Mail Index
Thread Index
[FD] APPLE-SA-07-30-2025-1 Safari 18.6
From
: Apple Product Security via Fulldisclosure
[FD] Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical)
From
: Sandro Gauci via Fulldisclosure
[FD] Defense in depth -- the Microsoft way (part 91): yet another 30 year old bug of the "Properties" shell extension
From
: Stefan Kanthak via Fulldisclosure
[FD] Kigen eUICC issue (custom backdoor vs. FW update bug)
From
: Security Explorations
[FD] PlayReady Activation protocol issues (weak auth / fake client identities)
From
: Security Explorations
[FD] iOS 18.6 - Undocumented TCC Access to Multiple Privacy Domains via preflight=yes
From
: josephgoyd via Fulldisclosure
[FD] [tool] CRSprober
From
: Jozef Sudolsky
[FD] Piciorgros TMO-100: Unauthorized log data access
From
: Georg Lukas
[FD] Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617)
From
: Georg Lukas
[FD] liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service
From
: Ron E
[FD] liblcf v0.8.1 liblcf/lcf2xml: Untrusted LCF data triggers uncaught std::length_error via negative vector resize (DoS)
From
: Ron E
[FD] CSV Injection in iDempiere WebUI 12.0.0.202508171158
From
: Ron E
[FD] Session Fixation Vulnerability in iDempiere WebUI v 12.0.0.202508171158
From
: Ron E
[FD] Insufficient Session Cookie Invalidation in nopCommerce v4.10 and 4.80.3
From
: Ron E
[FD] CSV Injection in nopcommerce v4.10 and 4.80.3
From
: Ron E
[FD] Insufficient Resource Allocation Limits in nopCommerce v4.10 and v4.80.3 Excel Import Functionality
From
: Ron E
[FD] SEC Consult SA-20250807-0 :: Race Condition in Shopware Voucher Submission
From
: SEC Consult Vulnerability Lab via Fulldisclosure
[FD] SEC Consult SA-20250728-0 :: Stored Cross-Site-Scripting in Optimizely Episerver CMS
From
: SEC Consult Vulnerability Lab via Fulldisclosure
[FD] Multi-Protocol Traceroute
From
: Usman Saeed via Fulldisclosure
Mail converted by
MHonArc