[FD] APPLE-SA-2022-03-14-4 macOS Monterey 12.3

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-4 macOS Monterey 12.3 macOS Monterey 12.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213183. Accelerate Framework Available for: macOS Monterey

[FD] APPLE-SA-2022-03-14-2 watchOS 8.5

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-2 watchOS 8.5 watchOS 8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213193. Accelerate Framework Available for: Apple Watch Series 3 and later

[FD] APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4 iOS 15.4 and iPadOS 15.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213182. Accelerate Framework Available for: iPhone 6s

[FD] APPLE-SA-2022-03-14-3 tvOS 15.4

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-3 tvOS 15.4 tvOS 15.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213186. AppleAVD Available for: Apple TV 4K and Apple TV HD Impact: Processing a

[FD] APPLE-SA-2022-03-14-5 macOS Big Sur 11.6.5

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-5 macOS Big Sur 11.6.5 macOS Big Sur 11.6.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213184. Accelerate Framework Available for: macOS Big Sur

[FD] APPLE-SA-2022-03-14-10 iTunes 12.12.3 for Windows

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-10 iTunes 12.12.3 for Windows iTunes 12.12.3 for Windows addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213188. ImageIO Available for: Windows 10 and

[FD] APPLE-SA-2022-03-14-7 Xcode 13.3

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-7 Xcode 13.3 Xcode 13.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213189. iTMSTransporter Available for: macOS Monterey 12 and later Impact: Multiple

[FD] APPLE-SA-2022-03-14-6 Security Update 2022-003 Catalina

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-6 Security Update 2022-003 Catalina Security Update 2022-003 Catalina addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213185. AppleGraphicsControl

[FD] APPLE-SA-2022-03-14-9 GarageBand 10.4.6

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-9 GarageBand 10.4.6 GarageBand 10.4.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213191. MIDI Available for: macOS Big Sur 11.5 and later Impact:

[FD] APPLE-SA-2022-03-14-8 Logic Pro X 10.7.3

2022-03-14 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-03-14-8 Logic Pro X 10.7.3 Logic Pro X 10.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213190. You can encrypt communications with Apple using the Apple

[FD] Hades RAT - Web Panel / Remote Persistent XSS

2022-03-14 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24_C.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Remote Persistent XSS Family: Hades Type: WebUI MD5:

[FD] Hades RAT - Web Panel / Information Disclosure

2022-03-14 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24_B.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Information Disclosure Description: The Hades Rat web-panel

[FD] Hades RAT - Web Panel / Insecure Credential Storage

2022-03-14 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Insecure Credential Storage Family: Hades Type: WebUI MD5:

[FD] RedLine.MainPanel - cracked.exe / Insecure Permissions

2022-03-14 Thread malvuln
Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/baf102927947289e4d589028620ce291.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: RedLine.MainPanel - cracked.exe Vulnerability: Insecure Permissions Description: The malware

[FD] CVE-2021-45040 - Laravel Media Library Pro <=2.1.6 - Arbitrary File Upload (Unauthenticated)

2022-03-14 Thread Kelvin Yip
Hi Team, Here is the exploit information for CVE-2021-45040. Below is summary of timeline for reference: 1. Contact developer (security contact: Freek) regarding the vulnerability at Mon 12/13/2021 11:42 AM (GMT+8) 2. Contact CERT.org at Mon 12/13/2021 10:36 PM 3. Submit CVE Request