Posted by Egidio Romano on Apr 10
------------------------------------------------------------------------------Posted by Egidio Romano on Apr 10
--------------------------------------------------------------------Posted by Andrey Stoykov on Apr 10
# Exploit Title: Multiple Web Flaws in concretecmsv9.2.7Posted by Martin Heiland via Fulldisclosure on Apr 10
Dear subscribers,Posted by malvuln on Apr 10
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Posted by ClΓ©ment Cruchet on Apr 10
CVE ID: CVE-2023-27195Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30929Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30928Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30927Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30926Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30925Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30924Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30923Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30922Posted by Andrew Zayine on Apr 05
Dear Colleagues,Posted by malvuln on Apr 05
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30921Posted by Valentin Lobstein via Fulldisclosure on Apr 05
CVE ID: CVE-2024-30920Posted by Lennert Preuth via Fulldisclosure on Apr 05
TitlePosted by Lennert Preuth via Fulldisclosure on Apr 05
TitlePosted by Lennert Preuth via Fulldisclosure on Apr 05
TitlePosted by Security Explorations on Apr 02
Hello All,Posted by Julian Horoszkiewicz via Fulldisclosure on Mar 28
Vulnerability summary: Local Privilege Escalation from regular user to SYSTEM, via conhost.exe hijacking triggered byPosted by YOGESH BHANDAGE on Mar 27
*Vulnerability Name - *Application is Vulnerable to Session FixationPosted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-1 Safari 17.4.1Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-4 iOS 17.4.1 and iPadOS 17.4.1Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-5 iOS 16.7.7 and iPadOS 16.7.7Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-6 visionOS 1.1.1Posted by Skyler Ferrante (RIT Student) via Fulldisclosure on Mar 27
Wall-Escape (CVE-2024-28085)Posted by malvuln on Mar 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Posted by Dariusz G on Mar 27
Circontrol EV Charger vulnerabilities.Posted by Artur Janicki via Fulldisclosure on Mar 27
[APOLOGIES FOR CROSS-POSTING]Posted by malvuln on Mar 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Posted by j0ck1ng@tempr.email on Mar 13
#!/usr/bin/env python3# Exploit Title: MetaFox Remote Shell Upload# Google Dork: "Social network for nichePosted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 13
SEC Consult Vulnerability Lab Security Advisory < 20240307-0 >Posted by Marco Ivaldi on Mar 13
Hi,Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-12-2024-1 GarageBand 10.4.11Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-7 visionOS 1.1Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-6 tvOS 17.4Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-5 watchOS 10.4Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-2 macOS Sonoma 14.4Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-1 Safari 17.4Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-05-2024-2 iOS 16.7.6 and iPadOS 16.7.6Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-05-2024-1 iOS 17.4 and iPadOS 17.4Posted by malvuln on Mar 13
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Posted by lixts via Fulldisclosure on Mar 13
StimulusReflex CVE-2024-28121Posted by Valentin Lobstein via Fulldisclosure on Mar 13
CVE ID: CVE-2024-25228Posted by KoreLogic Disclosures via Fulldisclosure on Mar 05
KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible UnauthenticatedPosted by KoreLogic Disclosures via Fulldisclosure on Mar 05
KL-001-2024-003: Artica Proxy Unauthenticated File Manager VulnerabilityPosted by KoreLogic Disclosures via Fulldisclosure on Mar 05
KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization VulnerabilityPosted by KoreLogic Disclosures via Fulldisclosure on Mar 05
KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass VulnerabilityPosted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 02
SEC Consult Vulnerability Lab Security Advisory < 20240226-0 >Posted by Shaikh Shahnawaz on Mar 02
[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLCPosted by Andrey Stoykov on Mar 02
# Exploit Title: Multiple XSS Issues in boidcmsv2.0.1Posted by Andrey Stoykov on Mar 02
# Exploit Title: XAMPP - Error Based SQL InjectionPosted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024