Mail Index

• Thread Index

• [FD] SEC Consult SA-20191029-0 :: Authentication Bypass in eIDAS-Node (European #eGovernment cross-border authentication)
  • From: SEC Consult Vulnerability Lab
• [FD] [RT-SA-2019-013] Unsafe Storage of Credentials in Carel pCOWeb HVAC
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC
  • From: RedTeam Pentesting GmbH
• [FD] RootedCON 2020 Call For Papers is open!
  • From: omarbv
• [FD] APPLE-SA-2019-10-29-7 Additional information for APPLE-SA-2019-9-26-4 Safari 13
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-5 Safari 13.0.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-9 Additional information for APPLE-SA-2019-9-26-6 tvOS 13
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-6 Additional information for APPLE-SA-2019-9-26-3 iOS 13
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-8 Additional information for APPLE-SA-2019-9-26-5 watchOS 6
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-4 watchOS 6.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-11 Additional information for APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-3 tvOS 13.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-11-01-1 Xcode 11.2
  • From: Apple Product Security via Fulldisclosure
• [FD] Multiple Cross-site Scripting Vulnerabilities in ilchCMS 2.1.23
  • From: Daniel Bishtawi
• [FD] Insecure Defaults in Adobe’s Mobile SDKs
  • From: Nightwatch Cybersecurity Research
• [FD] Minor security issue in punbb with SQLite
  • From: Georgi Guninski
• [FD] Vulnerability Disclosure and CVE assign
  • From: Alphan YAVAS
• [FD] ScanGuard Antivirus (latest version) / Insecure Permissions
  • From: hyp3rlinx
• [FD] Getting the server ip from a hosted XenForo CMS
  • From: Hacxx Under 2
• [FD] Centraleyezer: Unrestricted File Upload -[CVE-2019-12271]
  • From: infinitybuzz via Fulldisclosure
• [FD] Centraleyezer: Stored XSS using HTML Entities — [CVE-2019–12299]
  • From: infinitybuzz via Fulldisclosure
• [FD] Centraleyezer: Unrestricted File Upload — [CVE-2019–12311]
  • From: infinitybuzz via Fulldisclosure
• [FD] WordPress Plugin Social Photo Gallery 1.0 - Remote Code Execution
  • From: Prestigia
• [FD] Stored XSS Vulnerability on TP-Link Archer VR300 v1
  • From: okan coskun
• [FD] Raritan CommandCenter Secure Gateway XML External Entity < 8.0
  • From: okan coskun
• [FD] Raritan CommandCenter Secure Gateway XSS Vulnerability on < 8.0
  • From: okan coskun
• [FD] c0c0n 2020 Middle East| Abu Dhabhi | The cy0ps c0n - CFP & CFW is Open !
  • From: Prajwal Panchmahalkar
• [FD] [AIT-SA-20191112-01] CVE-2019-10143: Privilege Escalation via Logrotate in FreeRadius
  • From: sec-advisory
• [FD] XSSer v.1.8[2] - "The Hiv3!" released
  • From: psy
• [FD] CVE-2019-16758 Lexmark Services Monitor 2.27.4.0.39 Directory Traversal
  • From: Kevin R
• [FD] AST-2019-006: SIP request can change address of a SIP peer.
  • From: Asterisk Security Team
• [FD] AST-2019-007: AMI user could execute system commands.
  • From: Asterisk Security Team
• [FD] AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
  • From: Asterisk Security Team
• [FD] arbitrary file capture in Kaspersky Total Security 2019
  • From: p3rd1d0s via Fulldisclosure
• [FD] SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
  • From: SEC Consult Vulnerability Lab
• [FD] [CFP] Security BSides Ljubljana 0x7E4 | April 4, 2020
  • From: Andraz Sraka
• [FD] Anhui Huami Mi Fit Android Application - Unencrypted Update Check
  • From: David Coomber
• [FD] pari/gp on debian stable allow arbitrary file write
  • From: Georgi Guninski
• [FD] Vulnerability in MiBox3
  • From: Bug Reporter
• [FD] CVE-2019-11932 (double free in libpl_droidsonroids_gif) many apps vulnerable
  • From: Marcin Kozlowski
• Re: [FD] SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
  • From: SEC Consult Vulnerability Lab
• [FD] NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 / Pre-Auth SQL Injection 0Day
  • From: hyp3rlinx
• [FD] [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)
  • From: Matthias Deeg
• [FD] CVE-2019-18922; Directory Traversal; Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047]
  • From: Sprenger, Nicolas Hendrik
• Re: [FD] Anhui Huami Mi Fit Android Application - Unencrypted Update Check
  • From: Tim
• [FD] Max Secure Anti Virus Plus - 19.0.4.020 / CVE-2019-19382 Insecure Permissions
  • From: hyp3rlinx