Mail Thread Index
- [FD] CVE-2021-25080 vulnerability,
Gaetano Perrone
- [FD] Backdoor.Win32.Visiotrol.10 / Insecure Password Storage,
malvuln
- [FD] Backdoor.Win32.FTP.Simpel.12 / Port Bounce Scan,
malvuln
- [FD] Backdoor.Win32.FTP.Simpel.12 / Insecure Crypto,
malvuln
- [FD] Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow,
malvuln
- [FD] Backdoor.Win32.Wollf.m / Weak Hardcoded Password,
malvuln
- [FD] Backdoor.Win32.Wollf.m / Authentication Bypass,
malvuln
- [FD] Backdoor.Win32.Fantador / Insecure Password Storage,
malvuln
- [FD] Backdoor.Win32.Fantador / Divide by Zero DoS,
malvuln
- [FD] Backdoor.Win32.Skrat / Cleartext Hardcoded Password,
malvuln
- [FD] Backdoor.Win32.SilentSpy.10 / Authentication Bypass Command Execution,
malvuln
- [FD] Backdoor.Win32.SilentSpy.10 / Authentication Race Condition,
malvuln
- [FD] PoC for CVE-2021-25079,
Gaetano Perrone
- [FD] cWifi Hotspot Wireless CP - Code Execution Vulnerability,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] Easy Cart Shopping Cart - (Search) Persistent Vulnerability,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] Rocket LMS v1.1 - (History) Persistent XSS Vulnerability,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] Affiliate Pro v1.7 - Multiple Cross Site Vulnerabilities,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] Backdoor.Win32.Jtram.a / Insecure Credential Storage,
malvuln
- [FD] Backdoor.Win32.Jtram.a / Port Bounce Scan,
malvuln
- [FD] Backdoor.Win32.Dsklite.a / Remote Denial of Service,
malvuln
- [FD] Backdoor.Win32.Dsklite.a / Insecure Transit,
malvuln
- [FD] Backdoor.Win32.SVC / Remote Stack Buffer Overflow,
malvuln
- [FD] Backdoor.Win32.SVC / Directory Traversal,
malvuln
- [FD] Backdoor.Win32.SubSeven.c / Remote Stack Buffer Overflow,
malvuln
- [FD] Microsoft Windows .Reg File Dialog Spoof / Mitigation Bypass,
hyp3rlinx
- [FD] Microsoft Windows Defender / Detection Bypass,
hyp3rlinx
- [FD] CVE-2021-39623 Libstagefright (Media Framework on Android) with OOB write on the heap,
Marcin Kozlowski
- [FD] Full Disclosure DMCA.COM Exploitation,
WebSec B.V.
- [FD] Backdoor.Win32.Controlit.10 / Unauthenticated Remote Command Execution,
malvuln
- [FD] [RT-SA-2021-009] Credential Disclosure in Web Interface of Crestron Device,
RedTeam Pentesting GmbH
- [FD] Reprise License Manager 14.2 - Reflected Cross-Site Scripting,
Gionathan Reale via Fulldisclosure
- [FD] APPLE-SA-2022-01-12-1 iOS 15.2.1 and iPadOS 15.2.1,
Apple Product Security via Fulldisclosure
- [FD] 🐞 Call for Papers for Hardwear.io USA 2022 is OPEN!,
Andrea Simonca
- [FD] SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones,
SEC Consult Vulnerability Lab, Research
- [FD] Ab Stealer Web Panel / Unauthenticated Remote Persistent XSS,
malvuln
- [FD] Win32.MarsStealer Web Panel / Unauthenticated Remote Information Disclosure,
malvuln
- [FD] Win32.MarsStealer Web Panel / Unauthenticated Remote Persistent XSS,
malvuln
- [FD] Win32.MarsStealer Web Panel / Unauthenticated Remote Data Deletion,
malvuln
- [FD] Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221.,
Ismail Aydemir
- [FD] Xerox vulnerability allows unauthenticated remote users to remotely brick network printers,
Mahmoud Al-Qudsi
- [FD] [TO-2021-001] WebACMS 2.1.0 - Cross-Site Scripting,
Patrick Hener
- [FD] AgentTesla Builder Web Panel / Cross Site Scripting (XSS),
malvuln
- [FD] AgentTesla Builder Web Panel / SQL Injection,
malvuln
- [FD] Chaos Ransomeware Builder v4 / Insecure Permissions,
malvuln
- [FD] VulturiBuilder / Insecure Permissions,
malvuln
- [FD] CollectorStealerBuilder v2.0.0 Panel / Insecure Credential Storage,
malvuln
- [FD] CollectorStealerBuilder v2.0.0 Panel / Man-in-the-Middle (MITM),
malvuln
- [FD] Backdoor.Win32.Wisell / Unauthenticated Remote Command Execution,
malvuln
- [FD] Ransomware Builder Babuk / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Wollf.16 / Authentication Bypass,
malvuln
- [FD] Backdoor.Win32.Wollf.16 / Weak Hardcoded Credentials,
malvuln
- [FD] SEC Consult SA-20220117-0 :: Stored Cross-Site Scripting vulnerability in TYPO3 extension "femanager",
SEC Consult Vulnerability Lab, Research
- [FD] Advisory:[CVE-2021-27971]Alps Alpine DLL Injection Issue,
Xiaojian Cao
- [FD] SEC Consult SA-20220120-0 :: Local file inclusion vulnerability in Land Software - FAUST iServer,
SEC Consult Vulnerability Lab, Research
- [FD] SEC Consult SA-20220124-0 :: Authenticated Path Traversal in Ethercreative Logs plugin for Craft CMS,
SEC Consult Vulnerability Lab, Research
- [FD] [CFP-ESORICS 2022]: 27th European Symposium on Research in Computer Security (ESORICS) 2022,
ESORICS 2022 - publicity chair
- [FD] Banco Guayaquil v8.0.0 iOS - Cross Site Scripting Web Vulnerability,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] Ametys v4.4.1 CMS - Cross Site Scripting Vulnerability,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities,
info@xxxxxxxxxxxxxxxxxxxxx
- [FD] Backdoor.Win32.Agent.uq / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.FTP99 / Authentication Bypass Race Condition,
malvuln
- [FD] Backdoor.Win32.FTP99 / Port Bounce Scan (MITM),
malvuln
- [FD] Backdoor.Win32.Hanuman.b / Unauthenticated Remote Command Execution,
malvuln
- [FD] Backdoor.Win32.FTP.Lana.01.d / Weak Hardcoded Password,
malvuln
- [FD] Backdoor.Win32.FTP.Lana.01.d / Port Bounce Scan (MITM),
malvuln
- [FD] Backdoor.Win32.DRA.c / Weak Hardcoded Password,
malvuln
- [FD] CosaNostra Builder / Insecure Permissions,
malvuln
- [FD] CosaNostra Builder WebPanel / Insecure Crypto,
malvuln
- [FD] CosaNostra Builder WebPanel / Cross Site Request Forgery (CSRF),
malvuln
- [FD] Onapsis Security Advisory 2021-0021: SAP Enterprise Portal - XSS NavigationReporter,
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2021-0022: SAP Enterprise Portal - XSS RunContentCreation,
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2021-0023: SAP Enterprise Portal - SSRF iviewCatcherEditor,
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2021-0024: SAP Enterprise Portal - Anonymous Stored Open Redirect,
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2021-0025: Null Pointer Dereference vulnerability in SAP CommonCryptoLib,
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2021-0026: SAP Enterprise Portal - XSLT injection,
Onapsis Research via Fulldisclosure
- [FD] KL-001-2022-001: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability,
KoreLogic Disclosures via Fulldisclosure
- [FD] KL-001-2022-002: Moxa TN-5900 Post Authentication Command Injection Vulnerability,
KoreLogic Disclosures via Fulldisclosure
- [FD] CarolinaCon Online 2,
Carolina Con
- [FD] APPLE-SA-2022-01-26-1 iOS 15.3 and iPadOS 15.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-01-26-4 Security Update 2022-001 Catalina,
Apple Product Security via Fulldisclosure
- [FD] Backdoor.Win32.WinShell.50 / Weak Hardcoded Password,
malvuln
- [FD] APPLE-SA-2022-01-26-2 macOS Monterey 12.2,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-01-26-3 macOS Big Sur 11.6.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-01-26-5 tvOS 15.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-01-26-7 Safari 15.3,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-01-26-6 watchOS 8.4,
Apple Product Security via Fulldisclosure
- [FD] foxit reader Arbitrary File Write,
houjingyi
- [FD] HackTool.Win32.Muzzer.a / Heap Based Buffer Overflow,
malvuln
- [FD] Backdoor.Win32.Tiny.c / Unauthenticated Remote Command Execution,
malvuln
Mail converted by MHonArc