Full Disclosure: by thread

• RSS Feed
• About List
• All Lists

Previous period

Next period

24 messages starting May 01 25 and ending May 27 25
Date index | Thread index | Author index

• Microsoft Windows .XRM-MS File / NTLM Information Disclosure Spoofing hyp3rlinx (May 01)
• BeyondTrust PRA connection takeover - CVE-2025-0217 Paul Szabo via Fulldisclosure (May 06)
• ArcGIS Hidden Functionality Allows Insecure OAuth 2.0 Based Authentication - CVE-2025-0020 VSL-2025-21 CVE - VULSec Labs via Fulldisclosure (May 16)
• secuvera-SA-2025-01: Privilege Escalation in Automic Automation Agent Unix Flo Schäfer via Fulldisclosure (May 16)
• [KIS-2025-02] Invision Community <= 5.0.6 (customCss) Remote Code Execution Vulnerability Egidio Romano (May 16)
• APPLE-SA-05-12-2025-1 iOS 18.5 and iPadOS 18.5 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-2 iPadOS 17.7.7 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-3 macOS Sequoia 15.5 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-6 watchOS 11.5 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-7 tvOS 18.5 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-8 visionOS 2.5 Apple Product Security via Fulldisclosure (May 16)
• APPLE-SA-05-12-2025-9 Safari 18.5 Apple Product Security via Fulldisclosure (May 16)
• Persistent Cross-Site Scripting in Economizzer Cashbook Entry Ron E (May 16)
• Persistent Cross-Site Scripting in Economizzer Category Entry Ron E (May 16)
• Session Invalidation in Economizzer Allows Unauthorized Access After Logout Ron E (May 16)
• SEC Consult SA-20250422-0:: Local Privilege Escalation via DLL Search Order Hijacking SEC Consult Vulnerability Lab via Fulldisclosure (May 16)
• SEC Consult SA-20250429-0 :: Multiple Vulnerabilities in HP Wolf Security Controller and more SEC Consult Vulnerability Lab via Fulldisclosure (May 16)
• SEC Consult SA-20250506-0 :: Honeywell MB Secure Authenticated Command Injection SEC Consult Vulnerability Lab via Fulldisclosure (May 16)
• CVE-2025-30072 Tiiwee X1 Alarm System - Authentication Bypass by Capture-replay Sebastian Auwärter via Fulldisclosure (May 16)
• Unauthenticated Blind SQL Injection | RSI queue management system - V 3.0 | CVE-2025-26086 Shaikh Shahnawaz (May 16)
• Structured Query Language Injection in frappe.desk.reportview.get_list Endpoint in Frappe Framework Ron E (May 27)
• SEC Consult SA-20250521-0 :: Multiple Vulnerabilities in eCharge Hardy Barth cPH2 and cPP2 charging stations SEC Consult Vulnerability Lab via Fulldisclosure (May 27)

Previous period

Next period