Messages by Thread
-
-
[FD] Nagios XI 5.5.10: XSS to root RCE (CVE-2019-9164, 9165, 9166, 9167, 9202, 9203, 9204)
Abdel Adim `smaury` Oisfi
-
[FD] Security Analysis of the TP-Link Archer C50 Router
Harley A.W. Lorenzo via Fulldisclosure
-
[FD] HD Pan/Tilt Wi-Fi Camera NC450 Hard-Coded Credential Vulnerability
Sachin Wagh
-
[FD] EasyIO 30P: CVE-2018-15820 (Stored XSS) and CVE-2018-15819 (Authentication bypass)
Daniel dos Santos
-
[FD] Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion)
Daniel dos Santos
-
[FD] WordPress plugin Contact Form by WD [CSRF → LFI]
Panagiotis Vagenas
-
[FD] WordPress Plugin Form Maker by WD [CSRF → LFI]
Panagiotis Vagenas
-
[FD] Arris Touchstone TG1672 Administrative Login Vulnerabilities
Harley A.W. Lorenzo via Fulldisclosure
-
[FD] hardwear.io 2019 Call For Papers is Open - USA & Netherlands
Yuliya Pliavaka
-
[FD] SphereFTP 2.0 Denial Of Service
Sachin Wagh
-
[FD] DSA-2019-031: Dell EMC IsilonSD Management Server Cross-Site Scripting (XSS) Vulnerabilities
secure
-
[FD] CVE-2019-7727 - JMX/RMI Nice ENGAGE <= 6.5 Remote Command Execution
Red Timmy Sec -
-
[FD] c0c0n XII | The cy0ps c0n - Call For Papers & Call For Workshops
Prajwal Panchmahalkar
-
[FD] Open-Xchange Security Advisory 2019-04-01
Open-Xchange GmbH via Fulldisclosure
-
[FD] Uniqkey Password Manager 1.14 - Remote Credential Disclosure
gionreale
-
[FD] Various vulnerabilities in Lupusec XT2 Plus home alarm system
Dan Fabian
-
[FD] APPLE-SA-2019-3-27-1 watchOS 5.2
Apple Product Security via Fulldisclosure
-
[FD] [SAUTH-2019-0002] - Pydio 8 Multiple Vulnerabilities
SecureAuth Advisories
-
[FD] [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval
RedTeam Pentesting GmbH
-
[FD] [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval
RedTeam Pentesting GmbH
-
[FD] [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export
RedTeam Pentesting GmbH
-
[FD] ESA-2017-123: EMC Networker Remote Code Execution Vulnerability
secure
-
[FD] APPLE-SA-2019-3-25-1 iOS 12.2
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-3-25-6 iCloud for Windows 7.11
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-3-25-3 tvOS 12.2
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-3-25-5 iTunes 12.9.4 for Windows
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-3-25-7 Xcode 10.2
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-3-25-4 Safari 12.1
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
Apple Product Security via Fulldisclosure
-
[FD] [SYSS-2018-036]: ABUS Secvest Remote Control - Denial of Service - Uncontrolled Resource Consumption (CWE-400)
Matthias Deeg
-
[FD] [SYSS-2018-035]: ABUS Secvest Remote Control - Missing Encryption of Sensitive Data (CWE-311)
Matthias Deeg
-
[FD] [SYSS-2018-034]: ABUS Secvest - Rolling Code - Predictable from Observable State (CWE-341)
Matthias Deeg
-
[FD] CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion
Kevin R
-
[FD] Recon 2019 Call For Papers - June 28 - 30, 2019 - Montreal, Canada
cfp
-
[FD] Repeat of CVE-2018-4251 in Razer Laptops
Bailey Fox
-
[FD] [RT-SA-2019-007] Code Execution via Insecure Shell Function getopt_simple
RedTeam Pentesting GmbH
-
[FD] CVE-2018-17057: phar deserialization in TCPDF might lead to RCE
Paolo G
-
[FD] [SE-2019-01] Java Card vulnerabilities
Security Explorations
-
[FD] CVE-2018-19971: JFrog Artifactory Pro SAML SSO signature validation error
Timo Lindfors
-
[FD] 2FA & macOS Disk Encryption Bypass in Abine Blur 7.24* [CVE-2019-6481]
(RS) Tyler Schroder via Fulldisclosure
-
[FD] SQL injection in joshcam/mysqli-database-class library
Jaroslav Lobačevski
-
[FD] IPv6 Security for IPv4 Engineers
Fernando Gont
-
[FD] Cisco Common Service Platform Collector - Hardcoded Credentials (CVE-2019-1723)
David Coomber
-
[FD] [**UPDATED] Microsoft Windows .Reg File / Dialog Box Message Spoofing 0day
hyp3rlinx
-
[FD] WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
Manuel Garcia Cardenas
-
[FD] FlexPaper <= 2.3.6 Remote Command Execution
redazione
-
[FD] CVE-2019-9649 CoreFTP FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal
Kevin R
-
[FD] CVE-2019-9648 CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal
Kevin R
-
[FD] Microsoft Windows .Reg File / Dialog Box Message Spoofing Vulnerability
hyp3rlinx
-
[FD] UFONet v-1.3 - [SLY] SingularitY!
