Mail Thread Index

• Date Index

• [FD] Viruscreds - Malware password database, malvuln
• [FD] Trojan.Win32.Pasta.mca / Insecure Permissions, malvuln
• [FD] Trojan.Win32.Phires.zm / Insecure Permissions, malvuln
• [FD] Trojan.Win32.Delf.bna / Information Disclosure, malvuln
• [FD] Backdoor.Win32.Agent.sah / Heap Corruption, malvuln
• [FD] PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Hotel Listing (WP Plugin) v3.x - MyAccount XSS Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] My Movie Collection Sinatra App - (Movie) XSS Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] My Movie Collection Sinatra App - (Login) XSS Vulnerabilities, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Pentaho <= 9.1 Remote Code Execution, BlackHawk
• [FD] Pentaho <= 9.1 Unauthenticated SQL Injection, BlackHawk
• [FD] Pentaho <= 9.1 Insufficient Access Control of Data Source Management Service, BlackHawk
• [FD] Pentaho <= 9.1 Authentication Bypass of Spring APIs, BlackHawk
• [FD] Pentaho <= 9.1 Jackrabbit User Enumeration, BlackHawk
• [FD] Pentaho <= 9.1 Bypass of Filename Extension Restrictions, BlackHawk
• [FD] SEC Consult SA-20211104-0 :: Reflected cross-site scripting vulnerability in IBM Sterling B2B Integrator, Functional Account, SEC Consult Vulnerability Lab
• [FD] Backdoor.Win32.Optix.03.b / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Ncx.b / Remote Stack Buffer Overflow, malvuln
• [FD] Backdoor.Win32.Ncx.b / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow, malvuln
• [FD] Payment Terminal 2.x & v3.x - Multiple XSS Web Vulnerabilities, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] ImportExportTools NG 10.0.4 - HTML Injection Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] [SYSS-2021-048] PHP Event Calendar - SQL Injection (CVE-2021-42077), Maurizio Ruchay
• [FD] [SYSS-2021-049] PHP Event Calendar - Persistent Cross-site Scripting (CVE-2021-42078), Maurizio Ruchay
• [FD] Trovent Security Advisory 2104-03 / HealthForYou & Sanitas HealthCoach: Missing server-side password policy, Stefan Pietsch
• [FD] The Knights of NYNEX presents: Song of the siren, Knights of Nynex via Fulldisclosure
• [FD] [CFP] 4th International workshop in Artificial Intelligence and Industrial Internet-of-Things Security (AIoTS), Sergio González Muriel
• [FD] Backdoor.Win32.VB.afu / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.VB.afu / Insecure Transit Password Disclosure, malvuln
• [FD] Backdoor.Win32.Pahador.aj / Authentication Bypass RCE, malvuln
• [FD] Backdoor.Win32.Hupigon.nqr / Unauthenticated Open Proxy, malvuln
• [FD] HEUR.Backdoor.Win32.Denis.gen / Remote Denial of Service (UDP Datagram), malvuln
• [FD] Backdoor.Win32.Hupigon.bnbb / Insecure Service Path, malvuln
• [FD] Trojan.Win32.Servstar.poa / Insecure Service Path, malvuln
• [FD] Trojan.Win32.SkynetRef.x / Unauthenticated Open Proxy, malvuln
• [FD] Trojan.Win32.SkynetRef.y / Unauthenticated Open Proxy, malvuln
• [FD] Email-Worm.Win32.Plexus.b / Unauthenticated Remote Code Execution, malvuln
• [FD] SQL injection vulnerability in Talariax sendQuick Alertplus server admin version 4.3 (CVE-2021-26795), refabrik sec
• [FD] Trovent Security Advisory 2105-02 / CVE-2021-33618: Stored cross-site scripting in Dolibarr ERP & CRM, Stefan Pietsch
• [FD] Trovent Security Advisory 2106-01 / CVE-2021-33816: Authenticated remote code execution in Dolibarr ERP & CRM, Stefan Pietsch
• [FD] Responsible Full disclosure for LiquidFiles 3.5.13, Riccardo Spampinato
  • Message not available
    • Re: [FD] Responsible Full disclosure for LiquidFiles 3.5.13, Riccardo Spampinato
• [FD] CVE-2021-44033: Ionic Identity Vault PIN Unlock Lockout Bypass (Android & iOS), Emanuel DUSS
• [FD] Open-Xchange Security Advisory 2021-11-18, Open-Xchange GmbH via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2021-11-19, Open-Xchange GmbH via Fulldisclosure
• [FD] Backdoor.Win32.Acropolis.10 / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Curioso.zp / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Antilam.11 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Wollf.a / Weak Hardcoded Password, malvuln
• [FD] Backdoor.Win32.Wollf.h / Hardcoded Cleartext Password, malvuln
• [FD] Backdoor.Win32.Agent.ad / Insecure Credential Storage, malvuln
• [FD] Backdoor.Win32.BNLite / Remote Heap Based Buffer Overflow, malvuln
• [FD] Backdoor.Win32.BlueAdept.02.a / Remote Buffer Overflow, malvuln