Etherify 4 – jumping air gaps with real ethernet hardware
Posted by Jacek Lipkowski on Nov 30Hello, Another amusing etherify hack, this time not with raspberry pis, but with normal...
vulnerability
SEC Consult SA-20201123-0 :: Multiple Vulnerabilities in ZTE WLAN router MF253V
Posted by SEC Consult Vulnerability Lab on Nov 23SEC Consult Vulnerability Lab Security Advisory < 20201123-0 > ======================================================================= title: Multiple...
CA20201116-01: Security Notice for CA Unified Infrastructure Management
Posted by Ken Williams via Fulldisclosure on Nov 23CA20201116-01: Security Notice for CA Unified Infrastructure Management Issued: November 16th, 2020...
KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password
Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password Title: Barco wePresent...
KL-001-2020-009 : Barco wePresent Insecure Firmware Image
Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-009 : Barco wePresent Insecure Firmware Image Title: Barco wePresent Insecure Firmware...
KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web UI
Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web UI Title:...
KL-001-2020-006 : Barco wePresent Authentication Bypass
Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-006 : Barco wePresent Authentication Bypass Title: Barco wePresent Authentication Bypass Advisory...
KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text
Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text Title: Barco wePresent...
VTiger v7.0 CRM – (To) Persistent Email Vulnerability
Posted by Vulnerability Lab on Nov 20Document Title: =============== VTiger v7.0 CRM - (To) Persistent Email Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2227...
TCMalloc viewer/dumper – TCMalloc Inspector Tool
Posted by Marcin Kozlowski on Nov 18Hi List, Maybe you will find this interesting/useful. Below is the TCMalloc tool that...
SOWA.OPAC Reflected Cross Site Scripting
Posted by hacker on Nov 18 # Title: SOWA.OPAC Reflected Cross Site Scripting # Vulnerability Type: Cross Site Scripting (XSS)...
SEC Consult SA-20201117-0 :: Blind Out-Of-Band XML External Entity Injection in Avaya Web License Manager
Posted by SEC Consult Vulnerability Lab on Nov 17SEC Consult Vulnerability Lab Security Advisory < 20201117-0 > ======================================================================= title: Blind...
Fancy Product Designer for WooCommerce – Unrestricted File Upload
Posted by Jonathan Gregson via Fulldisclosure on Nov 17## About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce...
Fancy Product Designer for WooCommerce – Stored XSS via SVG upload
Posted by Jonathan Gregson via Fulldisclosure on Nov 17## About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce...
SugarCRM v6.5.18 – (Employees) Persistent Cross Site Vulnerability
Posted by Vulnerability Lab on Nov 16Document Title: =============== SugarCRM v6.5.18 - (Employees) Persistent Cross Site Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2257...
SugarCRM v6.5.18 – (Contacts) Persistent Cross Site Web Vulnerability
Posted by Vulnerability Lab on Nov 16Document Title: =============== SugarCRM v6.5.18 - (Contacts) Persistent Cross Site Web Vulnerability References (Source):...
Intel NUC – Local Privilege Escalation Vulnerability
Posted by Vulnerability Lab on Nov 16Document Title: =============== Intel NUC - Local Privilege Escalation Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2267http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24525 CVE-ID:...
Buddypress v6.2.0 WP Plugin – Persistent Web Vulnerability
Posted by Vulnerability Lab on Nov 16Document Title: =============== Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2263...
Froxlor v0.10.16 CP – (Customer) Persistent Vulnerability
Posted by Vulnerability Lab on Nov 16Document Title: =============== Froxlor v0.10.16 CP - (Customer) Persistent Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2241 Release...
APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0 watchOS 7.0 addresses the...
APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005...
APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0 tvOS 14.0 addresses the...
APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 iOS...
APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0 Safari 14.0 addresses the...
