BugTraq Mode:
(Page 2 of 1746)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
DefenseCode ThunderScan SAST Advisory: WordPress Snazzy Maps Plugin Multiple XSS Security Vulnerabilities 2018-07-25
Defense Code (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Snazzy Maps Plugin
Multiple XSS Security Vulnerabilities

Advisory ID: DC-2018-05-006
Advisory Title: WordPress Snazzy Maps Plugin Multiple XSS
Vulnerabilities
Advisory URL: http://www.defensecode.com/advisories.php
Software: WordPress S

[ more ]  [ reply ]
[SECURITY] [DSA 4254-1] slurm-llnl security update 2018-07-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4254-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 24, 2018

[ more ]  [ reply ]
FINAL CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018 2018-07-24
Branco, Rodrigo (rodrigo branco intel com)
CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018

[ - Introduction - ]

It is a pleasure to invite you to submit abstracts to iSecCon 2018, the annual Security Conference at Intel.

This prestigious conference aims to bring together esteemed speakers from the industry, government and acad

[ more ]  [ reply ]
[SECURITY] [DSA 4253-1] network-manager-vpnc security update 2018-07-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4253-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 23, 2018

[ more ]  [ reply ]
APPLE-SA-2018-7-23-3 Additional information for APPLE-SA-2018-06-01-4 iOS 11.4 2018-07-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-23-3 Additional information for
APPLE-SA-2018-06-01-4 iOS 11.4

iOS 11.4 addresses the following:

Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be a

[ more ]  [ reply ]
APPLE-SA-2018-7-23-4 Additional information for APPLE-SA-2018-06-01-6 tvOS 11.4 2018-07-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-23-4 Additional information for
APPLE-SA-2018-06-01-6 tvOS 11.4

tvOS 11.4 addresses the following:

Bluetooth
Available for: Apple TV 4K
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
D

[ more ]  [ reply ]
APPLE-SA-2018-7-23-5 Additional information for APPLE-SA-2018-06-01-5 watchOS 4.3.1 2018-07-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-23-5 Additional information for
APPLE-SA-2018-06-01-5 watchOS 4.3.1

watchOS 4.3.1 addresses the following:

Bluetooth
Not impacted: Apple Watch Series 3
Impact: An attacker in a privileged network position may be able to
intercept Blu

[ more ]  [ reply ]
APPLE-SA-2018-7-23-2 Additional information for APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan 2018-07-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-23-2 Additional information for
APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update
2018-003 Sierra, Security Update 2018-003 El Capitan

macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and
Security Update 2018

[ more ]  [ reply ]
APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan 2018-07-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra,
Security Update 2018-004 El Capitan

macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update 2018-0

[ more ]  [ reply ]
Sourcetree - Remote Code Execution vulnerabilities - CVE-2018-11235 2018-07-23
Anton Black (ablack atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/sourcetreekb/sourcetree-security-adviso
ry-2018-07-18-953674465.html
.

CVE ID:

* CVE-2018-11235.
* CVE-2018-13385.
* CVE-2018-13386.

Product: Sourcetree.

Affected Sourcet

[ more ]  [ reply ]
[slackware-security] php (SSA:2018-201-01) 2018-07-20
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2018-201-01)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
Secunia Research: Oracle Outside In Technology Multiple Vulnerabilities 2018-07-20
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/07/20

Oracle Outside In Technology Multiple Vulnerabilities

======================================================================
Table of Contents

Affected Software.............

[ more ]  [ reply ]
Secunia Research: Oracle Outside In Technology Multiple Vulnerabilities 2018-07-20
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/07/20

Oracle Outside In Technology Multiple Vulnerabilities

======================================================================
Table of Contents

Affected Software.............

[ more ]  [ reply ]
Secunia Research: LibRaw "parse_minolta()" Infinite Loop Denial of Service Vulnerability 2018-07-19
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/07/17

LibRaw "parse_minolta()" Infinite Loop
Denial of Service Vulnerability

=====================================================================

[ more ]  [ reply ]
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-07-19
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/07/17
LibRaw Multiple Denial of Service Vulnerabilities

======================================================================
Table of Contents

Affected Software............

[ more ]  [ reply ]
Adobe Systems - Arbitrary Code Injection Vulnerability 2018-07-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:

===============

Adobe Systems - Arbitrary Code Injection Vulnerability

References (Source):

====================

https://www.vulnerability-lab.com/get_content.php?id=2120

PSIRT ID: 7873

Vulnerability Magazine:

https://www.vulnerability-db.com/?q=articles/2018/07/19/ha

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2018-199-01) 2018-07-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2018-199-01)

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages

[ more ]  [ reply ]
[SECURITY] [DSA 4252-1] znc security update 2018-07-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4252-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 18, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4251-1] vlc security update 2018-07-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4251-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 18, 2018

[ more ]  [ reply ]
GhostMail - (Status Message) Persistent Web Vulnerability 2018-07-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
GhostMail - (Status Message) Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1470

Release Date:
=============
2018-06-27

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
Binance v1.5.0 - Insecure File Permission Vulnerability 2018-07-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Binance v1.5.0 - Insecure File Permission Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2135

Release Date:
=============
2018-07-17

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
GhostMail - (filename to link) POST Inject Web Vulnerability 2018-07-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
GhostMail - (filename to link) POST Inject Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1471

Release Date:
=============
2018-06-26

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability 2018-07-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=662

Release Date:
=============
2018-07-18

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 56): 10+ year old security update installers are susceptiblle to 20+ year old vulnerability 2018-07-18
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

Microsoft released <https://support.microsoft.com/en-us/help/4336919>
"Description of the security update for the remote code execution
vulnerability in Visual Studio 2010 Service Pack 1: July 10, 2018"
some days ago.

The executable installer VS10SP1-KB4336919-x86.exe offered for
download

[ more ]  [ reply ]
[SECURITY] [DSA 4250-1] wordpress security update 2018-07-18
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4250-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
July 18, 2018

[ more ]  [ reply ]
[slackware-security] mutt (SSA:2018-198-01) 2018-07-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mutt (SSA:2018-198-01)

New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/m

[ more ]  [ reply ]
[SECURITY] [DSA 4248-1] blender security update 2018-07-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4248-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 17, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4249-1] ffmpeg security update 2018-07-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4249-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 17, 2018

[ more ]  [ reply ]
[CVE-2018-1000211] Public apps can't revoke OAuth access & refresh tokens in Doorkeeper 2018-07-17
Justin Bull (me justinbull ca)
Good morning everyone,

A security bulletin for all of you.

Software:
--------
Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper)

Description:
----------
Doorkeeper is an OAuth 2 provider for Rails written in Ruby.

Affected Versions:
---------------
4.2.0 - 4.3.2
5.0.0.rc1

Fixed Versions:

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 55): new software built with 5.5 year old tool shows 20+ year old vulnerabilities 2018-07-17
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

Microsoft released <https://support.microsoft.com/en-us/help/4340040/>
"July 2018 servicing release for Microsoft Desktop Optimization Pack"
some days ago.

<https://www.microsoft.com/en-us/download/details.aspx?id=57157> offers
three executable installers to update existing installations:

[ more ]  [ reply ]
(Page 2 of 1746)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus