Full Disclosure: by date

56 messages starting Nov 02 21 and ending Nov 30 21
Date index | Thread index | Author index

Tuesday, 02 November

Viruscreds - Malware password database malvuln
Trojan.Win32.Pasta.mca / Insecure Permissions malvuln
Trojan.Win32.Phires.zm / Insecure Permissions malvuln
Trojan.Win32.Delf.bna / Information Disclosure malvuln
Backdoor.Win32.Agent.sah / Heap Corruption malvuln
PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability info () vulnerability-lab com
Hotel Listing (WP Plugin) v3.x - MyAccount XSS Vulnerability info () vulnerability-lab com
My Movie Collection Sinatra App - (Movie) XSS Vulnerability info () vulnerability-lab com
My Movie Collection Sinatra App - (Login) XSS Vulnerabilities info () vulnerability-lab com

Thursday, 04 November

Pentaho <= 9.1 Remote Code Execution BlackHawk
Pentaho <= 9.1 Unauthenticated SQL Injection BlackHawk
Pentaho <= 9.1 Insufficient Access Control of Data Source Management Service BlackHawk
Pentaho <= 9.1 Authentication Bypass of Spring APIs BlackHawk
Pentaho <= 9.1 Jackrabbit User Enumeration BlackHawk
Pentaho <= 9.1 Bypass of Filename Extension Restrictions BlackHawk
SEC Consult SA-20211104-0 :: Reflected cross-site scripting vulnerability in IBM Sterling B2B Integrator Functional Account, SEC Consult Vulnerability Lab
Backdoor.Win32.Optix.03.b / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Ncx.b / Remote Stack Buffer Overflow malvuln
Backdoor.Win32.Ncx.b / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow malvuln

Friday, 05 November

Payment Terminal 2.x & v3.x - Multiple XSS Web Vulnerabilities info () vulnerability-lab com
ImportExportTools NG 10.0.4 - HTML Injection Vulnerability info () vulnerability-lab com
[SYSS-2021-048] PHP Event Calendar - SQL Injection (CVE-2021-42077) Maurizio Ruchay
[SYSS-2021-049] PHP Event Calendar - Persistent Cross-site Scripting (CVE-2021-42078) Maurizio Ruchay
Trovent Security Advisory 2104-03 / HealthForYou & Sanitas HealthCoach: Missing server-side password policy Stefan Pietsch
The Knights of NYNEX presents: Song of the siren Knights of Nynex via Fulldisclosure

Tuesday, 09 November

[CFP] 4th International workshop in Artificial Intelligence and Industrial Internet-of-Things Security (AIoTS) Sergio González Muriel
Backdoor.Win32.VB.afu / Insecure Permissions malvuln
Backdoor.Win32.VB.afu / Insecure Transit Password Disclosure malvuln
Backdoor.Win32.Pahador.aj / Authentication Bypass RCE malvuln
Backdoor.Win32.Hupigon.nqr / Unauthenticated Open Proxy malvuln
HEUR.Backdoor.Win32.Denis.gen / Remote Denial of Service (UDP Datagram) malvuln
Backdoor.Win32.Hupigon.bnbb / Insecure Service Path malvuln
Trojan.Win32.Servstar.poa / Insecure Service Path malvuln
Trojan.Win32.SkynetRef.x / Unauthenticated Open Proxy malvuln
Trojan.Win32.SkynetRef.y / Unauthenticated Open Proxy malvuln
Email-Worm.Win32.Plexus.b / Unauthenticated Remote Code Execution malvuln

Friday, 12 November

SQL injection vulnerability in Talariax sendQuick Alertplus server admin version 4.3 (CVE-2021-26795) refabrik sec
Trovent Security Advisory 2105-02 / CVE-2021-33618: Stored cross-site scripting in Dolibarr ERP & CRM Stefan Pietsch
Trovent Security Advisory 2106-01 / CVE-2021-33816: Authenticated remote code execution in Dolibarr ERP & CRM Stefan Pietsch

Thursday, 18 November

Responsible Full disclosure for LiquidFiles 3.5.13 Riccardo Spampinato

Sunday, 21 November

CVE-2021-44033: Ionic Identity Vault PIN Unlock Lockout Bypass (Android & iOS) Emanuel DUSS
Open-Xchange Security Advisory 2021-11-18 Open-Xchange GmbH via Fulldisclosure
Open-Xchange Security Advisory 2021-11-19 Open-Xchange GmbH via Fulldisclosure
Backdoor.Win32.Acropolis.10 / Insecure Permissions malvuln
Backdoor.Win32.Curioso.zp / Insecure Permissions malvuln
Backdoor.Win32.Antilam.11 / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Wollf.a / Weak Hardcoded Password malvuln
Backdoor.Win32.Wollf.h / Hardcoded Cleartext Password malvuln
Backdoor.Win32.Agent.ad / Insecure Credential Storage malvuln
Backdoor.Win32.BNLite / Remote Heap Based Buffer Overflow malvuln
Backdoor.Win32.BlueAdept.02.a / Remote Buffer Overflow malvuln

Tuesday, 23 November

Re: Responsible Full disclosure for LiquidFiles 3.5.13 Riccardo Spampinato

Tuesday, 30 November

Email-Worm.Win32.Deltad / Insecure Permissions malvuln
Backdoor.Win32.Coredoor.10.a / Port Bounce Scan malvuln
Backdoor.Win32.Coredoor.10.a / Authentication Bypass RCE malvuln

Previous period

Next period