Next Last 1. 2018-12-31 [1] [FD] [KIS-2018-08] SugarCRM (Web Logic Hooks module) Path Traversal Vuln full-disclos Egidio Romano 2. 2018-12-31 [1] [FD] [KIS-2018-07] SugarCRM (Web Logic Hooks module) PHP Code Injection full-disclos Egidio Romano 3. 2018-12-31 [1] [FD] [KIS-2018-06] SugarCRM (addLabels) PHP Code Injection Vulnerability full-disclos Egidio Romano 4. 2018-12-31 [1] [FD] [KIS-2018-05] SugarCRM (SaveDropDown) PHP Code Injection Vulnerabil full-disclos Egidio Romano 5. 2018-12-31 [1] [FD] [KIS-2018-04] SugarCRM (ConnectorsController) Server-Side Request F full-disclos Egidio Romano 6. 2018-12-31 [1] [FD] [KIS-2018-03] SugarCRM (portal_get_related_notes) SQL Injection Vul full-disclos Egidio Romano 7. 2018-12-31 [1] [FD] [KIS-2018-02] SugarCRM (WorkFlow module) PHP Code Injection Vulnera full-disclos Egidio Romano 8. 2018-12-31 [1] [FD] [KIS-2018-01] Oracle Application Express (AnyChart) Flash-based Cro full-disclos Egidio Romano 9. 2018-12-31 [1] [FD] Multiple Stored Cross-site Scripting Vulnerabilities in ForkCMS 5.0 full-disclos Daniel Bishtawi 10. 2018-12-28 [1] [FD] DSA-2018-224:RSA Archer GRC Platform Improper Access Control Vulner full-disclos secure 11. 2018-12-25 [1] [FD] Chrome Browser for Android Reveals Sensitive Hardware Information full-disclos Nightwatch Cybersecur 12. 2018-12-24 [1] [FD] Call for Papers for ShmooCon Epilogue Closes Jan 1 full-disclos Rob Fuller 13. 2018-12-21 [2] [FD] [CVE-2018-18009] dirary0.js on D-Link DIR-140L, DIR-640L devices al full-disclos Tyler Cui 14. 2018-12-21 [2] [FD] [CVE-2018-18008] spaces.htm on multiple D-Link devices (DSL, DIR, full-disclos Tyler Cui 15. 2018-12-21 [2] [FD] [CVE-2018-18007] atbox.htm on D-Link DSL-2770L devices allows remot full-disclos Tyler Cui 16. 2018-12-21 [2] [FD] LibTIFF 4.0.8 has multiple memory leak vulnerabilities (CVE-2017-16 full-disclos Henri Salo 17. 2018-12-21 [4] [FD] Zoho ManageEngine OpManager 12.3 before Build 123237 has XSS via th full-disclos Murat Aydemir 18. 2018-12-20 [1] [FD] Buffer Overflow in function match() PCRE 8.41 (CVE-2017-16231) full-disclos =?gb18030?B?enp0MDkwN 19. 2018-12-19 [1] [FD] DAVOSET v.1.3.7 full-disclos MustLive 20. 2018-12-18 [1] [FD] [CORE-2018-0007] - GIGABYTE Driver Elevation of Privilege Vulnerabi full-disclos advisories 21. 2018-12-18 [1] [FD] [CORE-2017-0012] - ASUS Drivers Elevation of Privilege Vulnerabilit full-disclos advisories 22. 2018-12-18 [1] [FD] CVE-2018-20211 - DLL Hijacking in Exiftool v8.3.2.0 full-disclos Rafael Pedrero 23. 2018-12-18 [1] [FD] Capstone disassembler v4.0 is out! full-disclos Nguyen Anh Quynh 24. 2018-12-18 [1] [FD] CVE-2018-20193 - Privilege escalation in Juniper Secure Access SSL full-disclos Rafael Pedrero 25. 2018-12-15 [1] [FD] New vulnerabilities in Transcend Wi-Fi SD Card full-disclos MustLive 26. 2018-12-14 [1] [FD] CVE-2018-7691 | The SSC REST API contains Insecure Direct Object Re full-disclos alt3kx via Fulldisclo 27. 2018-12-14 [1] [FD] CVE-2018-7690 | The SSC REST API contains Insecure Direct Object Re full-disclos alt3kx via Fulldisclo 28. 2018-12-14 [1] [FD] YSTS 13th Edition - CFP full-disclos Luiz Eduardo 29. 2018-12-12 [1] [FD] GNU inetutils <= 1.9.4 telnet.c multiple overflows full-disclos Hacker Fantastic via 30. 2018-12-12 [1] [FD] Mikrotik RouterOS telnet arbitrary root file creation 0day full-disclos Hacker Fantastic via Next Last