psy
-
[FD] Sparkasse - Multiple Persistent Cross Site Scripting Web Vulnerabilities
Vulnerability Lab
-
[FD] Sagemcom router insufficient default PSK entropy
Ryan Delaney
-
[FD] Open Redirection vulnerability in Babel (CMSMS Module)
Jan Kopriva
-
[FD] SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS)
Ece örsel
-
[FD] SAP J2EE Engine/7.01/Portal/EPP Reflected Cross Site Scripting (XSS)
Ece örsel
-
[FD] DSA-2019-038: RSA® Authentication Manager Insecure Credential Management Vulnerability
secure
-
[FD] DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities
secure
-
[FD] [CVE-2019-9206, CVE-2019-9207] Cross Site Scripting in PRTG Network Monitor v7.1.3.3378
Rafael Pedrero
-
[FD] Apache UNO API RCE
Axel Boesenach
-
[FD] SHAREit for Android Authentication Bypass and Remote File Download
RedForce Advisory
-
[FD] [CORE-2018-0012] - Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2
advisories
-
[FD] AST-2019-001: Remote crash vulnerability with SDP protocol violation
Asterisk Security Team
-
[FD] Defense in depth -- the Microsoft way (part 60): same old sins and incompetence!
Stefan Kanthak
-
[FD] [CVE-2019-9083] Blind SQL injection in SQLiteManager 1.2.0 (and 1.2.4)
Rafael Pedrero
-
[FD] CVE-2019-1000032: Memory corruption / DoS in nanosvg
Sebastian Neef
-
[FD] CVE-2019-8939: XSS in Tautulli
Geeknik Labs via Fulldisclosure
-
[FD] Kanboard 1.2.7 Multiple Vulnerabilities
Will Boucher via Fulldisclosure
-
[FD] Multiple issues in Teracue ENC-400 including pre-authenticated remote code execution
Stephen Shkardoon
-
[FD] [CVE-2019-8938] Cross Site Scripting in VertrigoServ 2.17
Rafael Pedrero
-
[FD] [CVE-2018-18845] Cross Site Scripting in Advanced comment system v1.0
Rafael Pedrero
-
[FD] [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone
Rafael Pedrero
-
[FD] [CVE-2019-8923, CVE-2019-8924] SQL injection and persistent Cross Site Scripting in XAMPP 5.6.8 (and previous)
Rafael Pedrero
-
[FD] CA20190212-01: Security Notice for CA Privileged Access Manager
Kevin Kotas via Fulldisclosure
-
[FD] Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4
Daniel Bishtawi
-
[FD] Open Redirection Vulnerability in GetSimpleCMS 3.3.13
Daniel Bishtawi
-
[FD] [SAUTH-2019-0001] - Micro Focus Filr Multiple Vulnerabilities
advisories
-
[FD] [SRP-2018-02] Details of a vulnerability in STMicroelectronics' chipset
Adam Gowdiak
-
[FD] KSA-Dev-007:CVE-2019-7386:DoS and gecko reboot in the nokia 8810 4G handset
Kingkaustubh via Fulldisclosure
-
[FD] KSA-Dev-006:CVE-2019-7385: Authenticated remote code execution on Multiple Raisecom GPON Devices
Kingkaustubh via Fulldisclosure
-
[FD] KSA-Dev-005:CVE-2019-7384: Authenticated Remote Code Execution in Raisecom GPON Devices
Kingkaustubh via Fulldisclosure
-
[FD] KSA-Dev-003:CVE-2019-7383 : Remote Code Execution Via shell upload in all systorme ISG products
Kingkaustubh via Fulldisclosure
-
[FD] KSA-Dev-002: CVE-2018-19525 : Account takeover via XSRF in All ISG Series Firewall
Kingkaustubh via Fulldisclosure
-
[FD] KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.
