Mail Thread Index
- [FD] Etherify 4 - jumping air gaps with real ethernet hardware,
Jacek Lipkowski
- [FD] scikit-learn 0.23.2 Local Denial of Service,
pabloec20
- [FD] Bundeswehr VDPBw 50+ reported vulnerabilities,
Vulnerability Lab
- [FD] New BlackArch Linux ISOs + OVA Image released!,
Black Arch
- [FD] ProCaster LE-32F430 SmartTV RCE via libsoup/2.51.3 stack overflow (CVE-2017-2885),
def
- [FD] Request for full disclosure of CVE-2020-25889 & CVE-2020-25955,
krishna yadav
- [FD] Disable Windows Defender and most other 3rd party antiviruses,
Roberto Franceschetti
- [FD] VestaCP v0.9.8-26 - (period) Cross Site Scripting Web Vulnerability,
Vulnerability Lab
- [FD] VestaCP v0.9.8-26 - Insufficient Session Validation Web Vulnerability,
Vulnerability Lab
- [FD] VestaCP v0.9.8-26 - (LoginAs) Token Session Vulnerability,
Vulnerability Lab
- [FD] Huawei HedEx Lite (DM) - Path Traversal Web Vulnerability,
Vulnerability Lab
- [FD] Cross-Site Scripting Vulnerabilities in BigtreeCMS 4.4.11,
Daniel Bishtawi via Fulldisclosure
- [FD] Vulnerability Path Traversal ACS,
n0ipr0cs
- [FD] Reflected XSS in WordPress - DirectoriesPro 1.3.45 plugin disclosure,
Jack Misiura via Fulldisclosure
- [FD] Self-reflected XSS in WordPress DirectoriesPro 1.3.45 plugin disclosure.,
Jack Misiura via Fulldisclosure
- [FD] IP access control bypass in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure,
Jack Misiura via Fulldisclosure
- [FD] Stored cross-site scripting (XSS) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure,
Jack Misiura via Fulldisclosure
- [FD] Cross-site request forgery (CSRF) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure,
Jack Misiura via Fulldisclosure
- [FD] Reflected cross-site scripting (XSS) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure,
Jack Misiura via Fulldisclosure
- [FD] Authenticated blind SQL injection (SQLi) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure,
Jack Misiura via Fulldisclosure
- [FD] Missing access controls in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure,
Jack Misiura via Fulldisclosure
- [FD] Stored XSS in Online bus booking system,
krishna yadav
- [FD] APPLE-SA-2020-12-14-1 iOS 14.3 and iPadOS 14.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-2 iOS 12.5,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-5 watchOS 7.2,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-6 watchOS 6.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-7 tvOS 14.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-8 Safari 14.0.2,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-9 macOS Server 5.11,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1,
Apple Product Security via Fulldisclosure
- [FD] SEC Consult SA-20201217-0 :: Multiple critical vulnerabilities in Trend Micro InterScan Web Security Virtual Appliance (IWSVA),
SEC Consult Vulnerability Lab
- [FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password - CVE-2020-11720,
Georg Ph E Heise via Fulldisclosure
- [FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-11719],
Georg Ph E Heise via Fulldisclosure
- [FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Multiple SQL Injections [CVE-2020-11717],
Georg Ph E Heise via Fulldisclosure
- [FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-8995],
Georg Ph E Heise via Fulldisclosure
- [FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages are downloaded via unencrypted HTTP [CVE-2020-11718],
Georg Ph E Heise via Fulldisclosure
- [FD] CA20201215-01: Security Notice for CA Service Catalog,
Kevin Kotas via Fulldisclosure
- [FD] Rocket.Chat quietly patches XSS vulnerability,
Moe Szyslak
- [FD] Defense in depth -- the Microsoft way (part 68): where compatibility means vulnerability,
Stefan Kanthak
- [FD] SUPREMO Local privilege escalation,
Adan Alvarez
- [FD] remote code execution when open a project in android studio that google refused to fix(still 0day),
houjingyi
- [FD] Rocket.Chat Path Traversal,
Moe Szyslak
- [FD] AST-2020-003: Remote crash in res_pjsip_diversion,
Asterisk Security Team
- [FD] AST-2020-004: Remote crash in res_pjsip_diversion,
Asterisk Security Team
- [FD] SYSS-2020-040 Urve - Missing Authentication for Critical Function (CWE-306),
Erik Steltzner
- [FD] SYSS-2020-041 Urve - Missing Authorization (CWE-862),
Erik Steltzner
- [FD] SYSS-2020-042 Urve - Exposure of Sensitive Information to an Unauthorized Actor (CWE-200),
Erik Steltzner
- [FD] [CVE-2018-7580] - Philips Hue Denial of Service,
Ilia Shnaidman
- [FD] CarolinaCon Online CFP,
CarolinaCon
- Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze,
Reed Loden
- Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze,
Reed Loden
- [FD] Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0,
Daniel Bishtawi via Fulldisclosure
- [FD] survey on reliability of CVSS,
Zinaida Benenson
Mail converted by MHonArc