Full Disclosure: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

52 messages starting Jul 07 23 and ending Jul 25 23
Date index | Thread index | Author index

Friday, 07 July

[tool] tc - anonymous and cyphered chat over Tor circuits in PGP 0xf--- via Fulldisclosure
Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability info () esec-service de
SQLi - Faculty Evaluation System Andrey Stoykov
APPLE-SA-2023-06-21-1 Safari 16.5.1 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-7 watchOS 9.5.2 Apple Product Security via Fulldisclosure
APPLE-SA-2023-06-21-8 watchOS 8.8.1 Apple Product Security via Fulldisclosure
ServiceNow Account Takeover to Full Admin Compromise Luke Symons
SEC Consult SA-20230627-0 :: Multiple high risk vulnerabilities in ILIAS eLearning platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult SA-20230628-0 :: Stored XSS & Privilege Escalation in Boomerang Parental Control App SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult Vulnerability Lab Whitepaper: Everyone Knows SAP®, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RFC to RCE 16 Years Later SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult SA-20230703-0 :: Multiple Vulnerabilities including Unauthenticated RCE in Siemens A8000 SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult SA-20230705-0 :: Path traversal bypass & Denial of service in Kyocera TASKalfa 4053ci printer SEC Consult Vulnerability Lab, Research via Fulldisclosure

Tuesday, 11 July

Re: Ransom.Haron / Code Execution malvuln
Unquoted Path - XAMPP 8.2.4 Andrey Stoykov
APPLE-SA-2023-07-10-1 Safari 16.5.2 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-10-2 Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-10-3 Rapid Security Responses for macOS Ventura 13.4.1 Apple Product Security via Fulldisclosure
Re: [tool] tc - anonymous and cyphered chat over Tor circuits in PGP bo0od via Fulldisclosure
Asterisk Release 16.30.1 Asterisk Development Team via Fulldisclosure
Asterisk Release 18.18.1 Asterisk Development Team via Fulldisclosure
Asterisk Release 19.8.1 Asterisk Development Team via Fulldisclosure
Asterisk Release certified-18.9-cert5 Asterisk Development Team via Fulldisclosure
Asterisk Release 20.3.1 Asterisk Development Team via Fulldisclosure

Sunday, 16 July

Re: Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability Jens Timmerman
WBCE - Stored XSS Andrey Stoykov

Wednesday, 19 July

[RT-SA-2023-001] Session Token Enumeration in RWS WorldServer RedTeam Pentesting GmbH
CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent Qualys Security Advisory via Fulldisclosure
Re: Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability Jeffrey Walton
Boom CMS v8.0.7 - Cross Site Scripting Vulnerability info () vulnerability-lab com
Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities info () vulnerability-lab com
Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability info () vulnerability-lab com
PaulPrinting CMS - (Search Delivery) Cross Site Scripting Vulnerability info () vulnerability-lab com
Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities info () vulnerability-lab com
Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities info () vulnerability-lab com
Aures Booking & POS Terminal - Local Privilege Escalation Vulnerability info () vulnerability-lab com
PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities info () vulnerability-lab com

Friday, 21 July

[SYSS-2023-005]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38335) Matthias Deeg via Fulldisclosure
[SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334) Matthias Deeg via Fulldisclosure

Tuesday, 25 July

APPLE-SA-2023-07-24-1 Safari 16.6 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-2 iOS 16.6 and iPadOS 16.6 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-3 iOS 15.7.8 and iPadOS 15.7.8 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-4 macOS Ventura 13.5 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-7 tvOS 16.6 Apple Product Security via Fulldisclosure
APPLE-SA-2023-07-24-8 watchOS 9.6 Apple Product Security via Fulldisclosure
Availability Booking Calendar PHP - Stored XSS and Unrestricted File Upload Andrey Stoykov

Previous period

Next period