Full Disclosure: by date

20 messages starting Feb 01 25 and ending Feb 27 25
Date index | Thread index | Author index

Saturday, 01 February

Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3 hyp3rlinx
Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS) David Fifield
APPLE-SA-01-30-2025-1 GarageBand 10.4.12 Apple Product Security via Fulldisclosure

Tuesday, 04 February

KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting KoreLogic Disclosures via Fulldisclosure
KL-001-2025-002: Checkmk NagVis Remote Code Execution KoreLogic Disclosures via Fulldisclosure

Monday, 10 February

ChatGPT AI finds "security concern" (XSS) in DeepSeek's code Georgi Guninski
CVE-2024-55447: Access Control in Paxton Net2 software (update) Jeroen Hermans via Fulldisclosure
APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1 Apple Product Security via Fulldisclosure
APPLE-SA-02-10-2025-2 iPadOS 17.7.5 Apple Product Security via Fulldisclosure

Wednesday, 12 February

SEC Consult SA-20250211-0 :: Multiple vulnerabilities in Wattsense Bridge SEC Consult Vulnerability Lab via Fulldisclosure

Saturday, 15 February

Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS) David Fifield
[CVE-2024-54756] GZDoom <= 4.13.1 Arbitrary Code Execution via Malicious ZScript Gabriel Valachi via Fulldisclosure

Sunday, 16 February

Netgear Router Administrative Web Interface Lacks Transport Encryption By Default Ryan Delaney via Fulldisclosure
Monero 18.3.4 zero-day DoS vulnerability has been dropped publicly on social network. upper.underflow via Fulldisclosure

Monday, 17 February

Re: Netgear Router Administrative Web Interface Lacks Transport Encryption By Default Gynvael Coldwind

Thursday, 20 February

Python's official documentation contains textbook example of insecure code (XSS) Georgi Guninski
Self Stored XSS - acp2sev7.2.2 Andrey Stoykov
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client Qualys Security Advisory via Fulldisclosure

Thursday, 27 February

Re: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client Jordy Zomer
SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC SEC Consult Vulnerability Lab via Fulldisclosure

Previous period

Next period