fulldisclosure  

Messages by Date

• 2023/12/12 [FD] APPLE-SA-12-11-2023-4 macOS Sonoma 14.2 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] APPLE-SA-12-11-2023-3 iOS 16.7.3 and iPadOS 16.7.3 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] APPLE-SA-12-11-2023-2 iOS 17.2 and iPadOS 17.2 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] APPLE-SA-12-11-2023-1 Safari 17.2 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] APPLE-SA-11-30-2023-3 macOS Sonoma 14.1.2 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] APPLE-SA-11-30-2023-2 iOS 17.1.2 and iPadOS 17.1.2 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] APPLE-SA-11-30-2023-1 Safari 17.1.2 Apple Product Security via Fulldisclosure
• 2023/12/12 [FD] [KIS-2023-13] ISPConfig <= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability Egidio Romano
• 2023/12/12 [FD] [CFP] BSides San Francisco - May 2024 BSidesSF CFP via Fulldisclosure
• 2023/12/12 [FD] Microsoft Defender Anti-Malware PowerShell API - Arbitrary Code Execution hyp3rlinx
• 2023/11/27 [FD] Senec Inverters Home V1, V2, V3 Home & Hybrid Use of Hard-coded Credentials - CVE-2023-39169 Phos4Me via Fulldisclosure
• 2023/11/27 [FD] [SYSS-2023-019] SmartNode SN200 - Unauthenticated OS Command Injection Maurizio Ruchay via Fulldisclosure
• 2023/11/27 [FD] CVE-2023-46307 Kevin
• 2023/11/27 [FD] CVE-2023-46307 Kevin
• 2023/11/27 [FD] Survey on usage of security advisories Aurich, Janik
• 2023/11/27 [FD] [CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389] Multiple vulnerabilities in Loytec products (3) Chizuru Toyama
• 2023/11/27 [FD] [CVE-2023-46383, CVE-2023-46384, CVE-2023-46385] Multiple vulnerabilities in Loytec products (2) Chizuru Toyama
• 2023/11/12 [FD] Senec Inverters Home V1, V2, V3 Home & Hybrid Exposure of the Username to an Unauthorized Actor - CVE-2023-39168 Phos4Me via Fulldisclosure
• 2023/11/12 [FD] Senec Inverters Home V1, V2, V3 Home & Hybrid Cleartext Transmission of Authentication Credentials - CVE-2023-39172 Phos4Me via Fulldisclosure
• 2023/11/12 [FD] Senec Inverters Home V1, V2, V3 Home & Hybrid Publicly Accessible Default Credentials- CVE-2023-39170 Phos4Me via Fulldisclosure
• 2023/11/12 [FD] Senec Inverters Home V1, V2, V3 Home & Hybrid Publicly Accessible Management Interface “Local GUI”- CVE-2023-39171 Phos4Me via Fulldisclosure
• 2023/11/12 [FD] HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS Marco Ivaldi
• 2023/11/10 [FD] [CVE-2023-46380, CVE-2023-46381, CVE-2023-46382] Multiple vulnerabilities in Loytec products Chizuru Toyama
• 2023/10/27 [FD] LKX-2023-001 VinChin VMWare Backup Gregory Boddin via Fulldisclosure
• 2023/10/27 [FD] [KIS-2023-12] phpFox <= 4.8.13 (redirect) PHP Object Injection Vulnerability Egidio Romano
• 2023/10/26 [FD] [KIS-2023-11] SugarCRM <= 13.0.1 (set_note_attachment) Unrestricted File Upload Vulnerability Egidio Romano
• 2023/10/26 [FD] [KIS-2023-10] SugarCRM <= 13.0.1 (GetControl) Server-Side Template Injection Vulnerability Egidio Romano
• 2023/10/25 [FD] APPLE-SA-10-25-2023-9 Safari 17.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-5 macOS Ventura 13.6.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-8 watchOS 10.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-4 macOS Sonoma 14.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-2 iOS 16.7.2 and iPadOS 16.7.2 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-7 tvOS 17.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-6 macOS Monterey 12.7.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-3 iOS 15.8 and iPadOS 15.8 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] APPLE-SA-10-25-2023-1 iOS 17.1 and iPadOS 17.1 Apple Product Security via Fulldisclosure
• 2023/10/25 [FD] Ringzer0 Bootstrap24 CFP Now Open Steve Lord
