Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
81 messages
starting Mar 08 21 and
ending Mar 11 21
Date index |
Thread index |
Author index
????????????
Advisory ID: VMSA-2021-0002 ???????????? (Mar 08)
Alphan YAVAS
Data Manipulation with X-Forwarded-For header at WordPress Alphan YAVAS (Mar 11)
Andrea Simonca
CFP for Hardwear.io Security Conference is OPEN Andrea Simonca (Mar 19)
Andrew Zayine
Inaugural Issue of the Journal of Cyber Forensics and Advanced Threat Investigations Andrew Zayine (Mar 23)
Apple Product Security via Fulldisclosure
APPLE-SA-2021-03-26-3 watchOS 7.3.3 Apple Product Security via Fulldisclosure (Mar 26)
APPLE-SA-2021-03-08-3 Safari 14.0.3 Apple Product Security via Fulldisclosure (Mar 08)
APPLE-SA-2021-03-26-2 iOS 12.5.2 Apple Product Security via Fulldisclosure (Mar 26)
APPLE-SA-2021-03-08-4 watchOS 7.3.2 Apple Product Security via Fulldisclosure (Mar 08)
APPLE-SA-2021-03-26-1 iOS 14.4.2 and iPadOS 14.4.2 Apple Product Security via Fulldisclosure (Mar 26)
APPLE-SA-2021-03-08-2 macOS Big Sur 11.2.3 Apple Product Security via Fulldisclosure (Mar 08)
APPLE-SA-2021-03-08-1 iOS 14.4.1 and iPadOS 14.4.1 Apple Product Security via Fulldisclosure (Mar 08)
Asterisk Security Team
AST-2021-006: Crash when negotiating T.38 with a zero port Asterisk Security Team (Mar 04)
Ateek khan
From Adobe AEM dispatcher filter rules bypass to successfully triggering XSS on 40+ Linkedin websites [ Youtube Video ] Ateek khan (Mar 16)
Black Arch
New BlackArch Linux Slim ISO released! Black Arch (Mar 05)
BSides Hannover
4th BSides Hannover in the make, save the date and please submit your research in our CFP ( Focus Healthcare / medical devices / bionic ) BSides Hannover (Mar 16)
Certitude - Advisories
[CSA-2021-002] DP API ineffective in Windows containers Certitude - Advisories (Mar 16)
Harrison Neal
SolarWinds TFTP Server 11.0.4.101: Remote Unauthenticated Reconfiguration Harrison Neal (Mar 16)
Harsha Bhat
Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console Harsha Bhat (Mar 08)
Privilege Escalation in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console Harsha Bhat (Mar 08)
houjingyi
PotPlayer denial of service vulnerability houjingyi (Mar 29)
jvoisin
Re: Data Manipulation with X-Forwarded-For header at WordPress jvoisin (Mar 16)
malvuln
Trojan.Win32.Scar.dxir / Insecure Permissions malvuln (Mar 16)
Worm.Win32.Detnat.c / Insecure Permissions malvuln (Mar 24)
Backdoor.Win32.BO2K.ab / Local File Buffer Overflow malvuln (Mar 05)
IRC-Worm.Win32.Silentium.a / Insecure Permissions malvuln (Mar 31)
Trojan-Dropper.Win32.Dycler.vrp / Insecure Permissions malvuln (Mar 23)
Backdoor.Win32.RemoteManipulator.fdo / Insecure Permissions malvuln (Mar 02)
Worm.Win32.Ngrbot.abpr / Insecure Permissions malvuln (Mar 24)
Worm.Win32.Recyl.dp / Insecure Permissions malvuln (Mar 24)
Backdoor.Win32.Kwak.12 / Remote Denial of Service malvuln (Mar 26)
Trojan-Dropper.Win32.Dycler.yhb / Insecure Permissions malvuln (Mar 24)
Trojan-Proxy.Win32.Wimain / Remote Stack Buffer Overflow malvuln (Mar 16)
HEUR.Trojan.Win32.Generic / Insecure Permissions malvuln (Mar 23)
Trojan-Spy.Win32.KeyLogger.qt / Insecure Permissions malvuln (Mar 11)
Trojan-Banker.Win32.Delf.ac / Insecure Permissions malvuln (Mar 16)
IRC-Worm.Win32.Jane.a / Authentication Bypass RCE malvuln (Mar 29)
Virus.Win32.Sality.gen / Insecure Permissions malvuln (Mar 24)
Backdoor.Win32.Zombam.l / Remote Stack Buffer Overflow malvuln (Mar 16)
Backdoor.Win32.BO2K.09.b / Unauthenticated Remote Command Execution malvuln (Mar 05)
Trojan-Dropper.Win32.Delf.p / Missing Authentication malvuln (Mar 19)
