Mail Thread Index

• Date Index

• [FD] [Bug] Firefox privacy leakage: search term is sent to ISP without user's consent., duykham
• [FD] APPLE-SA-2020-06-01-1 iOS 13.5.1 and iPadOS 13.5.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-06-01-2 macOS Catalina 10.15.5 Supplemental Update, Security Update 2020-003 High Sierra, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-06-01-3 tvOS 13.4.6, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-06-01-4 watchOS 6.2.6, Apple Product Security via Fulldisclosure
• [FD] BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction, Marcin Kozlowski
• [FD] [CVE-2020-9484] Apache Tomcat RCE via PersistentManager, Red Timmy Security
• [FD] Sabberworm PHP CSS parser - Code injection vulnerability, Eldar Marcussen
• [FD] Castel NextGen DVR multiple CVEs, Aaron Bishop
• [FD] Defense in depth -- the Microsoft way (part 68): qUACkery is futile!, Stefan Kanthak
• [FD] Defense in depth -- the Microsoft way (part 69): security remarks are as futile as the qUACkery!, Stefan Kanthak
• [FD] WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866, hyp3rlinx
• [FD] Avaya IP Office v9.1.8.0 - 11 Insecure Transit Password Disclosure CVE-2020-7030, hyp3rlinx
• [FD] CVE-2020-13432 - HFS HTTP File Server / Remote Buffer Overflow DoS, hyp3rlinx
• [FD] WebUntis: Stored XSS (Filter Bypass), Robin Meis via Fulldisclosure
• [FD] RoyalTS SSH Tunnel - Authentication Bypass, michele
• [FD] Ciphermail - New advisory publlication, Pablo Zurro via Fulldisclosure
• [FD] Pydio cells - New advisory publication, Pablo Zurro via Fulldisclosure
• [FD] Web Application Firewall bypass - part 3, Red Timmy Security
• [FD] New Release: UFONet v1.5 - [MLV] "MuLTi.V3rSe!"..., psy
• [FD] Open-Xchange Security Advisory 2020-06-12, Open-Xchange GmbH via Fulldisclosure
  • <Possible follow-ups>
  • [FD] Open-Xchange Security Advisory 2020-06-12, Open-Xchange GmbH via Fulldisclosure
• [FD] TheBigIndexer - Index services and leaks over the ipv4 internet, Gregory Boddin
• [FD] [CVE-2020-12827] MJML <= 4.6.2 mj-include "path" Path Traversal, Julien Ahrens (RCE Security)
• [FD] TP-LINK Cloud Cameras NCXXX DelMultiUser Stack Overflow, Pietro Oliva
• [FD] Pulse Secure Client < 9.1R6 TOCTOU Privilege Escalation (CVE-2020-13162), Red Timmy Security
• [FD] [SYSS_2020-014]: ABUS Secvest Wireless Control Device (FUBE50001) - Missing Encryption of Sensitive Data (CWE-311) (CVE-2020-14157), Matthias Deeg
• Re: [FD] Remote Code Execution in qmail (CVE-2005-1513), Qualys Security Advisory
• [FD] Keystone Assembler Engine 0.9.2 is out!, Nguyen Anh Quynh
• [FD] GilaCMS - CVE-2019-13364 CVE-2019-13363, Rodolfo Augusto do Nascimento Tavares
• [FD] DLL Hijacking at the Trend Micro Password Manager (CVE-2020–8469), Silton Renato Pereira dos Santos
• [FD] KL-001-2020-003 : Cellebrite EPR Decryption Relies on Hardcoded AES Key Material, KoreLogic Disclosures via Fulldisclosure
• [FD] [KIS-2020-06] openSIS <= 7.4 Incorrect Access Control Vulnerabilities, Egidio Romano
• [FD] [KIS-2020-07] openSIS <= 7.4 (Bottom.php) Local File Inclusion Vulnerability, Egidio Romano
• [FD] [KIS-2020-08] openSIS <= 7.4 Multiple SQL Injection Vulnerabilities, Egidio Romano