Voozh

lists.openwall.net

lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

full-disclosure mailing list

	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2026	31	32	26	22	24	24
2025	24	20	9	32	24	27	41	19	82	33	22	37
2024	75	25	44	29	37	13	24	41	59	22	20	22
2023	29	17	27	14	28	10	54	33	21	32	15	30
2022	90	58	61	56	48	49	35	16	29	54	26	32
2021	84	93	81	77	81	60	72	39	59	83	56	50
2020	38	50	57	63	60	35	37	24	55	34	45	60
2019	71	54	64	41	52	49	40	37	45	44	49	37
2018	102	84	79	62	73	46	94	54	57	54	69	56
2017	100	76	119	114	108	52	92	52	110	71	51	89
2016	100	128	97	93	77	79	89	139	85	103	162	88
2015	134	101	165	115	135	112	126	91	124	115	111	129
2014	194	273	434	339	247	183	169	90	116	135	103	138
2013	280	162	294	351	226	259	277	303	187	294	222	224
2012	614	478	388	384	323	428	394	393	210	277	236	280
2011	595	686	441	561	573	562	370	420	407	995	462	512
2010	645	492	579	458	406	642	419	440	426	528	375	702
2009	979	385	488	318	284	299	551	454	474	365	377	507
2008	623	503	603	821	685	400	593	557	630	547	734	647
2007	595	628	577	752	570	663	664	531	709	933	600	644
2006	991	742	2171	885	788	1116	781	843	578	686	540	503
2005	870	722	942	685	681	433	823	1081	888	680	1057	1541
2004	1383	1535	1525	1163	1460	1018	1373	1331	1102	1186	1435	818
2003	524	393	311	506	442	891	1270	1982	1832	1866	1232	800
2002	2	2	3	2	341	861	703	389	476	324
1970	1

Recent messages:

2026/06/21 #12: [FD] OpenBSD mpls_do_error: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read (shj <shahriyar@...eray.co.uk>)
2026/06/21 #11: [FD] OpenBSD sppp_pap_input: PAP authentication bypass (shj <shahriyar@...eray.co.uk>)
2026/06/21 #10: [FD] SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies … (SEC Consult Vulnerability Lab via Fulld…)
2026/06/21 #9: [FD] SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions - SCHEMA ST4 (SEC Consult Vulnerability Lab via Fulldisclosure <fulldis…)
2026/06/21 #8: [FD] SEC Consult SA-20260617-0 :: Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3 (SEC Consult Vulnerability Lab via Fulldisclo…)
2026/06/21 #7: [FD] SEC Consult SA-20260616-0 :: Broken Access Control in syracom AG Secure Login (2FA) for Atlassian Jira / Confluenc… (SEC Consult Vulnerability Lab via Fulld…)
2026/06/21 #6: [FD] APPLE-SA-06-16-2026-1 Beats Firmware Update 1B211 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/06/21 #5: [FD] PHP 8.5.7 `levenshtein()` signed-integer overflow (Khashayar Fereidani <info@...eidani.com>)
2026/06/21 #4: [FD] PHP 8.5.7 `dom_xml_serialization_algorithm()` stack-overflow (Khashayar Fereidani <info@...eidani.com>)
2026/06/21 #3: [FD] PHP 8.5.7 `mb_substr()` 'SJIS-mac' size_t underflow (Khashayar Fereidani <info@...eidani.com>)
2026/06/21 #2: [FD] PHP 8.5.7 `FILTER_SANITIZE_ENCODED` uninitialized read (Khashayar Fereidani <info@...eidani.com>)
2026/06/21 #1: [FD] CVE-2025-68624: Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure (Alessandro Bertoldi BCS via Fulldisclosure <fulldisclosure@...lists.…)
2026/06/16 #7: [FD] SEC Consult SA-20260615-1 :: Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Dep… (SEC Consult Vulnerability Lab via Fulld…)
2026/06/16 #6: [FD] SEC Consult SA-20260615-0 :: Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS… (SEC Consult Vulnerability Lab via Fulld…)
2026/06/16 #5: [FD] SEC Consult SA-20260610-0 :: Local Privilege Escalation in Slate Digital Connect (macOS) (SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosur…)
2026/06/16 #4: [FD] SEC Consult SA-20260609-0 :: Multiple Local Privilege Escalation Vulnerabilities in Waves Audio - Waves Central (SEC Consult Vulnerability Lab via Fulldis…)
2026/06/16 #3: [FD] [KIS-2026-11] Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/06/16 #2: [FD] [KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/06/16 #1: [FD] [KIS-2026-09] Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/06/09 #2: [FD] SEC Consult SA-20260608-0 :: Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Gen… (SEC Consult Vulnerability Lab via Fulld…)
2026/06/09 #1: [FD] [SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping (Moritz Bechler via Fulldisclosure <fulldisclosure@...lists.org>)
2026/06/05 #1: [FD] [REVIVE-SA-2026-002] Revive Adserver Vulnerabilities (Matteo Beccati <php@...cati.com>)
2026/06/01 #2: [FD] CyberDanube Security Research 20260528-0 | Multiple Vulnerabilities in Multiple Vulnerabilities in Mennekes Amtron… (Thomas Weber | CyberDanube via Fulldisc…)
2026/06/01 #1: [FD] bmcweb (OpenBMC web server): four vulnerabilities — two unfixed, GHSA without a CVE (binreaper via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/26 #7: Re: [FD] Dovecot Security Advisory OXDC-2026-0002 (Noel Butler via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/26 #6: [FD] SSRF in Anthropic mcp-server-fetch and Microsoft playwright-mcp — publicly disclosed via GitHub issues (outreach@...entia.net)
2026/05/26 #5: [FD] [SECURITY ADVISORY] CVE-2021-21735 - ZTE ZXHN H168N V3.5 Unauthenticated Admin Credential Leak ("m.nageh" <minanageh379@...il.com>)
2026/05/26 #4: [FD] [SECURITY ADVISORY] CVE-2026-34474 - ZTE H298A/H108N Unauthenticated Admin Credential Exposure ("m.nageh" <minanageh379@...il.com>)
2026/05/26 #3: [FD] [SECURITY ADVISORY] CVE-2026-34472 - ZTE ZXHN H188A V6 Authentication Bypass via Pre-Login Wizard ("m.nageh" <minanageh379@...il.com>)
2026/05/26 #2: [FD] [SECURITY ADVISORY] CVE-2026-34473 - Unauthenticated DoS in 17+ ZTE Router Models (140K+ Devices) ("m.nageh" <minanageh379@...il.com>)
2026/05/26 #1: [FD] Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect (Adamczyk Blazej <blazej.adamczyk@...il.com>)
2026/05/17 #17: [FD] APPLE-SA-05-13-2026-1 Safari 26.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #16: [FD] APPLE-SA-05-11-2026-11 visionOS 26.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #15: [FD] APPLE-SA-05-11-2026-10 watchOS 26.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #14: [FD] APPLE-SA-05-11-2026-9 tvOS 26.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #13: [FD] APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #12: [FD] APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #11: [FD] APPLE-SA-05-11-2026-6 macOS Tahoe 26.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #10: [FD] APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #9: [FD] APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #8: [FD] APPLE-SA-05-11-2026-3 iPadOS 17.7.11 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #7: [FD] APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #6: [FD] APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/05/17 #5: [FD] Full disclosure: Impersonation attacks on Edupage portal (Juraj Kosik <juraj.kosik@...il.com>)
2026/05/17 #4: [FD] Full disclosure: Edupage web and mobile application authorization bypass leaks PII and IBAN codes (Juraj Kosik <juraj.kosik@...il.com>)
2026/05/17 #3: [FD] Dovecot Security Advisory OXDC-2026-0002 (Aki Tuomi <aki.tuomi@...ecot.fi>)
2026/05/17 #2: [FD] SCHUTZWERK-SA-2024-005: Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_p… (David Brown via Fulldisclosure <fulldis…)
2026/05/17 #1: [FD] SCHUTZWERK-SA-2024-002: Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server… (David Brown via Fulldisclosure <fulldis…)
2026/04/29 #14: [FD] ESP-RFID-Tool v2 PRO — Full Public Disclosure (Milan Berger via Fulldisclosure <fulldisclosure@...lists.org>)
2026/04/29 #13: Re: [FD] SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App (SEC Consult Vulnerability Lab via Fulldi…)
2026/04/29 #12: [FD] SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App (SEC Consult Vulnerability Lab via Fulldisclo…)
