Mail Thread Index

• Date Index

• [FD] SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series, SEC Consult Vulnerability Lab
• [FD] Trovent Security Advisory 2104-01 / HealthForYou & Sanitas HealthCoach: User enumeration through API, Stefan Pietsch
• [FD] Trovent Security Advisory 2104-02 / HealthForYou & Sanitas HealthCoach: Account takeover with only email address possible, Stefan Pietsch
• [FD] Trojan.Win32.Scar.dulk / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.NerTe.772 / Authentication Bypass RCE, malvuln
• [FD] Backdoor.Win32.NerTe.772 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Netbus.12 / Unauthenticated Information Disclosure, malvuln
• [FD] Backdoor.Win32.NetControl2.293 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Whirlpool.a / Remote Buffer Overflow - UDP Datagram, malvuln
• [FD] Backdoor.Win32.WinShell.a / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Wisell / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.NetSpy.10 / Heap Corruption, malvuln
• [FD] Backdoor.Win32.Delf.acz / Remote Stack Buffer Overflow (SEH), malvuln
• [FD] Backdoor.Win32.Androm.df / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Neakse.bit / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Wollf.12 / Unauthenticated Remote Command Execution, malvuln
• [FD] Trojan-Dropper.Win32.Googite.a / Unauthenticated Open Proxy, malvuln
• [FD] secuvera-SA-2021-01: Privilege Escalation in NetSetMan Pro 4.7.2, Simon Bieber
• [FD] Backdoor.Win32.Wuca.nz / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.XRat.d / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Zombam.gen / Cross Site Scripting (XSS), malvuln
• [FD] Backdoor.Win32.Zombam.gen / Unauthenticated URL Command Injection, malvuln
• [FD] Backdoor.Win32.Zombam.gen / Remote Stack Buffer Overflow, malvuln
• [FD] popo:: linux kernel vulns of it., KJ Jung
• [FD] Backdoor.Win32.Pazus.18 / Authentication Bypass RCE, malvuln
• [FD] Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0006: [CVE-2020-26811] - SAP Hybris eCommerce - SSRF in acceleratorservices module, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0007: Exposure of Sensitive Information to an Unauthorized Actor, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication, Onapsis Research via Fulldisclosure
• [FD] Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2, Onapsis Research via Fulldisclosure
• [FD] popo2, kernel/tun driver bufferoverflow., KJ Jung
  • Re: [FD] popo/popo2 linux kernel vulns, RaziREKT via Fulldisclosure
  • Re: [FD] popo2, kernel/tun driver bufferoverflow., Robert Święcki
• [FD] Backdoor.Win32.VB.pld / Insecure Transit, malvuln
• [FD] Backdoor.Win32.VB.pld / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Zombam.gen / Information Disclosure, malvuln
• [FD] [SYSS-2021-007]: Protectimus SLIM NFC - External Control of System or Configuration Setting (CWE-15) (CVE-2021-32033), Matthias Deeg
• [FD] Email-Worm.Win32.Kipis.a / Unauthenticated Remote Code Execution, malvuln
• [FD] Trojan.Win32.Alien.erf / Remote Denial of Service, malvuln
• [FD] Trojan.Win32.Alien.erf / Remote Stack Buffer Overflow, malvuln
• [FD] Trovent Security Advisory 2105-01 / CVE-2021-32612: VeryFitPro unencrypted cleartext transmission of sensitive information, Stefan Pietsch
• [FD] Trojan.Win32.Alien.erf / Directory Traversal, malvuln
• [FD] Trojan-Dropper.Win32.Googite.b / Unauthenticated Remote Command Execution, malvuln
• [FD] SYSS-2021-032 Admin Columns WordPress Plug-In - Persistent Cross-Site Scripting, Johannes Lauinger
• [FD] Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow, malvuln
• [FD] Using the Android USB Driver to Extract Data as USB Mass Storage Device, Roman Fiedler
• [FD] Backdoor.Win32.ReverseTrojan.200 / Authentication Bypass Empty Password, malvuln
• [FD] Trojan.Win32.SecondThought.ak / Insecure Permissions, malvuln
• [FD] Trojan.Win32.Banpak.kh / Insecure Permissions, malvuln
• [FD] Trojan-Dropper.Win32.Juntador.a / Weak Hardcoded Password, malvuln
• [FD] Trojan-Dropper.Win32.Krepper.a / Unauthenticated Remote Command Execution, malvuln
• [FD] Email-Worm.Win32.Trance.a / Insecure Permissions, malvuln
• [FD] Trojan-Dropper.Win32.Scrop.dyi / Insecure Permissions, malvuln
• [FD] Constructor.Win32.Bifrose.asc / Local Stack Buffer Overflow (Heap Corruption), malvuln
• [FD] CVE-2021-35523: Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30, Florian Bogner via Fulldisclosure