Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
81 messages
starting Mar 01 21 and
ending Mar 31 21
Date index |
Thread index |
Author index
Monday, 01 March
SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall SEC Consult Vulnerability Lab
SEC Consult SA-20210301-0 :: Authentication bypass vulnerability in Genua GenuGate High Resistance Firewall SEC Consult Vulnerability Lab
Tuesday, 02 March
Multiple Vulnerabilities in jpeg-xl (CVE-2021-27804) Marc
Backdoor.Win32.RemoteManipulator.fdo / Insecure Permissions malvuln
Trojan-Spy.Win32.Stealer.osh / Insecure Permissions malvuln
Thursday, 04 March
AST-2021-006: Crash when negotiating T.38 with a zero port Asterisk Security Team
Friday, 05 March
New BlackArch Linux Slim ISO released! Black Arch
Defense in depth -- the Microsof way (part 72): "compatibility" trumps security Stefan Kanthak
Backdoor.Win32.DarkKomet.irv / Insecure Permissions malvuln
Backdoor.Win32.BO2K.ab / Local File Buffer Overflow malvuln
Backdoor.Win32.BO2K.09.b / Unauthenticated Remote Command Execution malvuln
Monday, 08 March
Privilege Escalation in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console Harsha Bhat
Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 Administrator Console Harsha Bhat
APPLE-SA-2021-03-08-1 iOS 14.4.1 and iPadOS 14.4.1 Apple Product Security via Fulldisclosure
APPLE-SA-2021-03-08-2 macOS Big Sur 11.2.3 Apple Product Security via Fulldisclosure
APPLE-SA-2021-03-08-3 Safari 14.0.3 Apple Product Security via Fulldisclosure
APPLE-SA-2021-03-08-4 watchOS 7.3.2 Apple Product Security via Fulldisclosure
Advisory ID: VMSA-2021-0002 ????????????
BACKDOOR.WIN32.ANTILAM.14.O / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.GTbot.c / Insecure Permissions malvuln
Backdoor.Win32.Agent.bjev / Insecure Permissions malvuln
Unholy CRAP: Moziila's executable installers Stefan Kanthak
Defense in depth -- the Microsoft way (part 73): ignorance (of security advisories) is bliss! Stefan Kanthak
Thursday, 11 March
[CVE-2021-28144] Authenticated Command Injection in D-Link DIR-3060 Web Interface research
Data Manipulation with X-Forwarded-For header at WordPress Alphan YAVAS
Trojan-Spy.Win32.KeyLogger.qt / Insecure Permissions malvuln
Trojan-Dropper.Win32.Hamer.10 / Remote Floating-point Exception DoS malvuln
Re: [CDPWE-0001] - RocketReach Thierry Zoller
Friday, 12 March
[AIT-SA-20210215-01] CVE-2020-24914: QCubed PHP Object Injection sec-advisory
[AIT-SA-20210215-02] CVE-2020-24913: QCubed SQL Injection sec-advisory
[AIT-SA-20210215-03] CVE-2020-24912: QCube Cross-Site-Scripting sec-advisory
[AIT-SA-20210215-04] CVE-2020-24036: ForkCMS PHP Object Injection sec-advisory
Monday, 15 March
[KIS-2021-03] ExpressionEngine <= 6.0.2 (Translate::save) PHP Code Injection Vulnerability research
Tuesday, 16 March
[CSA-2021-002] DP API ineffective in Windows containers Certitude - Advisories
From Adobe AEM dispatcher filter rules bypass to successfully triggering XSS on 40+ Linkedin websites [ Youtube Video ] Ateek khan
SolarWinds TFTP Server 11.0.4.101: Remote Unauthenticated Reconfiguration Harrison Neal
Re: Data Manipulation with X-Forwarded-For header at WordPress jvoisin
