Mail Thread Index

• Date Index

• [FD] SCHUTZWERK-SA-2024-002: Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP (CVE-2024-39847), David Brown via Fulldisclosure
• [FD] SCHUTZWERK-SA-2024-005: Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro (CVE-2024-13971), David Brown via Fulldisclosure
• [FD] Dovecot Security Advisory OXDC-2026-0002, Aki Tuomi
  • Re: [FD] Dovecot Security Advisory OXDC-2026-0002, Noel Butler via Fulldisclosure
• [FD] Full disclosure: Edupage web and mobile application authorization bypass leaks PII and IBAN codes, Juraj Kosik
• [FD] Full disclosure: Impersonation attacks on Edupage portal, Juraj Kosik
• [FD] APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-3 iPadOS 17.7.11, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-6 macOS Tahoe 26.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-9 tvOS 26.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-10 watchOS 26.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-11-2026-11 visionOS 26.5, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-05-13-2026-1 Safari 26.5, Apple Product Security via Fulldisclosure
• [FD] Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect, Adamczyk Blazej
• [FD] [SECURITY ADVISORY] CVE-2026-34473 - Unauthenticated DoS in 17+ ZTE Router Models (140K+ Devices), m.nageh
• [FD] [SECURITY ADVISORY] CVE-2026-34472 - ZTE ZXHN H188A V6 Authentication Bypass via Pre-Login Wizard, m.nageh
• [FD] [SECURITY ADVISORY] CVE-2026-34474 - ZTE H298A/H108N Unauthenticated Admin Credential Exposure, m.nageh
• [FD] [SECURITY ADVISORY] CVE-2021-21735 - ZTE ZXHN H168N V3.5 Unauthenticated Admin Credential Leak, m.nageh
• [FD] SSRF in Anthropic mcp-server-fetch and Microsoft playwright-mcp — publicly disclosed via GitHub issues, outreach