1. 2024-04-22 [1] [FD] Defense in depth -- the Microsoft way (part 87): shipping more rott full-disclos Stefan Kanthak 2. 2024-04-22 [1] [FD] Response to CVE-2023-26756 - Revive Adserver full-disclos Matteo Beccati 3. 2024-04-19 [1] [FD] MindManager 23 - full disclosure full-disclos Pawel Karwowski via F 4. 2024-04-18 [1] [FD] SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app full-disclos SEC Consult Vulnerabi 5. 2024-04-16 [1] [FD] BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH) full-disclos malvuln 6. 2024-04-11 [1] [FD] CVE-2024-31705 full-disclos V3locidad 7. 2024-04-11 [1] [FD] SEC Consult SA-20240411-0 :: Database Passwords in Server Response full-disclos SEC Consult Vulnerabi 8. 2024-04-10 [1] [FD] CVE-2023-27195: Broken Access Control - Registration Code in TM4Web full-disclos Clément_Cruchet 9. 2024-04-10 [1] [FD] Multiple Issues in concretecmsv9.2.7 full-disclos Andrey Stoykov 10. 2024-04-08 [1] [FD] OXAS-ADV-2024-0001: OX App Suite Security Advisory full-disclos Martin Heiland via Fu 11. 2024-04-08 [1] [FD] Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC) full-disclos malvuln 12. 2024-04-05 [1] [FD] [KIS-2024-03] Invision Community <= 4.7.16 (toolbar.php) Remote Cod full-disclos Egidio Romano 13. 2024-04-05 [1] [FD] [KIS-2024-02] Invision Community <= 4.7.15 (store.php) SQL Injectio full-disclos Egidio Romano 14. 2024-04-03 [1] [FD] CVE-2024-30928: SQL Injection Vulnerability in DerbyNet v9.0 via 'c full-disclos Valentin Lobstein via 15. 2024-04-03 [1] [FD] CVE-2024-30929: XSS Vulnerability in DerbyNet v9.0 via 'back' Param full-disclos Valentin Lobstein via 16. 2024-04-03 [1] [FD] CVE-2024-30927: XSS Vulnerability in DerbyNet v9.0 via racer-result full-disclos Valentin Lobstein via 17. 2024-04-03 [1] [FD] CVE-2024-30926: XSS Vulnerability in DerbyNet v9.0 via ./inc/kiosks full-disclos Valentin Lobstein via 18. 2024-04-03 [1] [FD] CVE-2024-30925: XSS Vulnerability in DerbyNet v9.0 via photo-thumbs full-disclos Valentin Lobstein via 19. 2024-04-03 [1] [FD] CVE-2024-30924: XSS Vulnerability in DerbyNet v9.0 via checkin.php full-disclos Valentin Lobstein via 20. 2024-04-03 [1] [FD] CVE-2024-30923: SQL Injection in DerbyNet v9.0 via print/render/rac full-disclos Valentin Lobstein via 21. 2024-04-03 [1] [FD] CVE-2024-30922: SQL Injection in DerbyNet v9.0 via print/render/awa full-disclos Valentin Lobstein via 22. 2024-04-03 [1] [FD] CVE-2024-30921: Unauthenticated XSS Vulnerability in DerbyNet v9.0 full-disclos Valentin Lobstein via 23. 2024-04-03 [1] [FD] CVE-2024-30920: XSS Vulnerability in DerbyNet v9.0 via render-docum full-disclos Valentin Lobstein via 24. 2024-04-03 [1] [FD] SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entiti full-disclos Lennert Preuth via Fu 25. 2024-04-03 [1] [FD] SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Fu full-disclos Lennert Preuth via Fu 26. 2024-04-03 [1] [FD] SCHUTZWERK-SA-2023-003: Authentication Bypass in Visual Planning RE full-disclos Lennert Preuth via Fu 27. 2024-04-03 [1] [FD] Microsoft PlayReady deficiencies / content key sniffing on Windows full-disclos Security Explorations 28. 2024-04-02 [1] [FD] Backdoor.Win32.Agent.ju (PSYRAT) / Authentication Bypass RCE full-disclos malvuln 29. 2024-04-01 [1] [FD] [CFP] IEEE CSR Workshop on Cyber Forensics& Advanced Threat Investi full-disclos Andrew Zayine