Mail Index

• Thread Index

• [FD] Email-Worm.Win32.Deltad / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.Coredoor.10.a / Port Bounce Scan
  • From: malvuln
• [FD] Backdoor.Win32.Coredoor.10.a / Authentication Bypass RCE
  • From: malvuln
• [FD] CA20211201-01: Security Notice for CA Network Flow Analysis
  • From: Ken Williams via Fulldisclosure
• [FD] CVE-2021-37253: M-Files Web Improper Range Header Processing Denial of Services (DoS) Vulnerability
  • From: Murat Aydemir
• [FD] SEC Consult SA-20211202-0 :: Multiple vulnerabilities in OrbiTeam BSCW Server
  • From: Functional Account, SEC Consult Vulnerability Lab
• [FD] usd AG Security Advisories 11/2021
  • From: Responsible Disclosure via Fulldisclosure
• [FD] Trojan.Win32.Mucc.ivk / Insecure Service Path
  • From: malvuln
• [FD] Backdoor.Win32.Vernet.axt / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.Win32.Bionet.10 / Authentication Bypass RCE
  • From: malvuln
• [FD] Backdoor.Win32.WinShell.50 / Weak Hardcoded Password
  • From: malvuln
• [FD] Backdoor.Win32.WinShell.50 / Weak Hardcoded Password
  • From: malvuln
• [FD] [RT-SA-2021-004] Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2021-005] Auerswald COMpact Privilege Escalation
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2021-006] Auerswald COMpact Arbitrary File Disclosure
  • From: RedTeam Pentesting GmbH
• [FD] [RT-SA-2021-007] Auerswald COMpact Multiple Backdoors
  • From: RedTeam Pentesting GmbH
• [FD] (Reprise License Manager) RLM 14.2 - Unauthenticated Password Change
  • From: Gionathan Reale via Fulldisclosure
• [FD] Microsoft Internet Explorer / ActiveX Control Security Bypass
  • From: hyp3rlinx
• [FD] (Reprise License Manager) RLM 14.2 - Unauthenticated User Enumeration
  • From: Gionathan Reale via Fulldisclosure
• [FD] (Reprise License Manager) RLM 14.2 - Authenticated Remote Binary Execution
  • From: Gionathan Reale via Fulldisclosure
• [FD] (Reprise License Manager) RLM 14.2 - Unauthenticated Session Hijacking
  • From: Gionathan Reale via Fulldisclosure
• [FD] (Reprise License Manager) RLM 14.2 - Authenticated Buffer Overflow
  • From: Gionathan Reale via Fulldisclosure
• [FD] [SYSS-2021-061] Oracle Database - NNE Connection Hijacking
  • From: Moritz Bechler
• [FD] [SYSS-2021-062] Oracle Database - Weak NNE Integrity Key Derivation
  • From: Moritz Bechler
• [FD] SEC Consult SA-20211213-0 :: Multiple vulnerabilities in AbanteCart e-commerce platform
  • From: ., SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20211213-1 :: Stored Cross Site Scripting in Sofico Miles RIA
  • From: ., SEC Consult Vulnerability Lab
• [FD] Backdoor.Win32.Mechbot.a / Insecure Permissions
  • From: malvuln
• [FD] Backdoor.IRC.Subhuman / Unauthenticated Open Proxy
  • From: malvuln
• [FD] Backdoor.Win32.Asylum.014 / Cleartext Password Storage
  • From: malvuln
• [FD] Backdoor.Win32.Nucleroot.mf / Stack Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.Ncx.b / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.Ncx.b / Remote Stack Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.BackAttack.20 / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] Backdoor.Win32.BackAttack.20 / Authentication Bypass RCE
  • From: malvuln
• [FD] Backdoor.Win32.FTP.Matiteman / Weak Hardcoded Password
  • From: malvuln
• [FD] Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.Ramus / Unauthenticated Remote Code Execution
  • From: malvuln
• [FD] Backdoor.Win32.Phase.11 / Unauthenticated Remote Command Execution
  • From: malvuln
• [FD] SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG
  • From: ħ, SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG
  • From: ħ, SEC Consult Vulnerability Lab
• [FD] SEC Consult SA-20211214-2 :: Remote ABAP Code Injection in SAP Netweaver IUUC_GENERATE_ACPLAN_DELIMITER
  • From: ħ, SEC Consult Vulnerability Lab
• [FD] Trovent Security Advisory 2109-01 / CVE-2021-41843: Authenticated SQL injection in OpenEMR calendar search
  • From: Stefan Pietsch
• [FD] APPLE-SA-2021-12-15-1 iOS 15.2 and iPadOS 15.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-12-15-2 macOS Monterey 12.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-12-15-3 macOS Big Sur 11.6.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-12-15-4 Security Update 2021-008 Catalina
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-12-15-5 tvOS 15.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-12-15-6 watchOS 8.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2021-12-15-7 Safari 15.2
  • From: Apple Product Security via Fulldisclosure
• [FD] RootedCON 2022 Call For Papers is open!
  • From: omarbv
• [FD] Backdoor.Win32.BNLite / Remote Heap Based Buffer Overflow
  • From: malvuln
• [FD] Backdoor.Win32.Mellpon.b / Remote Unauthenticated Information Disclosure
  • From: malvuln
• [FD] Aver EVC300 and others
  • From: protostsu via Fulldisclosure