Full Disclosure: by thread
93 messages
starting Feb 01 21 and
ending Feb 26 21
Date index |
Thread index |
Author index
- X41 D-Sec GmbH Security Advisory X41-2021-001: Multiple Vulnerabilities in YARA X41 D-Sec GmbH Advisories (Feb 01)
- Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14 Daniel Bishtawi via Fulldisclosure (Feb 01)
- Backdoor.Win32.DarkKomet.apbb / Insecure Permissions malvuln (Feb 01)
- Backdoor.Win32.Wollf.14 / Missing Authentication malvuln (Feb 01)
- Constructor.Win32.SpyNet.a / Remote Password Leak malvuln (Feb 01)
- Backdoor.Win32.Zetronic / Remote DoS malvuln (Feb 01)
- Backdoor.Win32.Zhangpo / Remote DoS malvuln (Feb 01)
- Backdoor.Win32.Mhtserv.b / Missing Authentication malvuln (Feb 01)
- Backdoor.Win32.MiniBlackLash / Remote DoS malvuln (Feb 01)
- Packed.Win32.Katusha.o (Ransomeware) / Insecure Permissions EoP malvuln (Feb 01)
- Backdoor.Win32.Anaptix.bd / Insecure Permissions malvuln (Feb 01)
- Backdoor.Win32.Buterat.cxq / Insecure Permissions EoP malvuln (Feb 01)
- Backdoor.Win32.Celine / Missing Authentication malvuln (Feb 01)
- Oracle DB: various issues related to malicious database gateways Harrison Neal (Feb 01)
- APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave Apple Product Security via Fulldisclosure (Feb 01)
- APPLE-SA-2021-02-01-2 Additional information for APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4 Apple Product Security via Fulldisclosure (Feb 01)
- APPLE-SA-2021-02-01-3 Additional information for APPLE-SA-2021-01-26-2 tvOS 14.4 Apple Product Security via Fulldisclosure (Feb 01)
- APPLE-SA-2021-02-01-4 Additional information for APPLE-SA-2021-01-26-3 watchOS 7.3 Apple Product Security via Fulldisclosure (Feb 01)
- Backdoor.Win32.Xyligan.blp / Insecure Permissions EoP malvuln (Feb 01)
- null pointer deference in mfmp4srcsnk.dll in latest windows 10 houjingyi (Feb 04)
- Backdoor.Win32.NetBull.11.b / Remote Buffer Overflow malvuln (Feb 04)
- Backdoor.Win32.RemoteManipulator.brr / Insecure Permissions EoP malvuln (Feb 04)
- Bug bounty failure stories to learn from: how we ended up to hack a bank with no reward Red Timmy Security (Feb 04)
- KSA-Dev-008: Authenticated XSRF leads to complete account takeover in all UNIBOX WiFi Hotspot Controller Kaustubh via Fulldisclosure (Feb 07)
- KSA_DEV-009 :- Authenticated Code Execution In Unibox 2.4 Kaustubh via Fulldisclosure (Feb 07)
- Trojan.Win32.Gentee.b / Insecure Permissions EoP malvuln (Feb 07)
- Trojan.Win32.Gentee.h / Insecure Permissions EoP malvuln (Feb 07)
- Trojan-Spy.Win32.SpyEyes.auqj / Insecure Permissions EoP malvuln (Feb 07)
- Trojan-Spy.Win32.SpyEyes.auwl / Insecure Permissions EoP malvuln (Feb 07)
- Trojan.Win32.Comei.pgo / Insecure Permissions EoP malvuln (Feb 07)
- Trojan.Win32.Cospet.abg / Insecure Permissions EoP malvuln (Feb 07)
- Email-Worm.Win32.Sircam.eb / Insecure Permissions EoP malvuln (Feb 07)
- Trojan.Win32.Delf.uq / Insecure Permissions EoP malvuln (Feb 07)
- Trojan-Spy.Win32.SpyEyes.awow / Insecure Permissions EoP malvuln (Feb 07)
- Trojan-Spy.Win32.WebCenter.a / Information Disclosure malvuln (Feb 07)
- SEC Consult SA-20210210-0 :: Reflected Cross-Site Scripting in Adobe Magento Commerce SEC Consult Vulnerability Lab (Feb 10)
- Path traversal in SolarWinds Serv-U File Server <=15.2.1 Jack Misiura via Fulldisclosure (Feb 11)
- Stored XSS in SolarWinds Serv-U File Server <=15.2.1 Jack Misiura via Fulldisclosure (Feb 11)
- Trojan-Spy.Win32.WinSpy.vwl / Insecure Permissions EoP malvuln (Feb 11)
- Backdoor.Win32.Wollf.15 / Missing Authentication malvuln (Feb 11)
- Trojan.Win32.Cafelom.bu / Heap Corruption malvuln (Feb 11)
- Backdoor.Win32.NetTerrorist / Unauthorized Remote Command Execution malvuln (Feb 11)
- Backdoor.Win32.Aphexdoor.LiteSock / Remote Stack Buffer Overflow malvuln (Feb 11)
- Backdoor.Win32.Augudor.a / Unauthenticated Remote File Write Code Execution malvuln (Feb 11)
