Category: Alert Feeds

  Posted by Lucas Lalumière on Mar 20 [Author]: Lucas Lalumiere [Contact]: lucas.lalum () gmail com [Date]: 2025-3-17 [Vendor]: Tripp Lite [Product]: SU750XL UPS [Firmware]: 12.04.0052 [CVE Reference]: CVE-2019-16261 ============================ Affected Products (Tested): ============================ – Tripp Lite PDU’s (e.g., PDUMH15AT) – Tripp Lite UPS’s (e.g., SU750XL) *NEW* ====================== Vulnerability Summary: ====================== CVE-2019-16261 describes… – Read More  – Full Disclosure 

  Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-1 Safari 18.3.1 Safari 18.3.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122285. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: macOS Ventura and macOS Sonoma Impact: Maliciously crafted web content may...

  Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2 iOS 18.3.2 and iPadOS 18.3.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/122281. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: iPhone XS and later, iPad...

  Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2 macOS Sequoia 15.3.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/122283. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: macOS Sequoia Impact: Maliciously crafted web content may be...

  Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-4 visionOS 2.3.2 visionOS 2.3.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/122284. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: Apple Vision Pro Impact: Maliciously crafted web content may be able...

  Posted by areca-palm via Fulldisclosure on Mar 11 [CVE pending] Sandboxing Python is notoriously difficult, the Python module “asteval” is no exception. Add to this the fact that a large set of numpy functions are exposed within the sandbox by default. Versions <=1.06 are vulnerable. This vuln has been disclosed to the maintainer, who closed the security advisory and...

  Posted by Jordy Zomer on Feb 27 Hey all, First of all, cool findings! I’ve been working on the CodeQL query and have a revised version that I think improves accuracy and might offer some performance gains (though I haven’t done rigorous benchmarking). The key change is the use of `StackVariableReachability` and making sure that there’s a path wher...

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 27 SEC Consult Vulnerability Lab Security Advisory < 20250226-0 > ======================================================================= title: Multiple Vulnerabilities product: Siemens A8000 CP-8050 PLC Siemens A8000 CP-8031 PLC vulnerable version: <05.40 for Vulnerability 1, <05.30 for Vulnerability 2 fixed version: 05.40 for Vulnerability 1, 05.30 for Vulnerability 2… – Read More  – Full Disclosure 

  Posted by Georgi Guninski on Feb 20 Python’s official documentation contains textbook example of insecure code (XSS) Date: 2025-02-18 Author: Georgi Guninski === form = cgi.FieldStorage() if “name” not in form or “addr” not in form: print(“<H1>Error</H1>”) print(“Please fill in the name and addr fields.”) return print(“<p>name:”, form[“name”].value) print(“<p>addr:”,… – Read More  – Full Disclosure 

  Posted by Andrey Stoykov on Feb 20 # Exploit Title: Self Stored XSS – acp2sev7.2.2 # Date: 02/2025 # Exploit Author: Andrey Stoykov # Version: 7.2.2 # Tested on: Ubuntu 22.04 # Blog: https://msecureltd.blogspot.com/2025/02/friday-fun-pentest-series-19-self.html Self Stored XSS #1: Steps to Reproduce: 1. Visit “http://192.168.58.168/acp2se/mul/muladmin.php&quot; and login with “admin” / “adminpass” 2. In the field “Put the name of the...

  Posted by Qualys Security Advisory via Fulldisclosure on Feb 20 Qualys Security Advisory CVE-2025-26465: MitM attack against OpenSSH’s VerifyHostKeyDNS-enabled client CVE-2025-26466: DoS attack against OpenSSH’s client and server ======================================================================== Contents ======================================================================== Summary Background Experiments Results MitM attack against OpenSSH’s VerifyHostKeyDNS-enabled client DoS… – Read More  – Full Disclosure 

  Posted by Gynvael Coldwind on Feb 17 Hi, This isn’t really a problem a vendor can solve in firmware (apart from offering configuration via cloud, which has its own issues). Even if they would enable TLS/SSL by default, it would just give one a false sense of security, since: – the certificates would be invalid (public CAs don’t give...

  Posted by David Fifield on Feb 15 Today at about 2025-02-13 19:00 I noticed the “≠” is back, but now the type 0x12 payload of the ?q query parameter gets formatted into the string representation of an IP address, rather than being copied almost verbatim into the page. If the payload length is 4 bytes, it gets formatted as...

  Posted by Gabriel Valachi via Fulldisclosure on Feb 15 In GZDoom 4.13.1 and below, there is a vulnerability involving array sizes in ZScript, the game engine’s primary scripting language. It is possible to dynamically allocate an array of 1073741823 dwords, permitting access to the rest of the heap from the start of the array and causing a second array...

  Posted by Ryan Delaney via Fulldisclosure on Feb 16 <!– # Exploit Title: Netgear Router Administrative Web Interface Lacks Transport Encryption By Default # Date: 02-13-2025 # Exploit Author: Ryan Delaney # Author Contact: ryan.delaney () owasp org # Vendor Homepage: https://www.netgear.com # Version: Netgear C7800 Router, F/W 6.01.07, possibly others # Tested on: Netgear C7800 Router, F/W 6.01.07...

