Full Disclosure: by date

PreviousPrevious period
Next periodNext

27 messages starting Jul 06 22 and ending Jul 28 22
Date index | Thread index | Author index

Wednesday, 06 July

CVE-2022-30550: Privilege escalation possible in dovecot when similar master and non-master passdbs are used Aki Tuomi via Fulldisclosure
EQS Integrity Line: Multiple Vulnerabilities Giovanni Pellerano
Ransom Lockbit 3.0 / Local Unicode Buffer Overflow (SEH) malvuln
Ransom Lockbit 3.0 / Code Execution malvuln

Monday, 18 July

SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS David Brown via Fulldisclosure
Backdoor.Win32.HoneyPot.a / Weak Hardcoded Password malvuln
Builder XtremeRAT v3.7 / Insecure Permissions malvuln
Builder XtremeRAT v3.7 / Insecure Crypto Bypass malvuln
[CFP] 2nd International Workshop on Cyber Forensics and Threat Investigations Challenges CFTIC 2022 (Virtual) Andrew Zayine
Re: AnyDesk Public Exploit Disclosure - Arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine chan chan

Thursday, 21 July

Backdoor.Win32.Eclipse.h / Weak Hardcoded Credentials malvuln
Open-Xchange Security Advisory 2022-07-21 Martin Heiland via Fulldisclosure
APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6 Apple Product Security via Fulldisclosure
APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8 Apple Product Security via Fulldisclosure
APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina Apple Product Security via Fulldisclosure
APPLE-SA-2022-07-20-5 tvOS 15.6 Apple Product Security via Fulldisclosure
APPLE-SA-2022-07-20-6 watchOS 8.7 Apple Product Security via Fulldisclosure
APPLE-SA-2022-07-20-7 Safari 15.6 Apple Product Security via Fulldisclosure
APPLE-SA-2022-07-20-2 macOS Monterey 12.5 Apple Product Security via Fulldisclosure

Thursday, 28 July

[CVE-2021-24910] Transposh <= 1.0.7 “tp_tp” Unauthenticated Reflected Cross-Site Scripting Julien Ahrens (RCE Security)
[CVE-2021-24911] Transposh <= 1.0.7 “tp_translation” Unauthenticated Stored Cross-Site Scripting Julien Ahrens (RCE Security)
[CVE-2021-24912] Transposh <= 1.0.8.1 Multiple Cross-Site Request Forgeries Julien Ahrens (RCE Security)
[CVE-2022-2461] Transposh <= 1.0.8.1 “tp_translation” Weak Default Translation Permissions Julien Ahrens (RCE Security)
[CVE-2022-2462] Transposh <= 1.0.8.1 “tp_history” Unauthenticated Information Disclosure Julien Ahrens (RCE Security)
[CVE-2022-25810] Transposh <= 1.0.8.1 Improper Authorization Allowing Access to Administrative Utilities Julien Ahrens (RCE Security)
[CVE-2022-25811] Transposh <= 1.0.8.1 “tp_editor” Multiple Authenticated SQL Injections Julien Ahrens (RCE Security)
[CVE-2022-25812] Transposh <= 1.0.8.1 “save_transposh” Missing Logfile Extension Check Leading to Code Injection Julien Ahrens (RCE Security)
PreviousPrevious period
Next periodNext