fulldisclosure
Thread
Date
Earlier messages
Messages by Date
2025/07/11
[FD] SAP NetWeaver S/4HANA - ABAP Code Execution via Internal Function
Office nullFaktor GmbH
2025/07/09
[FD] Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities
Egidio Romano
2025/07/09
[FD] KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery
KoreLogic Disclosures via Fulldisclosure
2025/07/09
[FD] KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation
KoreLogic Disclosures via Fulldisclosure
2025/07/09
[FD] KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution
KoreLogic Disclosures via Fulldisclosure
2025/07/09
[FD] KL-001-2025-008: Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery
KoreLogic Disclosures via Fulldisclosure
2025/07/09
[FD] KL-001-2025-007: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution
KoreLogic Disclosures via Fulldisclosure
2025/07/09
[FD] KL-001-2025-006: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection
KoreLogic Disclosures via Fulldisclosure
2025/07/09
[FD] eSIM security research (GSMA eUICC compromise and certificate theft)
Security Explorations
2025/07/07
[FD] Directory Traversal "Site Title" - bluditv3.16.2
Andrey Stoykov
2025/07/07
[FD] XSS via SVG File Uploa - bluditv3.16.2
Andrey Stoykov
2025/07/07
[FD] Stored XSS "Add New Content" Functionality - bluditv3.16.2
Andrey Stoykov
2025/07/07
[FD] Session Fixation - bluditv3.16.2
Andrey Stoykov
2025/06/25
[FD] Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title> Tag
Brian Carpenter via Fulldisclosure
2025/06/25
[FD] CVE-2025-32975 - Quest KACE SMA Authentication Bypass
Seralys Research Team via Fulldisclosure
2025/06/24
[FD] CVE-2025-32977 - Quest KACE Unauthenticated Backup Upload
Seralys Research Team via Fulldisclosure
2025/06/24
[FD] RansomLord (NG v1.0) anti-ransomware exploit tool
malvuln
2025/06/23
[FD] CVE-2025-32978 - Quest KACE SMA Unauthenticated License Replacement
Seralys Research Team via Fulldisclosure
2025/06/23
[FD] CVE-2025-32976 - Quest KACE SMA 2FA Bypass
Seralys Research Team via Fulldisclosure
2025/06/23
[FD] Disclosure Yealink Cloud vulnerabilities
Jeroen Hermans via Fulldisclosure
2025/06/17
[FD] SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem
SEC Consult Vulnerability Lab via Fulldisclosure
2025/06/09
[FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft
josephgoyd via Fulldisclosure
2025/06/03
[FD] Defense in depth -- the Microsoft way (part 89): user group policies don't deserve tamper protection
Stefan Kanthak
2025/06/03
[FD] CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0
Sanjay Singh
2025/06/03
[FD] ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page
Ron E
2025/06/03
[FD] ERPNext v15.53.1 Stored XSS in user_image Field Allows Script Execution via Injected Image Path
Ron E
2025/06/03
[FD] Local information disclosure in apport and systemd-coredump
Qualys Security Advisory via Fulldisclosure
2025/06/03
[FD] Stored XSS via File Upload - adaptcmsv3.0.3
Andrey Stoykov
2025/06/03
[FD] IDOR "Change Password" Functionality - adaptcmsv3.0.3
Andrey Stoykov
2025/06/03
[FD] Stored XSS "Send Message" Functionality - adaptcmsv3.0.3
Andrey Stoykov
2025/06/03
[FD] Authenticated File Upload to RCE - adaptcmsv3.0.3
Andrey Stoykov
2025/06/03
[FD] Stored XSS in "Description" Functionality - cubecartv6.5.9
Andrey Stoykov
2025/06/03
[FD] Multiple Vulnerabilities in SAP GuiXT Scripting
Michał Majchrowicz via Fulldisclosure
2025/06/03
[FD] CVE-2024-47081: Netrc credential leak in PSF requests library
Juho Forsén via Fulldisclosure
2025/06/03
[FD] Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)
Housma mardini
2025/06/03
[FD] Youpot honeypot
Jacek Lipkowski via Fulldisclosure
2025/05/27
[FD] SEC Consult SA-20250521-0 :: Multiple Vulnerabilities in eCharge Hardy Barth cPH2 and cPP2 charging stations
SEC Consult Vulnerability Lab via Fulldisclosure
