Full Disclosure: by date

PreviousPrevious period
Next periodNext

26 messages starting Nov 07 22 and ending Nov 29 22
Date index | Thread index | Author index

Monday, 07 November

CVE-2022-3602 and CVE-2022-3786 Critical OpenSSL 3.0.x security vulnerabilities Turritopsis Dohrnii Teo En Ming
APPLE-SA-2022-11-01-1 Xcode 14.1 Apple Product Security via Fulldisclosure

Tuesday, 15 November

Cisco Secure Email Gateways can easily be circumvented FD
[CVE-2022-3747] BeCustom <= 1.0.5.2 Generic Cross-Site Request Forgery Julien Ahrens (RCE Security)
Backdoor.Win32.Aphexdoor.LiteSock / Remote Stack Buffer Overflow (SEH) malvuln
HEUR:Trojan.MSIL.Agent.gen / Information Disclosure malvuln
Backdoor.Win32.RemServ.d / Unauthenticated Remote Command Execution malvuln
APPLE-SA-2022-11-09-1 iOS 16.1.1 and iPadOS 16.1.1 Apple Product Security via Fulldisclosure
APPLE-SA-2022-11-09-2 macOS Ventura 13.0.1 Apple Product Security via Fulldisclosure
SEC Consult SA-20221109-0 :: Multiple Critical Vulnerabilities in Simmeth System GmbH Supplier manager (Lieferantenmanager) SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult SA-20221110-0 :: HTML Injection in BMC Remedy ITSM-Suite SEC Consult Vulnerability Lab, Research via Fulldisclosure
SEC Consult SA-20221114-0 :: Path Traversal Vulnerability in Payara Platform SEC Consult Vulnerability Lab, Research via Fulldisclosure

Sunday, 20 November

[CVE-2022-3861] Betheme <= 26.5.1.4 - Authenticated (Contributor+) PHP Object Injection Julien Ahrens (RCE Security)
Backdoor.Win32.Quux / Weak Hardcoded Credentials malvuln
Trojan.Win32.Platinum.gen / Arbitrary Code Execution malvuln
Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure malvuln

Tuesday, 29 November

crashing potplayer again houjingyi
[CVE-2022-33942] Intel Data Center Manager Console <= 4.1.1.45749 ā€¯UserMgmtHandler" Authentication Logic Error Leading to Authentication Bypass Julien Ahrens (RCE Security)
Open-Xchange Security Advisory 2022-11-24 Martin Heiland via Fulldisclosure
Backdoor.Win32.Serman.a / Unauthenticated Open Proxy malvuln
Backdoor.Win32.Autocrat.b / Weak Hardcoded Credentials malvuln
Trojan.Win32.DarkNeuron.gen / Named Pipe Null DACL malvuln
Ransomware Deception Tactics Part 1 malvuln
Win32.Ransom.Conti / Crypto Logic Flaw malvuln
Exploiting an N-day vBulletin PHP Object Injection Vulnerability Egidio Romano
CyberDanube Security Research 20221124-0 | Authenticated Command Injection Hirschmann BAT-C2 Thomas Weber
PreviousPrevious period
Next periodNext