Mail Thread Index

• Date Index

• [FD] Linux Kernel Block Subsystem Vulnerabilities, Agent Spooky's Fun Parade via Fulldisclosure
• [FD] Security Vulnerability in Koller Secret: Real Hidden App (com.koller.secret.hidemyphoto), duykham
• [FD] SigInt-Hombre v1 / dynamic Suricata detection rules from real-time threat feeds, malvuln
• [FD] zlib v1.3.1.2 Global Buffer Overflow in TGZfname() of zlib untgz Utility via Unbounded strcpy() on User-Supplied Archive Name, Ron E
• [FD] MongoDB v8.3.0 Heap Buffer Underflow in OpenLDAP LMDB mdb_load, Ron E
• [FD] Bioformats v8.3.0 Improper Restriction of XML External Entity Reference in Bio-Formats Leica Microsystems XML Parser, Ron E
• [FD] Bioformats v8.3.0 Untrusted Deserialization of Bio-Formats Memoizer Cache Files, Ron E
• [FD] MongoDB v8.3.0 Integer Underflow in LMDB mdb_load, Ron E
• [FD] Panda3d v1.10.16 deploy-stub Unbounded Stack Allocation Leading to Uninitialized Memory, Ron E
• [FD] Panda3d v1.10.16 egg-mkfont Stack Buffer Overflow, Ron E
• [FD] Panda3d v1.10.16 Uncontrolled Format String in Panda3D egg-mkfont Allows Stack Memory Disclosure, Ron E
• [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Yuffie Kisaragi via Fulldisclosure
  • <Possible follow-ups>
  • Re: [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Marco Ermini via Fulldisclosure
  • Re: [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Yuffie Kisaragi via Fulldisclosure
    • Re: [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Wade Sparks
• [FD] KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking, KoreLogic Disclosures via Fulldisclosure
• [FD] TinyOS 2.1.2 printfUART Global Buffer Overflow via Unbounded Format Expansion, Ron E
• [FD] TinyOS 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio, Ron E
• [FD] RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility via Unbounded Device Path Construction, Ron E
• [FD] RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in RIOT ethos Serial Frame Parser, Ron E
• Re: [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group), Art Manion via Fulldisclosure
• [FD] Defense in depth -- the Microsoft way (part 95): the (shared) "Start Menu" is dispensable, Stefan Kanthak via Fulldisclosure
• [FD] [REVIVE-SA-2026-001] Revive Adserver Vulnerabilities, Matteo Beccati
• [FD] OpenMetadata <= 1.11.3 Authenticated SQL Injection, BUG
• [FD] SEC Consult SA-20260126-0 :: Multiple Critical Vulnerabilities in dormakaba Kaba exos 9300, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260126-1 :: Multiple Critical Vulnerabilities in dormakaba Access Manager, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260126-2 :: UART Leaking Sensitive Data in dormakaba registration unit 9002 (PIN pad), SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength), Karol Wrótniak
• [FD] Paper-Exploiting XAMPP Installations, Andrey Stoykov
• [FD] Weak Password Complexity - elggv6.3.3, Andrey Stoykov
• [FD] Username Enumeration - elggv6.3.3, Andrey Stoykov