Mail Index

• Thread Index

• [FD] [SYSS-2020-029]: Jira module "Gantt-Chart for Jira" - Improper Privilege Management (CWE-269)(CVE-2020-15943)
  • From: Sebastian Auwärter
• [FD] [SYSS-2020-030]: Jira module "Gantt-Chart for Jira" - Cross-Site Scripting (CWE-79)(CVE-2020-15944)
  • From: Sebastian Auwärter
• [FD] October CMS <= Build 465 Multiple Vulnerabilities - Arbitrary File Read
  • From: Sivanesh Ashok
• [FD] SEC Consult SA-20200807-0 :: Multiple Vulnerabilities in flatCore CMS
  • From: SEC Consult Vulnerability Lab
• [FD] ManageEngine ADSelfService Plus – Unauthenticated Remote Code Execution Vulnerability
  • From: Bhdresh
• [FD] Remote Code Execution 0day in vBulletin 5.x
  • From: Zenofex via Fulldisclosure
• Re: [FD] ManageEngine ADSelfService Plus – Unauthenticated Remote Code Execution Vulnerability
  • From: Bhdresh
• [FD] SugarCRM < 10.1.0 Multiple Reflected Cross-Site Scripting Vulnerabilities
  • From: Egidio Romano
• [FD] SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
  • From: Egidio Romano
• [FD] Avian JVM vm::arrayCopy() Multiple Integer Overflows
  • From: Pietro Oliva via Fulldisclosure
• [FD] Avian JVM vm::arrayCopy() silent return on negative length
  • From: Pietro Oliva via Fulldisclosure
• [FD] Two vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] New Release: UFONet v1.6 - "M4RAuD3R!"...
  • From: psy
• [FD] Payment bypass in WordPress - WooCommerce - NAB Transact plugin disclosure
  • From: Jack Misiura via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2020-08-20
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] CVE-2020-24548 / Ericom Access Server for (AccessNow & Ericom Blaze) v9.2.0 / Server Side Request Forgery
  • From: hyp3rlinx
• [FD] Google Chromecast Auth Bypass/RCE
  • From: Benjamin Floyd
• [FD] NEProfile - Host Header Injection
  • From: ghost
• [FD] A Tale of Escaping a Hardened Docker container
  • From: Red Timmy Security
• [FD] SEC Consult SA-20200826-0 :: Extensive file permissions on service executable in Eikon Thomson Reuters
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S
  • From: SEC Consult Vulnerability Lab
• [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Missing Trust Validation in Visual Studio's VSIX Installer
  • From: Ostovary, Daniel
• [FD] SUPERAntiSpyware Professional X Trial < 10.0.1206 Local Privilege Escalation
  • From: b1nary