Mail Thread Index

• Date Index

• [FD] SEC Consult SA-20191029-0 :: Authentication Bypass in eIDAS-Node (European #eGovernment cross-border authentication), SEC Consult Vulnerability Lab
• [FD] [RT-SA-2019-013] Unsafe Storage of Credentials in Carel pCOWeb HVAC, RedTeam Pentesting GmbH
• [FD] [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC, RedTeam Pentesting GmbH
• [FD] RootedCON 2020 Call For Papers is open!, omarbv
• [FD] APPLE-SA-2019-10-29-7 Additional information for APPLE-SA-2019-9-26-4 Safari 13, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-5 Safari 13.0.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-9 Additional information for APPLE-SA-2019-9-26-6 tvOS 13, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-6 Additional information for APPLE-SA-2019-9-26-3 iOS 13, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-8 Additional information for APPLE-SA-2019-9-26-5 watchOS 6, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-4 watchOS 6.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-11 Additional information for APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-10-29-3 tvOS 13.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-11-01-1 Xcode 11.2, Apple Product Security via Fulldisclosure
• [FD] Multiple Cross-site Scripting Vulnerabilities in ilchCMS 2.1.23, Daniel Bishtawi
• [FD] Insecure Defaults in Adobe’s Mobile SDKs, Nightwatch Cybersecurity Research
• [FD] Minor security issue in punbb with SQLite, Georgi Guninski
• [FD] Vulnerability Disclosure and CVE assign, Alphan YAVAS
• [FD] ScanGuard Antivirus (latest version) / Insecure Permissions, hyp3rlinx
• [FD] Getting the server ip from a hosted XenForo CMS, Hacxx Under 2
• [FD] Centraleyezer: Unrestricted File Upload -[CVE-2019-12271], infinitybuzz via Fulldisclosure
• [FD] Centraleyezer: Stored XSS using HTML Entities — [CVE-2019–12299], infinitybuzz via Fulldisclosure
• [FD] Centraleyezer: Unrestricted File Upload — [CVE-2019–12311], infinitybuzz via Fulldisclosure
• [FD] WordPress Plugin Social Photo Gallery 1.0 - Remote Code Execution, Prestigia
• [FD] Stored XSS Vulnerability on TP-Link Archer VR300 v1, okan coskun
• [FD] Raritan CommandCenter Secure Gateway XML External Entity < 8.0, okan coskun
• [FD] Raritan CommandCenter Secure Gateway XSS Vulnerability on < 8.0, okan coskun
• [FD] c0c0n 2020 Middle East| Abu Dhabhi | The cy0ps c0n - CFP & CFW is Open !, Prajwal Panchmahalkar
• [FD] [AIT-SA-20191112-01] CVE-2019-10143: Privilege Escalation via Logrotate in FreeRadius, sec-advisory
• [FD] XSSer v.1.8[2] - "The Hiv3!" released, psy
• [FD] CVE-2019-16758 Lexmark Services Monitor 2.27.4.0.39 Directory Traversal, Kevin R
• [FD] AST-2019-006: SIP request can change address of a SIP peer., Asterisk Security Team
• [FD] AST-2019-007: AMI user could execute system commands., Asterisk Security Team
• [FD] AST-2019-008: Re-invite with T.38 and malformed SDP causes crash., Asterisk Security Team
• [FD] arbitrary file capture in Kaspersky Total Security 2019, p3rd1d0s via Fulldisclosure
• [FD] SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products, SEC Consult Vulnerability Lab
  • Re: [FD] SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products, SEC Consult Vulnerability Lab
• [FD] [CFP] Security BSides Ljubljana 0x7E4 | April 4, 2020, Andraz Sraka
• [FD] Anhui Huami Mi Fit Android Application - Unencrypted Update Check, David Coomber
  • Re: [FD] Anhui Huami Mi Fit Android Application - Unencrypted Update Check, Tim
• [FD] pari/gp on debian stable allow arbitrary file write, Georgi Guninski
• [FD] Vulnerability in MiBox3, Bug Reporter
• [FD] CVE-2019-11932 (double free in libpl_droidsonroids_gif) many apps vulnerable, Marcin Kozlowski
• [FD] NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 / Pre-Auth SQL Injection 0Day, hyp3rlinx
• [FD] [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503), Matthias Deeg
• [FD] CVE-2019-18922; Directory Traversal; Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047], Sprenger, Nicolas Hendrik
• [FD] Max Secure Anti Virus Plus - 19.0.4.020 / CVE-2019-19382 Insecure Permissions, hyp3rlinx