Mail Index

• Thread Index

• [FD] Viruscreds - Malware password database
  • From: malvuln
• [FD] Trojan.Win32.Pasta.mca / Insecure Permissions
  • From: malvuln
• [FD] Trojan.Win32.Phires.zm / Insecure Permissions
  • From: malvuln
• [FD] Trojan.Win32.Delf.bna / Information Disclosure
  • From: malvuln
• [FD] Backdoor.Win32.Agent.sah / Heap Corruption
  • From: malvuln
• [FD] PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability
  • From: info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Hotel Listing (WP Plugin) v3.x - MyAccount XSS Vulnerability
  • From: info@xxxxxxxxxxxxxxxxxxxxx
• [FD] My Movie Collection Sinatra App - (Movie) XSS Vulnerability
  • From: info@xxxxxxxxxxxxxxxxxxxxx
• [FD] My Movie Collection Sinatra App - (Login) XSS Vulnerabilities
  • From: info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Pentaho <= 9.1 Remote Code Execution
  • From: BlackHawk
• [FD] Pentaho <= 9.1 Unauthenticated SQL Injection
  • From: BlackHawk
• [FD] Pentaho <= 9.1 Insufficient Access Control of Data Source Management Service
  • From: BlackHawk
• [FD] Pentaho <= 9.1 Authentication Bypass of Spring APIs
  • From: BlackHawk
• [FD] Pentaho <= 9.1 Jackrabbit User Enumeration
  • From: BlackHawk
• [FD] Pentaho <= 9.1 Bypass of Filename Extension Restrictions
  • From: BlackHawk
• [FD] SEC Consult SA-20211104-0 :: Reflected cross-site scripting vulnerability in IBM Sterling B2B Integrator
  • From: Functional Account, SEC Consult Vulnerability Lab
• [FD] Backdoor.Win32.Optix.03.b / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.Ncx.b / Remote Stack Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.Ncx.b / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow
  • From: malvuln
• [FD] Payment Terminal 2.x & v3.x - Multiple XSS Web Vulnerabilities
  • From: info@xxxxxxxxxxxxxxxxxxxxx
• [FD] ImportExportTools NG 10.0.4 - HTML Injection Vulnerability
  • From: info@xxxxxxxxxxxxxxxxxxxxx
• [FD] [SYSS-2021-048] PHP Event Calendar - SQL Injection (CVE-2021-42077)
  • From: Maurizio Ruchay
• [FD] [SYSS-2021-049] PHP Event Calendar - Persistent Cross-site Scripting (CVE-2021-42078)
  • From: Maurizio Ruchay
• [FD] Trovent Security Advisory 2104-03 / HealthForYou & Sanitas HealthCoach: Missing server-side password policy
  • From: Stefan Pietsch
• [FD] The Knights of NYNEX presents: Song of the siren
  • From: Knights of Nynex via Fulldisclosure
• [FD] [CFP] 4th International workshop in Artificial Intelligence and Industrial Internet-of-Things Security (AIoTS)
  • From: Sergio González Muriel
• [FD] Backdoor.Win32.VB.afu / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.VB.afu / Insecure Transit Password Disclosure
  • From: malvuln
• [FD] Backdoor.Win32.Pahador.aj / Authentication Bypass RCE
  • From: malvuln
• [FD] Backdoor.Win32.Hupigon.nqr / Unauthenticated Open Proxy
  • From: malvuln
• [FD] HEUR.Backdoor.Win32.Denis.gen / Remote Denial of Service (UDP Datagram)
  • From: malvuln
• [FD] Backdoor.Win32.Hupigon.bnbb / Insecure Service Path
  • From: malvuln
• [FD] Trojan.Win32.Servstar.poa / Insecure Service Path
  • From: malvuln
• [FD] Trojan.Win32.SkynetRef.x / Unauthenticated Open Proxy
  • From: malvuln
• [FD] Trojan.Win32.SkynetRef.y / Unauthenticated Open Proxy
  • From: malvuln
• [FD] Email-Worm.Win32.Plexus.b / Unauthenticated Remote Code Execution
  • From: malvuln
• [FD] SQL injection vulnerability in Talariax sendQuick Alertplus server admin version 4.3 (CVE-2021-26795)
  • From: refabrik sec
• [FD] Trovent Security Advisory 2105-02 / CVE-2021-33618: Stored cross-site scripting in Dolibarr ERP & CRM
  • From: Stefan Pietsch
• [FD] Trovent Security Advisory 2106-01 / CVE-2021-33816: Authenticated remote code execution in Dolibarr ERP & CRM
  • From: Stefan Pietsch
• [FD] Responsible Full disclosure for LiquidFiles 3.5.13
  • From: Riccardo Spampinato
• [FD] CVE-2021-44033: Ionic Identity Vault PIN Unlock Lockout Bypass (Android & iOS)
  • From: Emanuel DUSS
• [FD] Open-Xchange Security Advisory 2021-11-18
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2021-11-19
  • From: Open-Xchange GmbH via Fulldisclosure
• [FD] Backdoor.Win32.Acropolis.10 / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.Curioso.zp / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.Antilam.11 / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.Wollf.a / Weak Hardcoded Password
  • From: malvuln
• [FD] Backdoor.Win32.Wollf.h / Hardcoded Cleartext Password
  • From: malvuln
• [FD] Backdoor.Win32.Agent.ad / Insecure Credential Storage
  • From: malvuln
• [FD] Backdoor.Win32.BNLite / Remote Heap Based Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.BlueAdept.02.a / Remote Buffer Overflow
  • From: malvuln
• Re: [FD] Responsible Full disclosure for LiquidFiles 3.5.13
  • From: Riccardo Spampinato