Mail Thread Index

• Date Index

• Re: [FD] Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routers, Błażej Adamczyk
• [FD] [CFP] leHACK - June 26 - June 27, 2020, Hackira
• [FD] APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-28-3 watchOS 6.1.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-28-4 tvOS 13.3.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-28-5 Safari 13.0.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-29-1 iCloud for Windows 7.17, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2, Apple Product Security via Fulldisclosure
• [FD] Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong), Stefan Kanthak
• [FD] LPE and RCE in OpenSMTPD (CVE-2020-7247), Qualys Security Advisory
• [FD] [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED, Stefan Kanthak
• [FD] Executable installers are vulnerable^WEVIL (case 58): Intel® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege, Stefan Kanthak
• [FD] New Release: UFONet v1.4 - "T|M3WaRS!"..., psy
• [FD] xglance-bin exploit (CVE-2014-2630), redazione
• [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) – BlueFrag, Marcin Kozlowski
  • Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) – BlueFrag, Marcin Kozlowski
• [FD] [KIS-2020-01] SuiteCRM <= 7.11.11 Second-Order PHP Object Injection Vulnerabilities, Egidio Romano
• [FD] [KIS-2020-02] SuiteCRM <= 7.11.11 Multiple Phar Deserialization Vulnerabilities, Egidio Romano
• [FD] [KIS-2020-03] SuiteCRM <= 7.11.11 (action_saveHTMLField) Bean Manipulation Vulnerability, Egidio Romano
• [FD] [KIS-2020-04] SuiteCRM <= 7.11.11 (add_to_prospect_list) Broken Access Control Vulnerability, Egidio Romano
• [FD] [KIS-2020-05] SuiteCRM <= 7.11.10 Multiple SQL Injection Vulnerabilities, Egidio Romano
• [FD] CVE-2019-18915 HP System Event Utility / Privilege Escalation Vulnerability, hyp3rlinx
• [FD] CA20200205-01: Security Notice for CA Unified Infrastructure Management, Ken Williams via Fulldisclosure
• [FD] RootedCON 2020 - Registration, Trainings, Speakers and Hacker Night, omarbv
• [FD] [EnumJavaLibs]_ Remote Java classpath enumerator, RedTimmy Security
  • [FD] Web Application Firewall bypass via Bluecoat device, RedTimmy Security
• [FD] [TZO-11-2020] - ESET Generic Malformed Archive Bypass (BZ2 Checksum), Thierry Zoller
• [FD] [TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG), Thierry Zoller
• [FD] [TZO-15-2020] - F-SECURE Generic Malformed Container bypass (RAR), Thierry Zoller
• [FD] CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability, Imre Rad
• [FD] Multiple vulnerabilities in SmartClient_v12, Red Team
• [FD] [TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN), Thierry Zoller
• [FD] [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP), Thierry Zoller
• Re: [FD] [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information), Thierry Zoller
• [FD] D-Link DGS-1250 header injection vulnerability, Harry Sintonen via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2020-02-19, Open-Xchange GmbH via Fulldisclosure
• [FD] SEC Consult SA-20200225-0 :: Multiple Cross-site Scripting (XSS) Vulnerabilities in PHP-Fusion CMS, SEC Consult Vulnerability Lab
• [FD] CVE-2020-5497 - MITREid Connect XSS, aaron bishop
• [FD] Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064), Jonathan Brossard
• [FD] [SerialTweaker] Interactive modification of Java Serialized Objects, Red Timmy Security
• [FD] Local information disclosure in OpenSMTPD (CVE-2020-8793), Qualys Security Advisory
• [FD] LPE and RCE in OpenSMTPD's default install (CVE-2020-8794), Qualys Security Advisory
• [FD] Comtrend VR-3033 Multiple Command Injection vulnerability, raki ben hamouda
• [FD] Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components, Stefan Kanthak
• [FD] [TZO-19-2020] - AVIRA Generic AV Bypass (ISO Container) - CVE-2020-9320, Thierry Zoller
• [FD] [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP), Thierry Zoller
• [FD] [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass, Thierry Zoller
• [FD] [TZO-23-2020] - AVAST Generic Archive Bypass (ZIP), Thierry Zoller