Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
91 messages
starting Jan 14 22 and
ending Jan 24 22
Date index |
Thread index |
Author index
Andrea Simonca
🐞 Call for Papers for Hardwear.io USA 2022 is OPEN! Andrea Simonca (Jan 14)
Apple Product Security via Fulldisclosure
APPLE-SA-2022-01-12-1 iOS 15.2.1 and iPadOS 15.2.1 Apple Product Security via Fulldisclosure (Jan 12)
APPLE-SA-2022-01-26-3 macOS Big Sur 11.6.3 Apple Product Security via Fulldisclosure (Jan 28)
APPLE-SA-2022-01-26-5 tvOS 15.3 Apple Product Security via Fulldisclosure (Jan 28)
APPLE-SA-2022-01-26-4 Security Update 2022-001 Catalina Apple Product Security via Fulldisclosure (Jan 28)
APPLE-SA-2022-01-26-6 watchOS 8.4 Apple Product Security via Fulldisclosure (Jan 28)
APPLE-SA-2022-01-26-1 iOS 15.3 and iPadOS 15.3 Apple Product Security via Fulldisclosure (Jan 28)
APPLE-SA-2022-01-26-2 macOS Monterey 12.2 Apple Product Security via Fulldisclosure (Jan 28)
APPLE-SA-2022-01-26-7 Safari 15.3 Apple Product Security via Fulldisclosure (Jan 28)
Carolina Con
CarolinaCon Online 2 Carolina Con (Jan 28)
ESORICS 2022 - publicity chair
[CFP-ESORICS 2022]: 27th European Symposium on Research in Computer Security (ESORICS) 2022 ESORICS 2022 - publicity chair (Jan 24)
Gaetano Perrone
PoC for CVE-2021-25079 Gaetano Perrone (Jan 07)
CVE-2021-25080 vulnerability Gaetano Perrone (Jan 02)
Gionathan Reale via Fulldisclosure
Reprise License Manager 14.2 - Reflected Cross-Site Scripting Gionathan Reale via Fulldisclosure (Jan 12)
houjingyi
foxit reader Arbitrary File Write houjingyi (Jan 29)
hyp3rlinx
Microsoft Windows .Reg File Dialog Spoof / Mitigation Bypass hyp3rlinx (Jan 11)
Microsoft Windows Defender / Detection Bypass hyp3rlinx (Jan 11)
info () vulnerability-lab com
Banco Guayaquil v8.0.0 iOS - Cross Site Scripting Web Vulnerability info () vulnerability-lab com (Jan 25)
Affiliate Pro v1.7 - Multiple Cross Site Vulnerabilities info () vulnerability-lab com (Jan 07)
cWifi Hotspot Wireless CP - Code Execution Vulnerability info () vulnerability-lab com (Jan 07)
Easy Cart Shopping Cart - (Search) Persistent Vulnerability info () vulnerability-lab com (Jan 07)
uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities info () vulnerability-lab com (Jan 07)
uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities info () vulnerability-lab com (Jan 25)
Rocket LMS v1.1 - (History) Persistent XSS Vulnerability info () vulnerability-lab com (Jan 07)
Ametys v4.4.1 CMS - Cross Site Scripting Vulnerability info () vulnerability-lab com (Jan 25)
Ismail Aydemir
Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Ismail Aydemir (Jan 24)
Knights of Nynex via Fulldisclosure
The Knights of NYNEX presents: Morgawr's feast Knights of Nynex via Fulldisclosure (Jan 31)
KoreLogic Disclosures via Fulldisclosure
KL-001-2022-001: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability KoreLogic Disclosures via Fulldisclosure (Jan 28)
KL-001-2022-002: Moxa TN-5900 Post Authentication Command Injection Vulnerability KoreLogic Disclosures via Fulldisclosure (Jan 28)
Mahmoud Al-Qudsi
Xerox vulnerability allows unauthenticated remote users to remotely brick network printers Mahmoud Al-Qudsi (Jan 24)
malvuln
Backdoor.Win32.SVC / Directory Traversal malvuln (Jan 07)
Backdoor.Win32.Wollf.m / Authentication Bypass malvuln (Jan 02)
Backdoor.Win32.Dsklite.a / Remote Denial of Service malvuln (Jan 07)
Backdoor.Win32.DRA.c / Weak Hardcoded Password malvuln (Jan 25)
Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow malvuln (Jan 02)
Win32.MarsStealer Web Panel / Unauthenticated Remote Persistent XSS malvuln (Jan 16)
Backdoor.Win32.Skrat / Cleartext Hardcoded Password malvuln (Jan 02)
CosaNostra Builder WebPanel / Insecure Crypto malvuln (Jan 25)
CollectorStealerBuilder v2.0.0 Panel / Insecure Credential Storage malvuln (Jan 24)
Backdoor.Win32.Fantador / Insecure Password Storage malvuln (Jan 02)
AgentTesla Builder Web Panel / SQL Injection malvuln (Jan 24)
Backdoor.Win32.WinShell.50 / Weak Hardcoded Password malvuln (Jan 28)
Backdoor.Win32.Wollf.16 / Weak Hardcoded Credentials malvuln (Jan 24)
Backdoor.Win32.Dsklite.a / Insecure Transit malvuln (Jan 07)
