- feeds
- popular
- recent
- reader
- about
- story
- technologies
- what is rss
- connect
- dmca
- contact
- Feed Preview Full Disclosure
Defense in depth -- the Microsoft way (part 87): shipping more rotten software to billions of unsuspecting customers
Posted by Stefan Kanthak on Apr 24Hi @ll,
this post is a continuation of
Response to CVE-2023-26756 - Revive Adserver
Posted by Matteo Beccati on Apr 24CVE-2023-26756 has been recently filed against the Revive Adserver project. The action was taken without first contacting us, and it did not follow the secur...
BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH)
Posted by malvuln on Apr 19Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: malvuln13...
SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 19SEC Consult Vulnerability Lab Security Advisory < 20240418-0 > ===============================================================...
MindManager 23 - full disclosure
Posted by Pawel Karwowski via Fulldisclosure on Apr 19Resending! Thank
you for your efforts.
GitHub - pawlokk/mindmanager-poc: public
disclosure
CVE-2024-31705
Posted by V3locidad on Apr 14CVE ID: CVE-2024-31705 Title : RCE to Shell Commands" Plugin / GLPI Shell Command Management Interface Affected Product : GLPI - 10.X.X and last version Descrip...
SEC Consult SA-20240411-0 :: Database Passwords in Server Response in Amazon AWS Glue
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14SEC Consult Vulnerability Lab Security Advisory < 20240411-0 > ===============================================================...
Invision Community <= 4.7.16 (toolbar.php) Remote Code Execution Vulnerability
Posted by Egidio Romano on Apr 10------------------------------------------------------------------------------ Invision Community <= 4.7.16 (toolbar.php) Remote Code Execution Vulnerability --...
Invision Community <= 4.7.15 (store.php) SQL Injection Vulnerability
Posted by Egidio Romano on Apr 10-------------------------------------------------------------------- Invision Community <= 4.7.15 (store.php) SQL Injection Vulnerability ----------------------...
Multiple Issues in concretecmsv9.2.7
Posted by Andrey Stoykov on Apr 10# Exploit Title: Multiple Web Flaws in concretecmsv9.2.7 # Date: 4/2024 # Exploit Author: Andrey Stoykov # Version: 9.2.7 # Tested on: Ubuntu 22.04 # Blog: ...
OXAS-ADV-2024-0001: OX App Suite Security Advisory
Posted by Martin Heiland via Fulldisclosure on Apr 10Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulne...
Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC)
Posted by malvuln on Apr 10Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/0eb4a9089d3f7cf431d6547db3b9484d.txt Contact: malvuln13...
CVE-2023-27195: Broken Access Control - Registration Code in TM4Web v22.2.0
Posted by Clément Cruchet on Apr 10CVE ID: CVE-2023-27195 Description: An access control issue in Trimble TM4Web v22.2.0 allows unauthenticated attackers to access a specific crafted URL pat...
IEEE CSR Workshop on Cyber Forensics& Advanced Threat Investigations in Emerging Technologies 2024
Posted by Andrew Zayine on Apr 05Dear Colleagues, IEEE CSR Workshop on Cyber Forensics and Advanced Threat Investigations in Emerging Technologies organizing committee is inviting you to submi...
Backdoor.Win32.Agent.ju (PSYRAT) / Authentication Bypass RCE
Posted by malvuln on Apr 05Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/0e6e40aad3e8d46e3c0c26ccc6ab94b3.txt Contact: malvuln13...