Mail Index

• Thread Index

• [FD] SCHUTZWERK-SA-2024-002: Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP (CVE-2024-39847)
  • From: David Brown via Fulldisclosure
• [FD] SCHUTZWERK-SA-2024-005: Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro (CVE-2024-13971)
  • From: David Brown via Fulldisclosure
• [FD] Dovecot Security Advisory OXDC-2026-0002
  • From: Aki Tuomi
• [FD] Full disclosure: Edupage web and mobile application authorization bypass leaks PII and IBAN codes
  • From: Juraj Kosik
• [FD] Full disclosure: Impersonation attacks on Edupage portal
  • From: Juraj Kosik
• [FD] APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-3 iPadOS 17.7.11
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-6 macOS Tahoe 26.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-9 tvOS 26.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-10 watchOS 26.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-11 visionOS 26.5
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2026-1 Safari 26.5
  • From: Apple Product Security via Fulldisclosure
• [FD] Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect
  • From: Adamczyk Blazej
• [FD] [SECURITY ADVISORY] CVE-2026-34473 - Unauthenticated DoS in 17+ ZTE Router Models (140K+ Devices)
  • From: m.nageh
• [FD] [SECURITY ADVISORY] CVE-2026-34472 - ZTE ZXHN H188A V6 Authentication Bypass via Pre-Login Wizard
  • From: m.nageh
• [FD] [SECURITY ADVISORY] CVE-2026-34474 - ZTE H298A/H108N Unauthenticated Admin Credential Exposure
  • From: m.nageh
• [FD] [SECURITY ADVISORY] CVE-2021-21735 - ZTE ZXHN H168N V3.5 Unauthenticated Admin Credential Leak
  • From: m.nageh
• [FD] SSRF in Anthropic mcp-server-fetch and Microsoft playwright-mcp — publicly disclosed via GitHub issues
  • From: outreach
• Re: [FD] Dovecot Security Advisory OXDC-2026-0002
  • From: Noel Butler via Fulldisclosure