2026/04/29 #11: [FD] SEC Consult SA-20260423-0 :: DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service) (SEC Consult Vulnerability Lab via Fulldisc…)
2026/04/29 #10: [FD] SEC Consult SA-20260421-0 :: Broken Access Control in Config Endpoint in LiteLLM (SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure@...lis…)
2026/04/29 #9: [FD] SEC Consult SA-20260415-0 :: Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Expl… (SEC Consult Vulnerability Lab via Fulld…)
2026/04/29 #8: [FD] APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/04/29 #7: [FD] APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/04/29 #6: [FD] Research: When Trusted Tools Become Attack Primitives (Nir Yehoshua <nir@...hersecuritylabs.com>)
2026/04/29 #5: [FD] [KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/04/29 #4: [FD] [KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/04/29 #3: [FD] Trojan-Spy.Win32.Small / Remote Command Execution (malvuln <malvuln13@...il.com>)
2026/04/29 #2: [FD] [IWCC 2026] CfP: 15th International Workshop on Cyber Crime - Linköping, Sweden, Aug 24-27, 2026 (Artur Janicki via Fulldisclosure <fulldisclosure@...list…)
2026/04/29 #1: [FD] [SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection (SBA Research Security Advisory via Fulldisclosure <fulldisclosure@...lists.org>)
2026/04/14 #3: [FD] CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000 (Thomas Weber | CyberDanube via Fulldisclosure <fulldisclosure…)
2026/04/14 #2: [FD] CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000 (Thomas Weber | CyberDanube via Fulldisclosure <full…)
2026/04/14 #1: [FD] SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP… (SEC Consult Vulnerability Lab via Fulld…)
2026/04/03 #5: [FD] SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI (SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure@...lists.org>)
2026/04/03 #4: [FD] SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library (SEC Consult Vulnerability Lab via Fulldisc…)
2026/04/03 #3: [FD] Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility (Joseph Goydish II via Fulldisclosure <fulldisclosure@...lists.org>)
2026/04/03 #2: [FD] [KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/04/03 #1: [FD] [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability (cyber security <cs7778503@...il.com>)
2026/03/29 #14: [FD] APPLE-SA-03-24-2026-10 Xcode 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #13: [FD] APPLE-SA-03-24-2026-9 Safari 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #12: [FD] APPLE-SA-03-24-2026-8 visionOS 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #11: [FD] APPLE-SA-03-24-2026-7 watchOS 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #10: [FD] APPLE-SA-03-24-2026-6 tvOS 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #9: [FD] APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #8: [FD] APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #7: [FD] APPLE-SA-03-24-2026-3 macOS Tahoe 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #6: [FD] APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #5: [FD] APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/29 #4: [FD] [KIS-2026-05] MailEnable <= 10.54 Multiple Reflected Cross-Site Scripting Vulnerabilities (Egidio Romano <n0b0d13s@...il.com>)
2026/03/29 #3: [FD] OpenClaw MEDIA: Protocol Prompt Injection - File Disclosure Bypassing Tool Permissions (Silently Fixed, Report Denied) (Guang Gong <higongguang@...il.com>)
2026/03/29 #2: [FD] Dovecot Security Advisory OXDC-2026-0001 (Aki Tuomi <aki.tuomi@...ecot.fi>)
2026/03/29 #1: [FD] CVE-2026-33150, CVE-2026-33179: libfuse io_uring memory safety vulnerabilities (use-after-free, NULL deref) (Abhinav Agarwal <abhinavagarwal1996@...il.co…)
2026/03/19 #4: [FD] snap-confine + systemd-tmpfiles = root (CVE-2026-3888) (Qualys Security Advisory via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/19 #3: [FD] APPLE-SA-03-17-2026-1 Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3… (Apple Product Security via Fulldisclosu…)
2026/03/19 #2: [FD] SEC Consult SA-20260318-0 :: Multiple Privilege Escalation Vulnerabilities in Arturia Software Center MacOS (SEC Consult Vulnerability Lab via Fulldisclos…)
2026/03/19 #1: [FD] SEC Consult SA-20260317-0 :: Multiple vulnerabilities in PEGA Infinity platform (SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure@...list…)
2026/03/17 #1: [FD] UPDATE: Ant Group Censors 4 Security Research Articles After Initial Complaint Rejection (Jiqiang Feng via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/12 #7: [FD] JSON Deserialiser Unconstrained Resource Consumption Quick Overview (Daniel Owens via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/12 #6: [FD] Defense in depth -- the Microsoft way (part 96): yet another SAFER (SRPv1) and AppLocker (SRPv2) loophole (Stefan Kanthak via Fulldisclosure <fulldisclosu…)
2026/03/12 #5: [FD] Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3) (Feng Ning via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/12 #4: [FD] Cohesity TranZman Migration Appliance - 5 CVEs (command injection, LPE, unsigned patches, weak crypto) (GregD via Fulldisclosure <fulldisclosure@...lists.…)
2026/03/12 #3: [FD] APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/12 #2: [FD] APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15 (Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>)
2026/03/12 #1: [FD] SEC Consult SA-20260224-0 :: Multiple vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker (CVE-2025-10010) (SEC Consult Vulnerability Lab via Fulld…)
2026/02/22 #2: [FD] SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud) (SEC Consult Vulnerability Lab via Fulldisclosure <…)
2026/02/22 #1: [FD] [KIS-2026-04] SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability (Egidio Romano <n0b0d13s@...il.com>)
2026/02/16 #20: [FD] SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models (SEC Consult Vulnerability Lab via Fulldisclosure <fulldi…)
2026/02/16 #19: [FD] [Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0 (privexploits via Fulldisclosure <fulldisclos…)

103142 messages

URL: https://lists.openwall.net/full-disclosure/

⇱ full-disclosure mailing list

full-disclosure mailing list