2025/05/27
[FD] Structured Query Language Injection in frappe.desk.reportview.get_list Endpoint in Frappe Framework
Ron E
2025/05/16
[FD] SEC Consult SA-20250506-0 :: Honeywell MB Secure Authenticated Command Injection
SEC Consult Vulnerability Lab via Fulldisclosure
2025/05/16
[FD] Unauthenticated Blind SQL Injection | RSI queue management system - V 3.0 | CVE-2025-26086
Shaikh Shahnawaz
2025/05/16
[FD] CVE-2025-30072 Tiiwee X1 Alarm System - Authentication Bypass by Capture-replay
Sebastian Auwärter via Fulldisclosure
2025/05/16
[FD] SEC Consult SA-20250422-0:: Local Privilege Escalation via DLL Search Order Hijacking
SEC Consult Vulnerability Lab via Fulldisclosure
2025/05/16
[FD] SEC Consult SA-20250429-0 :: Multiple Vulnerabilities in HP Wolf Security Controller and more
SEC Consult Vulnerability Lab via Fulldisclosure
2025/05/16
[FD] Session Invalidation in Economizzer Allows Unauthorized Access After Logout
Ron E
2025/05/16
[FD] Persistent Cross-Site Scripting in Economizzer Category Entry
Ron E
2025/05/16
[FD] Persistent Cross-Site Scripting in Economizzer Cashbook Entry
Ron E
2025/05/16
[FD] APPLE-SA-05-12-2025-9 Safari 18.5
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-8 visionOS 2.5
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-7 tvOS 18.5
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-6 watchOS 11.5
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-3 macOS Sequoia 15.5
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-2 iPadOS 17.7.7
Apple Product Security via Fulldisclosure
2025/05/16
[FD] APPLE-SA-05-12-2025-1 iOS 18.5 and iPadOS 18.5
Apple Product Security via Fulldisclosure
2025/05/16
[FD] [KIS-2025-02] Invision Community <= 5.0.6 (customCss) Remote Code Execution Vulnerability
Egidio Romano
2025/05/16
[FD] secuvera-SA-2025-01: Privilege Escalation in Automic Automation Agent Unix
Flo Schäfer via Fulldisclosure
2025/05/06
[FD] BeyondTrust PRA connection takeover - CVE-2025-0217
Paul Szabo via Fulldisclosure
2025/05/01
[FD] Microsoft Windows .XRM-MS File / NTLM Information Disclosure Spoofing
hyp3rlinx
2025/04/26
[FD] [IWCC 2025] CfP: 14th International Workshop on Cyber Crime - Ghent, Belgium, Aug 11-14, 2025
Artur Janicki via Fulldisclosure
2025/04/26
[FD] Inedo ProGet Insecure Reflection and CSRF Vulnerabilities
Daniel Owens via Fulldisclosure
2025/04/26
[FD] Microsoft ".library-ms" File / NTLM Information Disclosure (Resurrected 2025)
hyp3rlinx
2025/04/26
[FD] Ruby on Rails Cross-Site Request Forgery
Daniel Owens via Fulldisclosure
2025/04/23
[FD] HNS-2025-10 - HN Security Advisory - Local privilege escalation in Zyxel uOS
Marco Ivaldi
2025/04/23
[FD] APPLE-SA-04-16-2025-4 visionOS 2.4.1
Apple Product Security via Fulldisclosure
2025/04/23
[FD] APPLE-SA-04-16-2025-3 tvOS 18.4.1
Apple Product Security via Fulldisclosure
2025/04/23
[FD] APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1
Apple Product Security via Fulldisclosure
2025/04/23
[FD] APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1
Apple Product Security via Fulldisclosure
2025/04/23
[FD] Stored XSS in "Message" Functionality - AlegroCartv1.2.9
Andrey Stoykov
2025/04/23
[FD] Business Logic Flaw: Price Manipulation - AlegroCartv1.2.9
Andrey Stoykov
2025/04/23
[FD] XSS via SVG Image Upload - AlegroCartv1.2.9
Andrey Stoykov
2025/04/23
[FD] BBOT 2.1.0 - Local Privilege Escalation via Malicious Module Execution
Housma mardini
2025/04/13
[FD] [CVE-2025-32102, CVE-2025-32103] SSRF and Directory Traversal in CrushFTP 10.7.1 and 11.1.0 (as well as legacy 9.x)
Rafael Pedrero
2025/04/13
[FD] [KIS-2025-01] UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability
Egidio Romano
2025/04/13
Re: [FD] APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2
Nick Boyce
2025/04/13
[FD] OXAS-ADV-2025-0001: OX App Suite Security Advisory
Martin Heiland via Fulldisclosure
2025/04/03
[FD] 10 vulnerabilities in Brocade Fibre Channel switches
Pierre Kim
2025/04/02
[FD] APPLE-SA-04-01-2025-1 watchOS 11.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-11 visionOS 2.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-4 iPadOS 17.7.6
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-10 tvOS 18.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-7 macOS Sequoia 15.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-2 Xcode 16.3
Apple Product Security via Fulldisclosure
2025/04/02
[FD] APPLE-SA-03-31-2025-1 Safari 18.4
Apple Product Security via Fulldisclosure
2025/04/02
[FD] 3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism
Pierre Kim
2025/03/27
[FD] Three bypasses of Ubuntu's unprivileged user namespace restrictions
Qualys Security Advisory via Fulldisclosure
2025/03/24
[FD] SQL Injection in Admin Functionality - dolphin.prov7.4.2
Andrey Stoykov
2025/03/24
[FD] Stored XSS via Send Message Functionality - dolphin.prov7.4.2
Andrey Stoykov
2025/03/20
[FD] APPLE-SA-03-11-2025-4 visionOS 2.3.2
Apple Product Security via Fulldisclosure
2025/03/20
[FD] APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2
Apple Product Security via Fulldisclosure
2025/03/20
[FD] APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2
Apple Product Security via Fulldisclosure
2025/03/20
[FD] APPLE-SA-03-11-2025-1 Safari 18.3.1
Apple Product Security via Fulldisclosure
2025/03/20
[FD] CVE-2019-16261 (UPDATE): Unauthenticated POST requests to Tripp Lite UPS Systems
Lucas Lalumière
2025/03/11
[FD] Multiple sandbox escapes in asteval python sandboxing module
areca-palm via Fulldisclosure
2025/02/27
[FD] SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC
SEC Consult Vulnerability Lab via Fulldisclosure
2025/02/20
[FD] MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Qualys Security Advisory via Fulldisclosure
2025/02/20
[FD] Self Stored XSS - acp2sev7.2.2
Andrey Stoykov
2025/02/20
[FD] Python's official documentation contains textbook example of insecure code (XSS)
Georgi Guninski
2025/02/17
Re: [FD] Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
Gynvael Coldwind
2025/02/16
[FD] Monero 18.3.4 zero-day DoS vulnerability has been dropped publicly on social network.
upper.underflow via Fulldisclosure
2025/02/16
[FD] Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
Ryan Delaney via Fulldisclosure
2025/02/16
[FD] [CVE-2024-54756] GZDoom <= 4.13.1 Arbitrary Code Execution via Malicious ZScript
Gabriel Valachi via Fulldisclosure
2025/02/16
Re: [FD] Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
David Fifield
2025/02/10
[FD] APPLE-SA-02-10-2025-2 iPadOS 17.7.5
Apple Product Security via Fulldisclosure
2025/02/10
[FD] CVE-2024-55447: Access Control in Paxton Net2 software (update)
Jeroen Hermans via Fulldisclosure
2025/02/10
[FD] APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1
Apple Product Security via Fulldisclosure
2025/02/10
[FD] ChatGPT AI finds "security concern" (XSS) in DeepSeek's code
Georgi Guninski
2025/02/04
[FD] KL-001-2025-002: Checkmk NagVis Remote Code Execution
KoreLogic Disclosures via Fulldisclosure
2025/02/04
[FD] KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting
KoreLogic Disclosures via Fulldisclosure
2025/02/01
[FD] APPLE-SA-01-30-2025-1 GarageBand 10.4.12
Apple Product Security via Fulldisclosure
2025/02/01
Re: [FD] Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
David Fifield
2025/02/01
[FD] Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3
hyp3rlinx
2025/01/29
[FD] Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449
Shaikh Shahnawaz
2025/01/29
[FD] Deepseek writes textbook insecure code in 2025-01-28
Georgi Guninski
2025/01/29
[FD] Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
David Fifield
2025/01/27
[FD] APPLE-SA-01-27-2025-9 Safari 18.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-8 tvOS 18.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-7 watchOS 11.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] SEC Consult SA-20250127-0 :: Weak Password Hashing Algorithms in Wind River Software VxWorks RTOS
SEC Consult Vulnerability Lab via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-4 macOS Sequoia 15.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-3 iPadOS 17.7.4
Apple Product Security via Fulldisclosure
2025/01/27
[FD] Host Header Injection - atutorv2.2.4
Andrey Stoykov
2025/01/27
[FD] APPLE-SA-01-27-2025-2 iOS 18.3 and iPadOS 18.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] APPLE-SA-01-27-2025-1 visionOS 2.3
Apple Product Security via Fulldisclosure
2025/01/27
[FD] AutoLib Software Systems OPAC Version.20.10 | Exposure of Sensitive Information | CVE-2024-48310
Shaikh Shahnawaz
2025/01/27
[FD] Reflected XSS - atutorv2.2.4
Andrey Stoykov
2025/01/15
[FD] CVE-2024-48463
Rodolfo Tavares via Fulldisclosure
2025/01/15
[FD] CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3
Thomas Weber | CyberDanube via Fulldisclosure
2025/01/15
[FD] Asterisk Security Release 22.1.1
Asterisk Development Team via Fulldisclosure
2025/01/15
[FD] Certified Asterisk Security Release certified-20.7-cert4
Asterisk Development Team via Fulldisclosure
2025/01/15
[FD] Certified Asterisk Security Release certified-18.9-cert13
Asterisk Development Team via Fulldisclosure
2025/01/15
[FD] Asterisk Security Release 18.26.1
Asterisk Development Team via Fulldisclosure
2025/01/15
[FD] [asterisk-dev] Asterisk Security Release 21.6.1
Asterisk Development Team
2025/01/15
[FD] [asterisk-dev] Asterisk Security Release 20.11.1
Asterisk Development Team
2024/05/09
[FD] Microsoft PlayReady - complete client identity compromise
Security Explorations
2024/05/06
[FD] secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping (XSS) flaws in Drupal-Wiki
Simon Bieber via Fulldisclosure
2024/05/06
[FD] OXAS-ADV-2024-0002: OX App Suite Security Advisory
Martin Heiland via Fulldisclosure
2024/05/06
[FD] Microsoft PlayReady toolkit - codes release
Security Explorations
2024/05/03
[FD] Live2D Cubism refusing to fix validation issue leading to heap corruption.
PT via Fulldisclosure
2024/05/01
[FD] Microsoft PlayReady white-box cryptography weakness
Security Explorations
2024/04/24
[FD] Defense in depth -- the Microsoft way (part 87): shipping more rotten software to billions of unsuspecting customers
Stefan Kanthak
2024/04/24
[FD] Response to CVE-2023-26756 - Revive Adserver
Matteo Beccati
2024/04/19
[FD] BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH)
malvuln
2024/04/19
[FD] SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app
SEC Consult Vulnerability Lab via Fulldisclosure
2024/04/19
[FD] MindManager 23 - full disclosure
Pawel Karwowski via Fulldisclosure
2024/04/14
[FD] CVE-2024-31705
V3locidad
2024/04/14
[FD] SEC Consult SA-20240411-0 :: Database Passwords in Server Response in Amazon AWS Glue
SEC Consult Vulnerability Lab via Fulldisclosure
2024/04/11
[FD] [KIS-2024-03] Invision Community <= 4.7.16 (toolbar.php) Remote Code Execution Vulnerability
Egidio Romano
2024/04/11
[FD] [KIS-2024-02] Invision Community <= 4.7.15 (store.php) SQL Injection Vulnerability
Egidio Romano
2024/04/11
[FD] Multiple Issues in concretecmsv9.2.7
Andrey Stoykov
2024/04/10
[FD] OXAS-ADV-2024-0001: OX App Suite Security Advisory
Martin Heiland via Fulldisclosure
2024/04/10
[FD] Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC)
malvuln
2024/04/10
[FD] CVE-2023-27195: Broken Access Control - Registration Code in TM4Web v22.2.0
Clément Cruchet
2024/04/05
[FD] [CFP] IEEE CSR Workshop on Cyber Forensics& Advanced Threat Investigations in Emerging Technologies 2024
Andrew Zayine
2024/04/05
[FD] Backdoor.Win32.Agent.ju (PSYRAT) / Authentication Bypass RCE
malvuln
2024/04/05
[FD] CVE-2024-30928: SQL Injection Vulnerability in DerbyNet v9.0 via 'classids' Parameter
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30927: XSS Vulnerability in DerbyNet v9.0 via racer-results.php
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30926: XSS Vulnerability in DerbyNet v9.0 via ./inc/kiosks.inc
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30924: XSS Vulnerability in DerbyNet v9.0 via checkin.php
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30923: SQL Injection in DerbyNet v9.0 via print/render/racer.inc
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30922: SQL Injection in DerbyNet v9.0 via print/render/award.inc
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30921: Unauthenticated XSS Vulnerability in DerbyNet v9.0 via photo.php
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] CVE-2024-30920: XSS Vulnerability in DerbyNet v9.0 via render-document.php
Valentin Lobstein via Fulldisclosure
2024/04/05
[FD] SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in Visual Planning
Lennert Preuth via Fulldisclosure
2024/04/05
[FD] SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Functionality in Visual Planning
Lennert Preuth via Fulldisclosure
2024/04/05
[FD] SCHUTZWERK-SA-2023-003: Authentication Bypass in Visual Planning REST API
Lennert Preuth via Fulldisclosure
2024/04/02
[FD] Microsoft PlayReady deficiencies / content key sniffing on Windows
Security Explorations
2024/03/28
[FD] Intel PowerGadget 3.6 Local Privilege Escalation
Julian Horoszkiewicz via Fulldisclosure
2024/03/27
[FD] Application is Vulnerable to Session Fixation
YOGESH BHANDAGE
2024/03/27
[FD] APPLE-SA-03-25-2024-1 Safari 17.4.1
Apple Product Security via Fulldisclosure
2024/03/27
[FD] APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1
Apple Product Security via Fulldisclosure
2024/03/27
[FD] APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6
Apple Product Security via Fulldisclosure
2024/03/27
[FD] APPLE-SA-03-25-2024-4 iOS 17.4.1 and iPadOS 17.4.1
Apple Product Security via Fulldisclosure
2024/03/27
[FD] APPLE-SA-03-25-2024-5 iOS 16.7.7 and iPadOS 16.7.7
Apple Product Security via Fulldisclosure
2024/03/27
[FD] APPLE-SA-03-25-2024-6 visionOS 1.1.1
Apple Product Security via Fulldisclosure
2024/03/27
[FD] Escape sequence injection in util-linux wall (CVE-2024-28085)
Skyler Ferrante (RIT Student) via Fulldisclosure
2024/03/27
[FD] Circontrol EV Charger vulnerabilities (CVE-2020-8006, CVE-2020-8007)
Dariusz G
2024/03/19
[FD] Backdoor.Win32.Emegrab.b / Remote Stack Buffer Overflow (SEH)
malvuln
2024/03/13
[FD] MetaFox Remote Shell Upload Exploit
j0ck1ng@tempr.email
2024/03/13
[FD] SEC Consult SA-20240307-0 :: Local Privilege Escalation via writable files in Checkmk Agent (CVE-2024-0670)
SEC Consult Vulnerability Lab, Research via Fulldisclosure
2024/03/13
[FD] HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS
Marco Ivaldi
2024/03/13
[FD] APPLE-SA-03-12-2024-1 GarageBand 10.4.11
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-7 visionOS 1.1
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-6 tvOS 17.4
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-5 watchOS 10.4
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-2 macOS Sonoma 14.4
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-07-2024-1 Safari 17.4
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-05-2024-2 iOS 16.7.6 and iPadOS 16.7.6
Apple Product Security via Fulldisclosure
2024/03/13
[FD] APPLE-SA-03-05-2024-1 iOS 17.4 and iPadOS 17.4
Apple Product Security via Fulldisclosure
2024/03/13
[FD] Backdoor.Win32.Beastdoor.oq / Unauthenticated Remote Command Execution
malvuln
2024/03/13
[FD] StimulusReflex CVE-2024-28121
lixts via Fulldisclosure
Earlier messages