Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

77 messages starting Apr 27 21 and ending Apr 27 21
Date index | Thread index | Author index

Apple Product Security via Fulldisclosure

APPLE-SA-2021-04-26-6 tvOS 14.5 Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-7 Safari 14.1 Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-9 iTunes 12.11.3 for Windows Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5 Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-2 macOS Big Sur 11.3 Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-5 watchOS 7.4 Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-8 iCloud for Windows 12.3 Apple Product Security via Fulldisclosure (Apr 27)
APPLE-SA-2021-04-26-10 Xcode 12.5 Apple Product Security via Fulldisclosure (Apr 27)

CFP ZeroNights

CFP ZeroNights 2021 CFP ZeroNights (Apr 09)

Gabriele Gristina

CVE-2021-26709 - Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem Gabriele Gristina (Apr 08)

houjingyi

python embedded program local arbitrary python script execution on windows houjingyi (Apr 06)

Imre Rad

CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub Imre Rad (Apr 19)

malvuln

Trojan.Win32.NanoBot.onh / Insecure Permissions malvuln (Apr 19)
Trojan.Win32.Bayrob.dtrg / Insecure Permissions malvuln (Apr 19)
Backdoor.Win32.Agent.afq / Directory Traversal malvuln (Apr 28)
Backdoor.Win32.Agent.gmug / Heap Corruption malvuln (Apr 30)
Trojan.Win32.Sharer.h / Known Vulnerable Component - Heap Corruption malvuln (Apr 06)
Trojan.Win32.Agent.hsm / Insecure Permissions malvuln (Apr 19)
Trojan.Win32.Agentb.iofv / Insecure Permissions malvuln (Apr 19)
Trojan-Downloader.Win32.Genome.omht / Insecure Permissions malvuln (Apr 08)
Trojan.Win32.Agent.zfgh / Insecure Permissions malvuln (Apr 19)
HEUR.Trojan.Win32.Generic / Insecure Permissions malvuln (Apr 23)
HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy malvuln (Apr 19)
Trojan-Dropper.Win32.Injector.aobl / Insecure Permissions malvuln (Apr 28)
Trojan-Downloader.Win32.FraudLoad.xevn / Insecure Permissions malvuln (Apr 06)
Constructor.Win32.Bifrose.ag / Local Stack Buffer Overflow malvuln (Apr 19)
Trojan-Dropper.Win32.Dycler.vrp / Insecure Permissions malvuln (Apr 28)
Backdoor.Win32.Zombam.h / Remote Stack Buffer Overflow malvuln (Apr 19)
IM-Worm.Win32.Bropia.aa / Insecure Permissions malvuln (Apr 23)
Backdoor.Win32.Agent.kte / Remote Stack Buffer Overflow (UDP Datagram) malvuln (Apr 30)
Backdoor.Win32.DarkKomet.artr / Insecure Permissions malvuln (Apr 23)
Backdoor.Win32.Agent.ggw / Authentication Bypass malvuln (Apr 30)
Backdoor.Win32.Agent.oj / Remote Stack Buffer Overflow malvuln (Apr 30)
Trojan.Win32.Jorik.qje / Insecure Permissions malvuln (Apr 19)
Backdoor.Win32.Hupigon.das / Unauthenticated Open Proxy malvuln (Apr 08)
Worm.Win32.Delf.hu / Insecure Permissions malvuln (Apr 30)
Backdoor.Win32.Burbul.b / Authentication Bypass MITM Port Bounce Scan malvuln (Apr 02)
Trojan.Win32.Hosts2.yqf / Insecure Permissions malvuln (Apr 08)
HEUR.Trojan.Win32.Bayrob.gen / Insecure Permissions malvuln (Apr 30)
Backdoor.Win32.Agent.afq / Missing Authentication malvuln (Apr 28)
Backdoor.Win32.Agent.afq / Remote Heap Corruption malvuln (Apr 28)
Packed.Win32.Black.d / Unauthenticated Open Proxy malvuln (Apr 23)
Backdoor.Win32.Agent.oj / Unauthenticated Remote Command Execution malvuln (Apr 30)
Worm.Win32.Busan.k / Insecure Communication Protocol malvuln (Apr 27)
Trojan-Downloader.Win32.Delf.nzg / Insecure Permissions malvuln (Apr 02)
Trojan-Dropper.Win32.Agent.bjtzcp / Insecure Permissions malvuln (Apr 19)
Backdoor.Win32.Small.n / Unauthenticated Remote Command Execution (SYSTEM) malvuln (Apr 08)
Trojan-Downloader.Win32.Genome.qiw / Insecure Permissions malvuln (Apr 08)
Trojan.Win32.Sharer.h / Anonymous Logon MITM Port Bounce Scan malvuln (Apr 06)
Trojan-Downloader.Win32.Delf.oxz / Insecure Permissions malvuln (Apr 02)
Virus.Win32.Banka.a / Insecure Permissions malvuln (Apr 27)
Trojan-Dropper.Win32.Agent.xtp / Insecure Permissions malvuln (Apr 23)
Trojan-Downloader.Win32.Delf.ur / Insecure Permissions malvuln (Apr 02)
Trojan.Win32.Sharer.h / Anonymous Logon RCE malvuln (Apr 06)
HEUR.Hoax.Win32.FrauDrop.gen / Insecure Permissions malvuln (Apr 19)
Trojan.Win32.Hotkeychick.d / Insecure Permissions malvuln (Apr 08)