Backdoor.Win32.Tiny.c / Unauthenticated Remote Command Execution malvuln (Jan 29)
Backdoor.Win32.SubSeven.c / Remote Stack Buffer Overflow malvuln (Jan 07)
Backdoor.Win32.FTP.Simpel.12 / Insecure Crypto malvuln (Jan 02)
VulturiBuilder / Insecure Permissions malvuln (Jan 24)
Backdoor.Win32.Visiotrol.10 / Insecure Password Storage malvuln (Jan 02)
Backdoor.Win32.Wollf.16 / Authentication Bypass malvuln (Jan 24)
Backdoor.Win32.SVC / Remote Stack Buffer Overflow malvuln (Jan 07)
Chaos Ransomeware Builder v4 / Insecure Permissions malvuln (Jan 24)
HackTool.Win32.Muzzer.a / Heap Based Buffer Overflow malvuln (Jan 29)
Ab Stealer Web Panel / Unauthenticated Remote Persistent XSS malvuln (Jan 16)
AgentTesla Builder Web Panel / Cross Site Scripting (XSS) malvuln (Jan 24)
Backdoor.Win32.FTP99 / Port Bounce Scan (MITM) malvuln (Jan 25)
Backdoor.Win32.Agent.uq / Insecure Permissions malvuln (Jan 25)
Backdoor.Win32.Fantador / Divide by Zero DoS malvuln (Jan 02)
Backdoor.Win32.Controlit.10 / Unauthenticated Remote Command Execution malvuln (Jan 11)
Backdoor.Win32.FTP99 / Authentication Bypass Race Condition malvuln (Jan 25)
CosaNostra Builder WebPanel / Cross Site Request Forgery (CSRF) malvuln (Jan 25)
Backdoor.Win32.FTP.Simpel.12 / Port Bounce Scan malvuln (Jan 02)
Backdoor.Win32.Jtram.a / Insecure Credential Storage malvuln (Jan 07)
Backdoor.Win32.SilentSpy.10 / Authentication Race Condition malvuln (Jan 02)
Backdoor.Win32.SilentSpy.10 / Authentication Bypass Command Execution malvuln (Jan 02)
Win32.MarsStealer Web Panel / Unauthenticated Remote Information Disclosure malvuln (Jan 16)
Backdoor.Win32.FTP.Lana.01.d / Port Bounce Scan (MITM) malvuln (Jan 25)
Win32.MarsStealer Web Panel / Unauthenticated Remote Data Deletion malvuln (Jan 16)
Backdoor.Win32.Wisell / Unauthenticated Remote Command Execution malvuln (Jan 24)
CosaNostra Builder / Insecure Permissions malvuln (Jan 25)
Backdoor.Win32.Jtram.a / Port Bounce Scan malvuln (Jan 07)
Backdoor.Win32.Hanuman.b / Unauthenticated Remote Command Execution malvuln (Jan 25)
Backdoor.Win32.FTP.Lana.01.d / Weak Hardcoded Password malvuln (Jan 25)
CollectorStealerBuilder v2.0.0 Panel / Man-in-the-Middle (MITM) malvuln (Jan 24)
Backdoor.Win32.Wollf.m / Weak Hardcoded Password malvuln (Jan 02)
Ransomware Builder Babuk / Insecure Permissions malvuln (Jan 24)
Marcin Kozlowski
CVE-2021-39623 Libstagefright (Media Framework on Android) with OOB write on the heap Marcin Kozlowski (Jan 11)
Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0026: SAP Enterprise Portal - XSLT injection Onapsis Research via Fulldisclosure (Jan 26)
Onapsis Security Advisory 2021-0021: SAP Enterprise Portal - XSS NavigationReporter Onapsis Research via Fulldisclosure (Jan 26)
Onapsis Security Advisory 2021-0022: SAP Enterprise Portal - XSS RunContentCreation Onapsis Research via Fulldisclosure (Jan 26)
Onapsis Security Advisory 2021-0023: SAP Enterprise Portal - SSRF iviewCatcherEditor Onapsis Research via Fulldisclosure (Jan 26)
Onapsis Security Advisory 2021-0025: Null Pointer Dereference vulnerability in SAP CommonCryptoLib Onapsis Research via Fulldisclosure (Jan 26)
Onapsis Security Advisory 2021-0024: SAP Enterprise Portal - Anonymous Stored Open Redirect Onapsis Research via Fulldisclosure (Jan 26)
Patrick Hener
[TO-2021-001] WebACMS 2.1.0 - Cross-Site Scripting Patrick Hener (Jan 24)
RedTeam Pentesting GmbH
[RT-SA-2021-009] Credential Disclosure in Web Interface of Crestron Device RedTeam Pentesting GmbH (Jan 12)
SEC Consult Vulnerability Lab, Research
SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones SEC Consult Vulnerability Lab, Research (Jan 14)
SEC Consult SA-20220117-0 :: Stored Cross-Site Scripting vulnerability in TYPO3 extension "femanager" SEC Consult Vulnerability Lab, Research (Jan 24)
SEC Consult SA-20220120-0 :: Local file inclusion vulnerability in Land Software - FAUST iServer SEC Consult Vulnerability Lab, Research (Jan 24)
SEC Consult SA-20220124-0 :: Authenticated Path Traversal in Ethercreative Logs plugin for Craft CMS SEC Consult Vulnerability Lab, Research (Jan 24)
WebSec B.V.
Full Disclosure DMCA.COM Exploitation WebSec B.V. (Jan 11)
Xiaojian Cao
Advisory:[CVE-2021-27971]Alps Alpine DLL Injection Issue Xiaojian Cao (Jan 24)