Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
60 messages
starting Jun 29 21 and
ending Jun 04 21
Date index |
Thread index |
Author index
Florian Bogner via Fulldisclosure
CVE-2021-35523: Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 Florian Bogner via Fulldisclosure (Jun 29)
Johannes Lauinger
SYSS-2021-032 Admin Columns WordPress Plug-In - Persistent Cross-Site Scripting Johannes Lauinger (Jun 22)
KJ Jung
popo2, kernel/tun driver bufferoverflow. KJ Jung (Jun 15)
popo:: linux kernel vulns of it. KJ Jung (Jun 13)
malvuln
Email-Worm.Win32.Kipis.a / Unauthenticated Remote Code Execution malvuln (Jun 18)
Backdoor.Win32.Zombam.gen / Unauthenticated URL Command Injection malvuln (Jun 11)
Backdoor.Win32.Neakse.bit / Insecure Permissions malvuln (Jun 08)
Backdoor.Win32.Zombam.gen / Information Disclosure malvuln (Jun 15)
Backdoor.Win32.Zombam.gen / Remote Stack Buffer Overflow malvuln (Jun 11)
Backdoor.Win32.Wisell / Unauthenticated Remote Command Execution malvuln (Jun 04)
Trojan-Dropper.Win32.Googite.a / Unauthenticated Open Proxy malvuln (Jun 08)
Trojan.Win32.Scar.dulk / Insecure Permissions malvuln (Jun 04)
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow malvuln (Jun 22)
Trojan.Win32.Alien.erf / Remote Stack Buffer Overflow malvuln (Jun 18)
Trojan.Win32.SecondThought.ak / Insecure Permissions malvuln (Jun 27)
Email-Worm.Win32.Trance.a / Insecure Permissions malvuln (Jun 27)
Backdoor.Win32.Pazus.18 / Authentication Bypass RCE malvuln (Jun 13)
Backdoor.Win32.Netbus.12 / Unauthenticated Information Disclosure malvuln (Jun 04)
Backdoor.Win32.NerTe.772 / Authentication Bypass RCE malvuln (Jun 04)
Trojan-Dropper.Win32.Googite.b / Unauthenticated Remote Command Execution malvuln (Jun 18)
Constructor.Win32.Bifrose.asc / Local Stack Buffer Overflow (Heap Corruption) malvuln (Jun 27)
Backdoor.Win32.Delf.acz / Remote Stack Buffer Overflow (SEH) malvuln (Jun 04)
Backdoor.Win32.ReverseTrojan.200 / Authentication Bypass Empty Password malvuln (Jun 27)
Backdoor.Win32.VB.pld / Unauthenticated Remote Command Execution malvuln (Jun 15)
Backdoor.Win32.Whirlpool.a / Remote Buffer Overflow - UDP Datagram malvuln (Jun 04)
Trojan-Dropper.Win32.Krepper.a / Unauthenticated Remote Command Execution malvuln (Jun 27)
Backdoor.Win32.WinShell.a / Unauthenticated Remote Command Execution malvuln (Jun 04)
Backdoor.Win32.NerTe.772 / Unauthenticated Remote Command Execution malvuln (Jun 04)
Backdoor.Win32.Wuca.nz / Insecure Permissions malvuln (Jun 11)
Trojan.Win32.Alien.erf / Directory Traversal malvuln (Jun 18)
Backdoor.Win32.NetSpy.10 / Heap Corruption malvuln (Jun 04)
Backdoor.Win32.VB.pld / Insecure Transit malvuln (Jun 15)
Backdoor.Win32.NetControl2.293 / Unauthenticated Remote Command Execution malvuln (Jun 04)
Trojan.Win32.Banpak.kh / Insecure Permissions malvuln (Jun 27)
Backdoor.Win32.Androm.df / Unauthenticated Remote Command Execution malvuln (Jun 04)
Backdoor.Win32.XRat.d / Unauthenticated Remote Command Execution malvuln (Jun 11)
Trojan-Dropper.Win32.Juntador.a / Weak Hardcoded Password malvuln (Jun 27)
Trojan.Win32.Alien.erf / Remote Denial of Service malvuln (Jun 18)
Trojan-Dropper.Win32.Scrop.dyi / Insecure Permissions malvuln (Jun 27)
Backdoor.Win32.Wollf.12 / Unauthenticated Remote Command Execution malvuln (Jun 08)
Backdoor.Win32.Zombam.gen / Cross Site Scripting (XSS) malvuln (Jun 11)
Matthias Deeg
[SYSS-2021-007]: Protectimus SLIM NFC - External Control of System or Configuration Setting (CWE-15) (CVE-2021-32033) Matthias Deeg (Jun 18)
Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0006: [CVE-2020-26811] - SAP Hybris eCommerce - SSRF in acceleratorservices module Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0007: Exposure of Sensitive Information to an Unauthorized Actor Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 Onapsis Research via Fulldisclosure (Jun 14)
Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager Onapsis Research via Fulldisclosure (Jun 14)
RaziREKT via Fulldisclosure
Re: popo/popo2 linux kernel vulns RaziREKT via Fulldisclosure (Jun 18)
Robert Święcki
Re: popo2, kernel/tun driver bufferoverflow. Robert Święcki (Jun 18)
Roman Fiedler
Using the Android USB Driver to Extract Data as USB Mass Storage Device Roman Fiedler (Jun 27)
SEC Consult Vulnerability Lab
SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series SEC Consult Vulnerability Lab (Jun 01)
Simon Bieber
secuvera-SA-2021-01: Privilege Escalation in NetSetMan Pro 4.7.2 Simon Bieber (Jun 11)
Stefan Pietsch
Trovent Security Advisory 2105-01 / CVE-2021-32612: VeryFitPro unencrypted cleartext transmission of sensitive information Stefan Pietsch (Jun 18)
Trovent Security Advisory 2104-02 / HealthForYou & Sanitas HealthCoach: Account takeover with only email address possible Stefan Pietsch (Jun 04)
Trovent Security Advisory 2104-01 / HealthForYou & Sanitas HealthCoach: User enumeration through API Stefan Pietsch (Jun 04)