Mail Thread Index
- [FD] Fortinet FortiSIEM - Improper Certificate Validation,
Andrew Klaus
- [FD] Metasploit Pro Includes a 4 year old Java Runtime with 223 vulnerabilities 53 being critical,
Anthony Cicalla
- [FD] Duplicator Pro <= 1.3.14: Local Information Disclosure,
Fulldisclosure Team
- [FD] PDFex: Security weakness in PDF encryption,
Jens Müller via Fulldisclosure
- [FD] APPLE-SA-2019-9-27-1 iOS 13.1.1 and iPadOS 13.1.1,
Apple Product Security via Fulldisclosure
- [FD] Bsides Lisbon 2019 Trainings,
Claudio Andre
- [FD] CA20190930-01: Security Notice for CA Network Flow Analysis,
Kevin Kotas via Fulldisclosure
- [FD] [AIT-SA-20190930-01] CVE-2019-15741: Privilege Escalation via Logrotate in Gitlab Omnibus,
Wolfgang
- [FD] vBulletin <= 5.5.4 Two SQL Injection Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-02] vBulletin <= 5.5.4 (updateAvatar) Remote Code Execution Vulnerability,
Egidio Romano
- [FD] Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501,
TIMMERMAN, Jens
- [FD] CVE-2019-17128: OmniCenter 12.1.1 – Unauthenticated SQL Injection,
Luis Rios
- [FD] APPLE-SA-2019-10-07-2 iTunes for Windows 12.10.1,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2019-10-07-3 iCloud for Windows 10.7,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2019-10-07-1 macOS Catalina 10.15,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2019-10-07-4 iCloud for Windows 7.14,
Apple Product Security via Fulldisclosure
- [FD] RENPHO iOS missing encryption and integrity check,
ProSec Security Team
- [FD] [KIS-2019-03] SugarCRM <= 9.0.1 Multiple Reflected Cross-Site Scripting Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-04] SugarCRM <= 9.0.1 Multiple SQL Injection Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-05] SugarCRM <= 9.0.1 Multiple Broken Access Control Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-06] SugarCRM <= 9.0.1 Multiple Path Traversal Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-07] SugarCRM <= 9.0.1 Multiple PHP Code Injection Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-08] SugarCRM <= 9.0.1 Multiple PHP Object Injection Vulnerabilities,
Egidio Romano
- [FD] [KIS-2019-09] SugarCRM <= 9.0.1 Multiple Phar Deserialization Vulnerabilities,
Egidio Romano
- [FD] Multiple Cross-site Scripting Vulnerabilities in Openfire 4.4.1,
Daniel Bishtawi
- [FD] Open-Xchange Security Advisory 2019-10-09,
Martin Heiland via Fulldisclosure
- [FD] [SYSS-2019-033]: Microsoft Designer Bluetooth Desktop - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key),
Matthias Deeg
- [FD] [SYSS-2019-034]: Microsoft Surface Keyboard - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key),
Matthias Deeg
- [FD] [SYSS-2019-035]: Microsoft Surface Mouse - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key),
Matthias Deeg
- [FD] SEC Consult SA-20191014-0 :: Reflected XSS vulnerability in OpenProject,
SEC Consult Vulnerability Lab
- [FD] [CFP] BSides San Francisco – February 2020,
BSidesSF CFP via Fulldisclosure
- [FD] Reflected XSS via Broken Link Checker v.1.11.8 WordPress Plugin,
Ismail Doe
- [FD] APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu,
Apple Product Security via Fulldisclosure
- [FD] Tomedo Server - Weak encryption mech.,
ProSec Security Team
- [FD] reinersct: receiving annual awards for trivial insecurity,
Thegirl Wholearnedtocode
- [FD] WiKID 2FA Enterprise Server Multiple Issues,
Aaron Bishop
- [FD] Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) [DTC-A-20170323-001],
CERT
- [FD] CA20191015-01: Security Notice for CA Performance Management,
Kevin Kotas via Fulldisclosure
- [FD] CVE 2019-2215 Android Binder Use After Free,
Marcin Kozlowski
- [FD] CVE-2019-3010 - Local privilege escalation on Solaris 11.x via xscreensaver,
Marco Ivaldi
- [FD] Sangoma SBC local sudo user creation vulnerability without authentication - CVE-2019-12147,
Security Team Appsecco via Fulldisclosure
- [FD] Sangoma SBC bypass authentication via argument injection - CVE-2019-12148,
Security Team Appsecco via Fulldisclosure
- [FD] Trend Micro Anti-Threat Toolkit (ATTK) <= v1.62.0.1218 Remote Code Execution 0day CVE-2019-9491,
hyp3rlinx
- [FD] Gift Certificates and More: A complete lack of security,
Security Researcher
Mail converted by MHonArc