Full Disclosure: by thread
81 messages
starting Mar 01 21 and
ending Mar 31 21
Date index |
Thread index |
Author index
- SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall SEC Consult Vulnerability Lab (Mar 01)
- <Possible follow-ups>
- SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall SEC Consult Vulnerability Lab (Mar 01)
- Multiple Vulnerabilities in jpeg-xl (CVE-2021-27804) Marc (Mar 02)
- Backdoor.Win32.RemoteManipulator.fdo / Insecure Permissions malvuln (Mar 02)
- Trojan-Spy.Win32.Stealer.osh / Insecure Permissions malvuln (Mar 02)
- AST-2021-006: Crash when negotiating T.38 with a zero port Asterisk Security Team (Mar 04)
- New BlackArch Linux Slim ISO released! Black Arch (Mar 05)
- Defense in depth -- the Microsof way (part 72): "compatibility" trumps security Stefan Kanthak (Mar 05)
- Backdoor.Win32.DarkKomet.irv / Insecure Permissions malvuln (Mar 05)
- Backdoor.Win32.BO2K.ab / Local File Buffer Overflow malvuln (Mar 05)
- Backdoor.Win32.BO2K.09.b / Unauthenticated Remote Command Execution malvuln (Mar 05)
- Privilege Escalation in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console Harsha Bhat (Mar 08)
- Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console Harsha Bhat (Mar 08)
- APPLE-SA-2021-03-08-1 iOS 14.4.1 and iPadOS 14.4.1 Apple Product Security via Fulldisclosure (Mar 08)
- APPLE-SA-2021-03-08-2 macOS Big Sur 11.2.3 Apple Product Security via Fulldisclosure (Mar 08)
- APPLE-SA-2021-03-08-3 Safari 14.0.3 Apple Product Security via Fulldisclosure (Mar 08)
- APPLE-SA-2021-03-08-4 watchOS 7.3.2 Apple Product Security via Fulldisclosure (Mar 08)
- Advisory ID: VMSA-2021-0002 ???????????? (Mar 08)
- BACKDOOR.WIN32.ANTILAM.14.O / Unauthenticated Remote Command Execution malvuln (Mar 08)
- Backdoor.Win32.GTbot.c / Insecure Permissions malvuln (Mar 08)
- Backdoor.Win32.Agent.bjev / Insecure Permissions malvuln (Mar 08)
- Unholy CRAP: Moziila's executable installers Stefan Kanthak (Mar 08)
- Defense in depth -- the Microsoft way (part 73): ignorance (of security advisories) is bliss! Stefan Kanthak (Mar 08)
- [CVE-2021-28144] Authenticated Command Injection in D-Link DIR-3060 Web Interface research (Mar 11)
- Data Manipulation with X-Forwarded-For header at WordPress Alphan YAVAS (Mar 11)
- Re: Data Manipulation with X-Forwarded-For header at WordPress jvoisin (Mar 16)
- Trojan-Spy.Win32.KeyLogger.qt / Insecure Permissions malvuln (Mar 11)
- Trojan-Dropper.Win32.Hamer.10 / Remote Floating-point Exception DoS malvuln (Mar 11)
- Re: [CDPWE-0001] - RocketReach Thierry Zoller (Mar 11)
- [AIT-SA-20210215-01] CVE-2020-24914: QCubed PHP Object Injection sec-advisory (Mar 12)
- [AIT-SA-20210215-02] CVE-2020-24913: QCubed SQL Injection sec-advisory (Mar 12)
- [AIT-SA-20210215-03] CVE-2020-24912: QCube Cross-Site-Scripting sec-advisory (Mar 12)
- [AIT-SA-20210215-04] CVE-2020-24036: ForkCMS PHP Object Injection sec-advisory (Mar 12)
- [KIS-2021-03] ExpressionEngine <= 6.0.2 (Translate::save) PHP Code Injection Vulnerability research (Mar 15)
- [CSA-2021-002] DP API ineffective in Windows containers Certitude - Advisories (Mar 16)
- From Adobe AEM dispatcher filter rules bypass to successfully triggering XSS on 40+ Linkedin websites [ Youtube Video ] Ateek khan (Mar 16)
- SolarWinds TFTP Server 11.0.4.101: Remote Unauthenticated Reconfiguration Harrison Neal (Mar 16)
- 4th BSides Hannover in the make, save the date and please submit your research in our CFP ( Focus Healthcare / medical devices / bionic ) BSides Hannover (Mar 16)
