Mail Thread Index

Date Index

[FD] APPLE-SA-09-29-2025-1 iOS 26.0.1 and iPadOS 26.0.1, Apple Product Security via Fulldisclosure
[FD] APPLE-SA-09-29-2025-2 iOS 18.7.1 and iPadOS 18.7.1, Apple Product Security via Fulldisclosure
[FD] APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1, Apple Product Security via Fulldisclosure
[FD] APPLE-SA-09-29-2025-4 macOS Sequoia 15.7.1, Apple Product Security via Fulldisclosure
[FD] APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1, Apple Product Security via Fulldisclosure
[FD] APPLE-SA-09-29-2025-6 visionOS 26.0.1, Apple Product Security via Fulldisclosure
[FD] libgeotiff 1.7.4 Heap Buffer Overflow in geotifcp (libgeotiff) During 8-to-4 Bit Downsample with Odd Image Width, Ron E
[FD] Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow, Ron E
[FD] Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib, Ron E
Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft, josephgoyd via Fulldisclosure
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885), josephgoyd via Fulldisclosure
- Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885), Noor Christensen
  - Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885), Christoph Gruber
    - Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885), josephgoyd via Fulldisclosure
Re: [FD] Defense in depth -- the Microsoft way (part 93): SRP/SAFER whitelisting goes black on Windows 11, Stefan Kanthak via Fulldisclosure
Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft, full
- Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft, josephgoyd via Fulldisclosure
[FD] CVE-2025-59397 - Open Web Analytics SQL Injection, Seralys Research Team via Fulldisclosure
[FD] [SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files, SBA Research Security Advisory via Fulldisclosure
[FD] [SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal, SBA Research Security Advisory via Fulldisclosure
[FD] Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS), Christopher Dickinson via Fulldisclosure
- Re: [FD] Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS), Gynvael Coldwind
[FD] Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a, cve
[FD] apis.google.com - Insecure redirect via __lu parameter (exploited in the wild), Patrick via Fulldisclosure
[FD] CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS, Thomas Weber | CyberDanube via Fulldisclosure
[FD] BSidesSF 2026 CFP still open until October 28th, BSidesSF CFP via Fulldisclosure
[FD] Malvuln - MISP compatible malware vulnerability intelligence feed now live, malvuln
[FD] [SYSS-2025-015]: Verbatim Keypad Secure (security update v1.0.0.6) - Offline brute-force attack, Matthias Deeg via Fulldisclosure
[FD] [SYSS-2025-016]: Verbatim Store 'n' Go Secure Portable SSD (security update v1.0.0.6) - Offline brute-force attack, Matthias Deeg via Fulldisclosure
[FD] [SYSS-2025-017]: Verbatim Store 'n' Go Secure Portable HDD (security update v1.0.0.6) - Offline brute-force attack, Matthias Deeg via Fulldisclosure
[FD] SEC Consult SA-20251021-0 :: Multiple Vulnerabilities in EfficientLab WorkExaminer Professional (CVE-2025-10639, CVE-2025-10640, CVE-2025-10641), SEC Consult Vulnerability Lab via Fulldisclosure
[FD] [REVIVE-SA-2025-001] Revive Adserver Vulnerability, Matteo Beccati
[FD] [REVIVE-SA-2025-002] Revive Adserver Vulnerability, Matteo Beccati
[FD] Struts2 and Related Framework Array/Collection DoS, Daniel Owens via Fulldisclosure
[FD] Current Password not Required When Changing Password - totaljsv5013, Andrey Stoykov
[FD] Stored Cross-Site Scripting (XSS) - Layout Functionality - totaljsv5013, Andrey Stoykov
[FD] Stored HTML Injection - Layout Functionality - totaljsv5013, Andrey Stoykov
[FD] SEC Consult SA-20251027-0 :: Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System #CVE-2025-12055, SEC Consult Vulnerability Lab via Fulldisclosure
[FD] Dovecot CVE-2025-30189: Auth cache causes access to wrong account, Aki Tuomi via Fulldisclosure
[FD] SEC Consult SA-20251029-0 :: Unprotected NFC card manipulation leading to free top-up in GiroWeb Cashless Catering Solutions (only legacy customer infrastructure), SEC Consult Vulnerability Lab via Fulldisclosure

Mail converted by MHonArc