Mail Thread Index

• Date Index

• [FD] Spammers Using storage[.]googleapis[.]com ?!!?, Nick Boyce
  • Re: [FD] Spammers Using storage[.]googleapis[.]com ?!!?, Adrien JOLIBERT
  • Re: [FD] Spammers Using storage[.]googleapis[.]com ?!!?, Jeffrey Walton
• [FD] Stb_truetype library heap buffer overflows (many CVEs, no CVEs yet), Marcin Kozlowski
• [FD] Backdoor.Win32.WinShell.40 / Unauthenticated Remote Command Execution, malvuln
• [FD] Connect-app (CDU) Version: 3.8 - Cross Site Scripting, merion44 via Fulldisclosure
• [FD] Constructor.Win32.SS.11.c / Unauthenticated Open Proxy, malvuln
• [FD] Trojan-Dropper.Win32.Small.fp / Unauthenticated Open Proxy, malvuln
• [FD] Backdoor.Win32.Zdemon.10 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Zdemon.126 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Zaratustra / Unauthenticated Remote File Write (Remote Code Exec), malvuln
• [FD] Accept Facebook friend requests without unlocking your Android [Unpatched], Sivanesh Ashok
• [FD] [RT-SA-2021-002] XML External Entity Expansion in MobileTogether Server, RedTeam Pentesting GmbH
• [FD] [SYSS-2021-042] TJWS - Reflected Cross-Site Scripting (CVE-2021-37573), Maurizio Ruchay
• [FD] firebase/php-jwt Algorithm Confusion with Key IDs, Paragon Initiative Enterprises Security Team
• [FD] Trojan-Proxy.Win32.Raznew.gen / Unauthenticated Open Proxy, malvuln
  • <Possible follow-ups>
  • [FD] Trojan-Proxy.Win32.Raznew.gen / Unauthenticated Open Proxy, malvuln
• [FD] Backdoor.Win32.IRCBot.gen / Hardcoded Weak Password, malvuln
• [FD] HackTool.Win32.Hidd.b / Remote Stack Buffer Overflow (UDP Datagram), malvuln
• [FD] HackTool.Win32.HKit / Unauthenticated Remote Command Execution, malvuln
• [FD] New BlackArch Linux ISOs + OVA Image released!, Black Arch
• [FD] Cyberoam NetGenie (C0101B1-20141120-NG11VO) - Cross Site Scripting (XSS), Gionathan Reale via Fulldisclosure
• [FD] SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series, SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20210820-0 :: Multiple Vulnerabilities in NetModule Router Software, SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20210827-1 :: XML Tag injection in BSCW Server, SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20210827-0 :: Authenticated RCE in BSCW Server, SEC Consult Vulnerability Lab
• [FD] XSS in Apple ID Server idmsa.apple.com, Zemn mez
• [FD] LLVM based tool to audit Linux Kernel Modules Security, Marcin Kozlowski
• [FD] Backdoor.Win32.DarkKomet.aspl / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Hupigon.abe / Unauthenticated Open Proxy, malvuln
• [FD] HEUR.Trojan.Win32.Delf.gen / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Antilam.11 / Unauthenticated Remote Code Execution, malvuln
• [FD] Backdoor.Win32.Delf.um / Authentication Bypass RCE, malvuln
• [FD] Backdoor.Win32.Delf.wr / Authentication Bypass RCE, malvuln
• [FD] Backdoor.Win32.Delf.wr / Port Bounce Scan, malvuln
• [FD] Backdoor.Win32.BO2K.11.d (Back Orifice) / Local Stack Buffer Overflow, malvuln
• [FD] Backdoor.Win32.Hupigon.aejq / Authentication Bypass RCE, malvuln
• [FD] Backdoor.Win32.Hupigon.aejq / Port Bounce Scan, malvuln
• [FD] Backdoor.Win32.Hupigon.aejq / Directory Traversal, malvuln