Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security releasePosted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security releasePosted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security releasePosted by Security Explorations on May 06
Hello All,Posted by Andrey Stoykov on Apr 10
# Exploit Title: Multiple Web Flaws in concretecmsv9.2.7Posted by j0ck1ng@tempr.email on Mar 13
#!/usr/bin/env python3# Exploit Title: MetaFox Remote Shell Upload# Google Dork: "Social network for nichePosted by lixts via Fulldisclosure on Mar 13
StimulusReflex CVE-2024-28121Posted by Andrey Stoykov on Mar 02
# Exploit Title: XAMPP - Error Based SQL InjectionPosted by Andrey Stoykov on Mar 02
# Exploit Title: Multiple XSS Issues in boidcmsv2.0.1Posted by Andrey Stoykov on Feb 13
# Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3Posted by Harry Sintonen via Fulldisclosure on Jan 14
Tar does set setuid bit, but tar is not vulnerable. This is not an attack.Posted by Georgi Guninski on Jan 14
Hi, thanks for the feedback :)Posted by Sandro Gauci on Dec 26
# FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiationPosted by Sandro Gauci on Dec 19
# RTPEngine susceptible to Denial of Service via DTLS Hello packets during call initiationPosted by Sandro Gauci on Dec 19
# Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiationPosted by SBA - Advisory via Fulldisclosure on Dec 19
# MOKOSmart MKGW1 Gateway Improper Session Management #Posted by Steve Lord on Oct 25
-o- Ringzer0 BOOTSTRAP24 Austin Call For Papers -o-Posted by Rafael Pedrero on Aug 31
# Exploit Title: Easy Address Book Web Server v1.6 - MultiplePosted by Konstantin on Aug 29
# VULNERABILITYPosted by Adrean Boyadzhiev on Aug 19
Probably a completely different root cause, but I have noticed similarPosted by Georgi Guninski on Aug 15
In short, I found anomaly in Fedora 37 and would like toPosted by Mahmoud Noureldin on Aug 03
#!/usr/bin/python3Posted by Mahmoud Noureldin on Aug 02
This is an old app but in an easy way which not the same which in public.Posted by Andrey Stoykov on Aug 01
# Exploit Title:Posted by Stefan Pietsch on Aug 01
# Trovent Security Advisory 2303-01 #Posted by Andrey Stoykov on Jul 25
# Exploit Title: Availability Booking Calendar PHP - Multiple IssuesPosted by Jeffrey Walton on Jul 19
There's also https://en.wikipedia.org/wiki/Session_hijacking#PreventionPosted by Andrey Stoykov on Jul 16
# Exploit Title: WBCE - Stored XSSPosted by Andrey Stoykov on Jul 11
# Exploit Title: XAMPP 8.2.4 - Unquoted PathPosted by bo0od via Fulldisclosure on Jul 11
I didnt see worst than this app to use for anonymity like this one:Posted by BUG on Jun 19
Microsoftยฎ Lyncโข Better Together over Ethernet (BToE) feature onPosted by Harrison Neal on Apr 04
Vulnerable Software Download URL:Posted by Peter Ohm on Feb 27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Posted by Peter Ohm on Feb 27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Posted by Eric Flokstra on Feb 22
# Product Name: Device Manager ExpressPosted by Stefan Kanthak on Feb 14
Hi @ll,Posted by Stefan Pietsch on Jan 30
# Trovent Security Advisory 2203-01 #Posted by Maximilian Ammann via Fulldisclosure on Jan 19
# wolfSSL before 5.5.0: Denial-of-service with session resumptionPosted by Maximilian Ammann via Fulldisclosure on Jan 19
# wolfSSL before 5.5.0: Denial-of-service with session resumptionPosted by Maximilian Ammann via Fulldisclosure on Jan 19
# wolfSSL 5.3.0: Denial-of-servicePosted by Maximilian Ammann via Fulldisclosure on Jan 19
# wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSL_CALLBACKSPosted by Numan TรRLE on Jan 06
[+] Centos Web Panel 7 Unauthenticated Remote Code ExecutionPosted by sw33t.0day via Fulldisclosure on Dec 30
#!/usr/bin/env pythonPosted by Andrey Stoykov on Dec 13
# Exploit Title: Shoplazza 1.1 - Stored Cross Site ScriptingPosted by Sven Anders on Oct 20
Hi,Posted by Matthias Deeg on Oct 08
Advisory ID: SYSS-2022-045Posted by Matthias Deeg on Oct 08
Advisory ID: SYSS-2022-046Posted by Matthias Deeg on Oct 08
Advisory ID: SYSS-2022-043Posted by Matthias Deeg on Oct 08
Advisory ID: SYSS-2022-044Posted by Caio B on Sep 30
#######################ADVISORY INFORMATION#######################Posted by Caio B on Sep 30
#######################ADVISORY INFORMATION#######################Posted by Georgi Guninski on Sep 08
sagemath 9.0 and reportedly later on ubuntu 20.Posted by Tavis Ormandy on Sep 05
# AboutPosted by Stefan Pietsch on Aug 19
# Trovent Security Advisory 2110-01 #Posted by chan chan on Jun 27
Hi FullDisclosure,Posted by Onapsis Research via Fulldisclosure on Jun 21
# Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability inPosted by Onapsis Research via Fulldisclosure on Jun 21
# Onapsis Security Advisory 2022-0006: Information Disclosure vulnerabilityPosted by Onapsis Research via Fulldisclosure on Jun 21
# Onapsis Security Advisory 2022-0005: Cross-Site Scripting (XSS)Posted by Onapsis Research via Fulldisclosure on Jun 21
# Onapsis Security Advisory 2022-0004: Missing Authentication check in SAPPosted by Onapsis Research via Fulldisclosure on Jun 21
# Onapsis Security Advisory 2022-0003: Cross-Site Scripting (XSS)