Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
33 messages
starting Aug 19 23 and
ending Aug 11 23
Date index |
Thread index |
Author index
Adrean Boyadzhiev
Re: Anomaly in Fedora `dnf update`: md5 mismatch of result Adrean Boyadzhiev (Aug 19)
Andrey Stoykov
Stored XSS - Perch Andrey Stoykov (Aug 01)
Pentest Paper - Introduction to Web Pentest Andrey Stoykov (Aug 01)
Egidio Romano
[KIS-2023-07] SugarCRM <= 12.2.0 (Docusign_GlobalSettings) PHP Object Injection Vulnerability Egidio Romano (Aug 23)
[KIS-2023-08] SugarCRM <= 12.2.0 Two SQL Injection Vulnerabilities Egidio Romano (Aug 23)
[KIS-2023-06] SugarCRM <= 12.2.0 (updateGeocodeStatus) Bean Manipulation Vulnerability Egidio Romano (Aug 23)
[KIS-2023-05] SugarCRM <= 12.2.0 (Notes) Unrestricted File Upload Vulnerability Egidio Romano (Aug 23)
[KIS-2023-09] CrafterCMS <= 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities Egidio Romano (Aug 23)
Georgi Guninski
Anomaly in Fedora `dnf update`: md5 mismatch of result Georgi Guninski (Aug 15)
GNOME Files silently extracts setuid files from ZIP archives Georgi Guninski (Aug 07)
info () vulnerability-lab com
ETSI WEBstore 2023 - Persistent Cross Site Scripting Web Vulnerability info () vulnerability-lab com (Aug 01)
Jeffrey Walton
Re: Anomaly in Fedora `dnf update`: md5 mismatch of result Jeffrey Walton (Aug 19)
Konstantin
Mozilla Firefox only stores up to 1024 HSTS entries Konstantin (Aug 29)
KoreLogic Disclosures via Fulldisclosure
KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump KoreLogic Disclosures via Fulldisclosure (Aug 17)
KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig KoreLogic Disclosures via Fulldisclosure (Aug 17)
KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit KoreLogic Disclosures via Fulldisclosure (Aug 17)
Mahmoud Noureldin
Kolibri GET request buffer Overflow [Stack Egghunter] Mahmoud Noureldin (Aug 03)
Savant Web Server 3.1 - Remote Buffer Overflow (Egghunter) Mahmoud Noureldin (Aug 02)
malvuln
RansomLord v1 / Anti-Ransomware Exploit Tool malvuln (Aug 02)
Martin Heiland via Fulldisclosure
OXAS-ADV-2023-0003: OX App Suite Security Advisory Martin Heiland via Fulldisclosure (Aug 02)
Matthew Fernandez
Re: Anomaly in Fedora `dnf update`: md5 mismatch of result Matthew Fernandez (Aug 19)
Matthias Deeg via Fulldisclosure
[SYSS-2023-011]: Canon PIXMA TR4550 and other inkjet printer models - Insufficient or Incomplete Data Removal, within Hardware Component (CWE-1301) Matthias Deeg via Fulldisclosure (Aug 03)
Michael Lazin
Re: Anomaly in Fedora `dnf update`: md5 mismatch of result Michael Lazin (Aug 19)
Moritz Abrell via Fulldisclosure
Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22957 Moritz Abrell via Fulldisclosure (Aug 15)
Missing Immutable Root of Trust in Hardware (CWE-1326) / CVE-2023-22955 Moritz Abrell via Fulldisclosure (Aug 15)
Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22956 Moritz Abrell via Fulldisclosure (Aug 15)
Patel, Nirav
Unauthorized MFA Code Delivery in EmpowerID Patel, Nirav (Aug 01)
Paul Szabo via Fulldisclosure
Qualys mis-uses ssh, fails to scan and protect, facilitates internal attack Paul Szabo via Fulldisclosure (Aug 11)
Rafael Pedrero
[CVE-2023-4491, CVE-2023-4492, CVE-2023-4493, CVE-2023-4494, CVE-2023-4495, CVE-2023-4496, CVE-2023-4497] Multiple vulnerabilities in EFS Software products Rafael Pedrero (Aug 31)
Rick Verdoes via Fulldisclosure
CVE-2023-28130 - Hostname injection leads to Remote Code Execution RCE (Authenticated) Rick Verdoes via Fulldisclosure (Aug 01)
Stefan Pietsch
Trovent Security Advisory 2303-01 / CVE-2023-36255 / Authenticated remote code execution in Eramba Stefan Pietsch (Aug 01)
Weber Thomas via Fulldisclosure
St. Poelten UAS | Multiple Vulnerabilities in Phoenix Contact TC Cloud Client / TC Router / Cloud Client Weber Thomas via Fulldisclosure (Aug 11)
St. Poelten UAS | Multiple XSS in Advantech EKI 15XX Series Weber Thomas via Fulldisclosure (Aug 11)