Full Disclosure: by date

PreviousPrevious period
Next periodNext

22 messages starting Apr 02 26 and ending Apr 29 26
Date index | Thread index | Author index

Thursday, 02 April

[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability cyber security
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability Egidio Romano
Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility Joseph Goydish II via Fulldisclosure
SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library SEC Consult Vulnerability Lab via Fulldisclosure
SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI SEC Consult Vulnerability Lab via Fulldisclosure

Tuesday, 14 April

SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS SEC Consult Vulnerability Lab via Fulldisclosure
CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000 Thomas Weber | CyberDanube via Fulldisclosure
CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000 Thomas Weber | CyberDanube via Fulldisclosure

Wednesday, 29 April

[SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection SBA Research Security Advisory via Fulldisclosure
[IWCC 2026] CfP: 15th International Workshop on Cyber Crime - Linköping, Sweden, Aug 24-27, 2026 Artur Janicki via Fulldisclosure
Trojan-Spy.Win32.Small / Remote Command Execution malvuln
[KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability Egidio Romano
[KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability Egidio Romano
Research: When Trusted Tools Become Attack Primitives Nir Yehoshua
APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 Apple Product Security via Fulldisclosure
APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 Apple Product Security via Fulldisclosure
SEC Consult SA-20260415-0 :: Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer SEC Consult Vulnerability Lab via Fulldisclosure
SEC Consult SA-20260421-0 :: Broken Access Control in Config Endpoint in LiteLLM SEC Consult Vulnerability Lab via Fulldisclosure
SEC Consult SA-20260423-0 :: DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service) SEC Consult Vulnerability Lab via Fulldisclosure
SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App SEC Consult Vulnerability Lab via Fulldisclosure
Re: SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App SEC Consult Vulnerability Lab via Fulldisclosure
ESP-RFID-Tool v2 PRO — Full Public Disclosure Milan Berger via Fulldisclosure
PreviousPrevious period
Next periodNext