- Backdoor.Win32.BackAttack.18 / Multiple Vulnerabilities malvuln (Feb 11)
- APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 Apple Product Security via Fulldisclosure (Feb 11)
- Recon-Informer v1.3 - Intel for offensive systems anti-reconnaissance (nmap) tool hyp3rlinx (Feb 16)
- Backdoor.Win32.Backlash.101 / Missing Authentication malvuln (Feb 16)
- Backdoor.Win32.Cafeini.08.b / Missing Authentication malvuln (Feb 16)
- Trojan-Spy.Win32.WinSpy.wlt / Insecure Permissions malvuln (Feb 16)
- Backdoor.Win32.Cabrotor.21 / Insecure Permissions malvuln (Feb 16)
- Backdoor.Win32.Azbreg.aant / Insecure Permissions malvuln (Feb 16)
- Backdoor.Win32.Bifrose.ahvb / Insecure Permissions malvuln (Feb 16)
- Backdoor.Win32.Indexer.a / Hardcoded Weak Credentials malvuln (Feb 16)
- Backdoor.Win32.Indexer.a / Remote Denial Of Service malvuln (Feb 16)
- Backdoor.Win32.Burbul.b / Anonymous Logon malvuln (Feb 16)
- SEC Consult SA-20210217-0 :: Multiple Vulnerabilities in Multiple Vulnerabilities SEC Consult Vulnerability Lab (Feb 17)
- AST-2021-001: Remote crash in res_pjsip_diversion Asterisk Security Team (Feb 18)
- AST-2021-002: Remote crash possible when negotiating T.38 Asterisk Security Team (Feb 18)
- AST-2021-003: Remote attacker could prematurely tear down SRTP calls Asterisk Security Team (Feb 18)
- AST-2021-004: An unsuspecting user could crash Asterisk with multiple hold/unhold requests Asterisk Security Team (Feb 18)
- AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver Asterisk Security Team (Feb 18)
- Rigged Race Against Firejail for Local Root: Using pipes/ptys to win races Roman Fiedler (Feb 18)
- Backdoor.Win32.Agent.aak / Weak Hardcoded Credentials malvuln (Feb 18)
- Backdoor.Win32.Agent.aak / Cross Site Request Forgery (CSRF) - Code Execution malvuln (Feb 18)
- Backdoor.Win32.Agent.aak / Remote Buffer Overflow malvuln (Feb 18)
- [CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces Certitude - Advisories (Feb 19)
- Multiple remote memory corruptions in Telegram's handling of animated stickers polict of Shielder (Feb 19)
- Backdoor.Win32.DarkKomet.bhfh / Insecure Permissions malvuln (Feb 19)
- Backdoor.Win32.DarkKomet.apcc / Insecure Permissions malvuln (Feb 19)
- Backdoor.Win32.Bionet.10 / Anonymous Logon malvuln (Feb 19)
- [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability research (Feb 19)
- CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189) David Coomber (Feb 23)
- IBM(R) Db2(R) Windows client DLL Hijacking Vulnerability(0day) houjingyi (Feb 23)
- Backdoor.Win32.Inject.tyq / Insecure Permissions malvuln (Feb 23)
- Backdoor.Win32.Ketch.h / Remote Stack Buffer Overflow (SEH) malvuln (Feb 23)
- Trojan-Proxy.Win32.Daemonize.i / Remote Denial of Service malvuln (Feb 23)
- Trojan.Win32.Pincav.cmfl / Insecure Permissions malvuln (Feb 23)
- Trojan.Win32.Pluder.o / Insecure Permissions malvuln (Feb 23)
- Backdoor.Win32.DarkKomet.irv / Insecure Permissions malvuln (Feb 23)
- Double-Free found on Squid 4.14 and 5.0.5 Andrés Roldán via Fulldisclosure (Feb 26)
- VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability Ryan Wincey (Feb 26)
- Online Tool for Discussion of Vulnerabilities Yavuz (Feb 26)
- Backdoor.Win32.Agent.xs / Insecure Permissions malvuln (Feb 26)
- Backdoor.Win32.Agent.xw / Remote Null Ptr Dereference - Denial of Service malvuln (Feb 26)
- Backdoor.Win32.Delf.adag / Weak Hardcoded Credentials malvuln (Feb 26)
- Backdoor.Win32.Wollf.h / Missing Authentication malvuln (Feb 26)
- Trojan.Win32.Gofot.htx / Local File Buffer Overflow malvuln (Feb 26)
- Trojan-Dropper.Win32.Daws.etlm / Remote Unauthenticated System Reboot malvuln (Feb 26)
- Trojan-Spy.Win32.SpyEyes.elr / Insecure Permissions malvuln (Feb 26)
- Backdoor.Win32.Azbreg.amw / Insecure Permissions malvuln (Feb 26)
- Trojan.Win32.Hotkeychick.am / Insecure Permissions malvuln (Feb 26)
- Trojan-Proxy.Win32.Delf.ai / Remote SEH Buffer Overflow malvuln (Feb 26)