Mail Index
Thread Index
[FD] Etherify 4 - jumping air gaps with real ethernet hardware
From
: Jacek Lipkowski
[FD] scikit-learn 0.23.2 Local Denial of Service
From
: pabloec20
Re: [FD] Etherify 4 - jumping air gaps with real ethernet hardware
From
: Dave Horsfall
[FD] Bundeswehr VDPBw 50+ reported vulnerabilities
From
: Vulnerability Lab
[FD] New BlackArch Linux ISOs + OVA Image released!
From
: Black Arch
[FD] ProCaster LE-32F430 SmartTV RCE via libsoup/2.51.3 stack overflow (CVE-2017-2885)
From
: def
[FD] Request for full disclosure of CVE-2020-25889 & CVE-2020-25955
From
: krishna yadav
[FD] Disable Windows Defender and most other 3rd party antiviruses
From
: Roberto Franceschetti
Re: [FD] Disable Windows Defender and most other 3rd party antiviruses
From
: Exibar
[FD] VestaCP v0.9.8-26 - (period) Cross Site Scripting Web Vulnerability
From
: Vulnerability Lab
[FD] VestaCP v0.9.8-26 - Insufficient Session Validation Web Vulnerability
From
: Vulnerability Lab
[FD] VestaCP v0.9.8-26 - (LoginAs) Token Session Vulnerability
From
: Vulnerability Lab
[FD] Huawei HedEx Lite (DM) - Path Traversal Web Vulnerability
From
: Vulnerability Lab
[FD] Cross-Site Scripting Vulnerabilities in BigtreeCMS 4.4.11
From
: Daniel Bishtawi via Fulldisclosure
Re: [FD] Disable Windows Defender and most other 3rd party antiviruses
From
: edwin
[FD] Vulnerability Path Traversal ACS
From
: n0ipr0cs
[FD] Reflected XSS in WordPress - DirectoriesPro 1.3.45 plugin disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Self-reflected XSS in WordPress DirectoriesPro 1.3.45 plugin disclosure.
From
: Jack Misiura via Fulldisclosure
[FD] IP access control bypass in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Stored cross-site scripting (XSS) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Cross-site request forgery (CSRF) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Reflected cross-site scripting (XSS) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Authenticated blind SQL injection (SQLi) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Missing access controls in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
From
: Jack Misiura via Fulldisclosure
[FD] Stored XSS in Online bus booking system
From
: krishna yadav
Re: [FD] Disable Windows Defender and most other 3rd party antiviruses
From
: Roberto Franceschetti
[FD] APPLE-SA-2020-12-14-1 iOS 14.3 and iPadOS 14.3
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-2 iOS 12.5
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-5 watchOS 7.2
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-6 watchOS 6.3
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-7 tvOS 14.3
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-8 Safari 14.0.2
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-9 macOS Server 5.11
From
: Apple Product Security via Fulldisclosure
[FD] APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
From
: Apple Product Security via Fulldisclosure
[FD] SEC Consult SA-20201217-0 :: Multiple critical vulnerabilities in Trend Micro InterScan Web Security Virtual Appliance (IWSVA)
From
: SEC Consult Vulnerability Lab
[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password - CVE-2020-11720
From
: Georg Ph E Heise via Fulldisclosure
[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-11719]
From
: Georg Ph E Heise via Fulldisclosure
[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Multiple SQL Injections [CVE-2020-11717]
From
: Georg Ph E Heise via Fulldisclosure
[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-8995]
From
: Georg Ph E Heise via Fulldisclosure
[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages are downloaded via unencrypted HTTP [CVE-2020-11718]
From
: Georg Ph E Heise via Fulldisclosure
[FD] CA20201215-01: Security Notice for CA Service Catalog
From
: Kevin Kotas via Fulldisclosure
[FD] Rocket.Chat quietly patches XSS vulnerability
From
: Moe Szyslak
[FD] Defense in depth -- the Microsoft way (part 68): where compatibility means vulnerability
From
: Stefan Kanthak
[FD] SUPREMO Local privilege escalation
From
: Adan Alvarez
[FD] remote code execution when open a project in android studio that google refused to fix(still 0day)
From
: houjingyi
[FD] Rocket.Chat Path Traversal
From
: Moe Szyslak
[FD] AST-2020-003: Remote crash in res_pjsip_diversion
From
: Asterisk Security Team
[FD] AST-2020-004: Remote crash in res_pjsip_diversion
From
: Asterisk Security Team
[FD] SYSS-2020-040 Urve - Missing Authentication for Critical Function (CWE-306)
From
: Erik Steltzner
[FD] SYSS-2020-041 Urve - Missing Authorization (CWE-862)
From
: Erik Steltzner
[FD] SYSS-2020-042 Urve - Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
From
: Erik Steltzner
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
From
: Jason Geffner
Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze
From
: Jason Geffner
[FD] [CVE-2018-7580] - Philips Hue Denial of Service
From
: Ilia Shnaidman
[FD] CarolinaCon Online CFP
From
: CarolinaCon
Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze
From
: Reed Loden
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
From
: Reed Loden
[FD] Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0
From
: Daniel Bishtawi via Fulldisclosure
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
From
: Jason Geffner
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
From
: Mark E. Jeftovic
[FD] survey on reliability of CVSS
From
: Zinaida Benenson
Mail converted by
MHonArc