Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
37 messages
starting Dec 01 25 and
ending Dec 15 25
Date index |
Thread index |
Author index
Aerith Gainsborough via Fulldisclosure
Missing Critical Security Headers in Legality WHISTLEBLOWING Aerith Gainsborough via Fulldisclosure (Dec 01)
Andraz Sraka
[CFP] Security BSidesLjubljana 0x7EA | March 13, 2026 Andraz Sraka (Dec 17)
Apple Product Security via Fulldisclosure
APPLE-SA-12-12-2025-4 macOS Sequoia 15.7.3 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-9 Safari 26.2 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-1 iOS 26.2 and iPadOS 26.2 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-6 tvOS 26.2 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-2 iOS 18.7.3 and iPadOS 18.7.3 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-5 macOS Sonoma 14.8.3 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-8 visionOS 26.2 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-7 watchOS 26.2 Apple Product Security via Fulldisclosure (Dec 15)
APPLE-SA-12-12-2025-3 macOS Tahoe 26.2 Apple Product Security via Fulldisclosure (Dec 15)
Egidio Romano
[KIS-2025-07] Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability Egidio Romano (Dec 15)
[KIS-2025-10] PKP-WAL <= 3.5.0-1 (Institution Collector) SQL Injection Vulnerability Egidio Romano (Dec 27)
[KIS-2025-13] PKP-WAL <= 3.5.0-3 (X-Forwarded-Host) LESS Code Injection Vulnerability Egidio Romano (Dec 27)
[KIS-2025-09] Control Web Panel <= 0.9.8.1208 (admin/index.php) OS Command Injection Vulnerability Egidio Romano (Dec 17)
[KIS-2025-08] 1C-Bitrix <= 25.100.500 (Translate Module) Remote Code Execution Vulnerability Egidio Romano (Dec 15)
[KIS-2025-12] PKP-WAL <= 3.5.0-1 (baseColour) LESS Code Injection Vulnerability Egidio Romano (Dec 27)
[KIS-2025-14] PKP-WAL <= 3.5.0-1 Login Cross-Site Request Forgery Vulnerability Egidio Romano (Dec 27)
[KIS-2025-11] Open Journal Systems <= 3.5.0-1 (NativeXmlIssueGalleyFilter.php) Path Traversal Vulnerability Egidio Romano (Dec 27)
LRKTBEYK LRKTBEYK
Raydium CP Swap: Unchecked Account Allows Creator Fee Hijacking LRKTBEYK LRKTBEYK (Dec 17)
malvuln
HEUR.Backdoor.Win32.Poison.gen / Arbitrary Code Execution / MVID-2025-0701 malvuln (Dec 22)
Backdoor.Win32.Netbus.170 / Insecure Credential Storage / MVID-2025-0703 malvuln (Dec 27)
Backdoor.Win32.ControlTotal.t / Insecure Credential Storage / MVID-2025-0702 malvuln (Dec 22)
Backdoor.Win32.Poison.jh / Insecure Permissions malvuln (Dec 27)
Matteo Beccati
[REVIVE-SA-2025-005] Revive Adserver Vulnerability Matteo Beccati (Dec 01)
Micha Borrmann via Fulldisclosure
[SYSS-2025-060]: HP computer UEFI boot protection bypass Micha Borrmann via Fulldisclosure (Dec 15)
Onur Tezcan via Fulldisclosure
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality. Onur Tezcan via Fulldisclosure (Dec 15)
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area Onur Tezcan via Fulldisclosure (Dec 15)
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality Onur Tezcan via Fulldisclosure (Dec 15)
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality Onur Tezcan via Fulldisclosure (Dec 15)
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) in the product management functionality Onur Tezcan via Fulldisclosure (Dec 15)
Pierre Kim
2 vulnerabilities in Egovframe Pierre Kim (Dec 01)
8 vulnerabilities in AudioCodes Fax/IVR Appliance Pierre Kim (Dec 01)
Stefan Kanthak via Fulldisclosure
Defense in depth -- the Microsoft way (part 94): SAFER (SRPv1 and AppLocker alias SRPv2) bypass for dummies Stefan Kanthak via Fulldisclosure (Dec 22)
Thomas Weber | CyberDanube via Fulldisclosure
CyberDanube Security Research 20251215-0 | Multiple Vulnerabilities in Phoenix Contact FL Switch Series Thomas Weber | CyberDanube via Fulldisclosure (Dec 17)
Yuffie Kisaragi via Fulldisclosure
Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) Yuffie Kisaragi via Fulldisclosure (Dec 05)
Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) Yuffie Kisaragi via Fulldisclosure (Dec 15)