fulldisclosure  

Messages by Thread

• [FD] Defense in depth -- the Microsoft way (part 85): escalation of privilege plus remote code execution with HVCISCAN.exe Stefan Kanthak
• [FD] LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 Qualys Security Advisory via Fulldisclosure
• [FD] [CVE-2023-29459] FC Red Bull Salzburg App "at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity" Arbitrary URL Loading Julien Ahrens (RCE Security)
• [FD] [RT-SA-2022-004] STARFACE: Authentication with Password Hash Possible RedTeam Pentesting GmbH
• [FD] CVE-2022-48336 - Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8) Cyber Intel Security
• [FD] CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) Cyber Intel Security
• [FD] CVE-2022-48334 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370) Cyber Intel Security
• [FD] CVE-2022-48333 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c) Cyber Intel Security
• [FD] CVE-2022-48332 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18) Cyber Intel Security
• [FD] CVE-2022-48331 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0) Cyber Intel Security
• [FD] SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer Lennert Preuth via Fulldisclosure
• [FD] [RT-SA-2023-005] Pydio Cells: Server-Side Request Forgery RedTeam Pentesting GmbH
• [FD] [RT-SA-2023-004] Pydio Cells: Cross-Site Scripting via File Download RedTeam Pentesting GmbH
• [FD] [RT-SA-2023-003] Pydio Cells: Unauthorised Role Assignments RedTeam Pentesting GmbH
• [FD] Printerlogic multiple vulnerabilities Eldar Marcussen
• [FD] SEC Consult SA-20230517-0 :: Stored XSS vulnerability in rename functionality in Wekan (Open-Source kanban) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-7 watchOS 9.5 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-8 Safari 16.5 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-6 tvOS 16.5 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-3 macOS Ventura 13.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-05-18-1 iOS 16.5 and iPadOS 16.5 Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20230515-0 :: Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] CyberDanube Security Research 20230511-0 | Multiple Vulnerabilities in Advantech EKI-15XX Series Thomas Weber
• [FD] OXAS-ADV-2023-0001: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• [FD] SCHUTZWERK-SA-2023-001: SQL Injection in Spryker Commerce OS Lennert Preuth via Fulldisclosure
• [FD] APPLE-SA-2023-05-03-1 AirPods Firmware Update 5E133 and Beats Firmware Update 5B66 Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20230502-0 :: Bypassing cluster isolation through insecure defaults and shared storage in Databricks Platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Piwigo - CVE-2023-26876 Rodolfo Tavares via Fulldisclosure
• [FD] Security vulnerabilities in Telit Cinterion IoT (formerly Thales) devices Security Explorations
• [FD] Checking existence of firewalled URLs via javascript's script.onload Georgi Guninski
  • Re: [FD] Checking existence of firewalled URLs via javascript's script.onload Jonathan Gregson via Fulldisclosure
• [FD] Checking existence of firewalled web servers in Firefox via iframe.onload Georgi Guninski
• [FD] [CVE-2023-22897] SecurePoint UTM <= 12.2.5 “spcgi.cgi” Remote Memory Contents Information Disclosure Julien Ahrens (RCE Security)
• [FD] [CVE-2023-22620] SecurePoint UTM <= 12.2.5 “spcgi.cgi” sessionId Information Disclosure Allowing Device Takeover Julien Ahrens (RCE Security)
• [FD] APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-04-10-1 iOS 15.7.5 and iPadOS 15.7.5 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-04-10-2 macOS Monterey 12.6.5 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-04-07-3 Safari 16.4.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-04-07-2 macOS Ventura 13.3.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-04-07-1 iOS 16.4.1 and iPadOS 16.4.1 Apple Product Security via Fulldisclosure
• [FD] FedEx Ship Manager (FSM) v3704 Insecure Use of .NET Remoting Harrison Neal
• [FD] RSA NetWitness EDR Agent / Incorrect Access Control - Code Execution / CVE-2022-47529 hyp3rlinx
