BugTraq Mode:
(Page 11 of 1746)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
APPLE-SA-2018-3-29-4 Xcode 9.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-4 Xcode 9.3

Xcode 9.3 is now available and addresses the following:

LLVM
Available for: macOS High Sierra 10.13.2 or later
Impact: Multiple issues in llvm were addressed in this update
Description: Multiple issues were addressed b

[ more ]  [ reply ]
APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows

iTunes 12.7.4 for Windows is now available and addresses the
following:

Security
Available for: Windows 7 and later
Impact: A malicious application may be able to elevate privileges
Description: A buffe

[ more ]  [ reply ]
APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-8 iCloud for Windows 7.4

iCloud for Windows 7.4 is now available and addresses the following:

Security
Available for: Windows 7 and later
Impact: A malicious application may be able to elevate privileges
Description: A buffer over

[ more ]  [ reply ]
APPLE-SA-2018-3-29-3 tvOS 11.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-3 tvOS 11.3

tvOS 11.3 is now available and addresses the following:

CoreFoundation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to gain elevated privileges
Description: A race conditi

[ more ]  [ reply ]
APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update
2018-002 Sierra, and Security Update 2018-002 El Capitan

Admin Framework
Available for: macOS High Sierra 10.13.3
Impact: Passwords supplied to sysadminctl may be exposed to other
local

[ more ]  [ reply ]
[slackware-security] ruby (SSA:2018-088-01) 2018-03-29
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ruby (SSA:2018-088-01)

New ruby packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/ruby-2.2.10-i5

[ more ]  [ reply ]
APPLE-SA-2018-3-29-6 Safari 11.1 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-6 Safari 11.1

Safari 11.1 is now available and addresses the following:

Safari
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.4
Impact: Visiting a malicious website may lead to address ba

[ more ]  [ reply ]
APPLE-SA-2018-3-29-1 iOS 11.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-1 iOS 11.3

iOS 11.3 is now available and addresses the following:

Clock
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
se

[ more ]  [ reply ]
[SECURITY] [DSA 4156-1] drupal7 security update 2018-03-28
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4156-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 29, 2018

[ more ]  [ reply ]
CA20180328-01: Security Notice for CA API Developer Portal 2018-03-29
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20180328-01: Security Notice for CA API Developer Portal

Issued: March 28, 2018
Last Updated: March 28, 2018

CA Technologies Support is alerting customers to multiple potential
risks with CA API Developer Portal. Multiple vulnerabilities exist
tha

[ more ]  [ reply ]
[SECURITY] [DSA 4155-1] thunderbird security update 2018-03-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4155-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 28, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4154-1] net-snmp security update 2018-03-28
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4154-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 28, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4153-1] firefox-esr security update 2018-03-27
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4153-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 27, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4152-1] mupdf security update 2018-03-27
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4152-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
March 27, 2018

[ more ]  [ reply ]
Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2116

Video: https://www.vulnerability-lab.com/get_content.php?id=2117

MSRC ID: 43520â??
CR

[ more ]  [ reply ]
Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2122

Release Date:
=============
2018-03-02

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2121

Release Date:
=============
2018-02-21

Vulnerability Laboratory ID (VL-ID):
=

[ more ]  [ reply ]
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2123

Release Date:
=============
2018-02-18

Vulnerability Laboratory ID (VL-ID):
=================

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2018-085-01) 2018-03-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2018-085-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 4151-1] librelp security update 2018-03-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4151-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 26, 2018

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links 2018-03-24
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to
the way it handles attachment links
------------------------------------------------------------------------

Stephan Kaag, January 2018

------------------

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2018-082-01) 2018-03-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2018-082-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[SECURITY] [DSA 4150-1] icu security update 2018-03-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4150-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 23, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4149-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 22, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4148-1] kamailio security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4148-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 22, 2018

[ more ]  [ reply ]
ModSecurity WAF 3.0 for Nginx - Denial of Service 2018-03-22
x ksi (s3810 pjwstk edu pl)
Hey,

TL;DR: UAF in a "non-release" version of ModSecurity for Nginx.
!RCE|DoS, no need to panic.
Plus some old and even older exploitation vector(s).

/*
* 1. Use-After-Free (UAF)
*/

During one of the engagements my team tested a WAF running in production
Nginx + ModSecurity + OWAS

[ more ]  [ reply ]
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22
x ksi (s3810 pjwstk edu pl)
Hey,

The Path Traversal vulnerability was found in the component of the Bomgar
Remote Support Portal (RSP) [1]. The affected component is a JavaStart.jar
applet that is hosted at https://TARGET/api/content/JavaStart.jar on the
vulnerable RSP deployments. The JavaStart version 52970 and prior were
c

[ more ]  [ reply ]
Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22
x ksi (s3810 pjwstk edu pl)
Hey,

The Local Privilege Escalation vulnerability was found in the Kaseya
Virtual System Administrator (VSA) [1] agent "AgentMon.exe". The agent is a
Windows service that periodically executes various programs with â??NT
AUTHORITY\SYSTEM� privileges.

In the Kaseya's default configuration, Window

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/03/15

Microsoft Windows Embedded OpenType Font Engine hdmx Table
Information Disclosure Vulnerability

==============================================================

[ more ]  [ reply ]
Advisory - Bitbucket Server - CVE-2018-5225 2018-03-22
Matthew Hart (mhart atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/x/3WNsO

CVE ID: CVE-2018-5225

Products: Bitbucket Server

Affected Bitbucket Server Versions:
4.13.0 <= version < 5.4.8
5.5.0 <= version < 5.5.8
5.6.0 <= version < 5.6.5
5

[ more ]  [ reply ]
(Page 11 of 1746)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus