Mail Thread Index

• Date Index

• [FD] Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting, YEUNG, Tsz Ko
• [FD] AST-2022-004: pjproject: integer underflow on STUN message, Asterisk Security Team
• [FD] AST-2022-005: pjproject: undefined behavior after freeing a dialog set, Asterisk Security Team
• [FD] AST-2022-006: pjproject: unconstrained malformed multipart SIP message, Asterisk Security Team
• [FD] Mr. Post - Outlook Add-in - Data Theft Risk, Jonathan Gregson via Fulldisclosure
• [FD] New Release: UFONet v1.8 - "DarK-PhAnT0m!"..., psy
• [FD] Backdoor.Win32.Augudor.a / Unauthenticated Remote File Write - RCE, malvuln
• [FD] Backdoor.Win32.BNLite / Remote Stack Buffer Overflow, malvuln
• [FD] Backdoor.Win32.FTP.Nuclear.10 / Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.BluanWeb / Unauthenticated Remote Code Execution, malvuln
• [FD] Backdoor.Win32.BluanWeb / Information Disclosure, malvuln
• [FD] Backdoor.Win32.BluanWeb / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.RemoteNC.beta4 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.DirectConnection.103 (1.0 RAT-Tool) / Weak Hardcoded Password, malvuln
• [FD] Loki RAT (Relapse) / Directory Traversal - Arbitrary File Delete, malvuln
• [FD] Loki RAT (Relapse) / SQL Injection, malvuln
• [FD] CVE-2021-45040 - Laravel Media Library Pro <=2.1.6 - Arbitrary File Upload (Unauthenticated), Kelvin Yip
• [FD] RedLine.MainPanel - cracked.exe / Insecure Permissions, malvuln
• [FD] Hades RAT - Web Panel / Insecure Credential Storage, malvuln
• [FD] Hades RAT - Web Panel / Information Disclosure, malvuln
• [FD] Hades RAT - Web Panel / Remote Persistent XSS, malvuln
• [FD] APPLE-SA-2022-03-14-8 Logic Pro X 10.7.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-9 GarageBand 10.4.6, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-6 Security Update 2022-003 Catalina, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-7 Xcode 13.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-10 iTunes 12.12.3 for Windows, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-5 macOS Big Sur 11.6.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-3 tvOS 15.4, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-2 watchOS 8.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-14-4 macOS Monterey 12.3, Apple Product Security via Fulldisclosure
• [FD] CVE-2021-45490: Missing Certificate Verification in 3CX Client for Windows (legacy), Android & iOS, Emanuel DUSS
• [FD] CVE-2021-45491: Exportable Cleartext Passwords in the 3CX Phone System, Emanuel DUSS
• [FD] [CVE-2021-42063] SAP Knowledge Warehouse <= 7.50 "SAPIrExtHelp" Reflected XSS, Julien Ahrens (RCE Security)
• [FD] BuilderOrcus (Orcus.Administration-cracked.exe) / Insecure Permissions, malvuln
• [FD] BuilderOrcus (Orcus.Administration-cracked.exe) / Insecure Credential Storage, malvuln
• [FD] BuilderPandoraRat.b - (Pandora Rat 2.2 [Beta].exe) / Insecure Credential Storage, malvuln
• [FD] BuilderTorCTPHPRAT.b / Insecure Credential Storage, malvuln
• [FD] BuilderTorCTPHPRAT.b / Arbitrary File Upload - RCE, malvuln
• [FD] BuilderTorCTPHPRAT.b / Remote Persistent XSS, malvuln
• [FD] BuilderRevengeRAT - (Revenge-RAT v0.3) / XML External Entity Injection, malvuln
• [FD] Adversary3 v1.0 - Malware vulnerability intel tool for third-party attackers., malvuln
• [FD] [CFP-ESORICS 2022]: 27th European Symposium on Research in Computer Security (ESORICS) 2022, CFP - ESORICS 2022
• [FD] Open-Xchange Security Advisory 2022-03-21, Martin Heiland via Fulldisclosure
• [FD] [KIS-2022-01] ImpressCMS <= 1.4.2 (autologin.php) Authentication Bypass Vulnerability, Egidio Romano
• [FD] [KIS-2022-02] ImpressCMS <= 1.4.2 (image-edit.php) Path Traversal Vulnerability, Egidio Romano
• [FD] [KIS-2022-03] ImpressCMS <= 1.4.2 (findusers.php) Incorrect Access Control Vulnerability, Egidio Romano
• [FD] [KIS-2022-04] ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability, Egidio Romano
• [FD] ImpressCMS: from unauthenticated SQL injection to RCE, Egidio Romano
  • Re: [FD] ImpressCMS: from unauthenticated SQL injection to RCE, Egidio Romano
• [FD] The Knights of NYNEX presents: Akhlut prowling terror, Knights of Nynex via Fulldisclosure
• [FD] Backdoor.Win32.Agent.bxxn / Open Proxy, malvuln
• [FD] Backdoor.Win32.BirdSpy.b / Weak Hardcoded Credentials, malvuln
• [FD] [SYSS-2021-058] Razer Synapse - Local Privilege Escalation, Oliver Schwarz
• [FD] PHP filter_var vulnerability, Jordy Zomer
• [FD] Backdoor.Win32.Cyn.20 / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Cafeini.b / Denial of Service, malvuln
• [FD] Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Chubo.c / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Chubo.c / Cross Site Scripting (XSS), malvuln
• [FD] Backdoor.Win32.Avstral.e / Unauthenticated Remote Command Execution, malvuln
• [FD] [KIS-2022-05] Joomla! <= 4.1.0 (Tar.php) Zip Slip Vulnerability, Egidio Romano