Mail Thread Index

• Date Index

• [FD] Missing Critical Security Headers in Legality WHISTLEBLOWING, Aerith Gainsborough via Fulldisclosure
• [FD] [REVIVE-SA-2025-005] Revive Adserver Vulnerability, Matteo Beccati
• [FD] 2 vulnerabilities in Egovframe, Pierre Kim
• [FD] 8 vulnerabilities in AudioCodes Fax/IVR Appliance, Pierre Kim
• [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Yuffie Kisaragi via Fulldisclosure
  • [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Yuffie Kisaragi via Fulldisclosure
• [FD] [SYSS-2025-060]: HP computer UEFI boot protection bypass, Micha Borrmann via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-1 iOS 26.2 and iPadOS 26.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-2 iOS 18.7.3 and iPadOS 18.7.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-3 macOS Tahoe 26.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-4 macOS Sequoia 15.7.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-5 macOS Sonoma 14.8.3, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-6 tvOS 26.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-7 watchOS 26.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-8 visionOS 26.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-12-12-2025-9 Safari 26.2, Apple Product Security via Fulldisclosure
• [FD] nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality, Onur Tezcan via Fulldisclosure
• [FD] nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area, Onur Tezcan via Fulldisclosure
• [FD] nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality., Onur Tezcan via Fulldisclosure
• [FD] nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) in the product management functionality, Onur Tezcan via Fulldisclosure
• [FD] nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality, Onur Tezcan via Fulldisclosure
• [FD] [KIS-2025-07] Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability, Egidio Romano
• [FD] [KIS-2025-08] 1C-Bitrix <= 25.100.500 (Translate Module) Remote Code Execution Vulnerability, Egidio Romano
• [FD] [CFP] Security BSidesLjubljana 0x7EA | March 13, 2026, Andraz Sraka
• [FD] Raydium CP Swap: Unchecked Account Allows Creator Fee Hijacking, LRKTBEYK LRKTBEYK
• [FD] [KIS-2025-09] Control Web Panel <= 0.9.8.1208 (admin/index.php) OS Command Injection Vulnerability, Egidio Romano
• [FD] CyberDanube Security Research 20251215-0 | Multiple Vulnerabilities in Phoenix Contact FL Switch Series, Thomas Weber | CyberDanube via Fulldisclosure
• [FD] HEUR.Backdoor.Win32.Poison.gen / Arbitrary Code Execution / MVID-2025-0701, malvuln
• [FD] Backdoor.Win32.ControlTotal.t / Insecure Credential Storage / MVID-2025-0702, malvuln
• [FD] Defense in depth -- the Microsoft way (part 94): SAFER (SRPv1 and AppLocker alias SRPv2) bypass for dummies, Stefan Kanthak via Fulldisclosure
• [FD] Backdoor.Win32.Netbus.170 / Insecure Credential Storage / MVID-2025-0703, malvuln
• [FD] Backdoor.Win32.Poison.jh / Insecure Permissions, malvuln
• [FD] [KIS-2025-10] PKP-WAL <= 3.5.0-1 (Institution Collector) SQL Injection Vulnerability, Egidio Romano
• [FD] [KIS-2025-11] Open Journal Systems <= 3.5.0-1 (NativeXmlIssueGalleyFilter.php) Path Traversal Vulnerability, Egidio Romano
• [FD] [KIS-2025-12] PKP-WAL <= 3.5.0-1 (baseColour) LESS Code Injection Vulnerability, Egidio Romano
• [FD] [KIS-2025-13] PKP-WAL <= 3.5.0-3 (X-Forwarded-Host) LESS Code Injection Vulnerability, Egidio Romano
• [FD] [KIS-2025-14] PKP-WAL <= 3.5.0-1 Login Cross-Site Request Forgery Vulnerability, Egidio Romano