Mail Index

• Thread Index

• [FD] CSNC-2020-005 - Checkmk Local Privilege Escalation
  • From: Advisories
• [FD] CVE-2020-12676 - FusionAuth SAML v2.0 bindings in Java using JAXB - Signature Exclusion Attack
  • From: Advisories
• [FD] How to build Win2k3
  • From: Gregory Boddin
• [FD] [SYSS-2019-048] Improper Authorization (CWE-285) in REDDOXX MailDepot (CVE-2019-19200)
  • From: Micha Borrmann
• [FD] SEC Consult SA-20201001-0 :: Broken Access Control in Platinum Mobile
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20201002-0 :: Multiple Vulnerabilities in SevOne Network Management System (NMS)
  • From: SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20201005-0 :: Multiple Critical Vulnerabilities in RocketLinx Series
  • From: SEC Consult Vulnerability Lab
• [FD] XSS in krpano Panorama Viewer
  • From: Adriano Marcio Monteiro
• [FD] Recon Informer v1.2 - Intel for offensive systems tool.
  • From: hyp3rlinx
• Re: [FD] Navy Federal Reflective Cross Site Scripting (XSS)
  • From: Ken
• [FD] FortSIEM <= 5.2.8 RCE due to EL Injection - analysis
  • From: Red Timmy Security
• [FD] CVE-2020-25790
  • From: Rodolfo Augusto do Nascimento Tavares
• [FD] CVE-2020-24722: GAEN Protocol Metadata Deanonymization and Risk-score Inflation Issues
  • From: Stefan Marsiske via Fulldisclosure
• [FD] Student Result Management System 1.0 - Multiple SQL Injection Vulnerabilities
  • From: b1nary
• [FD] [RT-SA-2020-002] Denial of Service in D-Link DSR-250N
  • From: RedTeam Pentesting GmbH
• [FD] SEC Consult SA-20201008-0 :: Multiple Cross-Site Scripting Vulnerabilities in Confluence Marketplace Plugins
  • From: SEC Consult Vulnerability Lab
• [FD] Cisco Webex Teams Client for Windows DLL Hijacking Vulnerability
  • From: houjingyi
• [FD] SEC Consult SA-20201012-0 :: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload in Sage DPW
  • From: SEC Consult Vulnerability Lab
• [FD] Java deserialization vulnerability in QRadar RemoteJavaScript Servlet
  • From: Securify B.V. via Fulldisclosure
• Re: [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Enrico Weigelt, metux IT consult
• [FD] Open-Xchange Security Advisory 2020-10-13
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] [RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass
  • From: RedTeam Pentesting GmbH
• Re: [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Adrian Sanabria
• [FD] LISTSERV Maestro Remote Code Execution Vulnerability
  • From: Ryan Wincey
• Re: [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Michael Lazin
• Re: [FD] Google's Android: remote install backdoor in Google Play Services
  • From: Pedro Cunha
• [FD] [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton
  • From: RedTeam Pentesting GmbH
• [FD] VL 2020-10-22 - German Bundeswehr starts own Responsible Disclosure Program (VDPBw)
  • From: Vulnerability Lab
• [FD] SEC Consult SA-20201023-0 :: Multiple Vulnerabilities in PubliXone
  • From: SEC Consult Vulnerability Lab
• [FD] Unicorn Emulator 1.0.2 is out!
  • From: Nguyen Anh Quynh
• [FD] CVE-2020-24990 Q-SYS <= 8.2.1 TFTP Directory Traversal
  • From: Kevin R
• [FD] [CVE-2020-25204] God Kings "com.innogames.core.frontend.notifications.receivers.LocalNotificationBroadcastReceiver" Improper Authorization Allowing In-Game Notification Spoofing
  • From: Julien Ahrens (RCE Security)
• [FD] German armed forces launch security vulnerability disclosure program
  • From: Vulnerability Lab
• [FD] Chrome heap buffer overflow in freetype2 CVE-2020-15999
  • From: Marcin Kozlowski