fulldisclosure  

Messages by Date

• 2023/09/22 [FD] APPLE-SA-2023-09-21-6 macOS Ventura 13.6 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-7 macOS Monterey 12.7 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-5 watchOS 9.6.3 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-4 watchOS 10.0.1 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] APPLE-SA-2023-09-21-1 Safari 16.6.1 Apple Product Security via Fulldisclosure
• 2023/09/22 [FD] Advisory X41-2023-001: Two Vulnerabilities in OPNsense X41 D-Sec GmbH Advisories via Fulldisclosure
• 2023/09/18 [FD] SEC Consult SA-20230918-0 :: Authenticated Remote Code Execution and Missing Authentication in Atos Unify OpenScape SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/09/18 [FD] SEC Consult SA-20230829-0 :: Reflected Cross-Site Scripting (XSS) in PTC - Codebeamer (ALM Solution) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/09/18 [FD] APPLE-SA-2023-09-11-3 macOS Big Sur 11.7.10 Apple Product Security via Fulldisclosure
• 2023/09/18 [FD] APPLE-SA-2023-09-11-2 macOS Monterey 12.6.9 Apple Product Security via Fulldisclosure
• 2023/09/18 [FD] APPLE-SA-2023-09-11-1 iOS 15.7.9 and iPadOS 15.7.9 Apple Product Security via Fulldisclosure
• 2023/09/18 [FD] [SYSS-2023-002] Razer Synapse - Local Privilege Escalation Oliver Schwarz via Fulldisclosure
• 2023/09/08 [FD] APPLE-SA-2023-09-07-3 watchOS 9.6.2 Apple Product Security via Fulldisclosure
• 2023/09/08 [FD] APPLE-SA-2023-09-07-2 iOS 16.6.1 and iPadOS 16.6.1 Apple Product Security via Fulldisclosure
• 2023/09/08 [FD] APPLE-SA-2023-09-07-1 macOS Ventura 13.5.2 Apple Product Security via Fulldisclosure
• 2023/09/05 [FD] Minor firefox DoS - semi silently polluting ~/Downloads with files Georgi Guninski
• 2023/09/04 [FD] Vulnerabilities in Internet Radio auna IR-160 SE (UIProto) naphthalin via Fulldisclosure
• 2023/09/04 [FD] AtlasVPN Linux Client 1.0.3 IP Leak Exploit icudar via Fulldisclosure
• 2023/08/29 [FD] Mozilla Firefox only stores up to 1024 HSTS entries Konstantin
• 2023/08/23 [FD] [KIS-2023-09] CrafterCMS <= 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities Egidio Romano
• 2023/08/23 [FD] [KIS-2023-08] SugarCRM <= 12.2.0 Two SQL Injection Vulnerabilities Egidio Romano
• 2023/08/23 [FD] [KIS-2023-07] SugarCRM <= 12.2.0 (Docusign_GlobalSettings) PHP Object Injection Vulnerability Egidio Romano
• 2023/08/23 [FD] [KIS-2023-06] SugarCRM <= 12.2.0 (updateGeocodeStatus) Bean Manipulation Vulnerability Egidio Romano
• 2023/08/23 [FD] [KIS-2023-05] SugarCRM <= 12.2.0 (Notes) Unrestricted File Upload Vulnerability Egidio Romano
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Jeffrey Walton
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Michael Lazin
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Matthew Fernandez
• 2023/08/19 Re: [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Adrean Boyadzhiev
• 2023/08/17 [FD] KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit KoreLogic Disclosures via Fulldisclosure
• 2023/08/17 [FD] KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump KoreLogic Disclosures via Fulldisclosure
• 2023/08/17 [FD] KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig KoreLogic Disclosures via Fulldisclosure
• 2023/08/15 [FD] Anomaly in Fedora `dnf update`: md5 mismatch of result Georgi Guninski
• 2023/08/15 [FD] Missing Immutable Root of Trust in Hardware (CWE-1326) / CVE-2023-22955 Moritz Abrell via Fulldisclosure
• 2023/08/15 [FD] Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22956 Moritz Abrell via Fulldisclosure
• 2023/08/15 [FD] Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22957 Moritz Abrell via Fulldisclosure
• 2023/08/11 [FD] Qualys mis-uses ssh, fails to scan and protect, facilitates internal attack Paul Szabo via Fulldisclosure
• 2023/08/11 [FD] St. Poelten UAS | Multiple XSS in Advantech EKI 15XX Series Weber Thomas via Fulldisclosure
• 2023/08/11 [FD] St. Poelten UAS | Multiple Vulnerabilities in Phoenix Contact TC Cloud Client / TC Router / Cloud Client Weber Thomas via Fulldisclosure
• 2023/08/07 [FD] GNOME Files silently extracts setuid files from ZIP archives Georgi Guninski
• 2023/08/03 [FD] Kolibri GET request buffer Overflow [Stack Egghunter] Mahmoud Noureldin
• 2023/08/03 [FD] [SYSS-2023-011]: Canon PIXMA TR4550 and other inkjet printer models - Insufficient or Incomplete Data Removal, within Hardware Component (CWE-1301) Matthias Deeg via Fulldisclosure
• 2023/08/02 [FD] OXAS-ADV-2023-0003: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/08/02 [FD] RansomLord v1 / Anti-Ransomware Exploit Tool malvuln
• 2023/08/02 [FD] Savant Web Server 3.1 - Remote Buffer Overflow (Egghunter) Mahmoud Noureldin
• 2023/08/01 [FD] CVE-2023-28130 - Hostname injection leads to Remote Code Execution RCE (Authenticated) Rick Verdoes via Fulldisclosure
• 2023/08/01 [FD] Unauthorized MFA Code Delivery in EmpowerID Patel, Nirav
• 2023/08/01 [FD] Pentest Paper - Introduction to Web Pentest Andrey Stoykov
• 2023/08/01 [FD] Stored XSS - Perch Andrey Stoykov
• 2023/08/01 [FD] ETSI WEBstore 2023 - Persistent Cross Site Scripting Web Vulnerability i...@vulnerability-lab.com
• 2023/07/25 [FD] Availability Booking Calendar PHP - Stored XSS and Unrestricted File Upload Andrey Stoykov
• 2023/07/25 [FD] APPLE-SA-2023-07-24-8 watchOS 9.6 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-7 tvOS 16.6 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-4 macOS Ventura 13.5 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-3 iOS 15.7.8 and iPadOS 15.7.8 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-2 iOS 16.6 and iPadOS 16.6 Apple Product Security via Fulldisclosure
• 2023/07/25 [FD] APPLE-SA-2023-07-24-1 Safari 16.6 Apple Product Security via Fulldisclosure
• 2023/07/24 [FD] APPLE-SA-2023-07-24-1 Safari 16.6 Deven Kishore via Fulldisclosure
• 2023/07/21 [FD] [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334) Matthias Deeg via Fulldisclosure
• 2023/07/21 [FD] [SYSS-2023-005]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38335) Matthias Deeg via Fulldisclosure
• 2023/07/19 [FD] PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] Aures Booking & POS Terminal - Local Privilege Escalation Vulnerability i...@vulnerability-lab.com
• 2023/07/19 [FD] Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] PaulPrinting CMS - (Search Delivery) Cross Site Scripting Vulnerability i...@vulnerability-lab.com
• 2023/07/19 [FD] Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability i...@vulnerability-lab.com
• 2023/07/19 [FD] Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities i...@vulnerability-lab.com
• 2023/07/19 [FD] Boom CMS v8.0.7 - Cross Site Scripting Vulnerability i...@vulnerability-lab.com
• 2023/07/19 Re: [FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability Jeffrey Walton
• 2023/07/19 [FD] CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent Qualys Security Advisory via Fulldisclosure
• 2023/07/19 [FD] [RT-SA-2023-001] Session Token Enumeration in RWS WorldServer RedTeam Pentesting GmbH
• 2023/07/16 [FD] WBCE - Stored XSS Andrey Stoykov
• 2023/07/16 Re: [FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability Jens Timmerman
• 2023/07/11 [FD] Asterisk Release 20.3.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release certified-18.9-cert5 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release 19.8.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release 18.18.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 [FD] Asterisk Release 16.30.1 Asterisk Development Team via Fulldisclosure
• 2023/07/11 Re: [FD] [tool] tc - anonymous and cyphered chat over Tor circuits in PGP bo0od via Fulldisclosure
• 2023/07/11 [FD] APPLE-SA-2023-07-10-3 Rapid Security Responses for macOS Ventura 13.4.1 Apple Product Security via Fulldisclosure
• 2023/07/11 [FD] APPLE-SA-2023-07-10-2 Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1 Apple Product Security via Fulldisclosure
• 2023/07/11 [FD] APPLE-SA-2023-07-10-1 Safari 16.5.2 Apple Product Security via Fulldisclosure
• 2023/07/11 [FD] Unquoted Path - XAMPP 8.2.4 Andrey Stoykov
• 2023/07/11 Re: [FD] Ransom.Haron / Code Execution malvuln
• 2023/07/07 [FD] SEC Consult SA-20230705-0 :: Path traversal bypass & Denial of service in Kyocera TASKalfa 4053ci printer SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult SA-20230703-0 :: Multiple Vulnerabilities including Unauthenticated RCE in Siemens A8000 SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult Vulnerability Lab Whitepaper: Everyone Knows SAP®, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RFC to RCE 16 Years Later SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult SA-20230628-0 :: Stored XSS & Privilege Escalation in Boomerang Parental Control App SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] SEC Consult SA-20230627-0 :: Multiple high risk vulnerabilities in ILIAS eLearning platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/07/07 [FD] ServiceNow Account Takeover to Full Admin Compromise Luke Symons
• 2023/07/07 [FD] APPLE-SA-2023-06-21-8 watchOS 8.8.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-7 watchOS 9.5.2 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] APPLE-SA-2023-06-21-1 Safari 16.5.1 Apple Product Security via Fulldisclosure
• 2023/07/07 [FD] SQLi - Faculty Evaluation System Andrey Stoykov
• 2023/07/07 [FD] Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability i...@esec-service.de
• 2023/07/07 [FD] [tool] tc - anonymous and cyphered chat over Tor circuits in PGP 0xf--- via Fulldisclosure
• 2023/06/21 Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists pesco
• 2023/06/21 [FD] OXAS-ADV-2023-0002: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/06/21 Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists jvoisin via Fulldisclosure
• 2023/06/19 [FD] Polycom BToE Connector 4.4.0.0 Multiple Vulnerabilities BUG
• 2023/06/19 [FD] OpenBSD kernel relinking is not transactional and a local exploit exists Schech, C. W. ("Connor")
• 2023/06/09 [FD] Windows PowerShell / Trojan File RCE revisited hyp3rlinx
• 2023/06/07 [FD] Defense in depth -- the Microsoft way (part 85): escalation of privilege plus remote code execution with HVCISCAN.exe Stefan Kanthak
• 2023/06/07 [FD] LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 Qualys Security Advisory via Fulldisclosure
• 2023/06/02 [FD] [CVE-2023-29459] FC Red Bull Salzburg App "at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity" Arbitrary URL Loading Julien Ahrens (RCE Security)
• 2023/06/01 [FD] [RT-SA-2022-004] STARFACE: Authentication with Password Hash Possible RedTeam Pentesting GmbH
• 2023/05/30 [FD] CVE-2022-48336 - Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48334 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48333 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48332 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18) Cyber Intel Security
• 2023/05/30 [FD] CVE-2022-48331 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0) Cyber Intel Security
• 2023/05/30 [FD] SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer Lennert Preuth via Fulldisclosure
• 2023/05/30 [FD] [RT-SA-2023-005] Pydio Cells: Server-Side Request Forgery RedTeam Pentesting GmbH
• 2023/05/30 [FD] [RT-SA-2023-004] Pydio Cells: Cross-Site Scripting via File Download RedTeam Pentesting GmbH
• 2023/05/30 [FD] [RT-SA-2023-003] Pydio Cells: Unauthorised Role Assignments RedTeam Pentesting GmbH
• 2023/05/29 [FD] Printerlogic multiple vulnerabilities Eldar Marcussen
• 2023/05/29 [FD] SEC Consult SA-20230517-0 :: Stored XSS vulnerability in rename functionality in Wekan (Open-Source kanban) SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/05/29 [FD] SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-7 watchOS 9.5 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-8 Safari 16.5 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-6 tvOS 16.5 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-3 macOS Ventura 13.4 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4 Apple Product Security via Fulldisclosure
• 2023/05/29 [FD] APPLE-SA-2023-05-18-1 iOS 16.5 and iPadOS 16.5 Apple Product Security via Fulldisclosure
• 2023/05/15 [FD] SEC Consult SA-20230515-0 :: Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/05/11 [FD] CyberDanube Security Research 20230511-0 | Multiple Vulnerabilities in Advantech EKI-15XX Series Thomas Weber
• 2023/05/08 [FD] OXAS-ADV-2023-0001: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/05/08 [FD] SCHUTZWERK-SA-2023-001: SQL Injection in Spryker Commerce OS Lennert Preuth via Fulldisclosure
• 2023/05/04 [FD] APPLE-SA-2023-05-03-1 AirPods Firmware Update 5E133 and Beats Firmware Update 5B66 Apple Product Security via Fulldisclosure
• 2023/05/02 [FD] SEC Consult SA-20230502-0 :: Bypassing cluster isolation through insecure defaults and shared storage in Databricks Platform SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/04/28 [FD] Piwigo - CVE-2023-26876 Rodolfo Tavares via Fulldisclosure
• 2023/04/28 Re: [FD] Checking existence of firewalled URLs via javascript's script.onload Jonathan Gregson via Fulldisclosure
• 2023/04/24 [FD] Security vulnerabilities in Telit Cinterion IoT (formerly Thales) devices Security Explorations
• 2023/04/21 [FD] Checking existence of firewalled URLs via javascript's script.onload Georgi Guninski
• 2023/04/21 [FD] Checking existence of firewalled web servers in Firefox via iframe.onload Georgi Guninski
• 2023/04/18 [FD] [CVE-2023-22897] SecurePoint UTM <= 12.2.5 “spcgi.cgi” Remote Memory Contents Information Disclosure Julien Ahrens (RCE Security)
• 2023/04/18 [FD] [CVE-2023-22620] SecurePoint UTM <= 12.2.5 “spcgi.cgi” sessionId Information Disclosure Allowing Device Takeover Julien Ahrens (RCE Security)
• 2023/04/10 [FD] APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6 Apple Product Security via Fulldisclosure
• 2023/04/10 [FD] APPLE-SA-2023-04-10-1 iOS 15.7.5 and iPadOS 15.7.5 Apple Product Security via Fulldisclosure
• 2023/04/10 [FD] APPLE-SA-2023-04-10-2 macOS Monterey 12.6.5 Apple Product Security via Fulldisclosure
• 2023/04/10 [FD] APPLE-SA-2023-04-07-3 Safari 16.4.1 Apple Product Security via Fulldisclosure
• 2023/04/10 [FD] APPLE-SA-2023-04-07-2 macOS Ventura 13.3.1 Apple Product Security via Fulldisclosure
• 2023/04/10 [FD] APPLE-SA-2023-04-07-1 iOS 16.4.1 and iPadOS 16.4.1 Apple Product Security via Fulldisclosure
• 2023/04/04 [FD] FedEx Ship Manager (FSM) v3704 Insecure Use of .NET Remoting Harrison Neal
• 2023/03/30 [FD] RSA NetWitness EDR Agent / Incorrect Access Control - Code Execution / CVE-2022-47529 hyp3rlinx
• 2023/03/27 [FD] APPLE-SA-2023-03-27-7 watchOS 9.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-9 Studio Display Firmware Update 16.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-8 Safari 16.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-6 tvOS 16.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-1 iOS 16.4 and iPadOS 16.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] APPLE-SA-2023-03-27-3 macOS Ventura 13.3 Apple Product Security via Fulldisclosure
• 2023/03/27 [FD] RSA NetWitness Platform EDR / Incorrect Access Control - Code Execution hyp3rlinx
• 2023/03/24 [FD] Defense in depth -- the Microsoft way (part 84): (no) fun with %COMSPEC% Stefan Kanthak
• 2023/03/21 [FD] Invitation to the World Cryptologic Competition 2023 Competition Administrator
• 2023/03/21 [FD] Insecure python cgi documentation and tutorials are vulnerable to XSS. Georgi Guninski
• 2023/03/21 Re: [FD] Microsoft PlayReady security research Adam Gowdiak
• 2023/03/21 Re: [FD] Defense in depth -- the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) Arik Seils
• 2023/03/21 Re: [FD] Microsoft PlayReady security research Security Explorations
• 2023/03/16 [FD] Defense in depth -- the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) Stefan Kanthak
• 2023/03/16 [FD] [CFP] Security BSides Ljubljana 0x7E7 | June 16, 2023 Andraz Sraka
• 2023/03/11 [FD] Full Disclosure - Fastly Andrey Stoykov
• 2023/03/11 [FD] Full Disclosure - Shopify Application Andrey Stoykov
• 2023/03/06 [FD] [CVE-2023-25355/25356] No fix available - vulnerabilities in CoreDial sipXcom sipXopenfire Systems Research Group via Fulldisclosure
• 2023/03/06 [FD] SEC Consult SA-20230306-0 :: Multiple Vulnerabilities in Arris DG3450 Cable Gateway SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/03/06 [FD] OpenBSD overflow Erg Noor
• 2023/03/02 [FD] SEC Consult SA-20230228-0 :: OS Command Injectionin Barracuda CloudGen WAN SEC Consult Vulnerability Lab, Research via Fulldisclosure
• 2023/03/02 [FD] SRP on Windows 11 Andy Ful
• 2023/03/02 [FD] NetBSD overflow Erg Noor
• 2023/02/27 [FD] [NetworkSEC NWSSA] CVE-2023-26609: ABUS Security Camera LFI, RCE and SSH Root Peter Ohm
• 2023/02/27 [FD] [NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access Peter Ohm
• 2023/02/27 [FD] Microsoft Windows Contact File / Remote Code Execution (Resurrected) CVE-2022-44666 hyp3rlinx
• 2023/02/22 [FD] Defense in depth -- the Microsoft way (part 82): INVALID/BOGUS AppLocker rules disable SAFER on Windows 11 22H2 Stefan Kanthak
• 2023/02/22 [FD] Multiple vulnerabilities in Audiocodes Device Manager Express Eric Flokstra
• 2023/02/22 [FD] Sumo Logic keep api credentials on endpoints dammitjosie--- via Fulldisclosure
• 2023/02/16 [FD] Remote Code Execution in Kardex MLOG Patrick Hener
• 2023/02/14 [FD] CyberDanube Security Research 20230213-0 | Multiple Vulnerabilities in JetWave Series Thomas Weber
• 2023/02/14 [FD] Defense in depth -- the Microsoft way (part 81): enabling UTF-8 support breaks existing code Stefan Kanthak
• 2023/02/14 [FD] APPLE-SA-2023-02-13-3 Safari 16.3.1 Apple Product Security via Fulldisclosure
• 2023/02/14 [FD] APPLE-SA-2023-02-13-2 macOS Ventura 13.2.1 Apple Product Security via Fulldisclosure
• 2023/02/14 [FD] APPLE-SA-2023-02-13-1 iOS 16.3.1 and iPadOS 16.3.1 Apple Product Security via Fulldisclosure
• 2023/02/14 [FD] OXAS-ADV-2022-0002: OX App Suite Security Advisory Martin Heiland via Fulldisclosure
• 2023/02/14 [FD] [CVE-2023-0291] Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion Julien Ahrens (RCE Security)
• 2023/02/14 [FD] [CVE-2023-0292] Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion Julien Ahrens (RCE Security)
• 2023/02/14 [FD] [CVE-Request] Multiple vulnerabilities in BMC Control-M before 9.0.20.214 Benjamin Mar-Conrad
• 2023/01/30 [FD] Trovent Security Advisory 2203-01 / Micro Focus GroupWise transmits session ID in URL Stefan Pietsch

• Earlier messages