[FD] [SYSS_2020-014]: ABUS Secvest Wireless Control Device (FUBE50001) - Missing Encryption of Sensitive Data (CWE-311) (CVE-2020-14157)

2020-06-23 Thread Matthias Deeg
Advisory ID: SYSS-2020-014 Product: ABUS Secvest Wireless Control Device (FUBE50001) Manufacturer: ABUS Affected Version(s): N/A Tested Version(s): N/A Vulnerability Type: Missing Encryption of Sensitive Data (CWE-311) Risk Level: High Solution Status: Open Manufacturer Notification: 2020-04-03 Sol

Re: [FD] Remote Code Execution in qmail (CVE-2005-1513)

2020-06-23 Thread Qualys Security Advisory
Hi all, Our Linux exploit for CVE-2005-1513 in qmail is attached to this email. Alternatively, it will be available at: https://www.qualys.com/research/security-advisories/ A few notes about this exploit: - It works as-is against a default, unpatched installation of qmail on Debian 10 (amd64)

[FD] Keystone Assembler Engine 0.9.2 is out!

2020-06-23 Thread Nguyen Anh Quynh
Greetings, We are very happy to announce a stable release, version 0.9.2, of Keystone Assembler Engine! This version fixes some important bugs inside the core of Keystone, added some new bindings, and made various improvements, without breaking compatibility. All users of Keystone are encouraged

[FD] GilaCMS - CVE-2019-13364 CVE-2019-13363

2020-06-23 Thread Rodolfo Augusto do Nascimento Tavares
=[ Tempest Security Intelligence - ADV-07/2020 ]== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =[ Table of Contents]== * Overview * Detailed descrip

[FD] DLL Hijacking at the Trend Micro Password Manager (CVE-2020–8469)

2020-06-23 Thread Silton Renato Pereira dos Santos
=[ Tempest Security Intelligence - 2020]== Trend Password Manager Author: Silton Santos Tempest Security Intelligence - Recife, Pernambuco - Brazil =[ Table of Contents]= * Vulnerability Information * Overview *