Full Disclosure: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

60 messages starting Jun 01 21 and ending Jun 29 21
Date index | Thread index | Author index

Tuesday, 01 June

SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series SEC Consult Vulnerability Lab

Friday, 04 June

Trovent Security Advisory 2104-01 / HealthForYou & Sanitas HealthCoach: User enumeration through API Stefan Pietsch
Trovent Security Advisory 2104-02 / HealthForYou & Sanitas HealthCoach: Account takeover with only email address possible Stefan Pietsch
Trojan.Win32.Scar.dulk / Insecure Permissions malvuln
Backdoor.Win32.NerTe.772 / Authentication Bypass RCE malvuln
Backdoor.Win32.NerTe.772 / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Netbus.12 / Unauthenticated Information Disclosure malvuln
Backdoor.Win32.NetControl2.293 / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Whirlpool.a / Remote Buffer Overflow - UDP Datagram malvuln
Backdoor.Win32.WinShell.a / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Wisell / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.NetSpy.10 / Heap Corruption malvuln
Backdoor.Win32.Delf.acz / Remote Stack Buffer Overflow (SEH) malvuln
Backdoor.Win32.Androm.df / Unauthenticated Remote Command Execution malvuln

Tuesday, 08 June

Backdoor.Win32.Neakse.bit / Insecure Permissions malvuln
Backdoor.Win32.Wollf.12 / Unauthenticated Remote Command Execution malvuln
Trojan-Dropper.Win32.Googite.a / Unauthenticated Open Proxy malvuln

Friday, 11 June

secuvera-SA-2021-01: Privilege Escalation in NetSetMan Pro 4.7.2 Simon Bieber
Backdoor.Win32.Wuca.nz / Insecure Permissions malvuln
Backdoor.Win32.XRat.d / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Zombam.gen / Cross Site Scripting (XSS) malvuln
Backdoor.Win32.Zombam.gen / Unauthenticated URL Command Injection malvuln
Backdoor.Win32.Zombam.gen / Remote Stack Buffer Overflow malvuln

Sunday, 13 June

popo:: linux kernel vulns of it. KJ Jung
Backdoor.Win32.Pazus.18 / Authentication Bypass RCE malvuln

Monday, 14 June

Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0006: [CVE-2020-26811] - SAP Hybris eCommerce - SSRF in acceleratorservices module Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0007: Exposure of Sensitive Information to an Unauthorized Actor Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication Onapsis Research via Fulldisclosure
Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 Onapsis Research via Fulldisclosure

Tuesday, 15 June

popo2, kernel/tun driver bufferoverflow. KJ Jung
Backdoor.Win32.VB.pld / Insecure Transit malvuln
Backdoor.Win32.VB.pld / Unauthenticated Remote Command Execution malvuln
Backdoor.Win32.Zombam.gen / Information Disclosure malvuln

Friday, 18 June

[SYSS-2021-007]: Protectimus SLIM NFC - External Control of System or Configuration Setting (CWE-15) (CVE-2021-32033) Matthias Deeg
Re: popo/popo2 linux kernel vulns RaziREKT via Fulldisclosure
Re: popo2, kernel/tun driver bufferoverflow. Robert Święcki
Email-Worm.Win32.Kipis.a / Unauthenticated Remote Code Execution malvuln
Trojan.Win32.Alien.erf / Remote Denial of Service malvuln
Trojan.Win32.Alien.erf / Remote Stack Buffer Overflow malvuln
Trovent Security Advisory 2105-01 / CVE-2021-32612: VeryFitPro unencrypted cleartext transmission of sensitive information Stefan Pietsch
Trojan.Win32.Alien.erf / Directory Traversal malvuln
Trojan-Dropper.Win32.Googite.b / Unauthenticated Remote Command Execution malvuln

Tuesday, 22 June

SYSS-2021-032 Admin Columns WordPress Plug-In - Persistent Cross-Site Scripting Johannes Lauinger
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow malvuln

Sunday, 27 June

Using the Android USB Driver to Extract Data as USB Mass Storage Device Roman Fiedler
Backdoor.Win32.ReverseTrojan.200 / Authentication Bypass Empty Password malvuln
Trojan.Win32.SecondThought.ak / Insecure Permissions malvuln
Trojan.Win32.Banpak.kh / Insecure Permissions malvuln
Trojan-Dropper.Win32.Juntador.a / Weak Hardcoded Password malvuln
Trojan-Dropper.Win32.Krepper.a / Unauthenticated Remote Command Execution malvuln
Email-Worm.Win32.Trance.a / Insecure Permissions malvuln
Trojan-Dropper.Win32.Scrop.dyi / Insecure Permissions malvuln
Constructor.Win32.Bifrose.asc / Local Stack Buffer Overflow (Heap Corruption) malvuln

Tuesday, 29 June

CVE-2021-35523: Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 Florian Bogner via Fulldisclosure

Previous period

Next period