Mail Thread Index

• Date Index

• [FD] CSNC-2020-005 - Checkmk Local Privilege Escalation, Advisories
• [FD] CVE-2020-12676 - FusionAuth SAML v2.0 bindings in Java using JAXB - Signature Exclusion Attack, Advisories
• [FD] How to build Win2k3, Gregory Boddin
• [FD] [SYSS-2019-048] Improper Authorization (CWE-285) in REDDOXX MailDepot (CVE-2019-19200), Micha Borrmann
• [FD] SEC Consult SA-20201001-0 :: Broken Access Control in Platinum Mobile, SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20201002-0 :: Multiple Vulnerabilities in SevOne Network Management System (NMS), SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20201005-0 :: Multiple Critical Vulnerabilities in RocketLinx Series, SEC Consult Vulnerability Lab
• [FD] XSS in krpano Panorama Viewer, Adriano Marcio Monteiro
• [FD] Recon Informer v1.2 - Intel for offensive systems tool., hyp3rlinx
• Re: [FD] Navy Federal Reflective Cross Site Scripting (XSS), Ken
• [FD] FortSIEM <= 5.2.8 RCE due to EL Injection - analysis, Red Timmy Security
• [FD] CVE-2020-25790, Rodolfo Augusto do Nascimento Tavares
• [FD] CVE-2020-24722: GAEN Protocol Metadata Deanonymization and Risk-score Inflation Issues, Stefan Marsiske via Fulldisclosure
• [FD] Student Result Management System 1.0 - Multiple SQL Injection Vulnerabilities, b1nary
• [FD] [RT-SA-2020-002] Denial of Service in D-Link DSR-250N, RedTeam Pentesting GmbH
• [FD] SEC Consult SA-20201008-0 :: Multiple Cross-Site Scripting Vulnerabilities in Confluence Marketplace Plugins, SEC Consult Vulnerability Lab
• [FD] Cisco Webex Teams Client for Windows DLL Hijacking Vulnerability, houjingyi
• [FD] SEC Consult SA-20201012-0 :: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload in Sage DPW, SEC Consult Vulnerability Lab
• [FD] Java deserialization vulnerability in QRadar RemoteJavaScript Servlet, Securify B.V. via Fulldisclosure
• Re: [FD] Google's Android: remote install backdoor in Google Play Services, Enrico Weigelt, metux IT consult
  • Re: [FD] Google's Android: remote install backdoor in Google Play Services, Adrian Sanabria
  • Re: [FD] Google's Android: remote install backdoor in Google Play Services, Pedro Cunha
    • Re: [FD] Google's Android: remote install backdoor in Google Play Services, Michael Lazin
• [FD] Open-Xchange Security Advisory 2020-10-13, Open-Xchange GmbH via Fulldisclosure
• [FD] [RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass, RedTeam Pentesting GmbH
• [FD] LISTSERV Maestro Remote Code Execution Vulnerability, Ryan Wincey
• [FD] [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton, RedTeam Pentesting GmbH
• [FD] VL 2020-10-22 - German Bundeswehr starts own Responsible Disclosure Program (VDPBw), Vulnerability Lab
• [FD] SEC Consult SA-20201023-0 :: Multiple Vulnerabilities in PubliXone, SEC Consult Vulnerability Lab
• [FD] Unicorn Emulator 1.0.2 is out!, Nguyen Anh Quynh
• [FD] CVE-2020-24990 Q-SYS <= 8.2.1 TFTP Directory Traversal, Kevin R
• [FD] [CVE-2020-25204] God Kings "com.innogames.core.frontend.notifications.receivers.LocalNotificationBroadcastReceiver" Improper Authorization Allowing In-Game Notification Spoofing, Julien Ahrens (RCE Security)
• [FD] German armed forces launch security vulnerability disclosure program, Vulnerability Lab
• [FD] Chrome heap buffer overflow in freetype2 CVE-2020-15999, Marcin Kozlowski