Mail Thread Index

• Date Index

• [FD] SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall, SEC Consult Vulnerability Lab
  • <Possible follow-ups>
  • [FD] SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall, SEC Consult Vulnerability Lab
• [FD] Multiple Vulnerabilities in jpeg-xl (CVE-2021-27804), Marc
• [FD] Backdoor.Win32.RemoteManipulator.fdo / Insecure Permissions, malvuln
• [FD] Trojan-Spy.Win32.Stealer.osh / Insecure Permissions, malvuln
• [FD] AST-2021-006: Crash when negotiating T.38 with a zero port, Asterisk Security Team
• [FD] New BlackArch Linux Slim ISO released!, Black Arch
• [FD] Defense in depth -- the Microsof way (part 72): "compatibility" trumps security, Stefan Kanthak
• [FD] Backdoor.Win32.DarkKomet.irv / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.BO2K.ab / Local File Buffer Overflow, malvuln
• [FD] Backdoor.Win32.BO2K.09.b / Unauthenticated Remote Command Execution, malvuln
• [FD] Privilege Escalation in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console, Harsha Bhat
• [FD] Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console, Harsha Bhat
• [FD] APPLE-SA-2021-03-08-1 iOS 14.4.1 and iPadOS 14.4.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-03-08-2 macOS Big Sur 11.2.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-03-08-3 Safari 14.0.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-03-08-4 watchOS 7.3.2, Apple Product Security via Fulldisclosure
• [FD] Advisory ID: VMSA-2021-0002, =?gb18030?b?oe7UwqOsyLHSsqHu?=
• [FD] BACKDOOR.WIN32.ANTILAM.14.O / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.GTbot.c / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Agent.bjev / Insecure Permissions, malvuln
• [FD] Unholy CRAP: Moziila's executable installers, Stefan Kanthak
• [FD] Defense in depth -- the Microsoft way (part 73): ignorance (of security advisories) is bliss!, Stefan Kanthak
• [FD] [CVE-2021-28144] Authenticated Command Injection in D-Link DIR-3060 Web Interface, research
• [FD] Data Manipulation with X-Forwarded-For header at WordPress, Alphan YAVAS
  • Re: [FD] Data Manipulation with X-Forwarded-For header at WordPress, jvoisin
• [FD] Trojan-Spy.Win32.KeyLogger.qt / Insecure Permissions, malvuln
• [FD] Trojan-Dropper.Win32.Hamer.10 / Remote Floating-point Exception DoS, malvuln
• Re: [FD] [CDPWE-0001] - RocketReach, Thierry Zoller
• [FD] [AIT-SA-20210215-01] CVE-2020-24914: QCubed PHP Object Injection, sec-advisory
• [FD] [AIT-SA-20210215-02] CVE-2020-24913: QCubed SQL Injection, sec-advisory
• [FD] [AIT-SA-20210215-03] CVE-2020-24912: QCube Cross-Site-Scripting, sec-advisory
• [FD] [AIT-SA-20210215-04] CVE-2020-24036: ForkCMS PHP Object Injection, sec-advisory
• [FD] [KIS-2021-03] ExpressionEngine <= 6.0.2 (Translate::save) PHP Code Injection Vulnerability, research
• [FD] [CSA-2021-002] DP API ineffective in Windows containers, Certitude - Advisories
• [FD] From Adobe AEM dispatcher filter rules bypass to successfully triggering XSS on 40+ Linkedin websites [ Youtube Video ], Ateek khan
• [FD] SolarWinds TFTP Server 11.0.4.101: Remote Unauthenticated Reconfiguration, Harrison Neal
• [FD] 4th BSides Hannover in the make, save the date and please submit your research in our CFP ( Focus Healthcare / medical devices / bionic ), BSides Hannover
