Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

56 messages starting Nov 04 21 and ending Nov 12 21
Date index | Thread index | Author index

BlackHawk

Pentaho <= 9.1 Jackrabbit User Enumeration BlackHawk (Nov 04)
Pentaho <= 9.1 Remote Code Execution BlackHawk (Nov 04)
Pentaho <= 9.1 Bypass of Filename Extension Restrictions BlackHawk (Nov 04)
Pentaho <= 9.1 Unauthenticated SQL Injection BlackHawk (Nov 04)
Pentaho <= 9.1 Authentication Bypass of Spring APIs BlackHawk (Nov 04)
Pentaho <= 9.1 Insufficient Access Control of Data Source Management Service BlackHawk (Nov 04)

Emanuel DUSS

CVE-2021-44033: Ionic Identity Vault PIN Unlock Lockout Bypass (Android & iOS) Emanuel DUSS (Nov 21)

Functional Account, SEC Consult Vulnerability Lab

SEC Consult SA-20211104-0 :: Reflected cross-site scripting vulnerability in IBM Sterling B2B Integrator Functional Account, SEC Consult Vulnerability Lab (Nov 04)

info () vulnerability-lab com

My Movie Collection Sinatra App - (Movie) XSS Vulnerability info () vulnerability-lab com (Nov 02)
Payment Terminal 2.x & v3.x - Multiple XSS Web Vulnerabilities info () vulnerability-lab com (Nov 05)
Hotel Listing (WP Plugin) v3.x - MyAccount XSS Vulnerability info () vulnerability-lab com (Nov 02)
My Movie Collection Sinatra App - (Login) XSS Vulnerabilities info () vulnerability-lab com (Nov 02)
ImportExportTools NG 10.0.4 - HTML Injection Vulnerability info () vulnerability-lab com (Nov 05)
PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability info () vulnerability-lab com (Nov 02)

Knights of Nynex via Fulldisclosure

The Knights of NYNEX presents: Song of the siren Knights of Nynex via Fulldisclosure (Nov 05)

malvuln

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow malvuln (Nov 04)
Backdoor.Win32.Agent.sah / Heap Corruption malvuln (Nov 02)
Backdoor.Win32.Wollf.h / Hardcoded Cleartext Password malvuln (Nov 21)
Backdoor.Win32.Wollf.a / Weak Hardcoded Password malvuln (Nov 21)
Backdoor.Win32.Hupigon.bnbb / Insecure Service Path malvuln (Nov 09)
Backdoor.Win32.Acropolis.10 / Insecure Permissions malvuln (Nov 21)
Trojan.Win32.SkynetRef.y / Unauthenticated Open Proxy malvuln (Nov 09)
Backdoor.Win32.Ncx.b / Unauthenticated Remote Command Execution malvuln (Nov 04)
Backdoor.Win32.Optix.03.b / Unauthenticated Remote Command Execution malvuln (Nov 04)
Email-Worm.Win32.Plexus.b / Unauthenticated Remote Code Execution malvuln (Nov 09)
Backdoor.Win32.Curioso.zp / Insecure Permissions malvuln (Nov 21)
Trojan.Win32.SkynetRef.x / Unauthenticated Open Proxy malvuln (Nov 09)
HEUR.Backdoor.Win32.Denis.gen / Remote Denial of Service (UDP Datagram) malvuln (Nov 09)
Backdoor.Win32.Pahador.aj / Authentication Bypass RCE malvuln (Nov 09)
Email-Worm.Win32.Deltad / Insecure Permissions malvuln (Nov 30)
Trojan.Win32.Pasta.mca / Insecure Permissions malvuln (Nov 02)
Backdoor.Win32.Coredoor.10.a / Port Bounce Scan malvuln (Nov 30)
Backdoor.Win32.BlueAdept.02.a / Remote Buffer Overflow malvuln (Nov 21)
Trojan.Win32.Delf.bna / Information Disclosure malvuln (Nov 02)
Backdoor.Win32.BNLite / Remote Heap Based Buffer Overflow malvuln (Nov 21)
Backdoor.Win32.VB.afu / Insecure Transit Password Disclosure malvuln (Nov 09)
Backdoor.Win32.Agent.ad / Insecure Credential Storage malvuln (Nov 21)
Backdoor.Win32.Hupigon.nqr / Unauthenticated Open Proxy malvuln (Nov 09)
Trojan.Win32.Servstar.poa / Insecure Service Path malvuln (Nov 09)
Backdoor.Win32.Coredoor.10.a / Authentication Bypass RCE malvuln (Nov 30)
Backdoor.Win32.Antilam.11 / Unauthenticated Remote Command Execution malvuln (Nov 21)
Trojan.Win32.Phires.zm / Insecure Permissions malvuln (Nov 02)
Backdoor.Win32.Ncx.b / Remote Stack Buffer Overflow malvuln (Nov 04)
Backdoor.Win32.VB.afu / Insecure Permissions malvuln (Nov 09)
Viruscreds - Malware password database malvuln (Nov 02)

Maurizio Ruchay

[SYSS-2021-048] PHP Event Calendar - SQL Injection (CVE-2021-42077) Maurizio Ruchay (Nov 05)
[SYSS-2021-049] PHP Event Calendar - Persistent Cross-site Scripting (CVE-2021-42078) Maurizio Ruchay (Nov 05)

Open-Xchange GmbH via Fulldisclosure

Open-Xchange Security Advisory 2021-11-19 Open-Xchange GmbH via Fulldisclosure (Nov 21)
Open-Xchange Security Advisory 2021-11-18 Open-Xchange GmbH via Fulldisclosure (Nov 21)

refabrik sec

SQL injection vulnerability in Talariax sendQuick Alertplus server admin version 4.3 (CVE-2021-26795) refabrik sec (Nov 12)

Riccardo Spampinato

Re: Responsible Full disclosure for LiquidFiles 3.5.13 Riccardo Spampinato (Nov 23)
Responsible Full disclosure for LiquidFiles 3.5.13 Riccardo Spampinato (Nov 18)

Sergio González Muriel

[CFP] 4th International workshop in Artificial Intelligence and Industrial Internet-of-Things Security (AIoTS) Sergio González Muriel (Nov 09)

Stefan Pietsch

Trovent Security Advisory 2105-02 / CVE-2021-33618: Stored cross-site scripting in Dolibarr ERP & CRM Stefan Pietsch (Nov 12)
Trovent Security Advisory 2104-03 / HealthForYou & Sanitas HealthCoach: Missing server-side password policy Stefan Pietsch (Nov 05)
Trovent Security Advisory 2106-01 / CVE-2021-33816: Authenticated remote code execution in Dolibarr ERP & CRM Stefan Pietsch (Nov 12)

Previous period

Next period