Mail Thread Index

• Date Index

• [FD] ZKBiosecurity - Authenticated SQL Injection resulting in RCE (CVE-2022-36635), Caio B
• [FD] ZKBioSecurity 3.0.5- Privilege Escalation to Admin (CVE-2022-36634), Caio B
• [FD] Wordpress plugin - WPvivid Backup - CVE-2022-2863., Rodolfo Tavares via Fulldisclosure
• [FD] Backdoor.Win32.NTRC / Weak Hardcoded Credentials, malvuln
• [FD] Backdoor.Win32.Delf.eg / Unauthenticated Remote Command Execution, malvuln
• [FD] [SYSS-2022-043]: Verbatim Store 'n' Go Secure Portable SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384), Matthias Deeg
• [FD] [SYSS-2022-044]: Verbatim Store 'n' Go Secure Portable SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382), Matthias Deeg
• [FD] [SYSS-2022-045]: Verbatim Store 'n' Go Secure Portable SSD - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383), Matthias Deeg
• [FD] [SYSS-2022-046]: Verbatim Store 'n' Go Secure Portable SSD - Expected Behavior Violation (CWE-440) (CVE-2022-28386), Matthias Deeg
• [FD] Apple Music Android Application - MITM SSL Certificate Vulnerability (CVE-2022-32906), David Coomber
• Re: [FD] over 2000 packages depend on abort()ing libgmp, Georgi Guninski
  • Re: [FD] over 2000 packages depend on abort()ing libgmp, Matthew Fernandez
• [FD] APPLE-SA-2022-10-10-1 iOS 16.0.3, Apple Product Security via Fulldisclosure
• [FD] Backdoor.Win32.DarkSky.23 / Remote Stack Buffer Overflow (SEH), malvuln
• [FD] CyberDanube Security Research 20221009-0 | Authenticated Command Injection in Intelbras WiFiber 120AC inMesh, Thomas Weber
• [FD] OpenStack Horizon, it is posible to trigger a POST Request to any address, Sven Anders
• [FD] Knap (APL) v3.1.3 - Persistent Cross Site Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Vicidial v2.14-783a - Multiple XSS Web Vulnerabilities, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Stripe Green Downloads 2.03 - Cross Site Scripting Web Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Webile v1.0.1 - Directory Traversal Web Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] WiFi File Transfer v1.0.8 - Cross Site Scripting Vulnerabilities, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] MapTool v1.11.5 - Denial of Service Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] MapTool v1.11.5 - Cross Site Scripting Vulnerabilities, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] RRX IOB LP v1.0 - DNS Cache Snooping Vulnerability, info@xxxxxxxxxxxxxxxxxxxxx
• [FD] Backdoor.Win32.Redkod.d / Weak Hardcoded Credentials, malvuln
• [FD] [RT-SA-2021-003] Missing Authentication in ZKTeco ZEM/ZMM Web Interface, RedTeam Pentesting GmbH
• [FD] wolfssl before 5.5.1: CVE-2022-39173 Buffer overflow when refining cipher suites, Maximilian Ammann via Fulldisclosure
• [FD] Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973), Qualys Security Advisory via Fulldisclosure
• [FD] Alibaba Cloud Workspace vulnerable to IDOR which lead to account hijacking in a certain situation, chan chan
• [FD] APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-2 macOS Ventura 13, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1, Apple Product Security via Fulldisclosure
• [FD] Backdoor.Win32.Delf.arh / Authentication Bypass, malvuln
• [FD] Backdoor.Win32.Psychward.10 / Unauthenticated Remote Command Execution, malvuln
• [FD] Email-Worm.Win32.Kipis.c / Remote File Write Code Execution, malvuln
• [FD] APPLE-SA-2022-10-24-5 watchOS 9.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-6 tvOS 16.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-7 Safari 16.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-8 Additional information for APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-10 Additional information for APPLE-SA-2022-10-24-6 tvOS 16.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-11 tvOS 16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-12 Additional information for APPLE-SA-2022-10-24-5 watchOS 9.1, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-13 watchOS 9, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-15 Additional information for APPLE-SA-2022-10-24-7 Safari 16.1, Apple Product Security via Fulldisclosure