[FD] BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH)

2024-04-19 Thread malvuln
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Backdoor.Win32.Dumador.c Vulnerability: Remote Stack Buffer Overflow (SEH)

[FD] SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app

2024-04-19 Thread SEC Consult Vulnerability Lab via Fulldisclosure
SEC Consult Vulnerability Lab Security Advisory < 20240418-0 > === title: Broken authorization product: Dreamehome app vulnerable version: <=2.1.5 (iOS) fixed version: none, see solution

[FD] MindManager 23 - full disclosure

2024-04-19 Thread Pawel Karwowski via Fulldisclosure
Resending! Thank you for your efforts. GitHub - pawlokk/mindmanager-poc: public disclosure Affected application: MindManager23_setup.exe Platform: Windows Issue: Local Privilege Escalation via MSI installer Repair Mode (EXE hijacking race