• [FD] APPLE-SA-2023-03-27-7 watchOS 9.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-9 Studio Display Firmware Update 16.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-8 Safari 16.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-6 tvOS 16.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4 Apple Product Security via Fulldisclosure
  • [FD] APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-1 iOS 16.4 and iPadOS 16.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-03-27-3 macOS Ventura 13.3 Apple Product Security via Fulldisclosure
• [FD] RSA NetWitness Platform EDR / Incorrect Access Control - Code Execution hyp3rlinx
• [FD] Defense in depth -- the Microsoft way (part 84): (no) fun with %COMSPEC% Stefan Kanthak
• [FD] Invitation to the World Cryptologic Competition 2023 Competition Administrator
• [FD] Insecure python cgi documentation and tutorials are vulnerable to XSS. Georgi Guninski
• [FD] Defense in depth -- the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) Stefan Kanthak
  • Re: [FD] Defense in depth -- the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) Arik Seils
• [FD] [CFP] Security BSides Ljubljana 0x7E7 | June 16, 2023 Andraz Sraka
• [FD] Full Disclosure - Fastly Andrey Stoykov
• [FD] Full Disclosure - Shopify Application Andrey Stoykov
• [FD] [CVE-2023-25355/25356] No fix available - vulnerabilities in CoreDial sipXcom sipXopenfire Systems Research Group via Fulldisclosure
• [FD] SEC Consult SA-20230306-0 :: Multiple Vulnerabilities in Arris DG3450 Cable Gateway SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] OpenBSD overflow Erg Noor
• [FD] SEC Consult SA-20230228-0 :: OS Command Injectionin Barracuda CloudGen WAN SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SRP on Windows 11 Andy Ful
• [FD] NetBSD overflow Erg Noor
• [FD] [NetworkSEC NWSSA] CVE-2023-26609: ABUS Security Camera LFI, RCE and SSH Root Peter Ohm
• [FD] [NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access Peter Ohm
• [FD] Microsoft Windows Contact File / Remote Code Execution (Resurrected) CVE-2022-44666 hyp3rlinx
• [FD] Defense in depth -- the Microsoft way (part 82): INVALID/BOGUS AppLocker rules disable SAFER on Windows 11 22H2 Stefan Kanthak
• [FD] Multiple vulnerabilities in Audiocodes Device Manager Express Eric Flokstra
• [FD] Sumo Logic keep api credentials on endpoints dammitjosie--- via Fulldisclosure
• [FD] Remote Code Execution in Kardex MLOG Patrick Hener
• [FD] CyberDanube Security Research 20230213-0 | Multiple Vulnerabilities in JetWave Series Thomas Weber
• [FD] Defense in depth -- the Microsoft way (part 81): enabling UTF-8 support breaks existing code Stefan Kanthak
• [FD] APPLE-SA-2023-02-13-3 Safari 16.3.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-02-13-2 macOS Ventura 13.2.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-02-13-1 iOS 16.3.1 and iPadOS 16.3.1 Apple Product Security via Fulldisclosure
• [FD] OXAS-ADV-2022-0002: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• [FD] [CVE-2023-0291] Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion Julien Ahrens (RCE Security)
• [FD] [CVE-2023-0292] Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion Julien Ahrens (RCE Security)
• [FD] [CVE-Request] Multiple vulnerabilities in BMC Control-M before 9.0.20.214 Benjamin Mar-Conrad
• [FD] Trovent Security Advisory 2203-01 / Micro Focus GroupWise transmits session ID in URL Stefan Pietsch
• [FD] APPLE-SA-2023-01-24-1 tvOS 16.3 Apple Product Security via Fulldisclosure
• [FD] [SYSS-2022-047] Razer Synapse - Local Privilege Escalation Oliver Schwarz via Fulldisclosure
• [FD] [RT-SA-2022-002] Skyhigh Security Secure Web Gateway: Cross-Site Scripting in Single Sign-On Plugin RedTeam Pentesting GmbH