• [FD] Trojan-Proxy.Win32.Wimain / Remote Stack Buffer Overflow, malvuln
• [FD] Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS, malvuln
• [FD] Backdoor.Win32.Zombam.l / Remote Stack Buffer Overflow, malvuln
• [FD] Trojan.Win32.Scar.dxir / Insecure Permissions, malvuln
• [FD] Trojan.Win32.Siscos.bqe / Insecure Permissions, malvuln
• [FD] Trojan-Banker.Win32.Delf.ac / Insecure Permissions, malvuln
• [FD] ES2021-02: VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages, Sandro Gauci
• [FD] ES2021-03: VoIPmonitor is vulnerable to a buffer overflow when using the live sniffer, Sandro Gauci
• [FD] ES2021-04: VoIPmonitor static builds are compiled without any standard memory corruption protection, Sandro Gauci
• [FD] CFP for Hardwear.io Security Conference is OPEN, Andrea Simonca
• [FD] [SYSS-2020-044]: Zoom - Exposure of Resource to Wrong Sphere (CWE-668) (CVE-2021-28133), Matthias Deeg
• [FD] CMS Made Simple SQL injection on m1_sortby parameter, riccardo krauter
• [FD] MS Made Simple - File upload bypass with .phar extension lead to RCE, riccardo krauter
• [FD] Trojan-Dropper.Win32.Delf.p / Missing Authentication, malvuln
• [FD] Trojan-Dropper.Win32.Delf.p / Remote Buffer Overflow, malvuln
• [FD] Backdoor.Win32.Agent.mzn / Remote SEH Buffer Overflow, malvuln
• [FD] Inaugural Issue of the Journal of Cyber Forensics and Advanced Threat Investigations, Andrew Zayine
• [FD] CVE-2018-3635 revisited: executable installers are vulnerable^WEVIL (case 60): again arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver, Stefan Kanthak
• [FD] Trojan-Dropper.Win32.Dycler.vrp / Insecure Permissions, malvuln
• [FD] HEUR.Trojan.Win32.Generic / Insecure Permissions, malvuln
• [FD] Trojan-Dropper.Win32.Delf.da / Remote Stack Buffer Overflow (UDP Datagram), malvuln
• [FD] Trojan-Dropper.Win32.Demp.rft / Insecure Permissions, malvuln
• [FD] Virus.Win32.Sality.gen / Insecure Permissions, malvuln
• [FD] Worm.Win32.Detnat.c / Insecure Permissions, malvuln
• [FD] Trojan-Dropper.Win32.Dycler.yhb / Insecure Permissions, malvuln
• [FD] Worm.Win32.Ngrbot.abpr / Insecure Permissions, malvuln
• [FD] Worm.Win32.Recyl.dp / Insecure Permissions, malvuln
• [FD] Worm.Win32.Ngrbot.acno / Insecure Permissions, malvuln
• [FD] BACKDOOR.WIN32.DARKKOMET.GOZU / Insecure Permissions, malvuln
• [FD] CVE-2021-3275 : Unauthenticated Stored Cross-site Scripting in Multiple TP-Link Devices, Smriti Gaba
• [FD] Backdoor.Win32.Kwak.12 / Remote Denial of Service, malvuln
• [FD] Backdoor.Win32.Kwak.12 / Port Bounce Scan, malvuln
• [FD] Backdoor.Win32.Kwak.12 / Authentication Bypass, malvuln
• [FD] Backdoor.Win32.Kwak.12 / Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Delf.zs / Unauthenticated Remote Command Execution, malvuln
• [FD] APPLE-SA-2021-03-26-1 iOS 14.4.2 and iPadOS 14.4.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-03-26-2 iOS 12.5.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-03-26-3 watchOS 7.3.3, Apple Product Security via Fulldisclosure
• [FD] PotPlayer denial of service vulnerability, houjingyi
• [FD] IRC-Worm.Win32.Jane.a / Authentication Bypass RCE, malvuln
• [FD] IRC-Worm.Win32.Jane.a / Authentication Bypass MITM Port Bounce Scan, malvuln