Mail Thread Index
- [FD] [CVE-2021-40149] Reolink E1 Zoom Camera <= 3.0.0.716 Unauthenticated Private Key Disclosure,
Julien Ahrens (RCE Security)
- [FD] [CVE-2021-40150] Reolink E1 Zoom Camera <= 3.0.0.716 Unauthenticated Web Server Configuration Disclosure,
Julien Ahrens (RCE Security)
- Re: [FD] Three vulnerabilities found in MikroTik's RouterOS,
Q C
- [FD] SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220601-0 :: Multiple Critical Vulnerabilities in Poly EagleEye Director II,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220601-1 :: Authenticated Command Injection in Poly Studio,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220602-0 :: Multiple Memory Corruption Vulnerabilities in dbus-broker,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] XML External Entity (XXE) vulnerability in the WSO2 Management Console,
Hakan Bayır ( Biznet Bilişim )
- [FD] [SYSS-2022-001]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384),
Matthias Deeg
- [FD] [SYSS-2022-002]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382),
Matthias Deeg
- [FD] [SYSS-2022-003]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383),
Matthias Deeg
- [FD] [SYSS-2022-004]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Expected Behavior Violation (CWE-440) (CVE-2022-28386),
Matthias Deeg
- [FD] [SYSS-2022-005]: Verbatim Store 'n' Go Secure Portable HDD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384),
Matthias Deeg
- [FD] [SYSS-2022-006]: Verbatim Store 'n' Go Secure Portable HDD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382),
Matthias Deeg
- [FD] [SYSS-2022-007]: Verbatim Store 'n' Go Secure Portable HDD - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383),
Matthias Deeg
- [FD] [SYSS-2022-008]: Verbatim Store 'n' Go Secure Portable HDD - Expected Behavior Violation (CWE-440) (CVE-2022-28386),
Matthias Deeg
- [FD] [SYSS-2022-009]: Verbatim Executive Fingerprint Secure SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28387),
Matthias Deeg
- [FD] [SYSS-2022-010]: Verbatim Executive Fingerprint Secure SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382),
Matthias Deeg
- [FD] [SYSS-2022-011]: Verbatim Executive Fingerprint Secure SSD - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383),
Matthias Deeg
- [FD] [SYSS-2022-013]: Verbatim Executive Fingerprint Secure SSD - Insufficient Verification of Data Authenticity (CWE-345) (CVE-2022-28385),
Matthias Deeg
- [FD] [SYSS-2022-014]: Verbatim Fingerprint Secure Portable Hard Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28387),
Matthias Deeg
- [FD] [SYSS-2022-015]: Verbatim Fingerprint Secure Portable Hard Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382),
Matthias Deeg
- [FD] [SYSS-2022-016]: Verbatim Fingerprint Secure Portable Hard Drive - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383),
Matthias Deeg
- [FD] [SYSS-2022-017]: Verbatim Fingerprint Secure Portable Hard Drive - Insufficient Verification of Data Authenticity (CWE-345) (CVE-2022-28385),
Matthias Deeg
- [FD] [SYSS-2022-024]: Lepin EP-KP001 - Violation of Secure Design Principles (CWE-657) (CVE-2022-29948),
Matthias Deeg
- [FD] Ransom.Haron / Code Execution,
malvuln
- [FD] Trojan-Banker.Win32.Banker.agzg / Insecure Permissions,
malvuln
- [FD] Trojan-Proxy.Win32.Symbab.o / Heap Corruption,
malvuln
- [FD] Backdoor.Win32.Cabrotor.10.d / Unauthenticated Remote Command Execution,
malvuln
- [FD] Hidden Functionality (Backdoor) (CWE-912) / CVE-2022-29854, CVE-2022-29855,
Moritz Abrell
- [FD] HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh,
Marco Ivaldi
- [FD] SEC Consult SA-20220607-0 :: Multiple Vulnerabilities in Infiray IRAY-A8Z3 thermal camera,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220608-0 :: Stored Cross-Site Scripting & Unsafe Java Deserializiation in Gentics CMS,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220609-0 :: Multiple vulnerabilities in SoftGuard SNMP Network Management Extension,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220614-0 :: Reflected Cross Site Scripting in SIEMENS-SINEMA Remote Connect,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series,
SEC Consult Vulnerability Lab, Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2022-0003: Cross-Site Scripting (XSS) vulnerability in SAP Focused Run (Real User Monitoring),
Onapsis Research via Fulldisclosure
- [FD] # Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run (Simple Diagnostics Agent 1.0),
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2022-0005: Cross-Site Scripting (XSS) vulnerability in SAP Fiori launchpad,
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2022-0006: Information Disclosure vulnerability in SAP Focused Run (Simple Diagnostics Agent 1.0),
Onapsis Research via Fulldisclosure
- [FD] Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in SAP Focused Run (Simple Diagnostics Agent 1.0),
Onapsis Research via Fulldisclosure
- [FD] CFP No cON Name 2022 - Barcelona,
Jose Nicolas Castellano via Fulldisclosure
- [FD] SEC-T CFP ongoing,
Mattias Bååth via Fulldisclosure
- [FD] AnyDesk Public Exploit Disclosure - Arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine,
chan chan
- [FD] Yashma Ransomware Builder v1.2 / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.Shark.btu / Insecure Permissions,
malvuln
- [FD] Trojan-Mailfinder.Win32.VB.p / Insecure Permissions,
malvuln
- [FD] Backdoor.Win32.InfecDoor.17.c / Insecure Permissions,
malvuln
Mail converted by MHonArc