Full Disclosure: by thread
29 messages
starting Jan 02 23 and
ending Jan 30 23
Date index |
Thread index |
Author index
- [tool] ModSecurity backdoor Jozef Sudolsky (Jan 02)
- Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877 Numan TÜRLE (Jan 06)
- [KIS-2023-01] Tiki Wiki CMS Groupware <= 25.0 Two Cross-Site Request Forgery Vulnerabilities Egidio Romano (Jan 09)
- [KIS-2023-02] Tiki Wiki CMS Groupware <= 24.0 (structlib.php) PHP Code Injection Vulnerability Egidio Romano (Jan 09)
- [KIS-2023-03] Tiki Wiki CMS Groupware <= 24.0 (grid.php) PHP Object Injection Vulnerability Egidio Romano (Jan 09)
- [KIS-2023-04] Tiki Wiki CMS Groupware <= 24.1 (tikiimporter_blog_wordpress.php) PHP Object Injection Vulnerability Egidio Romano (Jan 09)
- Citrix Linux client logs session credentials Russell Howe (Jan 16)
- wolfSSL before 5.5.0: Denial-of-service with session resumption Maximilian Ammann via Fulldisclosure (Jan 19)
- <Possible follow-ups>
- wolfSSL before 5.5.0: Denial-of-service with session resumption Maximilian Ammann via Fulldisclosure (Jan 19)
- wolfSSL 5.3.0: Denial-of-service Maximilian Ammann via Fulldisclosure (Jan 19)
- wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSL_CALLBACKS Maximilian Ammann via Fulldisclosure (Jan 19)
- HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm Marco Ivaldi (Jan 19)
- SEC Consult SA-20230117-0 :: Pre-authenticated Remote Code Execution in cs.exe (@OpenText Content Server component of OpenText Extended ECM) SEC Consult Vulnerability Lab, Research via Fulldisclosure (Jan 19)
- SEC Consult SA-20230117-1 :: Pre-authenticated Remote Code Execution via Java frontend and QDS endpoint in @OpenText Content Server component of OpenText Extended ECM SEC Consult Vulnerability Lab, Research via Fulldisclosure (Jan 19)
- SEC Consult SA-20230117-2 :: Multiple post-authentication vulnerabilities including RCE in @OpenText Content Server component of OpenText Extended ECM SEC Consult Vulnerability Lab, Research via Fulldisclosure (Jan 19)
- APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-2 iOS 15.7.3 and iPadOS 15.7.3 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-3 iOS 12.5.7 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-4 macOS Ventura 13.2 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-7 watchOS 9.3 Apple Product Security via Fulldisclosure (Jan 23)
- APPLE-SA-2023-01-23-8 Safari 16.3 Apple Product Security via Fulldisclosure (Jan 23)
- t2'23: Call For Papers 2023 (Helsinki, Finland) Tomi Tuominen via Fulldisclosure (Jan 23)
- [RT-SA-2022-002] Skyhigh Security Secure Web Gateway: Cross-Site Scripting in Single Sign-On Plugin RedTeam Pentesting GmbH (Jan 26)
- [SYSS-2022-047] Razer Synapse - Local Privilege Escalation Oliver Schwarz via Fulldisclosure (Jan 26)
- APPLE-SA-2023-01-24-1 tvOS 16.3 Apple Product Security via Fulldisclosure (Jan 26)
- Trovent Security Advisory 2203-01 / Micro Focus GroupWise transmits session ID in URL Stefan Pietsch (Jan 30)