Full Disclosure: by author

20 messages starting Nov 21 24 and ending Nov 21 24
Date index | Thread index | Author index


Andrey Stoykov

Reflected XSS - fronsetiav1.1 Andrey Stoykov (Nov 21)
XXE OOB - fronsetiav1.1 Andrey Stoykov (Nov 21)

Apple Product Security via Fulldisclosure

APPLE-SA-11-19-2024-1 Safari 18.1.1 Apple Product Security via Fulldisclosure (Nov 21)
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1 Apple Product Security via Fulldisclosure (Nov 21)
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1 Apple Product Security via Fulldisclosure (Nov 21)
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2 Apple Product Security via Fulldisclosure (Nov 21)
APPLE-SA-11-19-2024-2 visionOS 2.1.1 Apple Product Security via Fulldisclosure (Nov 21)

Devin Cook

Unsafe eval() in TestRail CLI Devin Cook (Nov 06)

Filip Palian

Security issue in the TX Text Control .NET Server for ASP.NET. Filip Palian (Nov 12)

Mark Esler

Re: Local Privilege Escalations in needrestart Mark Esler (Nov 27)

Nosebeard Labs

Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionOS/watchOS) Nosebeard Labs (Nov 21)

Pierre Kim

4 vulnerabilities in ibmsecurity Pierre Kim (Nov 03)
32 vulnerabilities in IBM Security Verify Access Pierre Kim (Nov 03)

Qualys Security Advisory via Fulldisclosure

Local Privilege Escalations in needrestart Qualys Security Advisory via Fulldisclosure (Nov 21)

SEC Consult Vulnerability Lab via Fulldisclosure

SEC Consult SA-20241127-0 :: Stored Cross-Site Scripting in Omada Identity (CVE-2024-52951) SEC Consult Vulnerability Lab via Fulldisclosure (Nov 27)
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater SEC Consult Vulnerability Lab via Fulldisclosure (Nov 09)
SEC Consult SA-20241125-0 :: Unlocked JTAG interface and buffer overflow in Siemens SM-2558 Protocol Element, Siemens CP-2016 & CP-2019 SEC Consult Vulnerability Lab via Fulldisclosure (Nov 27)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879) SEC Consult Vulnerability Lab via Fulldisclosure (Nov 12)

Weber Thomas via Fulldisclosure

St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro Weber Thomas via Fulldisclosure (Nov 21)
St. Poelten UAS | Path Traversal in Korenix JetPort 5601 Weber Thomas via Fulldisclosure (Nov 21)