Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
37 messages
starting Jul 01 20 and
ending Jul 30 20
Date index |
Thread index |
Author index
Wednesday, 01 July
SEC Consult SA-20200701-0 :: Reflected Cross-Site Scripting (XSS) in EQDKP Plus CMS SEC Consult Vulnerability Lab
Friday, 03 July
CVE-2019-19935 - DOM XSS in Froala WYSIWYG HTML Editor Advisories
[CVE-2020-11882] o2 Business for Android "canvasm.myo2.SplashActivity" <= 1.2.0 Open Redirect Julien Ahrens (RCE Security)
[SYSS-2020-011] Apple iOS - Exposure of Resource to Wrong Sphere (CWE-668) Philipp Buchegger
Bolt CMS <= 3.7.0 Multiple Vulnerabilities - CSRF to RCE Sivanesh Ashok
Tuesday, 07 July
Microsoft Windows mshta.exe HTA File / XML External Entity Injection hyp3rlinx
Four vulnerabilities found in MikroTik's RouterOS Q C
Multiple vulnerabilities found in CDATA OLTs Pierre Kim
Thursday, 09 July
X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch X41 D-Sec GmbH Advisories
Microsoft OneDrive client for Windows Qt QML module hijack Securify B.V. via Fulldisclosure
Friday, 10 July
SEC Consult SA-20200708-0 :: Multiple Critical Vulnerabilities in Multiple Rittal Products Based on Same Software SEC Consult Vulnerability Lab
Monday, 13 July
Google's Android: remote install backdoor in Google Play Services Enrico Weigelt, metux IT consult
Ptrace based fuzzer for fuzzing binaries at high speeds Marcin Kozlowski
Re: Multiple vulnerabilities found in CDATA OLTs Pierre Kim
Multiple vulnerabilities found in V-SOL OLTs Pierre Kim
Verint Impact 360 Open iFrame Ryan Delaney
Verint Impact 360 onLogin open redirect Ryan Delaney
Verint Impact 360 login CSRF Ryan Delaney
Tuesday, 14 July
NEProfile - Remote Code Execution ghost
Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root Larry W. Cashdollar via Fulldisclosure
Re: Google's Android: remote install backdoor in Google Play Services Fabio
Re: Google's Android: remote install backdoor in Google Play Services Michael Lazin
Friday, 17 July
VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960] Cfir Cohen via Fulldisclosure
APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6 Apple Product Security via Fulldisclosure
APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra Apple Product Security via Fulldisclosure
APPLE-SA-2020-07-15-3 tvOS 13.4.8 Apple Product Security via Fulldisclosure
APPLE-SA-2020-07-15-4 watchOS 6.2.8 Apple Product Security via Fulldisclosure
APPLE-SA-2020-07-15-5 Safari 13.1.2 Apple Product Security via Fulldisclosure
SEC Consult SA-20200717-0 :: Multiple Vulnerabilities in WonderCMS SEC Consult Vulnerability Lab
Tuesday, 21 July
Mida Solutions eFramework <= 2.9.0 Multiple Vulnerabilities Andrea Baesso
Advisory:[CVE-2020-15596]ALPS ALPINE DLL Hijacking Issue Caiyuan Xie
Friday, 24 July
SEC Consult SA-20200724-0 :: Privilege Escalation Vulnerability in SteelCentral Aternity Agent SEC Consult Vulnerability Lab
Three vulnerabilities found in MikroTik's RouterOS Q C
Defense in depth -- the Microsoft way (part 70): CVE-2014-0315 alias MS14-019 revisited Stefan Kanthak
Vulnerability Repot# MAMP PRO 4.2.0 Local Privilege Escalation Nicholas
Wednesday, 29 July
SEC Consult SA-20200728-0 :: Stored Cross-Site Scripting (XSS) Vulnerability in Namirial SIGNificant SignAnyWhere SEC Consult Vulnerability Lab
Thursday, 30 July
[SYSS-2020-015]: ABUS Secvest Hybrid module (FUMO50110) - Authentication Bypass Using an Alternate Path or Channel (CWE-288) (CVE-2020-14158) Matthias Deeg