Mail Index

• Thread Index

• Re: [FD] Two vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• Re: [FD] Two vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• Re: [FD] Two vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] KSA-Dev-0010:CVE-2021-25328:Authenticated Stack Overflow in Skyworth RN510 mesh Device
  • From: Kaustubh Padwad via Fulldisclosure
• [FD] KSA-Dev-0011:CVE-2021-25327: Authenticated XSRF in Skyworth RN510 Mesh Extender
  • From: Kaustubh Padwad via Fulldisclosure
• [FD] KSA-Dev-0012:CVE-2021-25326:Unauthenticated Sensitive information Discloser in Skyworth RN510 Mesh Extender
  • From: Kaustubh Padwad via Fulldisclosure
• [FD] APPLE-SA-2021-05-03-2 iOS 12.5.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-03-1 iOS 14.5.1 and iPadOS 14.5.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-03-4 macOS Big Sur 11.3.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-03-3 watchOS 7.4.1
  • From: Apple Product Security via Fulldisclosure
• Re: [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• Re: [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• Re: [FD] Two vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• Re: [FD] Four vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Four vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Trojan.Win32.Agent.xdtv / Insecure Permissions
  • From: malvuln
• [FD] Trojan.Win32.Siscos.bqe / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.Floder.gqe / Insecure Permissions
  • From: malvuln
• [FD] Packed.Win32.Black.d / Unauthenticated Open Proxy
  • From: malvuln
• [FD] Backdoor.Win32.NinjaSpy.c / Remote Command Execution
  • From: malvuln
• [FD] SEC Consult SA-20210511-0 :: Cross-site Scripting Vulnerabilities in REWE GO
  • From: SEC Consult Vulnerability Lab
• Re: [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Gynvael Coldwind
• Re: [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• [FD] Four vulnerabilities found in MikroTik's RouterOS
  • From: Q C
• Re: [FD] Three vulnerabilities found in MikroTik's RouterOS
  • From: Gynvael Coldwind
• [FD] Backdoor.Win32.MotivFTP.12 / Authentication Bypass RCE
  • From: malvuln
• [FD] Backdoor.Win32.Antilam.13.a / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] CVE-2021-32051 Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.
  • From: Marcel Keiffenheim
• [FD] Trovent Security Advisory 2103-01 / Authenticated SQL injection in ERPNext 13.0.0/12.18.0
  • From: Stefan Pietsch
• [FD] Trovent Security Advisory 2103-02 / Multiple XSS vulnerabilities in ERPNext 13.0.0/12.18.0
  • From: Stefan Pietsch
• [FD] [CFP]: 2nd Joint Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2021)
  • From: Call For Papers CPSIOTSEC21
• [FD] Backdoor.Win32.Delf.zho / Authentication Bypass RCE
  • From: malvuln
• [FD] [CFP]: 2nd Joint Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2021)
  • From: Call For Papers CPSIOTSEC21
• [FD] (u)rxvt terminal (+bash) remoteish code execution 0day
  • From: def
• [FD] NiceHash Miner Excavator API Cross-Site Request Forgery
  • From: Harry Sintonen via Fulldisclosure
• [FD] Backdoor.Win32.Delf.abb / Insecure Transit
  • From: malvuln
• [FD] Backdoor.Win32.Agent.cy / Weak Hardcoded Credentials
  • From: malvuln
• [FD] Backdoor.Win32.Agent.cy / Insecure Transit
  • From: malvuln
• [FD] Backdoor.Win32.Agent.cy / Denial of Service
  • From: malvuln
• [FD] Backdoor.Win32.Agent.lyw / Remote Stack Buffer Overflow (UDP)
  • From: malvuln
• [FD] Backdoor.Win32.Danton.43 / Weak Hardcoded Credentials RCE
  • From: malvuln
• [FD] Backdoor.Win32.Danton.43 / MITM Port Bounce Scan
  • From: malvuln
• [FD] Backdoor.Win32.Agent.oda / Remote Stack Buffer Overflow (UDP)
  • From: malvuln
• [FD] Backdoor.Win32.Antilam.14.d / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.DarkMoon.a / Weak Hardcoded Password
  • From: malvuln
• [FD] Backdoor.Win32.DarkMoon.a / Insecure Transit
  • From: malvuln
• [FD] Backdoor.Win32.Delf.aez / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Defense in depth -- the Microsoft way (part 77): access without access permission
  • From: Stefan Kanthak
• [FD] Backdoor.Win32.Psychward.c / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.Psychward.ds / Weak Hardcoded Password
  • From: malvuln
• [FD] Backdoor.Win32.RMFdoor.c / Authentication Bypass RCE
  • From: malvuln
• Re: [FD] (u)rxvt terminal (+bash) remoteish code execution 0day
  • From: def
• [FD] CVE-2021-31535 libX11 Insufficient Length Checks PoC and Archeology
  • From: Roman Fiedler
• [FD] [CFP]: 2nd Joint Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2021)
  • From: Call For Papers CPSIOTSEC21
• [FD] Cross-Site Scripting Vulnerability in Zen Cart 1.5.7
  • From: Daniel Bishtawi via Fulldisclosure
• [FD] Vol. 2 (2021) No. 1 of Journal of Cyber Forensics and Advanced Threat Investigations - Now Published
  • From: Andrew Zayine
• [FD] Backdoor.Win32.Singu.a / Remote Stack Buffer Overflow (UDP Datagram)
  • From: malvuln
• [FD] Backdoor.Win32.SkyDance.216 / Remote Stack Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.Spirit.12.b / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.Upload.a / Remote Denial of Service
  • From: malvuln
• [FD] Backdoor.Win32.Spion4 / Insecure Transit
  • From: malvuln
• [FD] Backdoor.Win32.Tonerok.d / Unauthenticated Remote Command Execution
  • From: malvuln
• ***UNCHECKED*** [FD] X41 D-Sec GmbH Security Advisory X41-2021-002: nginx DNS Resolver Off-by-One Heap Write Vulnerability
  • From: X41 D-Sec GmbH Advisories
• [FD] Unicorn Emulator 1.0.3 is out!
  • From: Nguyen Anh Quynh
• [FD] APPLE-SA-2021-05-25-4 Security Update 2021-003 Catalina
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-3 Security Update 2021-004 Mojave
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-8 Boot Camp 6.1.14
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-5 Safari 14.1.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-7 tvOS 14.6
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-2 macOS Big Sur 11.4
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-05-25-6 watchOS 7.5
  • From: Apple Product Security via Fulldisclosure
• [FD] KL-001-2021-001: CommScope Ruckus IoT Controller Unauthenticated API Endpoints
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2021-002: CommScope Ruckus IoT Controller Hard-coded API Keys Exposed
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2021-003: CommScope Ruckus IoT Controller Hard-coded System Passwords
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2021-004: CommScope Ruckus IoT Controller Hard-coded Web Application Administrator Password
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2021-005: CommScope Ruckus IoT Controller Web Application Directory Traversal
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2021-006: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] QNAP MusicStation/MalwareRemover Pre-Auth Root Remote Code Execution
  • From: polict of Shielder via Fulldisclosure
• [FD] [KIS-2021-04] IPS Community Suite <= 4.5.4.2 (previewBlock) PHP Code Injection Vulnerability
  • From: research