• [FD] t2'23: Call For Papers 2023 (Helsinki, Finland) Tomi Tuominen via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-8 Safari 16.3 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-7 watchOS 9.3 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-4 macOS Ventura 13.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-3 iOS 12.5.7 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-2 iOS 15.7.3 and iPadOS 15.7.3 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3 Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20230117-2 :: Multiple post-authentication vulnerabilities including RCE in @OpenText Content Server component of OpenText Extended ECM SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20230117-1 :: Pre-authenticated Remote Code Execution via Java frontend and QDS endpoint in @OpenText Content Server component of OpenText Extended ECM SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20230117-0 :: Pre-authenticated Remote Code Execution in cs.exe (@OpenText Content Server component of OpenText Extended ECM) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm Marco Ivaldi
  • Re: [FD] HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm Marco Ivaldi
• [FD] wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSL_CALLBACKS Maximilian Ammann via Fulldisclosure
• [FD] wolfSSL 5.3.0: Denial-of-service Maximilian Ammann via Fulldisclosure
• [FD] wolfSSL before 5.5.0: Denial-of-service with session resumption Maximilian Ammann via Fulldisclosure
  • [FD] wolfSSL before 5.5.0: Denial-of-service with session resumption Maximilian Ammann via Fulldisclosure
• [FD] Citrix Linux client logs session credentials Russell Howe
• [FD] [KIS-2023-04] Tiki Wiki CMS Groupware <= 24.1 (tikiimporter_blog_wordpress.php) PHP Object Injection Vulnerability Egidio Romano
• [FD] [KIS-2023-03] Tiki Wiki CMS Groupware <= 24.0 (grid.php) PHP Object Injection Vulnerability Egidio Romano
• [FD] [KIS-2023-02] Tiki Wiki CMS Groupware <= 24.0 (structlib.php) PHP Code Injection Vulnerability Egidio Romano
• [FD] [KIS-2023-01] Tiki Wiki CMS Groupware <= 25.0 Two Cross-Site Request Forgery Vulnerabilities Egidio Romano
• [FD] Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877 Numan TÜRLE
• [FD] [tool] ModSecurity backdoor Jozef Sudolsky
• [FD] SugarCRM 0-day Auth Bypass + RCE Exploit sw33t.0day via Fulldisclosure
• [FD] SEC Consult SA-20221216-0 :: Remote code execution bypass in Eclipse Business Intelligence Reporting Tool (BiRT) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult Vulnerability Lab publication: The enemy from within: Unauthenticated Buffer Overflows in Zyxel routers still haunting users & metasploit exploit SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-9 Safari 16.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-8 watchOS 9.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-7 tvOS 16.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-4 macOS Ventura 13.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-3 iOS 16.1.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2 Apple Product Security via Fulldisclosure
• [FD] Adversary3 updated / Malware vulnerability intel tool for third-party attackers malvuln
• [FD] Ransom.Win64.AtomSilo / Crypto Logic Flaw malvuln
• [FD] Backdoor.Win32.InCommander.17.b / Hardcoded Cleartext Credentials malvuln
• [FD] [CFP] BSides San Francisco – April 2023 BSidesSF CFP via Fulldisclosure
• [FD] 4images RCE Andrey Stoykov
• [FD] Trojan-Dropper.Win32.Decay.dxv (CyberGate v1.00.0) / Insecure Proprietary Password Encryption malvuln
• [FD] SEC Consult SA-20221213-0 :: Privilege Escalation Vulnerabilities (UNIX Insecure File Handling) in SAP Host Agent (saposcol) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Vulnerabilities Disclosure - Shoplazza Stored XSS Andrey Stoykov
• [FD] Microsoft PlayReady security research Security Explorations
  • Re: [FD] Microsoft PlayReady security research Security Explorations
  • Re: [FD] Microsoft PlayReady security research Adam Gowdiak
• [FD] CyberDanube Security Research 20221130-1 | Authenticated Command Injection in Delta Electronics DVW-W02W2-E2 Thomas Weber
• [FD] CyberDanube Security Research 20221130-0 | Multiple Vulnerabilities in Delta Electronics DX-2100-L1-CN Thomas Weber
• [FD] SEC Consult SA-20221206-0 :: Multiple critical vulnerabilities in ILIAS eLearning platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20221201-0 :: Replay attacks & Displaying arbitrary contents in Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol (electronic shelf labels) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) Qualys Security Advisory via Fulldisclosure
