Full Disclosure Mailing List

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

List Archives

Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
2025
24
20
9
14
–
–
–
–
–
–
–
–
2024
75
25
44
29
37
13
24
41
60
21
20
22
2023
29
17
27
14
28
10
52
33
21
32
15
30
2022
91
57
63
54
48
57
27
17
30
52
26
32
2021
84
93
81
77
81
60
72
39
59
79
56
50
2020
52
36
57
63
60
35
37
24
55
34
45
60
2019
71
54
64
41
52
49
40
37
45
59
34
37
2018
102
84
79
61
73
46
95
53
57
54
69
56
2017
99
103
91
113
108
52
95
58
98
71
51
89
2016
100
128
97
93
75
79
89
139
85
103
162
88
2015
134
101
165
115
133
112
126
86
121
115
111
129
2014
194
273
434
325
213
173
167
89
115
135
103
138
2013
282
162
290
263
227
259
277
303
187
294
222
224
2012
611
477
390
382
323
428
394
393
210
277
236
280
2011
580
687
439
561
572
565
367
393
370
995
466
511
2010
637
502
564
452
408
631
417
445
414
523
342
696
2009
979
380
465
318
282
291
550
455
421
339
386
502
2008
615
496
600
821
681
403
591
557
639
531
739
634
2007
593
629
573
744
555
661
662
530
709
935
582
641
2006
992
740
1865
865
789
1058
770
771
578
678
545
493
2005
927
676
950
654
678
437
766
1078
890
677
1065
1531
2004
1358
1534
1499
1153
1451
1031
1370
1314
1091
1174
1424
731
2003
505
405
296
500
421
890
1251
1942
1763
1806
1123
782
2002
–
–
–
–
–
–
314
835
684
381
454
313

Latest Posts

APPLE-SA-04-01-2025-1 watchOS 11.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-04-01-2025-1 watchOS 11.4

watchOS 11.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122376.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AirDrop
Available for: Apple Watch Series 6 and later
Impact: An app may be able to read arbitrary file metadata
Description: A...

APPLE-SA-03-31-2025-11 visionOS 2.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-11 visionOS 2.4

visionOS 2.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122378.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accounts
Available for: Apple Vision Pro
Impact: Sensitive keychain data may be accessible from an iOS backup
Description: This issue...

APPLE-SA-03-31-2025-10 tvOS 18.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-10 tvOS 18.4

tvOS 18.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122377.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AirDrop
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to read arbitrary file metadata
Description: A...

APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5

macOS Ventura 13.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122375.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AccountPolicy
Available for: macOS Ventura
Impact: A malicious app may be able to gain root privileges
Description:...

APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5

macOS Sonoma 14.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122374.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AccountPolicy
Available for: macOS Sonoma
Impact: A malicious app may be able to gain root privileges
Description: This...

APPLE-SA-03-31-2025-7 macOS Sequoia 15.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-7 macOS Sequoia 15.4

macOS Sequoia 15.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122373.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A logging...

APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4

iOS 15.8.4 and iPadOS 15.8.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122345.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st...

APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11

iOS 16.7.11 and iPadOS 16.7.11 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122346.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro...

APPLE-SA-03-31-2025-4 iPadOS 17.7.6 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-4 iPadOS 17.7.6

iPadOS 17.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122372.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accounts
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch,
and iPad 6th generation
Impact: Sensitive keychain...

APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4

iOS 18.4 and iPadOS 18.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122371.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and...

APPLE-SA-03-31-2025-2 Xcode 16.3 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-2 Xcode 16.3

Xcode 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122380.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

IDE Assets
Available for: macOS Sequoia 15.2 and later
Impact: A malicious app may be able to access private information
Description: The...

APPLE-SA-03-31-2025-1 Safari 18.4 Apple Product Security via Fulldisclosure (Apr 02)
APPLE-SA-03-31-2025-1 Safari 18.4

Safari 18.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122379.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Authentication Services
Available for: macOS Ventura and macOS Sonoma
Impact: A malicious website may be able to claim WebAuthn...

3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism Pierre Kim (Apr 02)
## Advisory Information

Title: 3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism
Advisory URL: https://pierrekim.github.io/advisories/2025-palo-alto-dpi.txt
Blog URL: https://pierrekim.github.io/blog/2025-03-31-paloalto-dpi-3-vulnerabilities.html
Date published: 2025-03-31
Vendors contacted: Palo Alto
Release mode: Released
CVE: None

## Product description

## Vulnerabilities Summary

Vulnerable versions: all versions of Palo Alto...

10 vulnerabilities in Brocade Fibre Channel switches Pierre Kim (Apr 02)
## Advisory Information

Title: 10 vulnerabilities in Brocade Fibre Channel switches
Advisory URL: https://pierrekim.github.io/advisories/2025-brocade-switches.txt
Blog URL: https://pierrekim.github.io/blog/2025-03-31-brocade-switches-10-vulnerabilities.html
Date published: 2025-03-31
Vendors contacted: Brocade
Release mode: Released
CVE: CVE-2021-27797, CVE-2022-33186, CVE-2023-3454, CVE-2024-5460,
CVE-2024-5461, CVE-2024-7516

## Product...

Three bypasses of Ubuntu's unprivileged user namespace restrictions Qualys Security Advisory via Fulldisclosure (Mar 27)
Qualys Security Advisory

Three bypasses of Ubuntu's unprivileged user namespace restrictions

========================================================================
Contents
========================================================================

Summary
Bypass via aa-exec
Bypass via busybox
Bypass via LD_PRELOAD
Acknowledgments
Timeline (advisory sent to the Ubuntu Security Team on January 15, 2025)...

More Lists

Dozens of other network security lists are archived at SecLists.Org.