• 2023/10/16 [FD] Defense in depth -- the Microsoft way (part 86): shipping rotten software to billions of unsuspecting customers Stefan Kanthak
• 2023/10/16 [FD] APPLE-SA-10-10-2023-1 iOS 16.7.1 and iPadOS 16.7.1 Apple Product Security via Fulldisclosure
• 2023/10/16 [FD] XNSoft Nconvert 7.136 - Multiple Vulnerabilities michele
• 2023/10/16 [FD] Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Joshua Rogers
• 2023/10/05 [FD] SEC Consult SA-20231005 :: Open Redirect in SAP® BSP Test Application it00 (Bypass for CVE-2020-6215 Patch) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/10/05 [FD] APPLE-SA-2023-10-04-1 iOS 17.0.3 and iPadOS 17.0.3 Apple Product Security via Fulldisclosure
• 2023/10/05 [FD] CVE-2023-4911: Local Privilege Escalation in the glibc's ld.so Qualys Security Advisory via Fulldisclosure
• 2023/10/02 [FD] APPLE-SA-09-26-2023-9 tvOS 17 Apple Product Security via Fulldisclosure
• 2023/10/02 [FD] APPLE-SA-09-26-2023-6 Xcode 15 Apple Product Security via Fulldisclosure
• 2023/10/02 [FD] APPLE-SA-09-26-2023-5 Additional information for APPLE-SA-2023-09-21-7 macOS Monterey 12.7 Apple Product Security via Fulldisclosure
• 2023/10/02 [FD] APPLE-SA-09-26-2023-4 Additional information for APPLE-SA-2023-09-21-6 macOS Ventura 13.6 Apple Product Security via Fulldisclosure
• 2023/10/02 [FD] APPLE-SA-09-26-2023-3 Additional information for APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 Apple Product Security via Fulldisclosure
• 2023/10/02 [FD] APPLE-SA-09-26-2023-1 Safari 17 Apple Product Security via Fulldisclosure
• 2023/10/02 [FD] SEC Consult SA-20230927-0 :: Multiple Vulnerabilities in SAP® Enable Now Manager SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/10/02 [FD] SEC Consult SA-20230925-0 :: Stored Cross-Site Scripting in mb Support broker management solution openVIVA c2 SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/09/25 [FD] [tool] WatchGuard Firebox Web Update Unpacker retset
• 2023/09/22 [FD] APPLE-SA-2023-09-21-6 macOS Ventura 13.6 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-7 macOS Monterey 12.7 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-5 watchOS 9.6.3 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-4 watchOS 10.0.1 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-1 Safari 16.6.1 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] Advisory X41-2023-001: Two Vulnerabilities in OPNsense X41 D-Sec GmbH Advisories via Fulldisclosure
• 2023/09/18 [FD] SEC Consult SA-20230918-0 :: Authenticated Remote Code Execution and Missing Authentication in Atos Unify OpenScape SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/09/18 [FD] SEC Consult SA-20230829-0 :: Reflected Cross-Site Scripting (XSS) in PTC - Codebeamer (ALM Solution) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/09/18 [FD] APPLE-SA-2023-09-11-3 macOS Big Sur 11.7.10 Apple Product Security via Fulldisclosure
• 2023/09/18 [FD] APPLE-SA-2023-09-11-2 macOS Monterey 12.6.9 Apple Product Security via Fulldisclosure
• 2023/09/18 [FD] APPLE-SA-2023-09-11-1 iOS 15.7.9 and iPadOS 15.7.9 Apple Product Security via Fulldisclosure
• 2023/09/18 [FD] [SYSS-2023-002] Razer Synapse - Local Privilege Escalation Oliver Schwarz via Fulldisclosure
• 2023/09/08 [FD] APPLE-SA-2023-09-07-3 watchOS 9.6.2 Apple Product Security via Fulldisclosure
• 2023/09/08 [FD] APPLE-SA-2023-09-07-2 iOS 16.6.1 and iPadOS 16.6.1 Apple Product Security via Fulldisclosure
• 2023/09/08 [FD] APPLE-SA-2023-09-07-1 macOS Ventura 13.5.2 Apple Product Security via Fulldisclosure
• 2023/09/05 [FD] Minor firefox DoS - semi silently polluting ~/Downloads with files Georgi Guninski
• 2023/09/04 [FD] Vulnerabilities in Internet Radio auna IR-160 SE (UIProto) naphthalin via Fulldisclosure
