Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
93 messages
starting Feb 26 21 and
ending Feb 26 21
Date index |
Thread index |
Author index
Andrés Roldán via Fulldisclosure
Double-Free found on Squid 4.14 and 5.0.5 Andrés Roldán via Fulldisclosure (Feb 26)
Apple Product Security via Fulldisclosure
APPLE-SA-2021-02-01-2 Additional information for APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4 Apple Product Security via Fulldisclosure (Feb 01)
APPLE-SA-2021-02-01-3 Additional information for APPLE-SA-2021-01-26-2 tvOS 14.4 Apple Product Security via Fulldisclosure (Feb 01)
APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave Apple Product Security via Fulldisclosure (Feb 01)
APPLE-SA-2021-02-01-4 Additional information for APPLE-SA-2021-01-26-3 watchOS 7.3 Apple Product Security via Fulldisclosure (Feb 01)
APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 Apple Product Security via Fulldisclosure (Feb 11)
Asterisk Security Team
AST-2021-004: An unsuspecting user could crash Asterisk with multiple hold/unhold requests Asterisk Security Team (Feb 18)
AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver Asterisk Security Team (Feb 18)
AST-2021-001: Remote crash in res_pjsip_diversion Asterisk Security Team (Feb 18)
AST-2021-002: Remote crash possible when negotiating T.38 Asterisk Security Team (Feb 18)
AST-2021-003: Remote attacker could prematurely tear down SRTP calls Asterisk Security Team (Feb 18)
Certitude - Advisories
[CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces Certitude - Advisories (Feb 19)
Daniel Bishtawi via Fulldisclosure
Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14 Daniel Bishtawi via Fulldisclosure (Feb 01)
David Coomber
CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189) David Coomber (Feb 23)
Harrison Neal
Oracle DB: various issues related to malicious database gateways Harrison Neal (Feb 01)
houjingyi
null pointer deference in mfmp4srcsnk.dll in latest windows 10 houjingyi (Feb 04)
IBM(R) Db2(R) Windows client DLL Hijacking Vulnerability(0day) houjingyi (Feb 23)
hyp3rlinx
Recon-Informer v1.3 - Intel for offensive systems anti-reconnaissance (nmap) tool hyp3rlinx (Feb 16)
Jack Misiura via Fulldisclosure
Stored XSS in SolarWinds Serv-U File Server <=15.2.1 Jack Misiura via Fulldisclosure (Feb 11)
Path traversal in SolarWinds Serv-U File Server <=15.2.1 Jack Misiura via Fulldisclosure (Feb 11)
Kaustubh via Fulldisclosure
KSA_DEV-009 :- Authenticated Code Execution In Unibox 2.4 Kaustubh via Fulldisclosure (Feb 07)
KSA-Dev-008: Authenticated XSRF leads to complete account takeover in all UNIBOX WiFi Hotspot Controller Kaustubh via Fulldisclosure (Feb 07)
malvuln
Trojan.Win32.Gofot.htx / Local File Buffer Overflow malvuln (Feb 26)
Backdoor.Win32.DarkKomet.bhfh / Insecure Permissions malvuln (Feb 19)
Backdoor.Win32.NetBull.11.b / Remote Buffer Overflow malvuln (Feb 04)
Backdoor.Win32.Azbreg.amw / Insecure Permissions malvuln (Feb 26)
Backdoor.Win32.Delf.adag / Weak Hardcoded Credentials malvuln (Feb 26)
Backdoor.Win32.Anaptix.bd / Insecure Permissions malvuln (Feb 01)
Trojan.Win32.Hotkeychick.am / Insecure Permissions malvuln (Feb 26)
Backdoor.Win32.DarkKomet.apcc / Insecure Permissions malvuln (Feb 19)
Backdoor.Win32.Aphexdoor.LiteSock / Remote Stack Buffer Overflow malvuln (Feb 11)
Backdoor.Win32.Inject.tyq / Insecure Permissions malvuln (Feb 23)
Trojan-Proxy.Win32.Daemonize.i / Remote Denial of Service malvuln (Feb 23)
Trojan.Win32.Pincav.cmfl / Insecure Permissions malvuln (Feb 23)
Backdoor.Win32.Agent.xs / Insecure Permissions malvuln (Feb 26)
Backdoor.Win32.Cabrotor.21 / Insecure Permissions malvuln (Feb 16)
Email-Worm.Win32.Sircam.eb / Insecure Permissions EoP malvuln (Feb 07)
Backdoor.Win32.Burbul.b / Anonymous Logon malvuln (Feb 16)
Backdoor.Win32.Agent.xw / Remote Null Ptr Dereference - Denial of Service malvuln (Feb 26)
Backdoor.Win32.Agent.aak / Remote Buffer Overflow malvuln (Feb 18)
Backdoor.Win32.Indexer.a / Remote Denial Of Service malvuln (Feb 16)
