Full Disclosure: by author

Previous period
Next period

20 messages starting Feb 20 25 and ending Feb 16 25
Date index | Thread index | Author index

Andrey Stoykov

Self Stored XSS - acp2sev7.2.2 Andrey Stoykov (Feb 20)

Apple Product Security via Fulldisclosure

APPLE-SA-02-10-2025-2 iPadOS 17.7.5 Apple Product Security via Fulldisclosure (Feb 10)
APPLE-SA-01-30-2025-1 GarageBand 10.4.12 Apple Product Security via Fulldisclosure (Feb 01)
APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1 Apple Product Security via Fulldisclosure (Feb 10)

David Fifield

Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS) David Fifield (Feb 01)
Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS) David Fifield (Feb 15)

Gabriel Valachi via Fulldisclosure

[CVE-2024-54756] GZDoom <= 4.13.1 Arbitrary Code Execution via Malicious ZScript Gabriel Valachi via Fulldisclosure (Feb 15)

Georgi Guninski

Python's official documentation contains textbook example of insecure code (XSS) Georgi Guninski (Feb 20)
ChatGPT AI finds "security concern" (XSS) in DeepSeek's code Georgi Guninski (Feb 10)

Gynvael Coldwind

Re: Netgear Router Administrative Web Interface Lacks Transport Encryption By Default Gynvael Coldwind (Feb 17)

hyp3rlinx

Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3 hyp3rlinx (Feb 01)

Jeroen Hermans via Fulldisclosure

CVE-2024-55447: Access Control in Paxton Net2 software (update) Jeroen Hermans via Fulldisclosure (Feb 10)

Jordy Zomer

Re: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client Jordy Zomer (Feb 27)

KoreLogic Disclosures via Fulldisclosure

KL-001-2025-002: Checkmk NagVis Remote Code Execution KoreLogic Disclosures via Fulldisclosure (Feb 04)
KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting KoreLogic Disclosures via Fulldisclosure (Feb 04)

Qualys Security Advisory via Fulldisclosure

MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client Qualys Security Advisory via Fulldisclosure (Feb 20)

Ryan Delaney via Fulldisclosure

Netgear Router Administrative Web Interface Lacks Transport Encryption By Default Ryan Delaney via Fulldisclosure (Feb 16)

SEC Consult Vulnerability Lab via Fulldisclosure

SEC Consult SA-20250211-0 :: Multiple vulnerabilities in Wattsense Bridge SEC Consult Vulnerability Lab via Fulldisclosure (Feb 12)
SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC SEC Consult Vulnerability Lab via Fulldisclosure (Feb 27)

upper.underflow via Fulldisclosure

Monero 18.3.4 zero-day DoS vulnerability has been dropped publicly on social network. upper.underflow via Fulldisclosure (Feb 16)
Previous period
Next period