Mail Thread Index

• Date Index

• [FD] APPLE-SA-2022-08-31-1 iOS 12.5.6, Apple Product Security via Fulldisclosure
• [FD] Open-Xchange Security Advisory 2022-09-01, Martin Heiland via Fulldisclosure
• [FD] 123ADV-001: Stack Buffer Overflow in Lotus 1-2-3 R3 for UNIX/Linux, Tavis Ormandy
• [FD] sagemath denial of service with abort() in gmp: overflow in mpz type, Georgi Guninski
• [FD] AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal, Jens Regel | CRISEC
• [FD] Trojan.Win32.Autoit.fhj / Insecure Permissions, malvuln
• [FD] Backdoor.Win32.Winshell.5_0 / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Hupigon.aspg / Insecure Service Path, malvuln
• [FD] Trojan-Ransom.Win32.Hive.bv / Arbitrary Code Execution, malvuln
• [FD] Trojan.Win32.Autoit.fhj / Named Pipe Null DACL, malvuln
• [FD] Multiple vulnerabilities discovered in Qualys Cloud Agent, Daniel Wood via Fulldisclosure
• [FD] [SYSS-2022-041] Remote Code Execution due to unsafe JMX default configuration in JasperReports Server, Moritz Bechler
• [FD] APPLE-SA-2022-09-12-1 iOS 16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-09-12-4 macOS Monterey 12.6, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-09-12-5 Safari 16, Apple Product Security via Fulldisclosure
• [FD] over 2000 packages depend on abort()ing libgmp, Georgi Guninski
  • Re: [FD] over 2000 packages depend on abort()ing libgmp, Matthew Fernandez
• [FD] SEC Consult SA-20220914-0 :: Improper Access Control in SAP® SAProuter, SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20220915-0 :: Local Privilege Escalation im SAP® SAPControl Web Service Interface (sapuxuserchk), SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Trojan-Dropper.Win32.Corty.10 / Insecure Credential Storage, malvuln
• [FD] Trojan.Ransom.Ryuk.A / Arbitrary Code Execution, malvuln
• [FD] Backdoor.Win32.Hellza.120 / Unauthorized Remote Command Execution, malvuln
• [FD] Backdoor.Win32.Hellza.120 / Authentication Bypass, malvuln
• [FD] SEC Consult SA-20220923-0 :: Multiple Memory Corruption Vulnerabilities in COVESA (Connected Vehicle Systems Alliance) DLT daemon, SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Backdoor.Win32.Bingle.b / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Psychward.b / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Augudor.b / Remote File Write Code Execution, malvuln