Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
32 messages
starting Feb 04 26 and
ending Feb 22 26
Date index |
Thread index |
Author index
Wednesday, 04 February
[KIS-2026-01] Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability Egidio Romano
[KIS-2026-02] Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities Egidio Romano
[KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities Egidio Romano
CyberDanube Security Research 20260119-0 | Authenticated Command Injection in Phoenix Contact TC Router Series Thomas Weber | CyberDanube via Fulldisclosure
SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS) SEC Consult Vulnerability Lab via Fulldisclosure
Saturday, 07 February
Certified Asterisk Security Release certified-20.7-cert9 Asterisk Development Team via Fulldisclosure
Asterisk Security Release 20.18.2 Asterisk Development Team via Fulldisclosure
Asterisk Security Release 22.8.2 Asterisk Development Team via Fulldisclosure
Asterisk Security Release 21.12.1 Asterisk Development Team via Fulldisclosure
Asterisk Security Release 23.2.2 Asterisk Development Team via Fulldisclosure
Monday, 16 February
[SYSS-2025-001] Linksys MX9600/MX4200 - Path Traversal Christian Zäske via Fulldisclosure
[SYSS-2025-002] Linksys MX9600/MX4200 - Missing Authentication for Critical Function Christian Zäske via Fulldisclosure
[SYSS-2025-009] Linksys MX9600/MX4200 - SQL Injection Christian Zäske via Fulldisclosure
[SYSS-2025-010] Linksys MX9600/MX4200 - OS Command Injection Christian Zäske via Fulldisclosure
[SYSS-2025-011] Linksys MX9600/MX4200 - OS Command Injection Christian Zäske via Fulldisclosure
[SYSS-2025-014] Linksys MX4200 - Improper Verification of Source of a Communication Channel Christian Zäske via Fulldisclosure
Firedancer Solana Validator - QUIC Transport Parameter UB and Consensus-Splitting Cast Bug Agent Spooky's Fun Parade via Fulldisclosure
🚨 Public Disclosure: Remote BitLocker Bypass via Intel AMT — SYSTEM Access Without Login Darsh Naik
Blind XXE in Electronic Invoice online tools (validator.invoice-portal.de, xrechnung.rib.de) Hanno Böck
APPLE-SA-02-11-2026-1 iOS 26.3 and iPadOS 26.3 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-2 iOS 18.7.5 and iPadOS 18.7.5 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-3 macOS Tahoe 26.3 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-4 macOS Sequoia 15.7.4 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-5 macOS Sonoma 14.8.4 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-6 tvOS 26.3 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-7 watchOS 26.3 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-8 visionOS 26.3 Apple Product Security via Fulldisclosure
APPLE-SA-02-11-2026-9 Safari 26.3 Apple Product Security via Fulldisclosure
[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0 privexploits via Fulldisclosure
SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models SEC Consult Vulnerability Lab via Fulldisclosure
Sunday, 22 February
[KIS-2026-04] SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability Egidio Romano
SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud) SEC Consult Vulnerability Lab via Fulldisclosure