Mail Index

• Thread Index

• [FD] [Bug] Firefox privacy leakage: search term is sent to ISP without user's consent.
  • From: duykham
• [FD] APPLE-SA-2020-06-01-1 iOS 13.5.1 and iPadOS 13.5.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-06-01-2 macOS Catalina 10.15.5 Supplemental Update, Security Update 2020-003 High Sierra
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-06-01-3 tvOS 13.4.6
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-06-01-4 watchOS 6.2.6
  • From: Apple Product Security via Fulldisclosure
• [FD] BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction
  • From: Marcin Kozlowski
• [FD] [CVE-2020-9484] Apache Tomcat RCE via PersistentManager
  • From: Red Timmy Security
• [FD] Sabberworm PHP CSS parser - Code injection vulnerability
  • From: Eldar Marcussen
• [FD] Castel NextGen DVR multiple CVEs
  • From: Aaron Bishop
• [FD] Defense in depth -- the Microsoft way (part 68): qUACkery is futile!
  • From: Stefan Kanthak
• [FD] Defense in depth -- the Microsoft way (part 69): security remarks are as futile as the qUACkery!
  • From: Stefan Kanthak
• [FD] WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866
  • From: hyp3rlinx
• [FD] Avaya IP Office v9.1.8.0 - 11 Insecure Transit Password Disclosure CVE-2020-7030
  • From: hyp3rlinx
• [FD] CVE-2020-13432 - HFS HTTP File Server / Remote Buffer Overflow DoS
  • From: hyp3rlinx
• [FD] WebUntis: Stored XSS (Filter Bypass)
  • From: Robin Meis via Fulldisclosure
• [FD] RoyalTS SSH Tunnel - Authentication Bypass
  • From: michele
• [FD] Ciphermail - New advisory publlication
  • From: Pablo Zurro via Fulldisclosure
• [FD] Pydio cells - New advisory publication
  • From: Pablo Zurro via Fulldisclosure
• [FD] Web Application Firewall bypass - part 3
  • From: Red Timmy Security
• [FD] New Release: UFONet v1.5 - [MLV] "MuLTi.V3rSe!"...
  • From: psy
• [FD] Open-Xchange Security Advisory 2020-06-12
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2020-06-12
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] TheBigIndexer - Index services and leaks over the ipv4 internet
  • From: Gregory Boddin
• [FD] [CVE-2020-12827] MJML <= 4.6.2 mj-include "path" Path Traversal
  • From: Julien Ahrens (RCE Security)
• [FD] TP-LINK Cloud Cameras NCXXX DelMultiUser Stack Overflow
  • From: Pietro Oliva
• [FD] Pulse Secure Client < 9.1R6 TOCTOU Privilege Escalation (CVE-2020-13162)
  • From: Red Timmy Security
• [FD] [SYSS_2020-014]: ABUS Secvest Wireless Control Device (FUBE50001) - Missing Encryption of Sensitive Data (CWE-311) (CVE-2020-14157)
  • From: Matthias Deeg
• Re: [FD] Remote Code Execution in qmail (CVE-2005-1513)
  • From: Qualys Security Advisory
• [FD] Keystone Assembler Engine 0.9.2 is out!
  • From: Nguyen Anh Quynh
• [FD] GilaCMS - CVE-2019-13364 CVE-2019-13363
  • From: Rodolfo Augusto do Nascimento Tavares
• [FD] DLL Hijacking at the Trend Micro Password Manager (CVE-2020–8469)
  • From: Silton Renato Pereira dos Santos
• [FD] KL-001-2020-003 : Cellebrite EPR Decryption Relies on Hardcoded AES Key Material
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] [KIS-2020-06] openSIS <= 7.4 Incorrect Access Control Vulnerabilities
  • From: Egidio Romano
• [FD] [KIS-2020-07] openSIS <= 7.4 (Bottom.php) Local File Inclusion Vulnerability
  • From: Egidio Romano
• [FD] [KIS-2020-08] openSIS <= 7.4 Multiple SQL Injection Vulnerabilities
  • From: Egidio Romano