• [FD] Backdoor.Win32.Delf.gj / Information Disclosure malvuln
• [FD] Intel Data Center Manager <= 5.1 Local Privileges Escalation Julien Ahrens (RCE Security)
• [FD] [CVE-2022-21225] Intel Data Center Manager Console <= 4.1 “getRoomRackData" Authenticated (Guest+) SQL Injection Julien Ahrens (RCE Security)
• [FD] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability Egidio Romano
• [FD] CyberDanube Security Research 20221124-0 | Authenticated Command Injection Hirschmann BAT-C2 Thomas Weber
• [FD] Exploiting an N-day vBulletin PHP Object Injection Vulnerability Egidio Romano
• [FD] Win32.Ransom.Conti / Crypto Logic Flaw malvuln
• [FD] Ransomware Deception Tactics Part 1 malvuln
• [FD] Trojan.Win32.DarkNeuron.gen / Named Pipe Null DACL malvuln
• [FD] Backdoor.Win32.Autocrat.b / Weak Hardcoded Credentials malvuln
• [FD] Backdoor.Win32.Serman.a / Unauthenticated Open Proxy malvuln
• [FD] Open-Xchange Security Advisory 2022-11-24 Martin Heiland via Fulldisclosure
• [FD] [CVE-2022-33942] Intel Data Center Manager Console <= 4.1.1.45749 ”UserMgmtHandler" Authentication Logic Error Leading to Authentication Bypass Julien Ahrens (RCE Security)
• [FD] crashing potplayer again houjingyi
• [FD] Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure malvuln
• [FD] Trojan.Win32.Platinum.gen / Arbitrary Code Execution malvuln
• [FD] Backdoor.Win32.Quux / Weak Hardcoded Credentials malvuln
• [FD] [CVE-2022-3861] Betheme <= 26.5.1.4 - Authenticated (Contributor+) PHP Object Injection Julien Ahrens (RCE Security)
• [FD] SEC Consult SA-20221114-0 :: Path Traversal Vulnerability in Payara Platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20221110-0 :: HTML Injection in BMC Remedy ITSM-Suite SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] SEC Consult SA-20221109-0 :: Multiple Critical Vulnerabilities in Simmeth System GmbH Supplier manager (Lieferantenmanager) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• [FD] APPLE-SA-2022-11-09-2 macOS Ventura 13.0.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-11-09-1 iOS 16.1.1 and iPadOS 16.1.1 Apple Product Security via Fulldisclosure
• [FD] Backdoor.Win32.RemServ.d / Unauthenticated Remote Command Execution malvuln
• [FD] HEUR:Trojan.MSIL.Agent.gen / Information Disclosure malvuln
• [FD] Backdoor.Win32.Aphexdoor.LiteSock / Remote Stack Buffer Overflow (SEH) malvuln
• [FD] [CVE-2022-3747] BeCustom <= 1.0.5.2 Generic Cross-Site Request Forgery Julien Ahrens (RCE Security)
• [FD] Cisco Secure Email Gateways can easily be circumvented FD
• [FD] APPLE-SA-2022-11-01-1 Xcode 14.1 Apple Product Security via Fulldisclosure
• [FD] CVE-2022-3602 and CVE-2022-3786 Critical OpenSSL 3.0.x security vulnerabilities Turritopsis Dohrnii Teo En Ming
• [FD] APPLE-SA-2022-10-27-15 Additional information for APPLE-SA-2022-10-24-7 Safari 16.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-13 watchOS 9 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-12 Additional information for APPLE-SA-2022-10-24-5 watchOS 9.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-11 tvOS 16 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-10 Additional information for APPLE-SA-2022-10-24-6 tvOS 16.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-8 Additional information for APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-7 Safari 16.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-6 tvOS 16.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-5 watchOS 9.1 Apple Product Security via Fulldisclosure
• [FD] Email-Worm.Win32.Kipis.c / Remote File Write Code Execution malvuln
• [FD] Backdoor.Win32.Psychward.10 / Unauthenticated Remote Command Execution malvuln
• [FD] Backdoor.Win32.Delf.arh / Authentication Bypass malvuln
• [FD] APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-2 macOS Ventura 13 Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16 Apple Product Security via Fulldisclosure
• [FD] Alibaba Cloud Workspace vulnerable to IDOR which lead to account hijacking in a certain situation chan chan

• Earlier messages