Next Last 1. 2020-09-30 [1] [FD] CVE-2020-12676 - FusionAuth SAML v2.0 bindings in Java using JAXB - full-disclos Advisories 2. 2020-09-30 [1] [FD] CSNC-2020-005 - Checkmk Local Privilege Escalation full-disclos Advisories 3. 2020-09-29 [1] [FD] CVE-2020-24721: Corona Exposure Notifications API: risk of coercion full-disclos Dirk-Willem van Gulik 4. 2020-09-29 [2] [FD] Navy Federal Reflective Cross Site Scripting (XSS) full-disclos AdaptiveSecurity Cons 5. 2020-09-29 [1] [FD] [SYSS-2019-049] Insufficient Session Expiration (CWE-613) in REDDOX full-disclos Micha Borrmann 6. 2020-09-29 [1] [FD] [SYSS-2020-025] DOMOS 5.8 - OS Command Injection full-disclos Patrick Hener 7. 2020-09-29 [1] [FD] [SYSS-2020-024] Qiata FTA - Persistent Cross-Site Scripting full-disclos Patrick Hener 8. 2020-09-28 [1] [FD] Critical Information Disclosure on WP Courses plugin <= 2.0.29 expo full-disclos Red Timmy Security 9. 2020-09-25 [1] [FD] Regarding the semi-recent OnBase vulnerabilities full-disclos Ken 10. 2020-09-24 [1] [FD] APPLE-SA-2020-09-24-1 macOS Catalina 10.15.6 Supplemental Update, S full-disclos Apple Product Securit 11. 2020-09-22 [1] [FD] [CVE-2020-25203] Frame Preview "com.framer.viewer.FramerViewActivit full-disclos RCE Security 12. 2020-09-20 [1] [FD] Google's osconfig agent - local privilege escalation full-disclos Imre Rad 13. 2020-09-19 [2] [FD] Visitor Management System in PHP 1.0 - Authenticated SQL Injection full-disclos Ava Tester One 14. 2020-09-19 [2] [FD] Seat Reservation System 1.0 Unauthenticated Remote Code Execution ( full-disclos Ava Tester One 15. 2020-09-16 [1] [FD] APPLE-SA-2020-09-16-5 Xcode 12.0 full-disclos Apple Product Securit 16. 2020-09-16 [1] [FD] APPLE-SA-2020-09-16-4 watchOS 7.0 full-disclos Apple Product Securit 17. 2020-09-16 [1] [FD] APPLE-SA-2020-09-16-3 Safari 14.0 full-disclos Apple Product Securit 18. 2020-09-16 [1] [FD] APPLE-SA-2020-09-16-2 tvOS 14.0 full-disclos Apple Product Securit 19. 2020-09-16 [1] [FD] APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 full-disclos Apple Product Securit 20. 2020-09-16 [1] [FD] Apache + PHP <= 7.4.10 open_basedir bypass full-disclos Havijoori via Fulldis 21. 2020-09-14 [1] [FD] [CVE-2020-16171] Acronis Cyber Backup <= v12.5 Build 16341 Full Una full-disclos RCE Security 22. 2020-09-14 [1] [FD] ARA-2020-005: Insecure Direct Object Reference in 1CRM (CVE-2020-15 full-disclos Andreas Sperber 23. 2020-09-14 [1] [FD] ModSecurity v3 affected by DoS (CVE-2020-15598) full-disclos Christian Folini 24. 2020-09-12 [1] [FD] Windows TCPIP Finger Command / C2 Channel and Bypassing Security So full-disclos hyp3rlinx 25. 2020-09-10 [1] [FD] Hyland OnBase 19.x and below - Data Import Denial Of Service full-disclos AdaptiveSecurity Cons 26. 2020-09-10 [1] [FD] Hyland OnBase 19.x and below - Unrestricted File Upload full-disclos AdaptiveSecurity Cons 27. 2020-09-10 [1] [FD] Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37 full-disclos Daniel Bishtawi via F 28. 2020-09-09 [1] [FD] Two vulnerabilities found in MikroTik's RouterOS full-disclos Q C 29. 2020-09-08 [1] [FD] =?utf-8?q?CVE-2020-8152_=E2=80=93_Elevation_of_Privilege_in_?= =?ut full-disclos Jason Geffner 30. 2020-09-08 [1] [FD] =?utf-8?q?CVE-2020-8150_=E2=80=93_Remote_Code_Execution_as_S?= =?ut full-disclos Jason Geffner Next Last