Full Disclosure: by thread

Full Disclosure: by thread

Previous period

19 messages starting Aug 02 25 and ending Aug 18 25
Date index | Thread index | Author index

APPLE-SA-07-30-2025-1 Safari 18.6 Apple Product Security via Fulldisclosure (Aug 02)
Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical) Sandro Gauci via Fulldisclosure (Aug 02)
Defense in depth -- the Microsoft way (part 91): yet another 30 year old bug of the "Properties" shell extension Stefan Kanthak via Fulldisclosure (Aug 04)
PlayReady Activation protocol issues (weak auth / fake client identities) Security Explorations (Aug 12)
Kigen eUICC issue (custom backdoor vs. FW update bug) Security Explorations (Aug 12)
iOS 18.6 - Undocumented TCC Access to Multiple Privacy Domains via preflight=yes josephgoyd via Fulldisclosure (Aug 18)
[tool] CRSprober Jozef Sudolsky (Aug 18)
Piciorgros TMO-100: Unauthorized log data access Georg Lukas (Aug 18)
Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617) Georg Lukas (Aug 18)
liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service Ron E (Aug 18)
liblcf v0.8.1 liblcf/lcf2xml: Untrusted LCF data triggers uncaught std::length_error via negative vector resize (DoS) Ron E (Aug 18)
CSV Injection in iDempiere WebUI 12.0.0.202508171158 Ron E (Aug 18)
Session Fixation Vulnerability in iDempiere WebUI v 12.0.0.202508171158 Ron E (Aug 18)
Insufficient Session Cookie Invalidation in nopCommerce v4.10 and 4.80.3 Ron E (Aug 18)
CSV Injection in nopcommerce v4.10 and 4.80.3 Ron E (Aug 18)
Insufficient Resource Allocation Limits in nopCommerce v4.10 and v4.80.3 Excel Import Functionality Ron E (Aug 18)
SEC Consult SA-20250807-0 :: Race Condition in Shopware Voucher Submission SEC Consult Vulnerability Lab via Fulldisclosure (Aug 18)
SEC Consult SA-20250728-0 :: Stored Cross-Site-Scripting in Optimizely Episerver CMS SEC Consult Vulnerability Lab via Fulldisclosure (Aug 18)
Multi-Protocol Traceroute Usman Saeed via Fulldisclosure (Aug 18)

Previous period