Mail Thread Index
- [FD] X41 D-Sec GmbH Security Advisory X41-2021-001: Multiple Vulnerabilities in YARA,
X41 D-Sec GmbH Advisories
- [FD] Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14,
Daniel Bishtawi via Fulldisclosure
- [FD] Backdoor.Win32.DarkKomet.apbb / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Wollf.14 / Missing Authentication,
malvuln
- [FD] Constructor.Win32.SpyNet.a / Remote Password Leak,
malvuln
- [FD] Backdoor.Win32.Zetronic / Remote DoS,
malvuln
- [FD] Backdoor.Win32.Zhangpo / Remote DoS,
malvuln
- [FD] Backdoor.Win32.Mhtserv.b / Missing Authentication,
malvuln
- [FD] Backdoor.Win32.MiniBlackLash / Remote DoS,
malvuln
- [FD] Packed.Win32.Katusha.o (Ransomeware) / Insecure Permissions EoP,
malvuln
- [FD] Backdoor.Win32.Anaptix.bd / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Buterat.cxq / Insecure Permissions EoP,
malvuln
- [FD] Backdoor.Win32.Celine / Missing Authentication,
malvuln
- [FD] Oracle DB: various issues related to malicious database gateways,
Harrison Neal
- [FD] APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2021-02-01-2 Additional information for APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2021-02-01-3 Additional information for APPLE-SA-2021-01-26-2 tvOS 14.4,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2021-02-01-4 Additional information for APPLE-SA-2021-01-26-3 watchOS 7.3,
Apple Product Security via Fulldisclosure
- [FD] Backdoor.Win32.Xyligan.blp / Insecure Permissions EoP,
malvuln
- [FD] null pointer deference in mfmp4srcsnk.dll in latest windows 10,
houjingyi
- [FD] Backdoor.Win32.NetBull.11.b / Remote Buffer Overflow,
malvuln
- [FD] Backdoor.Win32.RemoteManipulator.brr / Insecure Permissions EoP,
malvuln
- [FD] Bug bounty failure stories to learn from: how we ended up to hack a bank with no reward,
Red Timmy Security
- [FD] KSA-Dev-008: Authenticated XSRF leads to complete account takeover in all UNIBOX WiFi Hotspot Controller,
Kaustubh via Fulldisclosure
- [FD] KSA_DEV-009 :- Authenticated Code Execution In Unibox 2.4,
Kaustubh via Fulldisclosure
- [FD] Trojan.Win32.Gentee.b / Insecure Permissions EoP,
malvuln
- [FD] Trojan.Win32.Gentee.h / Insecure Permissions EoP,
malvuln
- [FD] Trojan-Spy.Win32.SpyEyes.auqj / Insecure Permissions EoP,
malvuln
- [FD] Trojan-Spy.Win32.SpyEyes.auwl / Insecure Permissions EoP,
malvuln
- [FD] Trojan.Win32.Comei.pgo / Insecure Permissions EoP,
malvuln
- [FD] Trojan.Win32.Cospet.abg / Insecure Permissions EoP,
malvuln
- [FD] Email-Worm.Win32.Sircam.eb / Insecure Permissions EoP,
malvuln
- [FD] Trojan.Win32.Delf.uq / Insecure Permissions EoP,
malvuln
- [FD] Trojan-Spy.Win32.SpyEyes.awow / Insecure Permissions EoP,
malvuln
- [FD] Trojan-Spy.Win32.WebCenter.a / Information Disclosure,
malvuln
- [FD] SEC Consult SA-20210210-0 :: Reflected Cross-Site Scripting in Adobe Magento Commerce,
SEC Consult Vulnerability Lab
- [FD] Path traversal in SolarWinds Serv-U File Server <=15.2.1,
Jack Misiura via Fulldisclosure
- [FD] Stored XSS in SolarWinds Serv-U File Server <=15.2.1,
Jack Misiura via Fulldisclosure
- [FD] Trojan-Spy.Win32.WinSpy.vwl / Insecure Permissions EoP,
malvuln
- [FD] Backdoor.Win32.Wollf.15 / Missing Authentication,
malvuln
- [FD] Trojan.Win32.Cafelom.bu / Heap Corruption,
malvuln
- [FD] Backdoor.Win32.NetTerrorist / Unauthorized Remote Command Execution,
malvuln
- [FD] Backdoor.Win32.Aphexdoor.LiteSock / Remote Stack Buffer Overflow,
malvuln
- [FD] Backdoor.Win32.Augudor.a / Unauthenticated Remote File Write Code Execution,
malvuln
- [FD] Backdoor.Win32.BackAttack.18 / Multiple Vulnerabilities,
malvuln
- [FD] APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002,
