Mail Index

• Thread Index

• [FD] [tool] ModSecurity backdoor
  • From: Jozef Sudolsky
• [FD] Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877
  • From: Numan TÜRLE
• [FD] [KIS-2023-01] Tiki Wiki CMS Groupware <= 25.0 Two Cross-Site Request Forgery Vulnerabilities
  • From: Egidio Romano
• [FD] [KIS-2023-02] Tiki Wiki CMS Groupware <= 24.0 (structlib.php) PHP Code Injection Vulnerability
  • From: Egidio Romano
• [FD] [KIS-2023-03] Tiki Wiki CMS Groupware <= 24.0 (grid.php) PHP Object Injection Vulnerability
  • From: Egidio Romano
• [FD] [KIS-2023-04] Tiki Wiki CMS Groupware <= 24.1 (tikiimporter_blog_wordpress.php) PHP Object Injection Vulnerability
  • From: Egidio Romano
• [FD] Citrix Linux client logs session credentials
  • From: Russell Howe
• [FD] wolfSSL before 5.5.0: Denial-of-service with session resumption
  • From: Maximilian Ammann via Fulldisclosure
• [FD] wolfSSL 5.3.0: Denial-of-service
  • From: Maximilian Ammann via Fulldisclosure
• [FD] wolfSSL before 5.5.0: Denial-of-service with session resumption
  • From: Maximilian Ammann via Fulldisclosure
• [FD] wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSL_CALLBACKS
  • From: Maximilian Ammann via Fulldisclosure
• [FD] HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm
  • From: Marco Ivaldi
• [FD] SEC Consult SA-20230117-0 :: Pre-authenticated Remote Code Execution in cs.exe (@OpenText Content Server component of OpenText Extended ECM)
  • From: SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20230117-1 :: Pre-authenticated Remote Code Execution via Java frontend and QDS endpoint in @OpenText Content Server component of OpenText Extended ECM
  • From: SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20230117-2 :: Multiple post-authentication vulnerabilities including RCE in @OpenText Content Server component of OpenText Extended ECM
  • From: SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-2 iOS 15.7.3 and iPadOS 15.7.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-3 iOS 12.5.7
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-4 macOS Ventura 13.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-7 watchOS 9.3
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-8 Safari 16.3
  • From: Apple Product Security via Fulldisclosure
• Re: [FD] HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm
  • From: Marco Ivaldi
• [FD] t2'23: Call For Papers 2023 (Helsinki, Finland)
  • From: Tomi Tuominen via Fulldisclosure
• [FD] [RT-SA-2022-002] Skyhigh Security Secure Web Gateway: Cross-Site Scripting in Single Sign-On Plugin
  • From: RedTeam Pentesting GmbH
• [FD] [SYSS-2022-047] Razer Synapse - Local Privilege Escalation
  • From: Oliver Schwarz via Fulldisclosure
• [FD] APPLE-SA-2023-01-24-1 tvOS 16.3
  • From: Apple Product Security via Fulldisclosure
• [FD] Trovent Security Advisory 2203-01 / Micro Focus GroupWise transmits session ID in URL
  • From: Stefan Pietsch