- Trojan-Proxy.Win32.Wimain / Remote Stack Buffer Overflow malvuln (Mar 16)
- Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS malvuln (Mar 16)
- Backdoor.Win32.Zombam.l / Remote Stack Buffer Overflow malvuln (Mar 16)
- Trojan.Win32.Scar.dxir / Insecure Permissions malvuln (Mar 16)
- Trojan.Win32.Siscos.bqe / Insecure Permissions malvuln (Mar 16)
- Trojan-Banker.Win32.Delf.ac / Insecure Permissions malvuln (Mar 16)
- ES2021-02: VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages Sandro Gauci (Mar 16)
- ES2021-03: VoIPmonitor is vulnerable to a buffer overflow when using the live sniffer Sandro Gauci (Mar 16)
- ES2021-04: VoIPmonitor static builds are compiled without any standard memory corruption protection Sandro Gauci (Mar 16)
- CFP for Hardwear.io Security Conference is OPEN Andrea Simonca (Mar 19)
- [SYSS-2020-044]: Zoom - Exposure of Resource to Wrong Sphere (CWE-668) (CVE-2021-28133) Matthias Deeg (Mar 19)
- CMS Made Simple SQL injection on m1_sortby parameter riccardo krauter (Mar 19)
- MS Made Simple - File upload bypass with .phar extension lead to RCE riccardo krauter (Mar 19)
- Trojan-Dropper.Win32.Delf.p / Missing Authentication malvuln (Mar 19)
- Trojan-Dropper.Win32.Delf.p / Remote Buffer Overflow malvuln (Mar 19)
- Backdoor.Win32.Agent.mzn / Remote SEH Buffer Overflow malvuln (Mar 19)
- Inaugural Issue of the Journal of Cyber Forensics and Advanced Threat Investigations Andrew Zayine (Mar 23)
- CVE-2018-3635 revisited: executable installers are vulnerable^WEVIL (case 60): again arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver Stefan Kanthak (Mar 23)
- Trojan-Dropper.Win32.Dycler.vrp / Insecure Permissions malvuln (Mar 23)
- HEUR.Trojan.Win32.Generic / Insecure Permissions malvuln (Mar 23)
- Trojan-Dropper.Win32.Delf.da / Remote Stack Buffer Overflow (UDP Datagram) malvuln (Mar 23)
- Trojan-Dropper.Win32.Demp.rft / Insecure Permissions malvuln (Mar 23)
- Virus.Win32.Sality.gen / Insecure Permissions malvuln (Mar 24)
- Worm.Win32.Detnat.c / Insecure Permissions malvuln (Mar 24)
- Trojan-Dropper.Win32.Dycler.yhb / Insecure Permissions malvuln (Mar 24)
- Worm.Win32.Ngrbot.abpr / Insecure Permissions malvuln (Mar 24)
- Worm.Win32.Recyl.dp / Insecure Permissions malvuln (Mar 24)
- Worm.Win32.Ngrbot.acno / Insecure Permissions malvuln (Mar 24)
- BACKDOOR.WIN32.DARKKOMET.GOZU / Insecure Permissions malvuln (Mar 24)
- CVE-2021-3275 : Unauthenticated Stored Cross-site Scripting in Multiple TP-Link Devices Smriti Gaba (Mar 26)
- Backdoor.Win32.Kwak.12 / Remote Denial of Service malvuln (Mar 26)
- Backdoor.Win32.Kwak.12 / Port Bounce Scan malvuln (Mar 26)
- Backdoor.Win32.Kwak.12 / Authentication Bypass malvuln (Mar 26)
- Backdoor.Win32.Kwak.12 / Remote Command Execution malvuln (Mar 26)
- Backdoor.Win32.Delf.zs / Unauthenticated Remote Command Execution malvuln (Mar 26)
- APPLE-SA-2021-03-26-1 iOS 14.4.2 and iPadOS 14.4.2 Apple Product Security via Fulldisclosure (Mar 26)
- APPLE-SA-2021-03-26-2 iOS 12.5.2 Apple Product Security via Fulldisclosure (Mar 26)
- APPLE-SA-2021-03-26-3 watchOS 7.3.3 Apple Product Security via Fulldisclosure (Mar 26)
- PotPlayer denial of service vulnerability houjingyi (Mar 29)
- IRC-Worm.Win32.Jane.a / Authentication Bypass RCE malvuln (Mar 29)
- IRC-Worm.Win32.Jane.a / Authentication Bypass MITM Port Bounce Scan malvuln (Mar 29)
- IRC-Worm.Win32.Silentium.a / Insecure Permissions malvuln (Mar 31)
- Backdoor.Win32.Burbul.b / Authentication Bypass MITM Port Bounce Scan malvuln (Mar 31)