Martin Heiland via Fulldisclosure

Open-Xchange Security Advisory 2021-04-30 Martin Heiland via Fulldisclosure (Apr 30)

Nightwatch Cybersecurity Research

Supply Chain Attacks via GitHub.com Releases Nightwatch Cybersecurity Research (Apr 27)

Onapsis Research via Fulldisclosure

Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks Onapsis Research via Fulldisclosure (Apr 05)
Onapsis Security Advisory 2021-0002: [CVE-2020-6234] - SAP Multiple root LPE through SAP Host Control Onapsis Research via Fulldisclosure (Apr 05)
Onapsis Security Advisory 2021-0001: [CVE-2020-6207] - Unauthenticated RCE in SAP all SMD Agents connected to SAP SolMan Onapsis Research via Fulldisclosure (Apr 05)
Onapsis Security Advisory 2021-0004: [CVE-2020-26820] - SAP Java OS Remote Code Execution Onapsis Research via Fulldisclosure (Apr 05)

Red Timmy Security

Plantronics HUB <= 3.21 EoP and DoS Red Timmy Security (Apr 19)

research

[CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center research (Apr 19)

Responsible Disclosure via Fulldisclosure

usd20210005: Privileged File Write in Check Point Identity Agent < R81.018.0000 Responsible Disclosure via Fulldisclosure (Apr 08)

SEC Consult Vulnerability Lab

SEC Consult SA-20210414-0 :: Reflected cross-site scripting in Microsoft Azure DevOps Server SEC Consult Vulnerability Lab (Apr 14)
SEC Consult SA-20210407-0 :: Arbitrary File Upload and Bypassing .htaccess Rules in Monospace Directus Headless CMS SEC Consult Vulnerability Lab (Apr 07)
SEC Consult SA-20210422-0 :: Stored Cross Site Scripting (Outdated software library) in BMDWeb 2.0 SEC Consult Vulnerability Lab (Apr 22)

Stefan Kanthak

Defense in depth -- The Microsoft way (part 76): arbitrary code execution WITH elevation of privilege in user-writable directories below %SystemRoot% Stefan Kanthak (Apr 30)
Executable installers are vulnerable^WEVIL (case 61): arbitrary code execution WITH escalation of privilege via Intel WiFi drivers Stefan Kanthak (Apr 23)
Defense in depth -- the Microsoft way (part 75): Bypass of SAFER alias Software Restriction Policies NOT FIXED Stefan Kanthak (Apr 30)
Defense in depth -- The Microsoft way (part 74): Windows Defender SmartScreen is rather DUMP, it allows denial of service Stefan Kanthak (Apr 06)

Takeshi Shiomitsu

[CVE-2021-1472/CVE-2021-1473] Cisco RV Series Authentication Bypass and Remote Command Execution Takeshi Shiomitsu (Apr 19)

Vladimir Bostanov

[SYSS-2020-032] Open Redirect in Tableau Server (CVE-2021-1629) Vladimir Bostanov (Apr 08)

William Costa

XSS stored in PFSense 2.5.0 CVE-2021-27933 William Costa (Apr 27)

Previous period

Next period