Mail Index

• Thread Index

• [FD] SEC Consult SA-20200701-0 :: Reflected Cross-Site Scripting (XSS) in EQDKP Plus CMS
  • From: SEC Consult Vulnerability Lab
• [FD] CVE-2019-19935 - DOM XSS in Froala WYSIWYG HTML Editor
  • From: Advisories
• [FD] [CVE-2020-11882] o2 Business for Android "canvasm.myo2.SplashActivity" <= 1.2.0 Open Redirect
  • From: Julien Ahrens (RCE Security)
• [FD] [SYSS-2020-011] Apple iOS - Exposure of Resource to Wrong Sphere (CWE-668)
  • From: Philipp Buchegger
• [FD] Bolt CMS <= 3.7.0 Multiple Vulnerabilities - CSRF to RCE
  • From: Sivanesh Ashok
• [FD] Microsoft Windows mshta.exe HTA File / XML External Entity Injection
  • From: hyp3rlinx
• [FD] Four vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Multiple vulnerabilities found in CDATA OLTs
  • From: Pierre Kim
• [FD] X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch
  • From: X41 D-Sec GmbH Advisories
• [FD] Microsoft OneDrive client for Windows Qt QML module hijack
  • From: Securify B.V. via Fulldisclosure
• [FD] SEC Consult SA-20200708-0 :: Multiple Critical Vulnerabilities in Multiple Rittal Products Based on Same Software
  • From: SEC Consult Vulnerability Lab
• [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Enrico Weigelt, metux IT consult
• [FD] Ptrace based fuzzer for fuzzing binaries at high speeds
  • From: Marcin Kozlowski
• Re: [FD] Multiple vulnerabilities found in CDATA OLTs
  • From: Pierre Kim
• [FD] Multiple vulnerabilities found in V-SOL OLTs
  • From: Pierre Kim
• [FD] Verint Impact 360 Open iFrame
  • From: Ryan Delaney
• [FD] Verint Impact 360 onLogin open redirect
  • From: Ryan Delaney
• [FD] Verint Impact 360 login CSRF
  • From: Ryan Delaney
• [FD] NEProfile - Remote Code Execution
  • From: ghost
• [FD] Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root
  • From: Larry W. Cashdollar via Fulldisclosure
• Re: [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Fabio
• Re: [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Michael Lazin
• [FD] VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]
  • From: Cfir Cohen via Fulldisclosure
• [FD] APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-07-15-3 tvOS 13.4.8
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-07-15-4 watchOS 6.2.8
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-07-15-5 Safari 13.1.2
  • From: Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20200717-0 :: Multiple Vulnerabilities in WonderCMS
  • From: SEC Consult Vulnerability Lab
• [FD] Mida Solutions eFramework <= 2.9.0 Multiple Vulnerabilities
  • From: Andrea Baesso
• [FD] Advisory:[CVE-2020-15596]ALPS ALPINE DLL Hijacking Issue
  • From: Caiyuan Xie
• [FD] SEC Consult SA-20200724-0 :: Privilege Escalation Vulnerability in SteelCentral Aternity Agent
  • From: SEC Consult Vulnerability Lab
• [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Defense in depth -- the Microsoft way (part 70): CVE-2014-0315 alias MS14-019 revisited
  • From: Stefan Kanthak
• [FD] Vulnerability Repot# MAMP PRO 4.2.0 Local Privilege Escalation
  • From: Nicholas
• [FD] SEC Consult SA-20200728-0 :: Stored Cross-Site Scripting (XSS) Vulnerability in Namirial SIGNificant SignAnyWhere
  • From: SEC Consult Vulnerability Lab
• [FD] [SYSS-2020-015]: ABUS Secvest Hybrid module (FUMO50110) - Authentication Bypass Using an Alternate Path or Channel (CWE-288) (CVE-2020-14158)
  • From: Matthias Deeg