[FD] [tool] tc - anonymous and cyphered chat over Tor circuits in PGP

Hello, tc is a low-tech free software to chat anonymously and cyphered over Tor circuits in PGP. Use it to protected your communication end-to-end with RSA/DSA encryption and keep yourself anonymously reachable by anyone who only know your .onion address and your public key. All this and more in

[FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Document Title: === Citrix Gateway&Cloud MFA - Insufficient Session Validation Vulnerability References (Source): https://www.vulnerability-lab.com/get_content.php?id=2324 Vulnerability Magazine:https://www.vulnerability-db.com/?q=articles/2023/07/03/citrix-gat

[FD] SQLi - Faculty Evaluation System

# Exploit Title: Faculty Evaluation System - SQL Injection # Date: 07/2023 # Exploit Author: Andrey Stoykov # Version: 1.0 # Tested on: Windows Server 2022 SQLi #1 File: edit_evaluation Line #4 $qry = $conn->query("SELECT * FROM ratings where id = ".$_GET['id'])->fetch_array(); [...] SQLi #2

[FD] APPLE-SA-2023-06-21-1 Safari 16.5.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-1 Safari 16.5.1 Safari 16.5.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213816. Apple maintains a Security Updates page at https://support.apple.co

[FD] APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1 iOS 16.5.1 and iPadOS 16.5.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213814. Apple maintains a Security Updates pa

[FD] APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7 iOS 15.7.7 and iPadOS 15.7.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213811. Apple maintains a Security Updates pa

[FD] APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1 macOS Ventura 13.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213813. Apple maintains a Security Updates page at https://su

[FD] APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7 macOS Monterey 12.6.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213810. Apple maintains a Security Updates page at https://

[FD] APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8 macOS Big Sur 11.7.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213809. Apple maintains a Security Updates page at https://su

[FD] APPLE-SA-2023-06-21-7 watchOS 9.5.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-7 watchOS 9.5.2 watchOS 9.5.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213812. Apple maintains a Security Updates page at https://support.apple.co

[FD] APPLE-SA-2023-06-21-8 watchOS 8.8.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2023-06-21-8 watchOS 8.8.1 watchOS 8.8.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213808. Apple maintains a Security Updates page at https://support.apple.co

[FD] ServiceNow Account Takeover to Full Admin Compromise

1. INFORMATION -- [+] CVE: CVE-2022-43684 [+] Title : Insecure Access Control To Full Admin Compromise [+] Vendor : ServiceNow [+] Publication date : June 2023 [+] Credits: Luke Symons, Tony Wu, Eldar Marcussen, Gareth Phillips, Jeff Thoma

[FD] SEC Consult SA-20230627-0 :: Multiple high risk vulnerabilities in ILIAS eLearning platform

SEC Consult Vulnerability Lab Security Advisory < 20230627-0 > === title: Multiple high risk vulnerabilities product: ILIAS eLearning platform vulnerable version: see section "Vulnerable version" below

[FD] SEC Consult SA-20230628-0 :: Stored XSS & Privilege Escalation in Boomerang Parental Control App

SEC Consult Vulnerability Lab Security Advisory < 20230628-0 > === title: Stored XSS & Privilege Escalation product: Boomerang Parental Control App vulnerable version: <13.83 fixed version: >=13

[FD] SEC Consult Vulnerability Lab Whitepaper: Everyone Knows SAP®, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RFC to RCE 16 Years Later

SEC Consult Vulnerability Lab Whitepaper < 20230629-0 > === Title: Everyone Knows SAP®, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RF

[FD] SEC Consult SA-20230703-0 :: Multiple Vulnerabilities including Unauthenticated RCE in Siemens A8000

SEC Consult Vulnerability Lab Security Advisory < 20230703-0 > === title: Multiple Vulnerabilities including Unauthenticated RCE product: Siemens A8000 CP-8050 MASTER MODULE (6MF2805-0AA00)

[FD] SEC Consult SA-20230705-0 :: Path traversal bypass & Denial of service in Kyocera TASKalfa 4053ci printer

SEC Consult Vulnerability Lab Security Advisory < 20230705-0 > === title: Path traversal bypass & Denial of service product: Kyocera TASKalfa 4053ci printer vulnerable version: TASKalfa 4053ci Version