Full Disclosure: by author
57 messages
starting Feb 06 22 and
ending Feb 28 22
Date index |
Thread index |
Author index
Andy Bach
Re: getenv("=A") works (no particular vulnerability) Andy Bach (Feb 06)
Apple Product Security via Fulldisclosure
APPLE-SA-2022-02-10-1 iOS 15.3.1 and iPadOS 15.3.1 Apple Product Security via Fulldisclosure (Feb 10)
APPLE-SA-2022-02-10-2 macOS Monterey 12.2.1 Apple Product Security via Fulldisclosure (Feb 10)
APPLE-SA-2022-02-10-3 Safari 15.3 Apple Product Security via Fulldisclosure (Feb 10)
Askar Safin via Fulldisclosure
getenv("=A") works (no particular vulnerability) Askar Safin via Fulldisclosure (Feb 04)
bo0od via Fulldisclosure
Re: getenv("=A") works (no particular vulnerability) bo0od via Fulldisclosure (Feb 06)
Carlo Di Dato via Fulldisclosure
Facebook DNS misconfiguration Carlo Di Dato via Fulldisclosure (Feb 10)
CFP - ICICS 2022
CFP: The 24th International Conference on Information and Communications Security (ICICS 2022) CFP - ICICS 2022 (Feb 10)
Cristiano Maruti
Nokia BTS Authentication Bypass Cristiano Maruti (Feb 10)
ESORICS 2022 - publicity chair
[CFP-ESORICS 2022]: 27th European Symposium on Research in Computer Security (ESORICS) 2022 ESORICS 2022 - publicity chair (Feb 06)
ghost
Zepl Notebook - Remote Code Execution ghost (Feb 16)
Algorithmia MSOL - Remote Code Execution ghost (Feb 16)
Zepl Notebook - Sandbox Escape ghost (Feb 16)
info () vulnerability-lab com
Vicidial v2.14-783a - (DB) SQL Injection Web Vulnerability info () vulnerability-lab com (Feb 18)
Car Portal Template - (Search) Persistent Web Vulnerability info () vulnerability-lab com (Feb 18)
MartFury Marketplace - Cross Site Scripting Vulnerability info () vulnerability-lab com (Feb 18)
Wordpress v5.9 - Reflected Cross Site Scripting Web Vulnerability info () vulnerability-lab com (Feb 18)
North Korean APT Attacks Security Researchers in Social Media 2022 info () vulnerability-lab com (Feb 03)
Joey Kelly
Re: Facebook DNS misconfiguration Joey Kelly (Feb 13)
Ken Williams via Fulldisclosure
CA20220203-01: Security Notice for CA Harvest Software Change Manager Ken Williams via Fulldisclosure (Feb 04)
malvuln
Backdoor.Win32.Zxman / Unauthenticated Remote Code Execution malvuln (Feb 01)
Backdoor.Win32.Prexot.a / Authentication Bypass malvuln (Feb 10)
Backdoor.Win32.Prorat.lkt / Weak Hardcoded Password malvuln (Feb 16)
Backdoor.Win32.Small.er / Unauthenticated Remote Command Execution malvuln (Feb 06)
Backdoor.Win32.Prosti.b / Insecure Permissions malvuln (Feb 16)
Backdoor.Win32.Zombam.b / Cross Site Scripting (XSS) malvuln (Feb 16)
Trojan.Win32.Cosmu.abix / Insecure Permissions malvuln (Feb 22)
Email-Worm.Win32.Lama / Insecure Permissions malvuln (Feb 16)
Backdoor.Win32.Acropolis.10 / Insecure Permissions malvuln (Feb 24)
Backdoor.Win32.XRat.k / Unauthenticated Remote Command Execution malvuln (Feb 10)
Backdoor.Win32.Wollf.m / Weak Hardcoded Password malvuln (Feb 01)
Backdoor.Win32.Prexot.a / Port Bounce Scan (MITM) malvuln (Feb 10)
Backdoor.Win32.Zombam.b / Unauthenticated Information Disclosure malvuln (Feb 16)
Trojan-Spy.Win32.Zbot.aawo.Zeus-Builder / Insecure Permissions malvuln (Feb 16)
Backdoor.Win32.Freddy.2001 / Authentication Bypass Command Execution malvuln (Feb 10)
Backdoor.Win32.Agent.baol / Insecure Permissions malvuln (Feb 22)
Backdoor.Win32.FTP.Ics / Authentication Bypass malvuln (Feb 24)
Backdoor.Win32.Dsocks.10 / Hardcoded Cleartext Password malvuln (Feb 22)
Backdoor.Win32.FTP.Ics / Port Bounce Scan (MITM) malvuln (Feb 24)
Backdoor.Win32.Frauder.jt / Insecure Permissions malvuln (Feb 10)
Backdoor.Win32.Wdoor.11 / Unauthenticated Remote Command Execution malvuln (Feb 10)
Backdoor.Win32.FTP.Ics / Unauthenticated Remote Command Execution malvuln (Feb 24)
Backdoor.Win32.Small.bu (KGB- RAT server v0.1) / Unauthenticated Remote Command Execution malvuln (Feb 01)
Backdoor.Win32.Zombam.b / Remote Stack Buffer Overflow malvuln (Feb 16)
Marcin Kozlowski
Code Scanning using many Tools/Scanners - Scanmycode CE (Community Edition) released Marcin Kozlowski (Feb 04)
Michael Coers
Datarobot -- Remote Code Execution Michael Coers (Feb 18)
Nightwatch Cybersecurity Research
Finding secrets in mirrored Git repositories Nightwatch Cybersecurity Research (Feb 13)
SEC Consult Vulnerability Lab, Research
SEC Consult SA-20220202-0 :: Broken access control & Cross-Site Scripting in Shopmetrics Mystery Shopping Software SEC Consult Vulnerability Lab, Research (Feb 03)
SEC Consult SA-20220126-0 :: Denial of service & User Enumeration in WAGO 750-8xxx PLC SEC Consult Vulnerability Lab, Research (Feb 03)
SEC Consult SA-20220131-0 :: Multiple Critical Vulnerabilities in Korenix Technology JetWave products SEC Consult Vulnerability Lab, Research (Feb 03)
SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult SA-20220215 :: Multiple Critical Vulnerabilities in multiple Zyxel devices SEC Consult Vulnerability Lab, Research via Fulldisclosure (Feb 16)
SEC Consult SA-20220209 :: Open Redirect in Login Page in SIEMENS-SINEMA Remote Connect SEC Consult Vulnerability Lab, Research via Fulldisclosure (Feb 10)
Stefan Pietsch
Trovent Security Advisory 2108-01 / Vivellio: User account enumeration in password reset function Stefan Pietsch (Feb 03)
Ting Meng Yean via Fulldisclosure
CVE-2021-38130: Business Logic Bypass - Mail Relay (Post-authenticated) for Voltage SecureMail Server <v7.3.0.1 Ting Meng Yean via Fulldisclosure (Feb 03)
YEUNG, Tsz Ko
Disclosure of DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4 YEUNG, Tsz Ko (Feb 24)
CVE request for the DLL-Hijacking vulnerability found in ToolBox-V1.010.0000000.0 from Dahua Technologies YEUNG, Tsz Ko (Feb 24)
Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting YEUNG, Tsz Ko (Feb 28)