Mail Index

• Thread Index

• [FD] Multiple vulnerabilities in Dovecot 2.3
  • From: Aki Tuomi via Fulldisclosure
• Re: [FD] WordPress Plugin Contact Form Builder [CSRF → LFI]
  • From: Henri Salo
• Re: [FD] WordPress Plugin Form Maker by WD [CSRF → LFI]
  • From: Henri Salo
• Re: [FD] WordPress plugin Contact Form by WD [CSRF → LFI]
  • From: Henri Salo
• [FD] OpenPGP and S/MIME signature forgery attacks in multiple email clients
  • From: Jens Müller via Fulldisclosure
• [FD] [REVIVE-SA-2019-001] Revive Adserver - Multiple vulnerabilities
  • From: Matteo Beccati via Fulldisclosure
• [FD] [CVE-2019-9826] phpBB Native Fulltext Search denial of service
  • From: Colin Snover
• [FD] Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution 0day
  • From: hyp3rlinx
• [FD] OneShield - Policy Solutions - Dragon Framework Log Poisoning
  • From: ghost
• [FD] OneShield - Policy Solutions - Dragon Framework Persistent XSS in Framework Textboxes
  • From: ghost
• [FD] [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310)
  • From: Matthias Deeg
• [FD] RCE in CGI Servlet – Apache Tomcat on Windows – CVE-2019-0232
  • From: Nightwatch Cybersecurity Research
• [FD] Open source tool | Lets Map Your Network
  • From: Pramod Rana
• [FD] SEC Consult SA-20190509-0 :: Multiple Vulnerabilities in Gemalto (Thales Group) DS3 Authentication Server / Ezio Server
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20190510-0 :: Unauthenticated SQL Injection vulnerability in OpenProject
  • From: SEC Consult Vulnerability Lab
• [FD] WordPress Plugin Form Maker 1.13.3 - SQL Injection
  • From: Daniele Scanu
• [FD] Enghouse Interactive´s CCSP 7.2.5 API XXE and SSRF,vulnerability via unauthenticated GET Request
  • From: David H
• [FD] dotCMS v5.1.1 Vulnerabilities
  • From: John Martinelli
• [FD] dotCMS v5.1.1 HTML Injection & XSS Vulnerability
  • From: John Martinelli
• Re: [FD] dotCMS v5.1.1 HTML Injection & XSS Vulnerability
  • From: John Martinelli
• [FD] Cross Site Scripting | Alkacon OpenCMS v10.5.4 and before
  • From: Pramod Rana
• [FD] CSV Injection | Alkacon OpenCMS v10.5.4 and before
  • From: Pramod Rana
• [FD] Cross Site Scripting | WolfCMS v0.8.3.1 and before
  • From: Pramod Rana
• [FD] SEC Consult SA-20190513-0 :: Cleartext message spoofing in supplementary Go Cryptography Libraries (@sec_consult)
  • From: SEC Consult Vulnerability Lab
• [FD] TOR browser / Firefox telemetry data
  • From: Bipin Gautam
• [FD] [CVE-2019-8978] Improper Authentication (CWE-287) in Ellucian Banner Web Tailor and Banner Enterprise Identity Services
  • From: Joshua Mulliken
• [FD] APPLE-SA-2019-5-13-1 iOS 12.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-5-13-2 macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-5-13-3 tvOS 12.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-5-13-4 watchOS 5.2.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-5-13-6 Apple TV Software 7.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-5-13-5 Safari 12.1.1
  • From: Apple Product Security via Fulldisclosure
• Re: [FD] System Down: A systemd-journald exploit
  • From: Qualys Security Advisory
• [FD] [CVE-2018-7841] Schneider Electric U.Motion Builder <= 1.3.4 track_import_export.php object_id Unauthenticated Command Injection
  • From: RCE Security
• [FD] SEC Consult SA-20190515-0 :: Authorization Bypass in RSA NetWitness (@sec_consult)
  • From: SEC Consult Vulnerability Lab
• [FD] [RT-SA-2019-002] Directory Traversal in Cisco Expressway Gateway
  • From: RedTeam Pentesting GmbH
• [FD] GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability
  • From: gionreale
• [FD] [CVE-2019-11880] CommSy <= 8.6.5 - SQL injection
  • From: Jens Regel | Schneider & Wulf
• [FD] local privilege escalation via CDE dtprintinfo
  • From: Marco Ivaldi
• Re: [FD] GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability
  • From: gionreale
• [FD] Epic Web Honeypot 2.0a - Fingerprinting Vulnerability
  • From: gionreale
• [FD] Blackhole for Bad Bots WordPress Plugin 2.5 - Detection Bypass
  • From: gionreale
• [FD] Emerson Network Power Cross Site Scripting(XSS) Vulnerability
  • From: Kubilay Onur Gungor
• [FD] CMS Made Simple 2.2.10 - (Authenticated) Persistent Cross-Site Scripting
  • From: Manuel Garcia Cardenas
• [FD] New BlackArch Linux ISOs + OVA Image (2019.06.01) with 2200 Tools released
  • From: Black Arch
• [FD] [REVIVE-SA-2019-002] Revive Adserver Vulnerability
  • From: Matteo Beccati via Fulldisclosure
• [FD] Exploring the File System via Jenkins Credentials Plugin Vulnerability – CVE-2019-10320
  • From: Nightwatch Cybersecurity Research
• [FD] [CVE-2019-11604] Quest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected Cross-Site Scripting
  • From: RCE Security
• [FD] Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7
  • From: Daniel Bishtawi
• [FD] Cross-site Scripting Vulnerabilities in VFront 0.99.5
  • From: Daniel Bishtawi
• [FD] CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication
  • From: Kevin Kotas via Fulldisclosure
• [FD] [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)
  • From: Matthias Deeg
• [FD] [SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)
  • From: Matthias Deeg
• [FD] [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)
  • From: Matthias Deeg
• [FD] Local Privilege Escalation via Serv-U FTP Server
  • From: Chris
• [FD] APPLE-SA-2019-5-28-2 iCloud for Windows 7.12
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5
  • From: Apple Product Security via Fulldisclosure
• [FD] XSS in SSI printenv command – Apache Tomcat – CVE-2019-0221
  • From: Nightwatch Cybersecurity Research
• [FD] Anviz M3 RFID Access Control security issues
  • From: Marco