惯性聚合
高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文
在惯性聚合中打开
即将跳转到惯性聚合
3
在聚合应用中查看完整内容和互动
立即跳转
取消
推荐订阅源
V2EX - 技术
Threat Intelligence Blog | Flashpoint
T
Threat Research - Cisco Blogs
T
The Exploit Database - CXSecurity.com
S
Schneier on Security
S
Securelist
P
Privacy & Cybersecurity Law Blog
Scott Helme
T
Threatpost
C
Cybersecurity and Infrastructure Security Agency CISA
L
LINUX DO - 热门话题
Cyberwarzone
Cisco Talos Blog
量
量子位
博
博客园 - Franky
cs.CL updates on arXiv.org
Latest news
T
Troy Hunt's Blog
N
News | PayPal Newsroom
Google Online Security Blog
Apple Machine Learning Research
N
Netflix TechBlog - Medium
小众软件
P
Palo Alto Networks Blog
Spread Privacy
C
Cyber Attacks, Cyber Crime and Cyber Security
C
Check Point Blog
aimingoo的专栏
WordPress大学
L
Lohrmann on Cybersecurity
L
LINUX DO - 最新话题
D
Darknet – Hacking Tools, Hacker News & Cyber Security
钛媒体:引领未来商业与生活新知
The Last Watchdog
S
Security @ Cisco Blogs
P
Privacy International News Feed
Last Week in AI
Microsoft Security Blog
T
Tailwind CSS Blog
博
博客园_首页
云风的 BLOG
V
Vulnerabilities – Threatpost
D
DataBreaches.Net
Recent Announcements
酷 壳 – CoolShell
CTFtime.org: upcoming CTF events
罗
罗磊的独立博客
Engineering at Meta
Forbes - Security
T
Tenable Blog
Full Disclosure
[NotCVE-2026-0001] Cloudflare Universal SSL CAA augmentation weakens RFC 8657 account binding — CVE-2026-14440 assigned 163 days after public no-CVE disclosure
Full Disclosure: Subject: Advisory Submission: EZ Game Booster
Full Disclosure: CVE-2026-56877 - Skillable SCORM userId authorisation bypass
Full Disclosure: [REVIVE-SA-2026-003] Revive Adserver Vulnerabilities
Full Disclosure: OPNsense XPATH Injection (CVE-2026-53582)
Authentication Bypass for SafeLine SL6 and SL6+
confidentiality and anonymity leakage to third parties
Full Disclosure: OpenBlow Multiple Deanonymization Vulnerabilities
Site-access password exposed in web server access logs via GET query string
Full Disclosure: APPLE-SA-06-29-2026-3 Safari 26.5.2
Full Disclosure: APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2
APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2
symlink following and TOCTOU in privileged upload handler allow arbitrary file write as root
[KIS-2026-12] Control Web Panel <= 0.9.8.1224 (userRes) SQL Injection Vulnerability
Full Disclosure: [fulldis] CVE-2026-58451 - Horde Groupware IMP path traversal vuln
Full Disclosure: Samsung Galaxy Buds – Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption (Vendor Response: Working as Intended)
Full Disclosure: Asterisk Security Release 23.4.1
Full Disclosure: Asterisk Security Release 22.10.1
Full Disclosure: Asterisk Security Release 21.12.3
Full Disclosure: Asterisk Security Release 20.20.1
Certified Asterisk Security Release certified-22.8-cert3
Certified Asterisk Security Release certified-20.7-cert11
Zig std.http chunked reader integer overflow -> unauthenticated remote DoS
Remote Kernel Stack Disclosure via MPLS Label Stack Over-read
Full Disclosure: OpenBSD sppp_pap_input: PAP authentication bypass
Full Disclosure: SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies
Full Disclosure: SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions
Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3
Full Disclosure: SEC Consult SA-20260616-0 :: Broken Access Control in syracom AG Secure Login (2FA) for Atlassian Jira / Confluence
APPLE-SA-06-16-2026-1 Beats Firmware Update 1B211
PHP 8.5.7 `levenshtein()` signed-integer overflow
Full Disclosure: PHP 8.5.7 `dom_xml_serialization_algorithm()` stack-overflow
PHP 8.5.7 `mb_substr()` 'SJIS-mac' size_t underflow
PHP 8.5.7 `FILTER_SANITIZE_ENCODED` uninitialized read
Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure
Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System – Microcontroller)
Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)
Local Privilege Escalation in Slate Digital Connect (macOS)
