Mail Thread Index

• Date Index

• [FD] APPLE-SA-2022-03-31-2 macOS Monterey 12.3.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-03-31-1 iOS 15.4.1 and iPadOS 15.4.1, Apple Product Security via Fulldisclosure
• [FD] CVE-2022-26233: Barco Control Room Management Suite File Path Traversal Vulnerability, Murat Aydemir
• [FD] Multiple Vulnerabilities in Reprise License Manager 14.2, Gionathan Reale via Fulldisclosure
• [FD] Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution, malvuln
  • <Possible follow-ups>
  • [FD] Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Jokerdoor / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Delf.ps / Information Disclosure, malvuln
• [FD] Backdoor.Win32.Tiny.a / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Easyserv.11.c / Insecure Transit, malvuln
• [FD] Backdoor.Win32.Bifrose.uw / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Wisell / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Ptakks.XP.a / Insecure Credential Storage, malvuln
• [FD] Backdoor.Win32.Verify.h / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.FTP.Lana.01.d / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.FTP.Lana.01.d / Port Bounce Scan, malvuln
• [FD] Backdoor.Win32.Wisell / Stack Buffer Overflow (SEH), malvuln
• [FD] Backdoor.Win32.Xingdoor / Denial of Service, malvuln
• [FD] Backdoor.Win32.XLog.21 / Authentication Bypass Race Condition, malvuln
• [FD] AST-2022-001: res_stir_shaken: resource exhaustion with large files, Asterisk Security Team
• [FD] AST-2022-002: res_stir_shaken: SSRF vulnerability with Identity header, Asterisk Security Team
• [FD] AST-2022-003: func_odbc: Possible SQL Injection, Asterisk Security Team
• [FD] SEC Consult SA-20220413 :: Missing Authentication at File Download & Denial of Service in Siemens A8000 PLC, SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Backdoor.Win32.MotivFTP.12 / Authentication Bypass, malvuln
• [FD] Backdoor.Win32.Prorat.cwx / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password, malvuln
  • <Possible follow-ups>
  • [FD] Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password, malvuln
• [FD] HackTool.Win32.IpcScan.c / Local Stack Buffer Overflow, malvuln
• [FD] Backdoor.Win32.NetCat32.10 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.NetSpy.10 / Unauthenticated Remote Command Execution, malvuln
• [FD] Backdoor.Win32.NinjaSpy.c / Authentication Bypass, malvuln
• [FD] Backdoor.Win32.Kilo.016 / Denial of Service (UDP Datagram), malvuln
• [FD] Email-Worm.Win32.Pluto.b / Insecure Permissions, malvuln
• [FD] Adversary3 v1.0 / Malware vulnerability intel tool for third-party attackers / updated, malvuln
• [FD] HackTool.Win32.Delf.vs / Insecure Credential Storage, malvuln
• [FD] Backdoor.Win32.Loselove / Denial of Service, malvuln
• [FD] Trojan.Win32.TScash.c / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Hupigon.haqj / Insecure Service Path, malvuln
• [FD] Backdoor.Win32.Delf.zn / Insecure Credential Storage, malvuln
• [FD] Backdoor.Win32.GateHell.21 / Authentication Bypass, malvuln
• [FD] Backdoor.Win32.GateHell.21 / Port Bounce Scan, malvuln
• [FD] CVE-2021-40680: Artica Proxy VMWare Appliance 4.30.000000 <=[SP273] Rev.1, Heiko Feldhusen via Fulldisclosure
• [FD] [AIT-SA-20220208-01] SexyPolling SQL Injection, sec-advisory
• [FD] Trovent Security Advisory 2108-02 / Zepp: User account enumeration in password reset function, Stefan Pietsch
• [FD] SEC Consult SA-20220427-0 :: Privilege Escalation in Miele Benchmark Programming Tool, SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow, malvuln
• [FD] Net-Worm.Win32.Kibuv.c / Authentication Bypass, malvuln
• [FD] Email-Worm.Win32.Sidex / Unauthenticated Remote Command Execution, malvuln
• [FD] Virus.Win32.Qvod.b / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.GF.j / Unauthenticated Remote Command Execution, malvuln
• [FD] Trojan-Downloader.Win32.Small.ahlq / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Cafeini.b / Port Bounce Scan, malvuln
• [FD] Trojan-Downloader.Win32.Agent / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Agent.aegg / Weak Hardcoded Credentials, malvuln