Nitro – 77,159,696 breached accounts
In September 2020, the Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses.
Read more
Uncategorized
Romwe – 19,531,820 breached accounts
In mid-2018, the Hong Kong-based retailer Romwe suffered a data breach which exposed almost 20 million customers. The data was
Read more
Jobandtalent – 10,981,207 breached accounts
In approximately February 2018, the employment website Jobandtalent suffered a data breach which then appeared for sale alongside other breaches
Read more
Glofox – 2,330,735 breached accounts
In March 2020, the Irish gym management software company Glofox suffered a data breach which exposed 2.3M membership records. The
Read more
GeniusU – 1,301,460 breached accounts
In November 2020, a collection of data breaches were made public including the “Entrepreneur Success Platform”, GeniusU. Dating back to
Read more
[KIS-2021-01] IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
Posted by Egidio Romano on Jan 06 —————————————————————————– IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability —————————————————————————–
Read more
Backdoor.Win32.Zombam.k / Remote Stack Buffer Overflow
Posted by malvuln on Jan 06 Discovery / credits: malvuln – Malvuln.com (c) 2021 Original source:https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt Contact: malvuln13 () gmail
Read more
Files.com – Auth Bypass (Fat Client)
Posted by Balázs Hambalkó on Jan 06 Hi, Vendor: Files.com Product: Fat Client Tested version: 3.3.6 but newer version high
Read more
CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
Posted by Aki Tuomi on Jan 06 Open-Xchange Security Advisory 2021-01-04 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOP-2009
Read more
survey on reliability of CVSS
Posted by Zinaida Benenson on Dec 29 The University of Erlangen-Nuremberg (Germany) is conducting a research study to test the
Read more
Re: CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Posted by Mark E. Jeftovic on Dec 29 Is there a transposition typo in the Mac OSX version number? *Fixed
Read more
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Posted by Reed Loden on Dec 25 Due to a process fail, this CVE ID was accidentally reused for another
Read more
CarolinaCon Online CFP
Posted by CarolinaCon on Dec 25 We hope this email finds you well. This year has had its challenges and
Read more
Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze
Posted by Reed Loden on Dec 25 Due to a process fail, this CVE ID was accidentally reused for another
Read more
[CVE-2018-7580] – Philips Hue Denial of Service
Posted by Ilia Shnaidman on Dec 25 [+] Credits: Ilia Shnaidman [+] @0x496c on Twitter [+] https://www.iliashn.com Vendor: ============= Philips
Read more
Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze
Posted by Jason Geffner on Dec 25 Thanks, Reed. I’ve updated the GitHub repository name to reflect this change. The
Read more
AST-2020-004: Remote crash in res_pjsip_diversion
Posted by Asterisk Security Team on Dec 22 Asterisk Project Security Advisory – AST-2020-004 Product Asterisk Summary Remote crash in
Read more
AST-2020-003: Remote crash in res_pjsip_diversion
Posted by Asterisk Security Team on Dec 22 Asterisk Project Security Advisory – AST-2020-003 Product Asterisk Summary Remote crash in
Read more
Rocket.Chat Path Traversal
Posted by Moe Szyslak on Dec 21 Rocket.Chat has fixed a server-side path traversal vulnerability that may be abused to
Read more
remote code execution when open a project in android studio that google refused to fix(still 0day)
Posted by houjingyi on Dec 21 Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio,
Read more
SUPREMO Local privilege escalation
Posted by Adan Alvarez on Dec 21 Details ======= Subject: Local Privilege Escalation Product: SUPREMO by Nanosystems S.r.l. Vendor Homepage:
Read more
Ledger – 1,075,241 breached accounts
In June 2020, the hardware crypto wallet manufacturer Ledger suffered a data breach that exposed over 1 million email addresses.
Read more
Defense in depth — the Microsoft way (part 68): where compatibility means vulnerability
Posted by Stefan Kanthak on Dec 18 Hi @ll, this post is a shortened version of <https://skanthak.homepage.t-online.de/detour.html> With Windows 2000
Read more
CA20201215-01: Security Notice for CA Service Catalog
Posted by Kevin Kotas via Fulldisclosure on Dec 18 CA20201215-01: Security Notice for CA Service Catalog Issued: December 15, 2020
Read more