Apple Product Security via Fulldisclosure
- [FD] Recon-Informer v1.3 - Intel for offensive systems anti-reconnaissance (nmap) tool,
hyp3rlinx
- [FD] Backdoor.Win32.Backlash.101 / Missing Authentication,
malvuln
- [FD] Backdoor.Win32.Cafeini.08.b / Missing Authentication,
malvuln
- [FD] Trojan-Spy.Win32.WinSpy.wlt / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Cabrotor.21 / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Azbreg.aant / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Bifrose.ahvb / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Indexer.a / Hardcoded Weak Credentials,
malvuln
- [FD] Backdoor.Win32.Indexer.a / Remote Denial Of Service,
malvuln
- [FD] Backdoor.Win32.Burbul.b / Anonymous Logon,
malvuln
- [FD] SEC Consult SA-20210217-0 :: Multiple Vulnerabilities in Multiple Vulnerabilities,
SEC Consult Vulnerability Lab
- [FD] AST-2021-001: Remote crash in res_pjsip_diversion,
Asterisk Security Team
- [FD] AST-2021-002: Remote crash possible when negotiating T.38,
Asterisk Security Team
- [FD] AST-2021-003: Remote attacker could prematurely tear down SRTP calls,
Asterisk Security Team
- [FD] AST-2021-004: An unsuspecting user could crash Asterisk with multiple hold/unhold requests,
Asterisk Security Team
- [FD] AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver,
Asterisk Security Team
- [FD] Rigged Race Against Firejail for Local Root: Using pipes/ptys to win races,
Roman Fiedler
- [FD] Backdoor.Win32.Agent.aak / Weak Hardcoded Credentials,
malvuln
- [FD] Backdoor.Win32.Agent.aak / Cross Site Request Forgery (CSRF) - Code Execution,
malvuln
- [FD] Backdoor.Win32.Agent.aak / Remote Buffer Overflow,
malvuln
- [FD] [CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces,
Certitude - Advisories
- [FD] Multiple remote memory corruptions in Telegram's handling of animated stickers,
polict of Shielder
- [FD] Backdoor.Win32.DarkKomet.bhfh / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.DarkKomet.apcc / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Bionet.10 / Anonymous Logon,
malvuln
- [FD] [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability,
research
- [FD] CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189),
David Coomber
- [FD] IBM(R) Db2(R) Windows client DLL Hijacking Vulnerability(0day),
houjingyi
- [FD] Backdoor.Win32.Inject.tyq / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Ketch.h / Remote Stack Buffer Overflow (SEH),
malvuln
- [FD] Trojan-Proxy.Win32.Daemonize.i / Remote Denial of Service,
malvuln
- [FD] Trojan.Win32.Pincav.cmfl / Insecure Permissions,
malvuln
- [FD] Trojan.Win32.Pluder.o / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.DarkKomet.irv / Insecure Permissions,
malvuln
- [FD] Double-Free found on Squid 4.14 and 5.0.5,
Andrés Roldán via Fulldisclosure
- [FD] VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability,
Ryan Wincey
- [FD] Online Tool for Discussion of Vulnerabilities,
Yavuz
- [FD] Backdoor.Win32.Agent.xs / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Agent.xw / Remote Null Ptr Dereference - Denial of Service,
malvuln
- [FD] Backdoor.Win32.Delf.adag / Weak Hardcoded Credentials,
malvuln
- [FD] Backdoor.Win32.Wollf.h / Missing Authentication,
malvuln
- [FD] Trojan.Win32.Gofot.htx / Local File Buffer Overflow,
malvuln
- [FD] Trojan-Dropper.Win32.Daws.etlm / Remote Unauthenticated System Reboot,
malvuln
- [FD] Trojan-Spy.Win32.SpyEyes.elr / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Azbreg.amw / Insecure Permissions,
malvuln
- [FD] Trojan.Win32.Hotkeychick.am / Insecure Permissions,
malvuln
- [FD] Trojan-Proxy.Win32.Delf.ai / Remote SEH Buffer Overflow,
malvuln
Mail converted by MHonArc