• 2023/09/04 [FD] AtlasVPN Linux Client 1.0.3 IP Leak Exploit icudar via Fulldisclosure
• 2023/08/29 [FD] Mozilla Firefox only stores up to 1024 HSTS entries Konstantin
• 2023/08/23 [FD] [KIS-2023-09] CrafterCMS <= 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities Egidio Romano
• 2023/08/23 [FD] [KIS-2023-08] SugarCRM <= 12.2.0 Two SQL Injection Vulnerabilities Egidio Romano
• 2023/08/23 [FD] [KIS-2023-07] SugarCRM <= 12.2.0 (Docusign_GlobalSettings) PHP Object Injection Vulnerability Egidio Romano
• 2023/08/23 [FD] [KIS-2023-06] SugarCRM <= 12.2.0 (updateGeocodeStatus) Bean Manipulation Vulnerability Egidio Romano
• 2023/08/23 [FD] [KIS-2023-05] SugarCRM <= 12.2.0 (Notes) Unrestricted File Upload Vulnerability Egidio Romano
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Jeffrey Walton
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Michael Lazin
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Matthew Fernandez
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Adrean Boyadzhiev
• 2023/08/17 [FD] KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit KoreLogic Disclosures via Fulldisclosure
• 2023/08/17 [FD] KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump KoreLogic Disclosures via Fulldisclosure
• 2023/08/17 [FD] KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig KoreLogic Disclosures via Fulldisclosure
• 2023/08/15 [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Georgi Guninski
• 2023/08/15 [FD] Missing Immutable Root of Trust in Hardware (CWE-1326) / CVE-2023-22955 Moritz Abrell via Fulldisclosure
• 2023/08/15 [FD] Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22956 Moritz Abrell via Fulldisclosure
• 2023/08/15 [FD] Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22957 Moritz Abrell via Fulldisclosure
• 2023/08/11 [FD] Qualys mis-uses ssh, fails to scan and protect, facilitates internal attack Paul Szabo via Fulldisclosure
• 2023/08/11 [FD] St. Poelten UAS | Multiple XSS in Advantech EKI 15XX Series Weber Thomas via Fulldisclosure
• 2023/08/11 [FD] St. Poelten UAS | Multiple Vulnerabilities in Phoenix Contact TC Cloud Client / TC Router / Cloud Client Weber Thomas via Fulldisclosure
• 2023/08/07 [FD] GNOME Files silently extracts setuid files from ZIP archives Georgi Guninski
• 2023/08/03 [FD] Kolibri GET request buffer Overflow [Stack Egghunter] Mahmoud Noureldin
• 2023/08/03 [FD] [SYSS-2023-011]: Canon PIXMA TR4550 and other inkjet printer models - Insufficient or Incomplete Data Removal, within Hardware Component (CWE-1301) Matthias Deeg via Fulldisclosure
• 2023/08/02 [FD] OXAS-ADV-2023-0003: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/08/02 [FD] RansomLord v1 / Anti-Ransomware Exploit Tool malvuln
• 2023/08/02 [FD] Savant Web Server 3.1 - Remote Buffer Overflow (Egghunter) Mahmoud Noureldin
• 2023/08/01 [FD] CVE-2023-28130 - Hostname injection leads to Remote Code Execution RCE (Authenticated) Rick Verdoes via Fulldisclosure
• 2023/08/01 [FD] Unauthorized MFA Code Delivery in EmpowerID Patel, Nirav
• 2023/08/01 [FD] Pentest Paper - Introduction to Web Pentest Andrey Stoykov
• 2023/08/01 [FD] Stored XSS - Perch Andrey Stoykov
• 2023/08/01 [FD] ETSI WEBstore 2023 - Persistent Cross Site Scripting Web Vulnerability i...@vulnerability-lab.com
• 2023/07/25 [FD] Availability Booking Calendar PHP - Stored XSS and Unrestricted File Upload Andrey Stoykov
• 2023/07/25 [FD] APPLE-SA-2023-07-24-8 watchOS 9.6 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-7 tvOS 16.6 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-4 macOS Ventura 13.5 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-3 iOS 15.7.8 and iPadOS 15.7.8 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-2 iOS 16.6 and iPadOS 16.6 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-1 Safari 16.6 Apple Product Security via Fulldisclosure
