Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
19 messages
starting Aug 02 25 and
ending Aug 18 25
Date index |
Thread index |
Author index
Apple Product Security via Fulldisclosure
APPLE-SA-07-30-2025-1 Safari 18.6 Apple Product Security via Fulldisclosure (Aug 02)
Georg Lukas
Piciorgros TMO-100: Unauthorized log data access Georg Lukas (Aug 18)
Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617) Georg Lukas (Aug 18)
josephgoyd via Fulldisclosure
iOS 18.6 - Undocumented TCC Access to Multiple Privacy Domains via preflight=yes josephgoyd via Fulldisclosure (Aug 18)
Jozef Sudolsky
[tool] CRSprober Jozef Sudolsky (Aug 18)
Ron E
CSV Injection in iDempiere WebUI 12.0.0.202508171158 Ron E (Aug 18)
Insufficient Session Cookie Invalidation in nopCommerce v4.10 and 4.80.3 Ron E (Aug 18)
CSV Injection in nopcommerce v4.10 and 4.80.3 Ron E (Aug 18)
Insufficient Resource Allocation Limits in nopCommerce v4.10 and v4.80.3 Excel Import Functionality Ron E (Aug 18)
Session Fixation Vulnerability in iDempiere WebUI v 12.0.0.202508171158 Ron E (Aug 18)
liblcf v0.8.1 liblcf/lcf2xml: Untrusted LCF data triggers uncaught std::length_error via negative vector resize (DoS) Ron E (Aug 18)
liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service Ron E (Aug 18)
Sandro Gauci via Fulldisclosure
Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical) Sandro Gauci via Fulldisclosure (Aug 02)
SEC Consult Vulnerability Lab via Fulldisclosure
SEC Consult SA-20250807-0 :: Race Condition in Shopware Voucher Submission SEC Consult Vulnerability Lab via Fulldisclosure (Aug 18)
SEC Consult SA-20250728-0 :: Stored Cross-Site-Scripting in Optimizely Episerver CMS SEC Consult Vulnerability Lab via Fulldisclosure (Aug 18)
Security Explorations
Kigen eUICC issue (custom backdoor vs. FW update bug) Security Explorations (Aug 12)
PlayReady Activation protocol issues (weak auth / fake client identities) Security Explorations (Aug 12)
Stefan Kanthak via Fulldisclosure
Defense in depth -- the Microsoft way (part 91): yet another 30 year old bug of the "Properties" shell extension Stefan Kanthak via Fulldisclosure (Aug 04)
Usman Saeed via Fulldisclosure
Multi-Protocol Traceroute Usman Saeed via Fulldisclosure (Aug 18)