Mail Thread Index
- [FD] [Extension: CPSIoTSec 2022] The Workshop on CPS&IoT Security and Privacy **Submission Deadline: July 25, 2022**,
alcaraz
- [FD] 🐞 CFP for Hardwear.io NL 2022 is OPEN!,
Andrea Simonca
- [FD] typeorm CVE-2022-33171,
lixts via Fulldisclosure
- [FD] BigBlueButton - Stored XSS in username (CVE-2022-31064),
Rick Verdoes via Fulldisclosure
- [FD] Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials,
malvuln
- [FD] Backdoor.Win32.Coredoor.10.a / Authentication Bypass,
malvuln
- [FD] Backdoor.Win32.EvilGoat.b / Weak Hardcoded Credentials,
malvuln
- [FD] JAHx221 - RCE in copy/pasted PHP compat libraries, json_decode function,
Eldar Marcussen
- [FD] CVE-2022-30550: Privilege escalation possible in dovecot when similar master and non-master passdbs are used,
Aki Tuomi via Fulldisclosure
- [FD] EQS Integrity Line: Multiple Vulnerabilities,
Giovanni Pellerano
- [FD] Ransom Lockbit 3.0 / Local Unicode Buffer Overflow (SEH),
malvuln
- [FD] Ransom Lockbit 3.0 / Code Execution,
malvuln
- [FD] Backdoor.Win32.HoneyPot.a / Weak Hardcoded Password,
malvuln
- [FD] Builder XtremeRAT v3.7 / Insecure Permissions,
malvuln
- [FD] Builder XtremeRAT v3.7 / Insecure Crypto Bypass,
malvuln
- [FD] [CFP] 2nd International Workshop on Cyber Forensics and Threat Investigations Challenges CFTIC 2022 (Virtual),
Andrew Zayine
- Re: [FD] AnyDesk Public Exploit Disclosure - Arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine,
chan chan
- [FD] Backdoor.Win32.Eclipse.h / Weak Hardcoded Credentials,
malvuln
- [FD] Open-Xchange Security Advisory 2022-07-21,
Martin Heiland via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-5 tvOS 15.6,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-6 watchOS 8.7,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-7 Safari 15.6,
Apple Product Security via Fulldisclosure
- [FD] APPLE-SA-2022-07-20-2 macOS Monterey 12.5,
Apple Product Security via Fulldisclosure
- [FD] [CVE-2021-24910] Transposh <= 1.0.7 “tp_tp” Unauthenticated Reflected Cross-Site Scripting,
Julien Ahrens (RCE Security)
- [FD] [CVE-2021-24911] Transposh <= 1.0.7 “tp_translation” Unauthenticated Stored Cross-Site Scripting,
Julien Ahrens (RCE Security)
- [FD] [CVE-2021-24912] Transposh <= 1.0.8.1 Multiple Cross-Site Request Forgeries,
Julien Ahrens (RCE Security)
- [FD] [CVE-2022-2461] Transposh <= 1.0.8.1 “tp_translation” Weak Default Translation Permissions,
Julien Ahrens (RCE Security)
- [FD] [CVE-2022-2462] Transposh <= 1.0.8.1 “tp_history” Unauthenticated Information Disclosure,
Julien Ahrens (RCE Security)
- [FD] [CVE-2022-25810] Transposh <= 1.0.8.1 Improper Authorization Allowing Access to Administrative Utilities,
Julien Ahrens (RCE Security)
- [FD] [CVE-2022-25811] Transposh <= 1.0.8.1 “tp_editor” Multiple Authenticated SQL Injections,
Julien Ahrens (RCE Security)
- [FD] [CVE-2022-25812] Transposh <= 1.0.8.1 “save_transposh” Missing Logfile Extension Check Leading to Code Injection,
Julien Ahrens (RCE Security)
Mail converted by MHonArc