Full Disclosure Mailing List

• Current Month
• RSS Feed
• About List
• All Lists

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

List Archives

• Jan
• Feb
• Mar
• Apr
• May
• Jun
• Jul
• Aug
• Sep
• Oct
• Nov
• Dec
• 2024
• 75
• 25
• 44
• 29
• 27
• –
• –
• –
• –
• –
• –
• –
• 2023
• 29
• 17
• 27
• 14
• 28
• 10
• 52
• 33
• 21
• 32
• 15
• 30
• 2022
• 91
• 57
• 63
• 54
• 48
• 57
• 27
• 17
• 30
• 52
• 26
• 32
• 2021
• 84
• 93
• 81
• 77
• 81
• 60
• 72
• 39
• 59
• 79
• 56
• 50
• 2020
• 52
• 36
• 57
• 63
• 60
• 35
• 37
• 24
• 55
• 34
• 45
• 60
• 2019
• 71
• 54
• 64
• 41
• 52
• 49
• 40
• 37
• 45
• 59
• 34
• 37
• 2018
• 102
• 84
• 79
• 61
• 73
• 46
• 95
• 53
• 57
• 54
• 69
• 56
• 2017
• 99
• 103
• 91
• 113
• 108
• 52
• 95
• 58
• 98
• 71
• 51
• 89
• 2016
• 100
• 128
• 97
• 93
• 75
• 79
• 89
• 139
• 85
• 103
• 162
• 88
• 2015
• 134
• 101
• 165
• 115
• 133
• 112
• 126
• 86
• 121
• 115
• 111
• 129
• 2014
• 194
• 273
• 434
• 325
• 213
• 173
• 167
• 89
• 115
• 135
• 103
• 138
• 2013
• 282
• 162
• 290
• 263
• 227
• 259
• 277
• 303
• 187
• 294
• 222
• 224
• 2012
• 611
• 477
• 390
• 382
• 323
• 428
• 394
• 393
• 210
• 277
• 236
• 280
• 2011
• 580
• 687
• 439
• 561
• 572
• 565
• 367
• 393
• 370
• 995
• 466
• 511
• 2010
• 637
• 502
• 564
• 452
• 408
• 631
• 417
• 445
• 414
• 523
• 342
• 696
• 2009
• 979
• 380
• 465
• 318
• 282
• 291
• 550
• 455
• 421
• 339
• 386
• 502
• 2008
• 615
• 496
• 600
• 821
• 681
• 403
• 591
• 557
• 639
• 531
• 739
• 634
• 2007
• 593
• 629
• 573
• 744
• 555
• 661
• 662
• 530
• 709
• 935
• 582
• 641
• 2006
• 992
• 740
• 1865
• 865
• 789
• 1058
• 770
• 771
• 578
• 678
• 545
• 493
• 2005
• 927
• 676
• 950
• 654
• 678
• 437
• 766
• 1078
• 890
• 677
• 1065
• 1531
• 2004
• 1358
• 1534
• 1499
• 1153
• 1451
• 1031
• 1370
• 1314
• 1091
• 1174
• 1424
• 731
• 2003
• 505
• 405
• 296
• 500
• 421
• 890
• 1251
• 1942
• 1763
• 1806
• 1123
• 782
• 2002
• –
• –
• –
• –
• –
• –
• 314
• 835
• 684
• 381
• 454
• 313

Latest Posts

SEC Consult SA-20240513-0 :: Tolerating Self-Signed Certificates in SAP® Cloud Connector SEC Consult Vulnerability Lab via Fulldisclosure (May 14)
SEC Consult Vulnerability Lab Security Advisory < 20240513-0 >
=======================================================================
title: Tolerating Self-Signed Certificates
product: SAP® Cloud Connector
vulnerable version: 2.15.0 - 2.16.1 (Portable and Installer)
fixed version: 2.16.2 (Portable and Installer)
CVE number: CVE-2024-25642
impact: high
homepage:...

TROJANSPY.WIN64.EMOTET.A / Arbitrary Code Execution malvuln (May 14)
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/f917c77f60c3c1ac6dbbadbf366ddd30.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: TrojanSpy.Win64.EMOTET.A
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes a x64-bit "CRYPTBASE.dll"
PE file in its current directory. Therefore, we can hijack the DLL and
execute our own...

BACKDOOR.WIN32.ASYNCRAT / Arbitrary Code Execution malvuln (May 14)
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/2337b9a12ecf50b94fc95e6ac34b3ecc.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.AsyncRat
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes a x32-bit "CRYPTSP.dll" PE
file in its current directory. Therefore, we can hijack the DLL and execute
our own...

Re: Panel.SmokeLoader / Cross Site Request Forgery (CSRF) malvuln (May 14)
Updated and fixed a payload typo and added additional info regarding the
stored persistent XSS see attached.

Thanks, Malvuln

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Panel.SmokeLoader
Vulnerability: Cross Site Request Forgery (CSRF) - Persistent XSS
Family: SmokeLoader...

Panel.SmokeLoader / Cross Site Request Forgery (CSRF) malvuln (May 14)
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Panel.SmokeLoader
Vulnerability: Cross Site Request Forgery (CSRF)
Family: SmokeLoader
Type: Web Panel
MD5: 4b5fc3a2489985f314b81d35eac3560f (control.php)
SHA256: 8d02238577081be74b9ebc1effcfbf3452ffdb51f130398b5ab875b9bfe17743
Vuln...

Panel.SmokeLoader C2 / Cross Site Scripting (XSS) malvuln (May 14)
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Panel.SmokeLoader
Vulnerability: Cross Site Scripting (XSS)
Family: SmokeLoader
Type: Web Panel
MD5: 4b5fc3a2489985f314b81d35eac3560f (control.php)
SHA256: 8d02238577081be74b9ebc1effcfbf3452ffdb51f130398b5ab875b9bfe17743
Vuln ID:...

Panel.Amadey.d.c C2 / Cross Site Scripting (XSS) malvuln (May 14)
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Panel Amadey.d.c
Vulnerability: Cross Site Scripting (XSS)
Family: Amadey
Type: Web Panel
MD5: 50467c891bf7de34d2d65fa93ab8b558 (Login.php)
SHA256: 65623eead2bcba66817861246e842386d712c38c5c5558e50eb49cffa2a1035d
Vuln ID:...

Re: RansomLord v3 / Anti-Ransomware Exploit Tool Released malvuln (May 14)
Updated, fixed typo
SHA256 : 810229C7E62D5EDDD3DA9FFA19D04A31D71F9C36D05B6A614FEF496E88656FF5

RansomLord v3 / Anti-Ransomware Exploit Tool Released malvuln (May 14)
Proof-of-concept tool that automates the creation of PE files, used to
exploit Ransomware pre-encryption. Updated v3:
https://github.com/malvuln/RansomLord/releases/tag/v3
Lang: C SHA256:
83f56d14671b912a9a68da2cd37607cac3e5b31560a6e30380e3c6bd093560f5

Video PoC (old v2):
https://www.youtube.com/watch?v=_Ho0bpeJWqI

RansomLord generated PE files are saved to disk in the x32 or x64
directories where the program is run from. Goal is to exploit...

APPLE-SA-05-13-2024-8 tvOS 17.5 Apple Product Security via Fulldisclosure (May 14)
APPLE-SA-05-13-2024-8 tvOS 17.5

tvOS 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214102.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleAVD
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to execute arbitrary code with kernel...

APPLE-SA-05-13-2024-7 watchOS 10.5 Apple Product Security via Fulldisclosure (May 14)
APPLE-SA-05-13-2024-7 watchOS 10.5

watchOS 10.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214104.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleAVD
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges...

Research about consistency of CVSSv4 Julia Wunder (May 14)
Hello there,

The University of Erlangen-Nuremberg (Germany) is conducting a research
study to investigate the reliability of CVSSv4 (Common Vulnerability
Scoring System). We conducted a survey on CVSSv3.1 in winter 2020/21 and
found out that the ratings are not always consistent [1]. Now we want to
investigate the latest version CVSSv4. If you are currently assessing
vulnerabilities using CVSS, we would greatly appreciate your...

APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5 Apple Product Security via Fulldisclosure (May 14)
APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5

macOS Monterey 12.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214105.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Find My
Available for: macOS Monterey
Impact: A malicious application may be able to access Find My data...

APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7 Apple Product Security via Fulldisclosure (May 14)
APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7

macOS Ventura 13.6.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214107.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Foundation
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A...

APPLE-SA-05-13-2024-4 macOS Sonoma 14.5 Apple Product Security via Fulldisclosure (May 14)
APPLE-SA-05-13-2024-4 macOS Sonoma 14.5

macOS Sonoma 14.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214106.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleAVD
Available for: macOS Sonoma
Impact: An app may be able to execute arbitrary code with kernel
privileges...

More Lists

Dozens of other network security lists are archived at SecLists.Org.