  Posted by upper.underflow via Fulldisclosure on Feb 16 Hello, About an hour ago, a group appearing to be named WyRCV2 posted a note on the nostr social network, which can be found at the following link: https://primal.net/e/note1vzh0mj9rcxax9cgcdapupyxeehjprd68gd9kk9wrv939m8knulrs4780x7 Save, share, use. The paste link includes a list of nodes that the attacker has instructed to target, along with a Python...

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 12 SEC Consult Vulnerability Lab Security Advisory < 20250211-0 > ======================================================================= title: Multiple vulnerabilities product: Wattsense – Wattsense Bridge vulnerable version: Wattsense Bridge * Hardware Revision: WSG-EU-SC-14-00, 20230801 * Firmware Revision: Wattsense (Wattsense minimal)… – Read More  – Full Disclosure 

  Posted by Georgi Guninski on Feb 10 Summary: On 2025-02-09 ChatGPT AI found “security concern” (XSS) in DeepSeek’s AI python code. Background: Consider the simple coding question (Q): Write Python CGI which takes as an argument NAME and outputs: “Hello NAME”. First page and results on google for “python CGI” return for me tutorials, which are flawed and textbook...

  Posted by Jeroen Hermans via Fulldisclosure on Feb 10 CloudAware Security Advisory CVE-2024-55447: Potential PII leak and incorrect access control in Paxton Net2 software ======================================================================== Summary ======================================================================== Insecure backend database in the Paxton Net2 software. Possible leaking of PII incorrect access control. Access cards can be cloned without physical access to the original… – Read More  – Full Disclosure 

  Posted by Apple Product Security via Fulldisclosure on Feb 10 APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1 iOS 18.3.1 and iPadOS 18.3.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122174. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPhone XS and later, iPad...

  Posted by Apple Product Security via Fulldisclosure on Feb 10 APPLE-SA-02-10-2025-2 iPadOS 17.7.5 iPadOS 17.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122173. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th...

  Posted by KoreLogic Disclosures via Fulldisclosure on Feb 04 KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting Title: Checkmk NagVis Reflected Cross-site Scripting Advisory ID: KL-001-2025-001 Publication Date: 2025-02-04 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-001.txt 1. Vulnerability Details      Affected Vendor: Checkmk      Affected Product: Checkmk/NagVis      Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40      Platform: GNU/Linux… – Read More  – Full Disclosure 

  Posted by KoreLogic Disclosures via Fulldisclosure on Feb 04 KL-001-2025-002: Checkmk NagVis Remote Code Execution Title: Checkmk NagVis Remote Code Execution Advisory ID: KL-001-2025-002 Publication Date: 2025-02-04 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-002.txt 1. Vulnerability Details      Affected Vendor: Checkmk      Affected Product: Checkmk/NagVis      Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40      Platform: GNU/Linux      CWE… – Read More  – Full Disclosure 

  Posted by hyp3rlinx on Feb 01 Updated SQL Injection CVE-2019-19245 exploit for Python3. import requests,time,re,sys,argparse #NAPC Xinet Elegant 6 Asset Library v6.1.655 #Pre-Auth SQL Injection 0day Exploit #By hyp3rlinx #ApparitionSec #UPDATED: Jan 2024 for python3 #TODO: add SSL support #=============================== #This will dump tables, usernames and passwords in vulnerable versions #REQUIRE PARAMS:… – Read More  – Full Disclosure 

  Posted by David Fifield on Feb 01 I tested a few more times, and it appears the text injection has disappeared. These are timestamps when I tested, with offsets relative to the initial discovery. +0h 2025-01-28 03:00 initial discovery +5h 2025-01-28 08:19 ?q=EgtoZWxsbyB3b3JsZA works (https://archive.is/DD9xB) +14h 2025-01-28 17:31 ?q=EgtoZWxsbyB3b3JsZA works (no archive) +45h… – Read More  – Full Disclosure 

  Posted by Apple Product Security via Fulldisclosure on Feb 01 APPLE-SA-01-30-2025-1 GarageBand 10.4.12 GarageBand 10.4.12 addresses the following issues. Information about the security content is also available at https://support.apple.com/121866. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. GarageBand Available for: macOS Sonoma 14.4 and later Impact: Processing a maliciously crafted image...

  Posted by David Fifield on Jan 29 The page https://www.google.com/sorry/index is familiar to Tor and VPN users. It is the one that says “Our systems have detected unusual traffic from your computer network. Please try your request again later.” You will frequently be redirected to this page when using Tor Browser, when you do a search on a Google...

  Posted by Georgi Guninski on Jan 29 Asking Deepseek on Jan 28 09:33:11 AM UTC 2025: Write a python CGI which takes as an argument string NAME and outputs “Hello”+NAME The Deepseek AI [3] returned: ==== name = form.getvalue(‘NAME’, ‘World’) # Default to ‘World’ if NAME is not provided # Output the HTML response print(f”<html><body><h1>Hello, name!</h1></body></html>”) *For security reasons,… –...