Kingkaustubh via Fulldisclosure
-
[FD] Content Injection in Amazon's FireOS [CVE-2019-7399]
Nightwatch Cybersecurity Research
-
[FD] [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone
Rafael Pedrero
-
[FD] [CVE-2019-7418, CVE-2019-7419, CVE-2019-7420, CVE-2019-7421] Cross Site Scripting in SAMSUNG X7400GX Sync Thru Web Service
Rafael Pedrero
-
[FD] [CVE-2019-7417] Cross Site Scripting in Ericsson Active Library Explorer Server Version 14.3
Rafael Pedrero
-
[FD] [CVE-2019-7416] Client Side URL Redirect (OTG-CLIENT-004) in OpenText Documentum Webtop 5.3 SP2
Rafael Pedrero
-
[FD] APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-2-07-2 macOS Mojave 10.14.3 Supplemental Update
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-2-07-1 iOS 12.1.4
Apple Product Security via Fulldisclosure
-
[FD] Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702)
David Coomber
-
[FD] YOP Poll 6.0.2 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] wpGoogleMaps 7.10.41 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] NextScripts: Social Networks Auto-Poster 4.2.7 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] KingComposer 2.7.6 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] CarolinaCon-15 is April 26-28, 2019 in Charlotte NC - Call For Papers/Presenters is now open
Vic Vandal
-
[FD] Give 2.3.0 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] Font_Organizer 2.1.1 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)
Tim Coen
-
[FD] Blog2Social 5.0.2 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin)
Tim Coen
-
[FD] Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection (WordPress Plugin)
Tim Coen
-
[FD] DSA-2019-010: Dell EMC VNX2 Family OS Command Injection Vulnerability
secure
-
[FD] [Multiple CVE] - Cisco Identity Services Engine unauth stored XSS to RCE as root
Pedro Ribeiro
-
[FD] SEC Consult SA-20190205-0 :: Multiple vulnerabilities in OSCI-Transport Library 1.2 for German e-Government
SEC Consult Vulnerability Lab
-
[FD] Reflected XSS in n SolarWinds Serv-U FTP Server
Chris
-
[FD] Privilege Escalation + Remote Code Execution in SolarWinds Serv-U FTP Server
Chris
-
[FD] [CVE-2018-14013] Reflected Cross-Site Scripting (XSS) vulnerabilities in Zimbra Collaboration
Sysdream Labs
-
[FD] Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2
Daniel Bishtawi
-
[FD] Reflected Cross-site Scripting Vulnerability in Collabtive 3.1
Daniel Bishtawi
-
[FD] APPLE-SA-2019-1-24-1 iTunes 12.9.3 for Windows
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-1-22-3 watchOS 5.1.3
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-1-22-6 iCloud for Windows 7.10
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-1-22-4 tvOS 12.1.2
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-1-22-5 Safari 12.0.3
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-1-22-1 iOS 12.1.3
Apple Product Security via Fulldisclosure
-
[FD] APPLE-SA-2019-1-22-2 macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra
Apple Product Security via Fulldisclosure
-
[FD] CA20190124-01: Security Notice for CA Automic Workload Automation
James Williams via Fulldisclosure
-
[FD] Stored Cross-site Scripting Vulnerability in Podcast Generator 2.7
Daniel Bishtawi
-
[FD] Multiple Reflected Cross-site Scripting Vulnerabilities in Coppermine 1.5.46
Daniel Bishtawi
-
[FD] Cross-site Scripting Vulnerability in Abantecart 1.2.12
Daniel Bishtawi
-
[FD] Cross-site Scripting via XML Vulnerability in DNN 9.1
Daniel Bishtawi
-
[FD] Microsoft Windows .CONTACT File / HTML Injection Mailto: Remote Code Execution
hyp3rlinx
-
[FD] SEC Consult SA-20190124-0 :: Cross-site scripting in CA Automic Workload Automation Web Interface (AWI)
SEC Consult Vulnerability Lab
-
[FD] RVAsec 2019 Call for Presentations (CFP)
Sullo
-
[FD] [RT-SA-2018-004] Cisco RV320 Command Injection
RedTeam Pentesting GmbH
-
[FD] [RT-SA-2018-003] Cisco RV320 Unauthenticated Diagnostic Data Retrieval
RedTeam Pentesting GmbH
-
[FD] [RT-SA-2018-002] Cisco RV320 Unauthenticated Configuration Export
RedTeam Pentesting GmbH
-
[FD] [Several CVE]: NUUO CMS - multiple vulnerabilities resulting in unauth RCE
Pedro Ribeiro
-
[FD] CA20190117-01: Security Notice for CA Service Desk Manager
Kevin Kotas via Fulldisclosure
-
[FD] Call For Paper - leHACK - July 6th - July 7th, 2019
Hackira via Fulldisclosure
-
[FD] [SRP-2018-02] Security of NC+ SAT TV platform and ST chipsets
Security Explorations
-
[FD] Defense in depth -- the Microsoft way (part 59): we only fix every other vulnerability
Stefan Kanthak
-
[FD] Open-Xchange Security Advisory 2019-01-18
Open-Xchange GmbH
-
[FD] Microsoft Windows ".contact" File / Insufficient UI Warning Arbitrary Code Execution
hyp3rlinx
-
[FD] Become a speaker at PHDays 9!
Alexander Lashkov
-
[FD] SCP client multiple vulnerabilities
Harry Sintonen
-
[FD] secuvera-SA-2016-01: Multiple authentication weaknesses in Arvato Systems Streamworks Job Scheduler
Simon Bieber
-
[FD] EuskalHack Security Congress Call For Papers
Joxean Koret via Fulldisclosure
-
[FD] System Down: A systemd-journald exploit
Qualys Security Advisory
-
[FD] [CVE-2018-10093] Remote command injection vulnerability in AudioCode IP phones
Sysdream Labs
-
[FD] [CVE-2018-10091] Stored XSS vulnerabilities in AudioCode IP phones
Sysdream Labs
-
Re: [FD] Reflected Cross-site Scripting Vulnerability in CubeCart 6.2.2
Henri Salo
-
[FD] Multiple Reflected Cross-site Scripting Vulnerabilities in Ampache 3.8.6
Daniel Bishtawi
-
[FD] XML External Entity Injection Vulnerability in BlogEngine 3.3
Daniel Bishtawi
-
[FD] Open Redirection Vulnerabilities in OrangeForum 1.4.0
Daniel Bishtawi
-
[FD] Capstone v4.0.1 is out!
Nguyen Anh Quynh
-
[FD] Microsoft VCF File Insufficient UI Warning Remote Code Execution 0day
hyp3rlinx
-
[FD] X41 D-Sec GmbH Security Advisory X41-2018-009: ReDoS Vulnerability in UA-Parser
X41 D-Sec GmbH Advisories
-
[FD] SEC Consult SA-20190109-0 :: Multiple Vulnerabilities in Cisco VoIP Phones (88xx series)
SEC Consult Vulnerability Lab
-
[FD] Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x
Sahil Dhar
-
[FD] Path Traversal in Aspose.ZIP library
Jaroslav Lobačevski
-
Re: [FD] Vulnerabilities in Zurmo 2.3.4
Henri Salo
-
[FD] New Release: UFONet v1.2 - "Armageddon!"
psy
-
[FD] Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14
Daniel Bishtawi
-
[FD] Reflected Cross-site Scripting in Mantis 2.11.1
Daniel Bishtawi
-
[FD] CSRF in MapSVG Lite could allow an attacker to do almost anything an admin can (WordPress plugin)
dxw Security
-
[FD] DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability
secure
-
[FD] BMC Network Automation v8.7 - remote session hijacking.
Filip Palian
-
[FD] BMC Remedy + ITAM - multiple security issues.
Filip Palian
-
[FD] Open-Xchange Security Advisory 2018-12-31
martin . heiland . lists
-
[FD] CWE-80 XSS Bose Soundtouch App
ProSec
-
[FD] CVE-2018-19509-19513: multiple vulnerabilities (incl. critical pre-auth RCE) in Webgalamb
Daniel Jones via Fulldisclosure
-
[FD] Multiple Cross-site Scripting Vulnerabilities in Family Connections 3.7.0
Daniel Bishtawi
-
[FD] Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5
Daniel Bishtawi
-
[FD] Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8
Daniel Bishtawi