• 2023/07/24 [FD] APPLE-SA-2023-07-24-1 Safari 16.6 Deven Kishore via Fulldisclosure
• 2023/07/21 [FD] [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334) Matthias Deeg via Fulldisclosure
• 2023/07/21 [FD] [SYSS-2023-005]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38335) Matthias Deeg via Fulldisclosure
• 2023/07/19 [FD] PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] Aures Booking & POS Terminal - Local Privilege Escalation Vulnerability i...@vulnerability-lab.com
• 2023/07/19 [FD] Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] PaulPrinting CMS - (Search Delivery) Cross Site Scripting Vulnerability i...@vulnerability-lab.com
• 2023/07/19 [FD] Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability i...@vulnerability-lab.com
• 2023/07/19 [FD] Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] Boom CMS v8.0.7 - Cross Site Scripting Vulnerability i...@vulnerability-lab.com
• 2023/07/19 Re: [FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability Jeffrey Walton
• 2023/07/19 [FD] CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent Qualys Security Advisory via Fulldisclosure
• 2023/07/19 [FD] [RT-SA-2023-001] Session Token Enumeration in RWS WorldServer RedTeam Pentesting GmbH
• 2023/07/16 [FD] WBCE - Stored XSS Andrey Stoykov
• 2023/07/16 Re: [FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability Jens Timmerman
• 2023/07/11 [FD] Asterisk Release 20.3.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release certified-18.9-cert5 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release 19.8.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release 18.18.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release 16.30.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 Re: [FD] [tool] tc - anonymous and cyphered chat over Tor circuits in PGP bo0od via Fulldisclosure
• 2023/07/11 [FD] APPLE-SA-2023-07-10-3 Rapid Security Responses for macOS Ventura 13.4.1 Apple Product Security via Fulldisclosure
• 2023/07/11 [FD] APPLE-SA-2023-07-10-2 Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1 Apple Product Security via Fulldisclosure
• 2023/07/11 [FD] APPLE-SA-2023-07-10-1 Safari 16.5.2 Apple Product Security via Fulldisclosure
• 2023/07/11 [FD] Unquoted Path - XAMPP 8.2.4 Andrey Stoykov
• 2023/07/11 Re: [FD] Ransom.Haron / Code Execution malvuln
• 2023/07/07 [FD] SEC Consult SA-20230705-0 :: Path traversal bypass & Denial of service in Kyocera TASKalfa 4053ci printer SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult SA-20230703-0 :: Multiple Vulnerabilities including Unauthenticated RCE in Siemens A8000 SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult Vulnerability Lab Whitepaper: Everyone Knows SAP®, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RFC to RCE 16 Years Later SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult SA-20230628-0 :: Stored XSS & Privilege Escalation in Boomerang Parental Control App SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult SA-20230627-0 :: Multiple high risk vulnerabilities in ILIAS eLearning platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] ServiceNow Account Takeover to Full Admin Compromise Luke Symons
• 2023/07/07 [FD] APPLE-SA-2023-06-21-8 watchOS 8.8.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-7 watchOS 9.5.2 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-1 Safari 16.5.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] SQLi - Faculty Evaluation System Andrey Stoykov
• 2023/07/07 [FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability i...@esec-service.de
• 2023/07/07 [FD] [tool] tc - anonymous and cyphered chat over Tor circuits in PGP 0xf--- via Fulldisclosure
• 2023/06/21 Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists pesco