Backdoor.Win32.Kwak.12 / Remote Command Execution malvuln (Mar 26)
Trojan-Dropper.Win32.Delf.p / Remote Buffer Overflow malvuln (Mar 19)
Trojan.Win32.Siscos.bqe / Insecure Permissions malvuln (Mar 16)
Backdoor.Win32.GTbot.c / Insecure Permissions malvuln (Mar 08)
Trojan-Dropper.Win32.Delf.da / Remote Stack Buffer Overflow (UDP Datagram) malvuln (Mar 23)
Trojan-Dropper.Win32.Hamer.10 / Remote Floating-point Exception DoS malvuln (Mar 11)
Backdoor.Win32.Agent.mzn / Remote SEH Buffer Overflow malvuln (Mar 19)
IRC-Worm.Win32.Jane.a / Authentication Bypass MITM Port Bounce Scan malvuln (Mar 29)
Trojan-Spy.Win32.Stealer.osh / Insecure Permissions malvuln (Mar 02)
Backdoor.Win32.Delf.zs / Unauthenticated Remote Command Execution malvuln (Mar 26)
BACKDOOR.WIN32.DARKKOMET.GOZU / Insecure Permissions malvuln (Mar 24)
Backdoor.Win32.Burbul.b / Authentication Bypass MITM Port Bounce Scan malvuln (Mar 31)
Backdoor.Win32.Agent.bjev / Insecure Permissions malvuln (Mar 08)
Backdoor.Win32.DarkKomet.irv / Insecure Permissions malvuln (Mar 05)
Worm.Win32.Ngrbot.acno / Insecure Permissions malvuln (Mar 24)
BACKDOOR.WIN32.ANTILAM.14.O / Unauthenticated Remote Command Execution malvuln (Mar 08)
Backdoor.Win32.Kwak.12 / Authentication Bypass malvuln (Mar 26)
Backdoor.Win32.Kwak.12 / Port Bounce Scan malvuln (Mar 26)
Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS malvuln (Mar 16)
Trojan-Dropper.Win32.Demp.rft / Insecure Permissions malvuln (Mar 23)
Marc
Multiple Vulnerabilities in jpeg-xl (CVE-2021-27804) Marc (Mar 02)
Matthias Deeg
[SYSS-2020-044]: Zoom - Exposure of Resource to Wrong Sphere (CWE-668) (CVE-2021-28133) Matthias Deeg (Mar 19)
research
[KIS-2021-03] ExpressionEngine <= 6.0.2 (Translate::save) PHP Code Injection Vulnerability research (Mar 15)
[CVE-2021-28144] Authenticated Command Injection in D-Link DIR-3060 Web Interface research (Mar 11)
riccardo krauter
CMS Made Simple SQL injection on m1_sortby parameter riccardo krauter (Mar 19)
MS Made Simple - File upload bypass with .phar extension lead to RCE riccardo krauter (Mar 19)
Sandro Gauci
ES2021-03: VoIPmonitor is vulnerable to a buffer overflow when using the live sniffer Sandro Gauci (Mar 16)
ES2021-02: VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages Sandro Gauci (Mar 16)
ES2021-04: VoIPmonitor static builds are compiled without any standard memory corruption protection Sandro Gauci (Mar 16)
sec-advisory
[AIT-SA-20210215-02] CVE-2020-24913: QCubed SQL Injection sec-advisory (Mar 12)
[AIT-SA-20210215-01] CVE-2020-24914: QCubed PHP Object Injection sec-advisory (Mar 12)
[AIT-SA-20210215-03] CVE-2020-24912: QCube Cross-Site-Scripting sec-advisory (Mar 12)
[AIT-SA-20210215-04] CVE-2020-24036: ForkCMS PHP Object Injection sec-advisory (Mar 12)
SEC Consult Vulnerability Lab
SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall SEC Consult Vulnerability Lab (Mar 01)
SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall SEC Consult Vulnerability Lab (Mar 01)
Smriti Gaba
CVE-2021-3275 : Unauthenticated Stored Cross-site Scripting in Multiple TP-Link Devices Smriti Gaba (Mar 26)
Stefan Kanthak
Defense in depth -- the Microsof way (part 72): "compatibility" trumps security Stefan Kanthak (Mar 05)
Defense in depth -- the Microsoft way (part 73): ignorance (of security advisories) is bliss! Stefan Kanthak (Mar 08)
Unholy CRAP: Moziila's executable installers Stefan Kanthak (Mar 08)
CVE-2018-3635 revisited: executable installers are vulnerable^WEVIL (case 60): again arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver Stefan Kanthak (Mar 23)
Thierry Zoller
Re: [CDPWE-0001] - RocketReach Thierry Zoller (Mar 11)