  Posted by Shaikh Shahnawaz on Jan 29 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] https://quorum.com/about/ [Product] Quorum onQ OS – 6.0.0.5.2064 Vulnerability Type] Reflected Cross Site Scripting (XSS) [Affected Component] Login page get parameter ‘msg’ is vulnerable to Reflected Cross site scripting [CVE Reference] CVE-2024-44449 [Security Issue] Cross Site Scripting vulnerability in Quorum...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-8 tvOS 18.3 tvOS 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122072. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple TV HD and Apple TV 4K (all models) Impact: An...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-9 Safari 18.3 Safari 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122074. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Passwords Available for: macOS Ventura and macOS Sonoma Impact: A malicious app may be...

  Posted by Andrey Stoykov on Jan 27 # Exploit Title: Host Header Injection – atutorv2.2.4 # Date: 01/2025 # Exploit Author: Andrey Stoykov # Version: 2.2.4 # Tested on: Ubuntu 22.04 # Blog: https://msecureltd.blogspot.com/2025/01/friday-fun-pentest-series-18-host.html Description: – It was found that the application had a Host Header Injection vulnerability. Host Header Injection #1: Steps to Reproduce: 1. Visit specific page...

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jan 27 SEC Consult Vulnerability Lab Security Advisory < 20250127-0 > ======================================================================= title: Weak Password Hashing Algorithms product: Wind River Software VxWorks RTOS vulnerable version: >= VxWorks 6.9 fixed version: not available CVE number: no CVE assigned by Wind River impact: High homepage:… – Read More  – Full Disclosure 

  Posted by Shaikh Shahnawaz on Jan 27 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] Autolib-india http://autolib-india.net/products.php [Product] AutoLib Software Systems OPAC Version.20.10 [Affected Component] main.js file [CVE Reference] CVE-2024-48310 [Security Issue] AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-1 visionOS 2.3 visionOS 2.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122073. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple Vision Pro Impact: An attacker on the local network may...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-2 iOS 18.3 and iPadOS 18.3 iOS 18.3 and iPadOS 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122066. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPhone XS and later, iPad...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-3 iPadOS 17.7.4 iPadOS 17.7.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122067. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-4 macOS Sequoia 15.3 macOS Sequoia 15.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122068. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sequoia Impact: An attacker on the local network...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3 macOS Sonoma 14.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122069. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sonoma Impact: A remote attacker may cause an...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3 macOS Ventura 13.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122070. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: macOS Ventura Impact: An app may be able to...

  Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-7 watchOS 11.3 watchOS 11.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122071. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple Watch Series 6 and later Impact: An attacker on the...

  Posted by Asterisk Development Team via Fulldisclosure on Jan 15 The Asterisk Development Team would like to announce security release Certified Asterisk 18.9-cert13. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert13 and https://downloads.asterisk.org/pub/telephony/certified-asterisk Repository: https://github.com/asterisk/asterisk Tag: certified-18.9-cert13 ## Change Log for Release asterisk-certified-18.9-cert13 ###… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Jan 15 The Asterisk Development Team would like to announce security release Certified Asterisk 20.7-cert4. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert4 and https://downloads.asterisk.org/pub/telephony/certified-asterisk Repository: https://github.com/asterisk/asterisk Tag: certified-20.7-cert4 ## Change Log for Release asterisk-certified-20.7-cert4 ###… – Read More  – Full Disclosure 

  Posted by Thomas Weber | CyberDanube via Fulldisclosure on Jan 15 CyberDanube Security Research 20250107-0 ——————————————————————————- title| Multiple Vulnerabilities in ABB AC500v3 product| ABB AC500v3 vulnerable version| <=3.7.0.569 fixed version| 3.8.0 CVE number| CVE-2024-12429, CVE-2024-12430 impact| High homepage| https://global.abb found| 2024-09-03… – Read More  – Full Disclosure 

  Posted by Rodolfo Tavares via Fulldisclosure on Jan 15 =====[ Tempest Security Intelligence – ADV-10/2024 ]========================== Bruno IDE Desktop prior to 1.29.0 Author: Rodolfo Tavares Tempest Security Intelligence – Recife, Pernambuco – Brazil =====[ Table of Contents ]================================================== Overview Detailed Description Timeline of Disclosure Thanks & Acknowledgements References =====[ Vulnerability Information… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team on Jan 15 The Asterisk Development Team would like to announce security release Asterisk 20.11.1. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/20.11.1 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 20.11.1 ## Change Log for Release asterisk-20.11.1 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team on Jan 15 The Asterisk Development Team would like to announce security release Asterisk 21.6.1. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/21.6.1 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 21.6.1 ## Change Log for Release asterisk-21.6.1 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Jan 15 The Asterisk Development Team would like to announce security release Asterisk 18.26.1. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/18.26.1 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 18.26.1 ## Change Log for Release asterisk-18.26.1 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Jan 15 The Asterisk Development Team would like to announce security release Asterisk 22.1.1. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/22.1.1 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 22.1.1 ## Change Log for Release asterisk-22.1.1 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure