[FD] Microsoft Office OneNote 2007 DLL side loading vulnerability

Microsoft Office OneNote 2007 DLL side loading vulnerability Yorick Koster, September 2015

[FD] Multiple local privilege escalation vulnerabilities in Proxifier for Mac

Multiple local privilege escalation vulnerabilities in Proxifier for Mac Yorick Koster, April 2017

[FD] ChromeOS / ChromeBooks Persist Certain Network Settings in Guest Mode

[Original post can be found here: https://wwws.nightwatchcybersecurity.com/2017/04/09/advisory-chromeos-chromebooks-persist-certain-network-settings-in-guest-mode/] SUMMARY Certain network settings in ChromeOS / ChromeBooks persists between reboots when set in guest mode. These issues have been

[FD] [SYSS-2015-036] Password Safe and Repository Enterprise v7.4.4 - Violation of Secure Design Principles (CWE-657)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Advisory ID: SYSS-2015-036 Product(s): Password Safe and Repository Enterprise Manufacturer: MATESO GmbH Affected Version(s): 7.4.4 Build 2247 Tested Version(s): 7.4.4 Build 2247 Vulnerability Type: Credentials Management (CWE-255)

[FD] [SYSS-2015-035] Password Safe and Repository Enterprise v7.4.4 - SQL Injection (CWE-89)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Advisory ID: SYSS-2015-035 Product(s): Password Safe and Repository Enterprise Manufacturer: MATESO GmbH Affected Version(s): 7.4.4 Build 2247 Tested Version(s): 7.4.4 Build 2247 Vulnerability Type: Violation of Secure Design Principles (CWE-657)

[FD] CVE-2017-7643 Local root privesc in Proxifier for Mac <= 2.18

Proxifier 2.18 (also 2.17 and possibly some earlier version) ships with a KLoader binary which it installs suid root the first time Proxifier is run. This binary serves a single purpose which is to load and unload Proxifier's kernel extension. Unfortunately it does this by taking the first

[FD] CVE Request:Directory Traversal in smilie module(MyBB <1.8.11)

Hi team, I would like to request one CVE for this vulnerability, thank you! # Description: product:MyBB Homepage:https://mybb.com/ vulnerable version:<1.8.11 Severity:Low risk === Proof of Concept: =

[FD] CVE Request:CSRF in Serendipity allows attacker installs any themes

Hi team, I would like to request one CVE id, thank you! Details == Software: s9y Serendipity Version: <2.0.5 Homepage: https://docs.s9y.org/ === Description Get type CSRF in Serendipity allows attacker installs any themes, no token here. POC:

[FD] Moxa MX AOPC-Server v1.5 XML External Entity

[+] Credits: John Page AKA HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt [+] ISR: ApparitionSec Vendor: www.moxa.com Product: === MX-AOPC UA SERVER - 1.5

[FD] CVE-2017-7456 MXview v2.8 Denial Of Service

[+] Credits: John Page AKA hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-DENIAL-OF-SERVICE.txt [+] ISR: ApparitionSec Vendor: www.moxa.com Product: === MXView v2.8 Download:

[FD] Moxa MXview v2.8 Remote Private Key Disclosure

[+] Credits: John Page AKA HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-REMOTE-PRIVATE-KEY-DISCLOSURE.txt [+] ISR: APPARITIONSEC Vendor: www.moxa.com Product: === MXview V2.8 Download: