Posted by Qualys Security Advisory via Fulldisclosure on Mar 19

Qualys Security Advisory

Good things come to those who wait:
snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

========================================================================
Contents
========================================================================

Summary
Case study: Ubuntu Desktop 24.04
- Analysis
- Exploitation
Case study: Ubuntu Desktop 25.10
- Overview
- Exploitation
A quick note on the uutils coreutils (the...

Posted by Apple Product Security via Fulldisclosure on Mar 19

APPLE-SA-03-17-2026-1 Background Security Improvements for iOS 26.3.1,
iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2

Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS
26.3.1, and macOS 26.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126604.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 19

SEC Consult Vulnerability Lab Security Advisory < 20260318-0 >
=======================================================================
title: Multiple Privilege Escalation Vulnerabilities
product: Arturia Software Center MacOS
vulnerable version: 2.12.0.3157
fixed version: -
CVE number: CVE-2026-24062, CVE-2026-24063
             impact: high
homepage:...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 19

SEC Consult Vulnerability Lab Security Advisory < 20260317-0 >
=======================================================================
title: Multiple vulnerabilities
          product: PEGA Infinity platform
vulnerable version: CVE-2025-62181: Pega Platform versions 7.1.0 through Infinity 25.1.0
                    CVE-2025-9559: Pega Platform versions 8.7.5 to Infinity 24.2.2
      fixed version:...

Posted by Jiqiang Feng via Fulldisclosure on Mar 16

[This is an update to communications sent March 12-14 regarding Alipay security vulnerabilities.]

---

On March 15, 2026, four WeChat articles documenting security vulnerabilities in Alipay were forcibly deleted from the
public account AI-security-innora. The deletion was carried out by Tencent at the request of Beijing Geyun Law Firm,
acting on behalf of Ant Group, citing China's Cybersecurity Law.

The same complaint had been rejected...

Posted by Daniel Owens via Fulldisclosure on Mar 12

As previously mentioned, via "Struts2 and Related Framework Array/Collection DoS" (26 October 2025), hundreds of
JavaScript object notation (JSON) libraries are vulnerable to unconstrained resource consumption through large JSON
arrays, which, when deserialised, create arbitrarily large collections/arrays/data structures. This work looks
specifically at the Apache Struts2 JSON Plugin, using it as an example for why this...

Posted by Stefan Kanthak via Fulldisclosure on Mar 12

Hi @ll,

about 2 months ago I posted
<https://seclists.org/fulldisclosure/2025/Dec/29>
"Defense in depth -- the Microsoft way (part 94):
SAFER (SRPv1 and AppLocker alias SRPv2) bypass for dummies"

Here's the continuation...

About 23 years ago, 64-bit Windows introduced the WoW64 subsystem, which
performs a transpatent redirection of file system and registry accesses
for 32-bit applications.
To allow consistent appearance...

Posted by Feng Ning via Fulldisclosure on Mar 12

Subject: Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3)

# Alipay DeepLink + JSBridge Attack Chain
# Silent GPS Exfiltration via Crafted URL

## Overview

Researcher: Jiqiang Feng / Innora AI Security Research
Vendor: Ant Group (蚂蚁集团) / Alibaba Group
Product: Alipay (支付宝) v10.x (Android & iOS)
Users Affected: 1 billion+
CVEs: 6 submitted to MITRE CNA-LR (2026-03-12)
CVSS: 7.4–9.3...

Posted by GregD via Fulldisclosure on Mar 12

Hi,

I'm disclosing five vulnerabilities discovered during an authorised
security assessment of the Cohesity TranZman Migration Appliance
(formerly Stone Ram TranZman), Release 4.0 Build 14614.

CVE-2025-67840 - Web API Command Injection (CVSS 7.2 High)
The /api/v1/scheduler/run and /api/v1/actions/run endpoints allow
authenticated administrators to execute arbitrary commands as root by
injecting into POST request parameters. Input is...

Posted by Apple Product Security via Fulldisclosure on Mar 12

APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7

iOS 15.8.7 and iPadOS 15.8.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126632.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad...

Posted by Apple Product Security via Fulldisclosure on Mar 12

APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15

iOS 16.7.15 and iPadOS 16.7.15 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126646.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro 9.7-inch,...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 12

SEC Consult Vulnerability Lab Security Advisory < 20260224-0 >
=======================================================================
title: Multiple vulnerabilities
            product: CPSD CryptoPro Secure Disk for BitLocker
 vulnerable version: 7.6.4.16432 (76212)
fixed version: 7.6.6 / 7.7.1
CVE number: CVE-2025-10010
             impact: high
           homepage:...

WordPress Backup Migration 1.3.7 - Remote Command Execution

mailcow 2025-01a - Host Header Password Reset Poisoning

Easy File Sharing Web Server v7.2 - Buffer Overflow

WeGIA 3.5.0 - SQL Injection

Boss Mini v1.4.0 - Local File Inclusion (LFI)

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 22

SEC Consult Vulnerability Lab Security Advisory < 20260218-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: NesterSoft WorkTime (on-prem/cloud)
vulnerable version: <= 11.8.8
fixed version: No patch available, vendor unresponsive.
CVE number: CVE-2025-15563, CVE-2025-15562, CVE-2025-15561...

Posted by Egidio Romano on Feb 22

----------------------------------------------------------------------------
SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability
----------------------------------------------------------------------------

[-] Software Link:

https://www.smartertools.com/smartermail/business-email-server

[-] Affected Versions:

Build 9518 and prior builds.

[-] Vulnerability Description:

User input passed through the...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 16

SEC Consult Vulnerability Lab Security Advisory < 20260212-0 >
=======================================================================
title: Multiple Vulnerabilities
            product: Various Solax Power Pocket WiFi models
 vulnerable version: See section below
      fixed version: See section below
         CVE number: CVE-2025-15573, CVE-2025-15574, CVE-2025-15575
             impact: High...