Backdoor.Win32.Agent.aak / Weak Hardcoded Credentials malvuln (Feb 18)
Backdoor.Win32.Wollf.15 / Missing Authentication malvuln (Feb 11)
Backdoor.Win32.Celine / Missing Authentication malvuln (Feb 01)
Backdoor.Win32.MiniBlackLash / Remote DoS malvuln (Feb 01)
Backdoor.Win32.Ketch.h / Remote Stack Buffer Overflow (SEH) malvuln (Feb 23)
Backdoor.Win32.Augudor.a / Unauthenticated Remote File Write Code Execution malvuln (Feb 11)
Trojan-Spy.Win32.WebCenter.a / Information Disclosure malvuln (Feb 07)
Trojan-Spy.Win32.WinSpy.wlt / Insecure Permissions malvuln (Feb 16)
Trojan-Spy.Win32.SpyEyes.awow / Insecure Permissions EoP malvuln (Feb 07)
Backdoor.Win32.NetTerrorist / Unauthorized Remote Command Execution malvuln (Feb 11)
Backdoor.Win32.Azbreg.aant / Insecure Permissions malvuln (Feb 16)
Packed.Win32.Katusha.o (Ransomeware) / Insecure Permissions EoP malvuln (Feb 01)
Trojan.Win32.Gentee.h / Insecure Permissions EoP malvuln (Feb 07)
Trojan-Spy.Win32.SpyEyes.auwl / Insecure Permissions EoP malvuln (Feb 07)
Backdoor.Win32.Zhangpo / Remote DoS malvuln (Feb 01)
Backdoor.Win32.Bionet.10 / Anonymous Logon malvuln (Feb 19)
Trojan.Win32.Gentee.b / Insecure Permissions EoP malvuln (Feb 07)
Backdoor.Win32.Wollf.14 / Missing Authentication malvuln (Feb 01)
Backdoor.Win32.RemoteManipulator.brr / Insecure Permissions EoP malvuln (Feb 04)
Trojan.Win32.Delf.uq / Insecure Permissions EoP malvuln (Feb 07)
Trojan-Dropper.Win32.Daws.etlm / Remote Unauthenticated System Reboot malvuln (Feb 26)
Trojan.Win32.Cafelom.bu / Heap Corruption malvuln (Feb 11)
Trojan-Spy.Win32.SpyEyes.auqj / Insecure Permissions EoP malvuln (Feb 07)
Trojan-Spy.Win32.WinSpy.vwl / Insecure Permissions EoP malvuln (Feb 11)
Backdoor.Win32.Cafeini.08.b / Missing Authentication malvuln (Feb 16)
Trojan-Proxy.Win32.Delf.ai / Remote SEH Buffer Overflow malvuln (Feb 26)
Trojan.Win32.Cospet.abg / Insecure Permissions EoP malvuln (Feb 07)
Backdoor.Win32.Agent.aak / Cross Site Request Forgery (CSRF) - Code Execution malvuln (Feb 18)
Backdoor.Win32.Xyligan.blp / Insecure Permissions EoP malvuln (Feb 01)
Trojan.Win32.Pluder.o / Insecure Permissions malvuln (Feb 23)
Backdoor.Win32.Zetronic / Remote DoS malvuln (Feb 01)
Backdoor.Win32.DarkKomet.apbb / Insecure Permissions malvuln (Feb 01)
Backdoor.Win32.Bifrose.ahvb / Insecure Permissions malvuln (Feb 16)
Backdoor.Win32.DarkKomet.irv / Insecure Permissions malvuln (Feb 23)
Backdoor.Win32.Buterat.cxq / Insecure Permissions EoP malvuln (Feb 01)
Trojan.Win32.Comei.pgo / Insecure Permissions EoP malvuln (Feb 07)
Constructor.Win32.SpyNet.a / Remote Password Leak malvuln (Feb 01)
Backdoor.Win32.Mhtserv.b / Missing Authentication malvuln (Feb 01)
Backdoor.Win32.BackAttack.18 / Multiple Vulnerabilities malvuln (Feb 11)
Backdoor.Win32.Backlash.101 / Missing Authentication malvuln (Feb 16)
Trojan-Spy.Win32.SpyEyes.elr / Insecure Permissions malvuln (Feb 26)
Backdoor.Win32.Wollf.h / Missing Authentication malvuln (Feb 26)
Backdoor.Win32.Indexer.a / Hardcoded Weak Credentials malvuln (Feb 16)
polict of Shielder
Multiple remote memory corruptions in Telegram's handling of animated stickers polict of Shielder (Feb 19)
Red Timmy Security
Bug bounty failure stories to learn from: how we ended up to hack a bank with no reward Red Timmy Security (Feb 04)
research
[KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability research (Feb 19)
Roman Fiedler
Rigged Race Against Firejail for Local Root: Using pipes/ptys to win races Roman Fiedler (Feb 18)
Ryan Wincey
VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability Ryan Wincey (Feb 26)
SEC Consult Vulnerability Lab
SEC Consult SA-20210217-0 :: Multiple Vulnerabilities in Multiple Vulnerabilities SEC Consult Vulnerability Lab (Feb 17)
SEC Consult SA-20210210-0 :: Reflected Cross-Site Scripting in Adobe Magento Commerce SEC Consult Vulnerability Lab (Feb 10)
X41 D-Sec GmbH Advisories
X41 D-Sec GmbH Security Advisory X41-2021-001: Multiple Vulnerabilities in YARA X41 D-Sec GmbH Advisories (Feb 01)
Yavuz
Online Tool for Discussion of Vulnerabilities Yavuz (Feb 26)