Full Disclosure: SEC Consult SA-20260609-0 :: Multiple Local Privilege Escalation Vulnerabilities in Waves Audio
[KIS-2026-11] Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability
[KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability
[KIS-2026-09] Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability
Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Genetec products
[SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping
Full Disclosure: [REVIVE-SA-2026-002] Revive Adserver Vulnerabilities
Full Disclosure: CyberDanube Security Research 20260528-0
four vulnerabilities — two unfixed, GHSA without a CVE
Full Disclosure: Re: Dovecot Security Advisory OXDC-2026-0002
SSRF in Anthropic mcp-server-fetch and Microsoft playwright-mcp — publicly disclosed via GitHub issues
Full Disclosure: [SECURITY ADVISORY] CVE-2021-21735
Full Disclosure: [SECURITY ADVISORY] CVE-2026-34474
Full Disclosure: [SECURITY ADVISORY] CVE-2026-34472
Full Disclosure: [SECURITY ADVISORY] CVE-2026-34473
Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect
Full Disclosure: APPLE-SA-05-13-2026-1 Safari 26.5
Full Disclosure: APPLE-SA-05-11-2026-11 visionOS 26.5
Full Disclosure: APPLE-SA-05-11-2026-10 watchOS 26.5
Full Disclosure: APPLE-SA-05-11-2026-9 tvOS 26.5
Full Disclosure: APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7
Full Disclosure: APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7
APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8
APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16
Full Disclosure: APPLE-SA-05-11-2026-3 iPadOS 17.7.11
APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9
Impersonation attacks on Edupage portal
Edupage web and mobile application authorization bypass leaks PII and IBAN codes
Full Disclosure: Dovecot Security Advisory OXDC-2026-0002
Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro (CVE-2024-13971)
Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP (CVE-2024-39847)
ESP-RFID-Tool v2 PRO — Full Public Disclosure
DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service)
Broken Access Control in Config Endpoint in LiteLLM
Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer
APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8
APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2
When Trusted Tools Become Attack Primitives
[KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability
[KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability
Full Disclosure: Trojan-Spy.Win32.Small / Remote Command Execution
Full Disclosure: [IWCC 2026] CfP: 15th International Workshop on Cyber Crime
GoAnywhere MFT Email HTML Injection
Full Disclosure: CyberDanube Security Research 20260408-1
Full Disclosure: CyberDanube Security Research 20260408-0
Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS
Broken Access Control in Open WebUI
Full Disclosure: SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS)
14 Third-Party Endpoints, 6 Countries, Zero User Visibility
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability
Full Disclosure: APPLE-SA-03-24-2026-10 Xcode 26.4
Full Disclosure: APPLE-SA-03-24-2026-9 Safari 26.4
Full Disclosure: APPLE-SA-03-24-2026-8 visionOS 26.4
Full Disclosure: APPLE-SA-03-24-2026-7 watchOS 26.4
Full Disclosure: APPLE-SA-03-24-2026-6 tvOS 26.4
Full Disclosure: APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5
Full Disclosure: APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5
Full Disclosure: APPLE-SA-03-24-2026-3 macOS Tahoe 26.4
APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7
APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4
APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5
2026-05-18
·
via
Full Disclosure
Posted by Apple Product Security via Fulldisclosure on May 17 APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5…
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。
原文来自
— 版权归原作者所有。