Mail Index

• Thread Index

• [FD] Microsoft PlayReady white-box cryptography weakness
  • From: Security Explorations
• [FD] Live2D Cubism refusing to fix validation issue leading to heap corruption.
  • From: PT via Fulldisclosure
• [FD] Microsoft PlayReady toolkit - codes release
  • From: Security Explorations
• [FD] OXAS-ADV-2024-0002: OX App Suite Security Advisory
  • From: Martin Heiland via Fulldisclosure
• [FD] secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping (XSS) flaws in Drupal-Wiki
  • From: Simon Bieber via Fulldisclosure
• [FD] Microsoft PlayReady - complete client identity compromise
  • From: Security Explorations
• [FD] [KIS-2024-04] Cacti <= 1.2.26 (import.php) Remote Code Execution Vulnerability
  • From: Egidio Romano
• [FD] HNS-2024-07 - HN Security Advisory - Multiple vulnerabilities in RIOT OS
  • From: Marco Ivaldi
• [FD] APPLE-SA-05-08-2024-1 iTunes 12.13.2 for Windows
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-1 Safari 17.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-2 iOS 17.5 and iPadOS 17.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-3 iOS 16.7.8 and iPadOS 16.7.8
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-4 macOS Sonoma 14.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
  • From: Apple Product Security via Fulldisclosure
• [FD] Research about consistency of CVSSv4
  • From: Julia Wunder
• [FD] APPLE-SA-05-13-2024-7 watchOS 10.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2024-8 tvOS 17.5
  • From: Apple Product Security via Fulldisclosure
• [FD] RansomLord v3 / Anti-Ransomware Exploit Tool Released
  • From: malvuln
• Re: [FD] RansomLord v3 / Anti-Ransomware Exploit Tool Released
  • From: malvuln
• [FD] Panel.Amadey.d.c C2 / Cross Site Scripting (XSS)
  • From: malvuln
• [FD] Panel.SmokeLoader C2 / Cross Site Scripting (XSS)
  • From: malvuln
• [FD] Panel.SmokeLoader / Cross Site Request Forgery (CSRF)
  • From: malvuln
• Re: [FD] Panel.SmokeLoader / Cross Site Request Forgery (CSRF)
  • From: malvuln
• [FD] BACKDOOR.WIN32.ASYNCRAT / Arbitrary Code Execution
  • From: malvuln
• [FD] TROJANSPY.WIN64.EMOTET.A / Arbitrary Code Execution
  • From: malvuln
• [FD] SEC Consult SA-20240513-0 :: Tolerating Self-Signed Certificates in SAP® Cloud Connector
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package
  • From: Andrea Intilangelo
• [FD] asterisk release 18.23.1
  • From: Asterisk Development Team via Fulldisclosure
• [FD] asterisk release 21.3.1
  • From: Asterisk Development Team via Fulldisclosure
• [FD] asterisk release 20.8.1
  • From: Asterisk Development Team via Fulldisclosure
• [FD] [CFP] Security BSides Ljubljana 0x7E8 | September 27, 2024
  • From: Andraz Sraka
• [FD] SEC Consult SA-20240522-0 :: Broken access control & API Information Exposure in 4BRO App
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20240524-0 :: Exposed Serial Shell on multiple PLCs in Siemens CP-XXXX Series
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20240527-0 :: Multiple vulnerabilities in HAWKI didactic interface
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] HNS-2024-06 - HN Security Advisory - Multiple vulnerabilities in Eclipse ThreadX
  • From: Marco Ivaldi
• [FD] CyberDanube Security Research 20240528-0 | Multiple Vulnerabilities in ORing IAP-420
  • From: Thomas Weber via Fulldisclosure