SEC Consult SA-20240212-0 :: Multiple Stored Cross-Site Scripting vulnerabilities in Statamic CMS
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 13 SEC Consult Vulnerability Lab Security Advisory < 20240212-0 > ======================================================================= title: Multiple Stored...
Stored XSS and RCE – adaptcmsv3.0.3
Posted by Andrey Stoykov on Feb 13 # Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 # Date: 02/2024 # Exploit Author: Andrey Stoykov #...
OXAS-ADV-2023-0007: OX App Suite Security Advisory
Posted by Martin Heiland via Fulldisclosure on Feb 13 Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed...
Android passkeys unexpectedly deleted or useless after sync
Posted by Erik van Straten (FD) on Feb 13 *INTRODUCTION* Passkeys on Android are stored in Google Password Manager by default. The user cannot make...
Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables
Posted by Austin DeFrancesco via Fulldisclosure on Feb 13 Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables ================================================================================================================================= Contents:...
Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749)
Posted by Austin DeFrancesco via Fulldisclosure on Feb 13 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749) =========================================================================================== Contents: --------- Summary...
Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 2.
Posted by hyp3rlinx on Feb 13 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART2.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com...
Wyrestorm Apollo VX20 / Incorrect Access Control – Credentials Disclosure / CVE-2024-25735
Posted by hyp3rlinx on Feb 13 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_INCORRECT_ACCESS_CONTROL_CREDENTIALS_DISCLOSURE_CVE-2024-25735.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.wyrestorm.com...
Wyrestorm Apollo VX20 / Account Enumeration / CVE-2024-25734
Posted by hyp3rlinx on Feb 13 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_ACCOUNT_ENUMERATION_CVE-2024-25734.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.wyrestorm.com...
Wyrestorm Apollo VX20 / Incorrect Access Control – DoS / CVE-2024-25736
Posted by hyp3rlinx on Feb 13 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_INCORRECT_ACCESS_CONTROL_DOS_CVE-2024-25736.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.wyrestorm.com...