82 messages
starting Sep 08 25 and
ending Sep 30 25
Date index |
Thread index |
Author index
Asterisk Security Release 18.26.4 Asterisk Development Team via Fulldisclosure (Sep 08)
Asterisk Security Release 21.10.2 Asterisk Development Team via Fulldisclosure (Sep 08)
Asterisk Security Release 20.15.2 Asterisk Development Team via Fulldisclosure (Sep 08)
Asterisk Security Release 22.5.2 Asterisk Development Team via Fulldisclosure (Sep 08)
Certified Asterisk Security Release certified-18.9-cert17 George Joseph via Fulldisclosure (Sep 08)
(iOS 18.6.2) Improper Input Validation in Siri Shortcuts and Shared Web Credentials josephgoyd via Fulldisclosure (Sep 08)
[Zero-Day] AppleMediaServices Fail-Open Auth Bypass (All Platforms) josephgoyd via Fulldisclosure (Sep 08)
Host Header Injection - silverstripecmsv6.0.0 Andrey Stoykov (Sep 08)
CSV Injection - silverstripecmsv6.0.0 Andrey Stoykov (Sep 08)
APPLE-SA-08-20-2025-1 iOS 18.6.2 and iPadOS 18.6.2 Apple Product Security via Fulldisclosure (Sep 08)
APPLE-SA-08-20-2025-2 iPadOS 17.7.10 Apple Product Security via Fulldisclosure (Sep 08)
APPLE-SA-08-20-2025-3 macOS Sequoia 15.6.1 Apple Product Security via Fulldisclosure (Sep 08)
APPLE-SA-08-20-2025-4 macOS Sonoma 14.7.8 Apple Product Security via Fulldisclosure (Sep 08)
APPLE-SA-08-20-2025-5 macOS Ventura 13.7.8 Apple Product Security via Fulldisclosure (Sep 08)
CVE-2024-45438 - SpamTitan Unauthenticated User Creation Seralys Research Team via Fulldisclosure (Sep 08)
libheif v1.21.0 Heap Buffer Overflow in Chunk::Chunk Ron E (Sep 08)
libheif 1.21.0 Use-After-Free / Dangling shared_ptr in Track Chunk Handling Ron E (Sep 08)
libheif v1.21.0 Out-of-Bounds Read in Box_stts::get_sample_duration Ron E (Sep 08)
libheif v1.21.0 Out-of-Bounds Read in FullBox::get_flags Ron E (Sep 08)
libheif v1.21.0 Null Pointer Dereference in Box_hdlr::get_handler_type Ron E (Sep 08)
libheif v1.21.0 Null Pointer Dereference in std::vector<unsigned>::empty Ron E (Sep 08)
libheif v1.21.0 Integer Overflow in Y4M Loader leading to Uncontrolled Memory Allocation Ron E (Sep 08)
DjVuLibre 3.5.29 IW44EncodeCodec Integer Overflow (Negative Left Shift in IW44Image::Map::Encode) Ron E (Sep 08)
DjVuLibre 3.5.29 ZPCodec Unsigned Integer Overflow in Arithmetic Encoding Ron E (Sep 08)
FFmpeg 7.0+ Heap Use-After-Free in FFmpeg HLS Demuxer (libavformat/utils.c) Ron E (Sep 08)
FFmpeg 7.0+ Integer Overflow in FFmpeg yuvcmp Tool Leads to Out-of-Bounds Allocation Ron E (Sep 08)
FFmpeg 7.0+ Type Confusion in FFmpeg Function Pointer Calls (libavformat/utils.c) Ron E (Sep 08)
FFmpeg 7.0+ NULL Pointer Dereference in FFmpeg String Handling (avstring.c) Ron E (Sep 08)
FFmpeg 7.0+ LADSPA Filter Arbitrary Shared Object Loading via Unsanitized Environment Variables Ron E (Sep 08)
FFmpeg 7.0+ Integer Overflow in UDP Protocol Handler (fifo_size option) Ron E (Sep 08)
FFmpeg 7.0+ Integer Overflow in DSCP Option Handling of FFmpeg UDP Protocol Ron E (Sep 08)
FFmpeg 7.0+ Integer Overflow in FFmpeg cache: Protocol (CacheEntry::size) Ron E (Sep 08)
SEC Consult SA-20250908-0 :: NFC Card Vulnerability Exploitation Leading to Free Top-Up in KioSoft "Stored Value" Unattended Payment Solution (Mifare) SEC Consult Vulnerability Lab via Fulldisclosure (Sep 08)
Submission of Critical Firmware Parameters – PCIe HCA Cards Taylor Newsome (Sep 08)
Critical Security Report – Remote Code Execution via Persistent Discord WebRTC Automation Taylor Newsome (Sep 08)
Defense in depth -- the Microsoft way (part 92): more stupid blunders of Windows' File Explorer Stefan Kanthak via Fulldisclosure (Sep 08)
User Enumeration in IServ Schoolserver Web Login naphthalin via Fulldisclosure (Sep 10)
SEC Consult SA-20250911-0 :: Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider (SP) (ODBC interface) SEC Consult Vulnerability Lab via Fulldisclosure (Sep 15)
libicns v0.8.1 Heap Buffer Overflow in libicns ICNS Parsing (icns2png) Ron E (Sep 15)
libicns v0.8.1 Signed Integer Overflow in libicns during .icns file parsing Ron E (Sep 15)
libicns v0.8.1 Out-of-Bounds Read in libicns icns_family.c when parsing malformed .icns files Ron E (Sep 15)
gbsplay 0.0.100-18 Heap Buffer Overflow in update_status_on_subsong_change in gbsplay Ron E (Sep 15)
libvips v8.18.0 Function Pointer Type Confusion in libvips Callback Dispatch Ron E (Sep 15)
CHMLIB 0.40a Integer Overflow in LZX Decompression of CHMLib Ron E (Sep 15)
CHMLib 0.40a Integer Overflow in _unmarshal_int32 / _unmarshal_uint32 During CHM Header Parsing Ron E (Sep 15)
libwmf v0.2.13 Integer Overflow in libwmf Left-Shift Operations (wmf.c, fig.c, svg.c) Ron E (Sep 15)
APPLE-SA-09-15-2025-1 iOS 26 and iPadOS 26 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-2 iOS 18.7 and iPadOS 18.7 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-3 iOS 16.7.12 and iPadOS 16.7.12 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-4 iOS 15.8.5 and iPadOS 15.8.5 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-5 macOS Tahoe 26 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-6 macOS Sequoia 15.7 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-7 macOS Sonoma 14.8 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-8 tvOS 26 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-9 watchOS 26 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-10 visionOS 26 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-11 Safari 26 Apple Product Security via Fulldisclosure (Sep 15)
APPLE-SA-09-15-2025-12 Xcode 26 Apple Product Security via Fulldisclosure (Sep 15)
[CFP] Burning River Cyber Con '25 - Cleveland, OH Burning River Cyber Con via Fulldisclosure (Sep 22)
Current Password not Required When Changing Password - flatpressv1.4.1 Andrey Stoykov (Sep 22)
Stored HTML Injection - flatpressv1.4.1 Andrey Stoykov (Sep 22)
libelf 0.8.12 Stack-based buffer overflow in gmo2msg (libelf) via unbounded sprintf of lang argument Ron E (Sep 22)
Defense in depth -- the Microsoft way (part 93): SRP/SAFER whitelisting goes black on Windows 11 Stefan Kanthak via Fulldisclosure (Sep 22)
Defense in depth -- the Microsoft way (part 94): BACKDOOR planted in AppLocker Stefan Kanthak via Fulldisclosure (Sep 22)
xpra server information disclosure Antoine Martin via Fulldisclosure (Sep 25)
CyberDanube Security Research 20250909-0 | Cross-Site Scripting in Schneider ATV 630 Thomas Weber | CyberDanube via Fulldisclosure (Sep 25)
CyberDanube Security Research 20250919-0 | Multiple Vulnerabilities in Novakon P series Thomas Weber | CyberDanube via Fulldisclosure (Sep 25)
SEC Consult SA-20250923-0 :: Missing Certificate Validation leading to RCE in CleverControl employee monitoring software #CVE-2025-10548 SEC Consult Vulnerability Lab via Fulldisclosure (Sep 25)
SEC Consult SA-20250925-0 :: Multiple Vulnerabilities in iMonitorSoft EAM employee monitoring #CVE-2025-10540 #CVE-2025-10541 #CVE-2025-10542 SEC Consult Vulnerability Lab via Fulldisclosure (Sep 25)
APPLE-SA-09-29-2025-1 iOS 26.0.1 and iPadOS 26.0.1 Apple Product Security via Fulldisclosure (Sep 30)
APPLE-SA-09-29-2025-2 iOS 18.7.1 and iPadOS 18.7.1 Apple Product Security via Fulldisclosure (Sep 30)
APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1 Apple Product Security via Fulldisclosure (Sep 30)
APPLE-SA-09-29-2025-4 macOS Sequoia 15.7.1 Apple Product Security via Fulldisclosure (Sep 30)
APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1 Apple Product Security via Fulldisclosure (Sep 30)
APPLE-SA-09-29-2025-6 visionOS 26.0.1 Apple Product Security via Fulldisclosure (Sep 30)
libgeotiff 1.7.4 Heap Buffer Overflow in geotifcp (libgeotiff) During 8-to-4 Bit Downsample with Odd Image Width Ron E (Sep 30)
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow Ron E (Sep 30)
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib Ron E (Sep 30)
RSS Feed
About List
All Lists
Previous period