• 2023/06/21 [FD] OXAS-ADV-2023-0002: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/06/21 Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists jvoisin via Fulldisclosure
• 2023/06/19 [FD] Polycom BToE Connector 4.4.0.0 Multiple Vulnerabilities BUG
• 2023/06/19 [FD] OpenBSD kernel relinking is not transactional and a local exploit exists Schech, C. W. ("Connor")
• 2023/06/09 [FD] Windows PowerShell / Trojan File RCE revisited hyp3rlinx
• 2023/06/07 [FD] Defense in depth -- the Microsoft way (part 85): escalation of privilege plus remote code execution with HVCISCAN.exe Stefan Kanthak
• 2023/06/07 [FD] LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 Qualys Security Advisory via Fulldisclosure
• 2023/06/02 [FD] [CVE-2023-29459] FC Red Bull Salzburg App "at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity" Arbitrary URL Loading Julien Ahrens (RCE Security)
• 2023/06/01 [FD] [RT-SA-2022-004] STARFACE: Authentication with Password Hash Possible RedTeam Pentesting GmbH
• 2023/05/30 [FD] CVE-2022-48336 - Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48334 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48333 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48332 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48331 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0) Cyber Intel Security
• 2023/05/30 [FD] SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer Lennert Preuth via Fulldisclosure
• 2023/05/30 [FD] [RT-SA-2023-005] Pydio Cells: Server-Side Request Forgery RedTeam Pentesting GmbH
• 2023/05/30 [FD] [RT-SA-2023-004] Pydio Cells: Cross-Site Scripting via File Download RedTeam Pentesting GmbH
• 2023/05/30 [FD] [RT-SA-2023-003] Pydio Cells: Unauthorised Role Assignments RedTeam Pentesting GmbH
• 2023/05/29 [FD] Printerlogic multiple vulnerabilities Eldar Marcussen
• 2023/05/29 [FD] SEC Consult SA-20230517-0 :: Stored XSS vulnerability in rename functionality in Wekan (Open-Source kanban) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/05/29 [FD] SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-7 watchOS 9.5 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-8 Safari 16.5 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-6 tvOS 16.5 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-3 macOS Ventura 13.4 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-1 iOS 16.5 and iPadOS 16.5 Apple Product Security via Fulldisclosure
• 2023/05/15 [FD] SEC Consult SA-20230515-0 :: Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/05/11 [FD] CyberDanube Security Research 20230511-0 | Multiple Vulnerabilities in Advantech EKI-15XX Series Thomas Weber
• 2023/05/08 [FD] OXAS-ADV-2023-0001: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/05/08 [FD] SCHUTZWERK-SA-2023-001: SQL Injection in Spryker Commerce OS Lennert Preuth via Fulldisclosure
• 2023/05/04 [FD] APPLE-SA-2023-05-03-1 AirPods Firmware Update 5E133 and Beats Firmware Update 5B66 Apple Product Security via Fulldisclosure
• 2023/05/02 [FD] SEC Consult SA-20230502-0 :: Bypassing cluster isolation through insecure defaults and shared storage in Databricks Platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/04/28 [FD] Piwigo - CVE-2023-26876 Rodolfo Tavares via Fulldisclosure
• 2023/04/28 Re: [FD] Checking existence of firewalled URLs via javascript's script.onload Jonathan Gregson via Fulldisclosure
• 2023/04/24 [FD] Security vulnerabilities in Telit Cinterion IoT (formerly Thales) devices Security Explorations
• 2023/04/21 [FD] Checking existence of firewalled URLs via javascript's script.onload Georgi Guninski
• 2023/04/21 [FD] Checking existence of firewalled web servers in Firefox via iframe.onload Georgi Guninski

• Earlier messages
• Later messages