4th BSides Hannover in the make, save the date and please submit your research in our CFP ( Focus Healthcare / medical devices / bionic ) BSides Hannover
Trojan-Proxy.Win32.Wimain / Remote Stack Buffer Overflow malvuln
Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS malvuln
Backdoor.Win32.Zombam.l / Remote Stack Buffer Overflow malvuln
Trojan.Win32.Scar.dxir / Insecure Permissions malvuln
Trojan.Win32.Siscos.bqe / Insecure Permissions malvuln
Trojan-Banker.Win32.Delf.ac / Insecure Permissions malvuln
ES2021-02: VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages Sandro Gauci
ES2021-03: VoIPmonitor is vulnerable to a buffer overflow when using the live sniffer Sandro Gauci
ES2021-04: VoIPmonitor static builds are compiled without any standard memory corruption protection Sandro Gauci
Friday, 19 March
CFP for Hardwear.io Security Conference is OPEN Andrea Simonca
[SYSS-2020-044]: Zoom - Exposure of Resource to Wrong Sphere (CWE-668) (CVE-2021-28133) Matthias Deeg
CMS Made Simple SQL injection on m1_sortby parameter riccardo krauter
MS Made Simple - File upload bypass with .phar extension lead to RCE riccardo krauter
Trojan-Dropper.Win32.Delf.p / Missing Authentication malvuln
Trojan-Dropper.Win32.Delf.p / Remote Buffer Overflow malvuln
Backdoor.Win32.Agent.mzn / Remote SEH Buffer Overflow malvuln
Tuesday, 23 March
Inaugural Issue of the Journal of Cyber Forensics and Advanced Threat Investigations Andrew Zayine
CVE-2018-3635 revisited: executable installers are vulnerable^WEVIL (case 60): again arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver Stefan Kanthak
Trojan-Dropper.Win32.Dycler.vrp / Insecure Permissions malvuln
HEUR.Trojan.Win32.Generic / Insecure Permissions malvuln
Trojan-Dropper.Win32.Delf.da / Remote Stack Buffer Overflow (UDP Datagram) malvuln
Trojan-Dropper.Win32.Demp.rft / Insecure Permissions malvuln
Wednesday, 24 March
Virus.Win32.Sality.gen / Insecure Permissions malvuln
Worm.Win32.Detnat.c / Insecure Permissions malvuln
Trojan-Dropper.Win32.Dycler.yhb / Insecure Permissions malvuln
Worm.Win32.Ngrbot.abpr / Insecure Permissions malvuln
Worm.Win32.Recyl.dp / Insecure Permissions malvuln
Worm.Win32.Ngrbot.acno / Insecure Permissions malvuln
BACKDOOR.WIN32.DARKKOMET.GOZU / Insecure Permissions malvuln
Friday, 26 March
CVE-2021-3275 : Unauthenticated Stored Cross-site Scripting in Multiple TP-Link Devices Smriti Gaba
Backdoor.Win32.Kwak.12 / Remote Denial of Service malvuln
Backdoor.Win32.Kwak.12 / Port Bounce Scan malvuln
Backdoor.Win32.Kwak.12 / Authentication Bypass malvuln
Backdoor.Win32.Kwak.12 / Remote Command Execution malvuln
Backdoor.Win32.Delf.zs / Unauthenticated Remote Command Execution malvuln
APPLE-SA-2021-03-26-1 iOS 14.4.2 and iPadOS 14.4.2 Apple Product Security via Fulldisclosure
APPLE-SA-2021-03-26-2 iOS 12.5.2 Apple Product Security via Fulldisclosure
APPLE-SA-2021-03-26-3 watchOS 7.3.3 Apple Product Security via Fulldisclosure
Monday, 29 March
PotPlayer denial of service vulnerability houjingyi
IRC-Worm.Win32.Jane.a / Authentication Bypass RCE malvuln
IRC-Worm.Win32.Jane.a / Authentication Bypass MITM Port Bounce Scan malvuln
Wednesday, 31 March
IRC-Worm.Win32.Silentium.a / Insecure Permissions malvuln
Backdoor.Win32.Burbul.b / Authentication Bypass MITM Port Bounce Scan malvuln