Mail Index

• Thread Index

• [FD] [RT-SA-2019-015] IceWarp: Cross-Site Scripting in Notes for Contacts
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2019-016] IceWarp: Cross-Site Scripting in Notes
  • From: RedTeam Pentesting GmbH
• [FD] Microsoft Exchange Server, External Service Interaction (DNS)
  • From: Alphan YAVAS
• [FD] Microsoft Windows .Group File / URL Field Code Execution
  • From: hyp3rlinx
• [FD] New BlackArch Linux ISOs + OVA Image available!
  • From: Black Arch
• [FD] CA20191218-01: Security Notice for CA Client Automation Agent for Windows
  • From: Kevin Kotas via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2020-01-02
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] [TZO-01-2020] AVIRA Generic Malformed Container bypass (ISO)
  • From: Thierry Zoller
• [FD] [TZO-02-2020] Kaspersyk Generic Malformed Archive Bypass (ZIP GFlag)
  • From: Thierry Zoller
• [FD] [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information)
  • From: Thierry Zoller
• [FD] Fortinet FortiSIEM Hardcoded SSH Key
  • From: Andrew Klaus
• [FD] Microsoft Windows VCF Card / Mailto Link Denial Of Service
  • From: hyp3rlinx
• [FD] Two vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Multiple Reflected Cross-site Scripting Vulnerabilities in ERPNext 11.1.47
  • From: Daniel Bishtawi
• [FD] [TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2)
  • From: Thierry Zoller
• [FD] [PATCH] (security) launcher: don't attempt to execute arbitrary binaries
  • From: Enrico Weigelt, metux IT consult
• [FD] [TZO-05-2020] Kaspersky Generic Malformed Archive Bypass (ZIP Compressed Size)
  • From: Thierry Zoller
• [FD] [TZO-07-2020] Bitdefender Generic Malformed Archive Bypass (RAR HOST_OS)
  • From: Thierry Zoller
• [FD] [TZO-08-2020] Bitdefender Generic Malformed Archive Bypass (ZIP GPFLAG)
  • From: Thierry Zoller
• [FD] [TZO-06-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN)
  • From: Thierry Zoller
• [FD] [TOOL] Permanent SD Card Locker (Read Only)
  • From: Thierry Zoller
• [FD] CVE-2019-20357 / Trend Micro Security (Consumer) / Persistent Arbitrary Code Execution
  • From: hyp3rlinx
• [FD] CVE-2019-19697 / Trend Micro Security 2019 (Consumer) / Security Bypass Protected Service Tampering
  • From: hyp3rlinx
• [FD] CVE-2020-2656 - Low impact information disclosure via Solaris xlock
  • From: Marco Ivaldi
• [FD] CVE-2020-2696 - Local privilege escalation via CDE dtsession
  • From: Marco Ivaldi
• Re: [FD] Fortinet FortiSIEM Hardcoded SSH Key
  • From: Fortinet PSIRT
• [FD] .diagcab directory traversal leading to arbitrary code execution
  • From: Imre Rad
• [FD] [TZO-09-2020] - Bitdefender Malformed Archive bypass (RAR Uncompressed Size)
  • From: Thierry Zoller
• [FD] [TZO-10-2020] - Bitdefender Malformed Archive bypass (RAR Compression Information)
  • From: Thierry Zoller
• [FD] Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857
  • From: hyp3rlinx
• [FD] [REVIVE-SA-2020-001] Revive Adserver Vulnerability
  • From: Matteo Beccati via Fulldisclosure
• [FD] CarolinaCon CFP
  • From: CarolinaCon
• [FD] SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS
  • From: SEC Consult Vulnerability Lab
• [FD] CVE-2019-19363 - Local Privilege Escalation in many Ricoh Printer Drivers for Windows
  • From: Pentagrid AG
• [FD] [UPDATED - POC] Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857
  • From: hyp3rlinx
• [FD] Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routers
  • From: Błażej Adamczyk
• [FD] Become a speaker at Positive Hack Days 10. Call for Papers is now open
  • From: Alexander Lashkov via Fulldisclosure