Re: [FD] [CDPWE-0001] - RocketReach

2021-03-11 Thread Thierry Zoller
=== Adapting the Mechanics of Vulnerability Disclosure to an area where Privacy Rights need to be scrutinized and where transparency becomes paramount. === On the

[FD] Trojan-Dropper.Win32.Hamer.10 / Remote Floating-point Exception DoS

2021-03-11 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/afe4e5219829a286e0b84025b073c259.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Hamer.10 Vulnerability: Remote Floating-point Exception DoS Description:

[FD] Trojan-Spy.Win32.KeyLogger.qt / Insecure Permissions

2021-03-11 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/de613b96174056ef22b42e112d0e61a5.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.KeyLogger.qt Vulnerability: Insecure Permissions Description: KeyLogger.qt

[FD] Data Manipulation with X-Forwarded-For header at WordPress

2021-03-11 Thread Alphan YAVAS
I. VULNERABILITY - Data Manipulation with X-Forwarded-For header at WordPress II. CVE REFERENCE - CVE-2020-35539 III. VENDOR - https://wordpress.org IV. TIMELINE - 20/12/2020 Vulnerability discovered

[FD] [CVE-2021-28144] Authenticated Command Injection in D-Link DIR-3060 Web Interface

2021-03-11 Thread research
IoT Inspector Research Lab Security Advisory IOT-20210311-0 ~~~ title: Authenticated Command Injection in D-Link DIR-3060 Web Interface vendor/product: D-Link DIR-3060 (https