Mail Index

• Thread Index

• [FD] Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3
  • From: hyp3rlinx
• Re: [FD] Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
  • From: David Fifield
• [FD] APPLE-SA-01-30-2025-1 GarageBand 10.4.12
  • From: Apple Product Security via Fulldisclosure
• [FD] KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] KL-001-2025-002: Checkmk NagVis Remote Code Execution
  • From: KoreLogic Disclosures via Fulldisclosure
• [FD] ChatGPT AI finds "security concern" (XSS) in DeepSeek's code
  • From: Georgi Guninski
• [FD] CVE-2024-55447: Access Control in Paxton Net2 software (update)
  • From: Jeroen Hermans via Fulldisclosure
• [FD] APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-02-10-2025-2 iPadOS 17.7.5
  • From: Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20250211-0 :: Multiple vulnerabilities in Wattsense Bridge
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• Re: [FD] Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
  • From: David Fifield
• [FD] [CVE-2024-54756] GZDoom <= 4.13.1 Arbitrary Code Execution via Malicious ZScript
  • From: Gabriel Valachi via Fulldisclosure
• [FD] Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
  • From: Ryan Delaney via Fulldisclosure
• [FD] Monero 18.3.4 zero-day DoS vulnerability has been dropped publicly on social network.
  • From: upper.underflow via Fulldisclosure
• Re: [FD] Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
  • From: Gynvael Coldwind
• [FD] Python's official documentation contains textbook example of insecure code (XSS)
  • From: Georgi Guninski
• [FD] Self Stored XSS - acp2sev7.2.2
  • From: Andrey Stoykov
• [FD] MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
  • From: Qualys Security Advisory via Fulldisclosure
• Re: [FD] MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
  • From: Jordy Zomer
• [FD] SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC
  • From: SEC Consult Vulnerability Lab via Fulldisclosure