message Spoofing Vulnerability, hyp3rlinx
• Re: [FD] Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin), Henri Salo
• [FD] CVE-2019-9648 CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal, Kevin R
• [FD] CVE-2019-9649 CoreFTP FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal, Kevin R
• [FD] FlexPaper <= 2.3.6 Remote Command Execution, redazione
• [FD] WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion, Manuel Garcia Cardenas
  • Re: [FD] WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion, Henri Salo
• [FD] [**UPDATED] Microsoft Windows .Reg File / Dialog Box Message Spoofing 0day, hyp3rlinx
• [FD] Cisco Common Service Platform Collector - Hardcoded Credentials (CVE-2019-1723), David Coomber
• [FD] IPv6 Security for IPv4 Engineers, Fernando Gont
• [FD] SQL injection in joshcam/mysqli-database-class library, Jaroslav Lobačevski
• [FD] [SYSS-2018-033]: Fujitsu Wireless Keyboard Set LX901 - Keystroke Injection Vulnerability, Matthias Deeg
• [FD] 2FA & macOS Disk Encryption Bypass in Abine Blur 7.24* [CVE-2019-6481], (RS) Tyler Schroder via Fulldisclosure
• [FD] CVE-2018-19971: JFrog Artifactory Pro SAML SSO signature validation error, Timo Lindfors
• [FD] [SE-2019-01] Java Card vulnerabilities, Security Explorations
• [FD] CVE-2018-17057: phar deserialization in TCPDF might lead to RCE, Paolo G
• Re: [FD] Font_Organizer 2.1.1 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] Give 2.3.0 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] KingComposer 2.7.6 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] NextScripts: Social Networks Auto-Poster 4.2.7 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] wpGoogleMaps 7.10.41 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin), Henri Salo
• Re: [FD] YOP Poll 6.0.2 - Reflected XSS (WordPress Plugin), Henri Salo
• [FD] [RT-SA-2019-007] Code Execution via Insecure Shell Function getopt_simple, RedTeam Pentesting GmbH
• [FD] Repeat of CVE-2018-4251 in Razer Laptops, Bailey Fox
• [FD] Recon 2019 Call For Papers - June 28 - 30, 2019 - Montreal, Canada, cfp
• [FD] CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion, Kevin R
• [FD] [SYSS-2018-034]: ABUS Secvest - Rolling Code - Predictable from Observable State (CWE-341), Matthias Deeg
• [FD] [SYSS-2018-035]: ABUS Secvest Remote Control - Missing Encryption of Sensitive Data (CWE-311), Matthias Deeg
• [FD] [SYSS-2018-036]: ABUS Secvest Remote Control - Denial of Service - Uncontrolled Resource Consumption (CWE-400), Matthias Deeg
• [FD] APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-3-25-4 Safari 12.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-3-25-7 Xcode 10.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-3-25-5 iTunes 12.9.4 for Windows, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-3-25-3 tvOS 12.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-3-25-6 iCloud for Windows 7.11, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-3-25-1 iOS 12.2, Apple Product Security via Fulldisclosure
• [FD] ESA-2017-123: EMC Networker Remote Code Execution Vulnerability, secure
• [FD] [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export, RedTeam Pentesting GmbH
• [FD] [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval, RedTeam Pentesting GmbH
• [FD] [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval, RedTeam Pentesting GmbH
• [FD] [SAUTH-2019-0002] - Pydio 8 Multiple Vulnerabilities, SecureAuth Advisories
• [FD] APPLE-SA-2019-3-27-1 watchOS 5.2, Apple Product Security via Fulldisclosure