Full Disclosure: by date

44 messages starting Mar 02 24 and ending Mar 28 24
Date index | Thread index | Author index

Saturday, 02 March

Multilaser Router - Access Control Bypass through Header Manipulation - CVE-2023-38944 Vinícius Moraes
Multilaser Router - Access Control Bypass through URL Manipulation - CVE-2023-38945 Vinícius Moraes
Multilaser Router - Access Control Bypass through Cookie Manipulation - CVE-2023-38946 Vinícius Moraes
BACKDOOR.WIN32.ARMAGEDDON.R / Hardcoded Cleartext Credentials malvuln
BACKDOOR.WIN32.AUTOSPY.10 / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Jeemp.c / Cleartext Hardcoded Credentials malvuln
BACKDOOR.WIN32.AGENT.AMT / Authentication Bypass malvuln
XAMPP 5.6.40 - Error Based SQL Injection Andrey Stoykov
Multiple XSS Issues in boidcmsv2.0.1 Andrey Stoykov
JetStream Smart Switch - TL-SG2210P v5.0/ Improper Access Control / CVE-2023-43318 Shaikh Shahnawaz
SEC Consult SA-20240226-0 :: Local Privilege Escalation via DLL Hijacking in Qognify VMS Client Viewer SEC Consult Vulnerability Lab, Research via Fulldisclosure

Tuesday, 05 March

KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability KoreLogic Disclosures via Fulldisclosure
KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability KoreLogic Disclosures via Fulldisclosure
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability KoreLogic Disclosures via Fulldisclosure
KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated KoreLogic Disclosures via Fulldisclosure

Wednesday, 13 March

[Full Disclosure] CVE-2024-25228: Unpatched Command Injection in Vinchin Backup & Recovery Versions 7.2 and Earlier Valentin Lobstein via Fulldisclosure
StimulusReflex CVE-2024-28121 lixts via Fulldisclosure
Backdoor.Win32.Beastdoor.oq / Unauthenticated Remote Command Execution malvuln
APPLE-SA-03-05-2024-1 iOS 17.4 and iPadOS 17.4 Apple Product Security via Fulldisclosure
APPLE-SA-03-05-2024-2 iOS 16.7.6 and iPadOS 16.7.6 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-1 Safari 17.4 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-2 macOS Sonoma 14.4 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-5 watchOS 10.4 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-6 tvOS 17.4 Apple Product Security via Fulldisclosure
APPLE-SA-03-07-2024-7 visionOS 1.1 Apple Product Security via Fulldisclosure
APPLE-SA-03-12-2024-1 GarageBand 10.4.11 Apple Product Security via Fulldisclosure
HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS Marco Ivaldi
SEC Consult SA-20240307-0 :: Local Privilege Escalation via writable files in Checkmk Agent (CVE-2024-0670) SEC Consult Vulnerability Lab, Research via Fulldisclosure
MetaFox Remote Shell Upload Exploit j0ck1ng@tempr.email

Tuesday, 19 March

Backdoor.Win32.Emegrab.b / Remote Stack Buffer Overflow (SEH) malvuln

Wednesday, 27 March

[IWCC 2024] CfP: 13th International Workshop on Cyber Crime - Vienna, Austria, July 30 - Aug 02, 2024 Artur Janicki via Fulldisclosure
Circontrol EV Charger vulnerabilities (CVE-2020-8006, CVE-2020-8007) Dariusz G
Win32.STOP.Ransomware (smokeloader) / Remote Code Execution (MITM) malvuln
Escape sequence injection in util-linux wall (CVE-2024-28085) Skyler Ferrante (RIT Student) via Fulldisclosure
APPLE-SA-03-25-2024-6 visionOS 1.1.1 Apple Product Security via Fulldisclosure
APPLE-SA-03-25-2024-5 iOS 16.7.7 and iPadOS 16.7.7 Apple Product Security via Fulldisclosure
APPLE-SA-03-25-2024-4 iOS 17.4.1 and iPadOS 17.4.1 Apple Product Security via Fulldisclosure
APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6 Apple Product Security via Fulldisclosure
APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1 Apple Product Security via Fulldisclosure
APPLE-SA-03-25-2024-1 Safari 17.4.1 Apple Product Security via Fulldisclosure
Application is Vulnerable to Session Fixation YOGESH BHANDAGE

Thursday, 28 March

Intel PowerGadget 3.6 Local Privilege Escalation Julian Horoszkiewicz via Fulldisclosure

Previous period

Next period