Mail Index

• Thread Index

• [FD] SEC Consult SA-20191202-0 :: Multiple Critical Vulnerabilities in SALTO ProAccess SPACE
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20191203-0 :: Multiple vulnerabilites in Fronius Solar Inverter Series
  • From: SEC Consult Vulnerability Lab
• [FD] Microsoft Excel 2016 v1901 / Import Error XML External Entity Injection
  • From: hyp3rlinx
• [FD] Microsoft Visual Studio 2008 Express IDE / XML External Entity Injection
  • From: hyp3rlinx
• [FD] Microsoft Windows Media Center / XXE MotW Bypass (Anniversary Edition)
  • From: hyp3rlinx
• [FD] Reflected XSS in CSS Hero (v.4.0.3)
  • From: Ho oper Ca ry
• [FD] XXE in BMC Smart Reporting 7.3 20180418 - CVE-2019-11216
  • From: david herrero
• [FD] CarolinaCon 16 CFP is now OPEN
  • From: Carolina Con
• [FD] Windows Kernel DirectX - Local Denial Of Service
  • From: Victor Portal Gonzalez
• [FD] [KIS-2019-10] YouPHPTube <= 7.7 (getChat.json.php) SQL Injection Vulnerability
  • From: Egidio Romano
• [FD] External Service Interaction (DNS) on Skype for Business
  • From: Alphan YAVAS
• [FD] Symantec Endoint Security LPE CVE-2019-12750
  • From: Kyriakos Economou
• [FD] SiteVision Remote Code Execution
  • From: Oscar Hjelm
• [FD] SiteVision Insufficient Module Access Control
  • From: Oscar Hjelm
• [FD] Authentication vulnerabilities in OpenBSD
  • From: Qualys Security Advisory
• [FD] [AIT-SA-20191129-01] CVE-2019-16885: Unauthenticated remote code execution in OkayCMS
  • From: sec-advisory
• [FD] CA20191209-01: Security Notice for CA Nolio (Release Automation)
  • From: Kevin Kotas via Fulldisclosure
• [FD] CVE-2019-18347 Persistent Cross-Site Scripting (XSS) vulnerability in DAViCal CalDAV Server
  • From: Rick Verdoes via Fulldisclosure
• [FD] CVE-2019-18346 Cross-Site Request Forgery (CSRF) vulnerability in DAViCal CalDAV Server
  • From: Rick Verdoes via Fulldisclosure
• [FD] CVE-2019-18345 Reflected Cross-Site Scripting (XSS) vulnerability in DAViCal CalDAV Server
  • From: Rick Verdoes via Fulldisclosure
• [FD] SEC Consult SA-20191211-0 :: File Extension Spoofing in Windows Defender Antivirus
  • From: SEC Consult Vulnerability Lab
• [FD] CVE-2019-12750 - Exploitation Write-ups
  • From: Kyriakos Economou
• [FD] CA20191210-01: Security Notice for CA Automic Sysload
  • From: Ken Williams via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-2 iOS 12.4.4
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-4 watchOS 5.3.4
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-5 tvOS 13.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-6 Safari 13.0.4
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-7 Xcode 11.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2019-12-10-8 watchOS 6.1.1
  • From: Apple Product Security via Fulldisclosure
• [FD] Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)
  • From: Qualys Security Advisory
• [FD] Stored Cross-Site Scripting in Serv-U FTP Server
  • From: Richard Tan via Fulldisclosure
• [FD] CSV injection vulnerability in SolarWinds Serv-U FTP Server
  • From: Richard Tan via Fulldisclosure
• [FD] Squiz Matrix CMS <= 5.5.3.2 - Multiple Issues may lead to Remote Code Execution
  • From: Stephen Shkardoon
• [FD] D-Link DIR-615 — Vertical Prviliege Escalation
  • From: Sanyam Chawla
• [FD] Deutsche Bahn Ticket Vending Machine Windows XP - Local Kiosk Privilege Escalation Vulnerability
  • From: Vulnerability Lab