Mail Thread Index

• Date Index

• [FD] SEC Consult SA-20201104-0 :: Multiple vulnerabilities in Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA), SEC Consult Vulnerability Lab
• [FD] Git LFS (git-lfs) - Remote Code Execution (RCE) exploit CVE-2020-27955 - Clone to Pwn, Dawid Golunski
• [FD] AST-2020-001: Remote crash in res_pjsip_session, Asterisk Security Team
• [FD] AST-2020-002: Outbound INVITE loop on challenge with different nonce., Asterisk Security Team
• [FD] Etherify - bringing the ether back to ethernet, Jacek Lipkowski
• [FD] APPLE-SA-2020-11-05-2 iOS 12.4.9, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-05-1 iOS 14.2 and iPadOS 14.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-05-7 tvOS 14.2, Apple Product Security via Fulldisclosure
• [FD] Advisory: ES2020-02 - Asterisk crash due to INVITE flood over TCP, Sandro Gauci
• [FD] secuvera-SA-2020-01: Broken Object Level Authorization Vulnerability in OvulaRing-Webapplication, Tobias Glemser
• [FD] NtFileSins v2.2 / Windows NTFS Privileged File Access Enumeration Tool (Python v3), hyp3rlinx
• [FD] [No cON Name] #ncn2k20 CFP online - Barcelona, José Nicolás Castellano
• [FD] Avian JVM FileOutputStream.write() Integer Overflow, Pietro Oliva via Fulldisclosure
• [FD] Scope of Debian's /home/loser is with permissions 755, default umask 002, Georgi Guninski
  • Re: [FD] Scope of Debian's /home/loser is with permissions 755, default umask 002, bo0od
  • Re: [FD] Scope of Debian's /home/loser is with permissions 755, default umask 002, Pim van Stam
• [FD] [SYSS-2020-037] Persistent Cross-site Scripting (CWE-79) in REDDOXX MailDepot (CVE-2020-26554), Micha Borrmann
• [FD] APPLE-SA-2020-11-13-2 Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0, Apple Product Security via Fulldisclosure
• [FD] SIGE (Joomla) 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities, Vulnerability Lab
• [FD] Froxlor v0.10.16 CP - (Customer) Persistent Vulnerability, Vulnerability Lab
• [FD] Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability, Vulnerability Lab
• [FD] Intel NUC - Local Privilege Escalation Vulnerability, Vulnerability Lab
• [FD] SugarCRM v6.5.18 - (Employees) Persistent Cross Site Vulnerability, Vulnerability Lab
• [FD] SugarCRM v6.5.18 - (Contacts) Persistent Cross Site Web Vulnerability, Vulnerability Lab
• [FD] Fancy Product Designer for WooCommerce - Stored XSS via SVG upload, Jonathan Gregson via Fulldisclosure
• [FD] Fancy Product Designer for WooCommerce - Unrestricted File Upload, Jonathan Gregson via Fulldisclosure
• [FD] SEC Consult SA-20201117-0 :: Blind Out-Of-Band XML External Entity Injection in Avaya Web License Manager, SEC Consult Vulnerability Lab
• [FD] SOWA.OPAC Reflected Cross Site Scripting, hacker
• [FD] TCMalloc viewer/dumper - TCMalloc Inspector Tool, Marcin Kozlowski
• [FD] VTiger v7.0 CRM - (To) Persistent Email Vulnerability, Vulnerability Lab
• [FD] KL-001-2020-004 : Barco wePresent Hardcoded API Credentials, KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text, KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2020-006 : Barco wePresent Authentication Bypass, KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web UI, KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password, KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2020-009 : Barco wePresent Insecure Firmware Image, KoreLogic Disclosures via Fulldisclosure
• [FD] CA20201116-01: Security Notice for CA Unified Infrastructure Management, Ken Williams via Fulldisclosure
• [FD] SEC Consult SA-20201123-0 :: Multiple Vulnerabilities in ZTE WLAN router MF253V, SEC Consult Vulnerability Lab