|
|
Colapse all |
Post message
Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability 2018-07-11 Vulnerability Lab (research vulnerability-lab com) ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability 2018-07-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=1993 Release Date: ============= 2018-06-27 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] Intel System CU - Buffer Overflow (Denial of Service) Vulnerability 2018-07-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Intel System CU - Buffer Overflow (Denial of Service) Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2133 Security ID: INTEL-SA-00134 https://nvd.nist.gov/vuln/detail/CVE-2018-3661 https://cve.mitre.org [ more ] [ reply ] Secutech DSL WR RIS 330 - Filter Bypass Vulnerability 2018-07-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Secutech DSL WR RIS 330 - Filter Bypass Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=1988 Release Date: ============= 2018-07-09 Vulnerability Laboratory ID (VL-ID): ================================ [ more ] [ reply ] SEC Consult SA-20180711-0 :: Remote code execution via multiple attack vectors in WAGO e!DISPLAY 7300T 2018-07-11 SEC Consult Vulnerability Lab (research sec-consult com) [slackware-security] mozilla-thunderbird (SSA:2018-191-01) 2018-07-11 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2018-191-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues. Here are the details from the Slackware 14.2 ChangeLog: +-------------------- [ more ] [ reply ] APPLE-SA-2018-7-9-7 iTunes 12.8 for Windows 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-7 iTunes 12.8 for Windows iTunes 12.8 for Windows is now available and addresses the following: CFNetwork Available for: Windows 7 and later Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue [ more ] [ reply ] APPLE-SA-2018-7-9-3 tvOS 11.4.1 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-3 tvOS 11.4.1 tvOS 11.4.1 is now available and addresses the following: CFNetwork Available for: Apple TV 4K and Apple TV (4th generation) Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue wa [ more ] [ reply ] APPLE-SA-2018-7-9-6 iCloud for Windows 7.6 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-6 iCloud for Windows 7.6 iCloud for Windows 7.6 is now available and addresses the following: CFNetwork Available for: Windows 7 and later Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue wa [ more ] [ reply ] APPLE-SA-2018-7-9-2 watchOS 4.3.2 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-2 watchOS 4.3.2 watchOS 4.3.2 is now available and addresses the following: CFNetwork Available for: All Apple Watch models Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed wit [ more ] [ reply ] APPLE-SA-2018-7-9-5 Safari 11.1.2 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-5 Safari 11.1.2 Safari 11.1.2 is now available and addresses the following: Safari Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Visiting a malicious website may lead to address [ more ] [ reply ] APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan are now available and address the [ more ] [ reply ] APPLE-SA-2018-7-9-1 iOS 11.4.1 2018-07-09 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-1 iOS 11.4.1 iOS 11.4.1 is now available and addresses the following: CFNetwork Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in Safari Description: A [ more ] [ reply ] [SECURITY] [DSA 4242-1] ruby-sprockets security update 2018-07-09 Salvatore Bonaccorso (carnil debian org) [slackware-security] mozilla-thunderbird (SSA:2018-186-01) 2018-07-05 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2018-186-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] APPLE-SA-2018-7-05-1 Wi-Fi Update for Boot Camp 6.4.0 2018-07-05 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-05-1 Wi-Fi Update for Boot Camp 6.4.0 Wi-Fi Update for Boot Camp 6.4.0 is now available and addresses the following: Wi-Fi Available for the following machines while running Boot Camp: MacBook (Late 2009 and later), MacBook Pro (Mid [ more ] [ reply ] SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers 2018-07-04 SEC Consult Vulnerability Lab (research sec-consult com) Also see our other two advisories regarding critical ADB vulnerabilities as they have been split up for better readability: Local root: https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via- network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/ Privilege escalation: htt [ more ] [ reply ] SEC Consult SA-20180704-2 :: Privilege escalation via linux group manipulation in all ADB Broadband Gateways / Routers 2018-07-04 SEC Consult Vulnerability Lab (research sec-consult com) Also see our other two advisories regarding critical ADB vulnerabilities as they have been split up for better readability: Local root: https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via- network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/ Authorization bypass: htt [ more ] [ reply ] SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers 2018-07-04 SEC Consult Vulnerability Lab (research sec-consult com) Also see our other two advisories regarding critical ADB vulnerabilities as they have been split up for better readability: Authorization bypass: https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-a ll-adb-broadband-gateways-routers/ Privilege escalation: https://www.sec-consult [ more ] [ reply ] [CVE-2018-3667, CVE-2018-3668] Escalation of priviilege via executable installer of Intel Processor Diagnostic Tool 2018-07-04 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the executable installers of Intel's Processor Diagnostic Tool (IPDT) before v4.1.0.27 have three vulnerabilities^Wbeginner's errors which all allow arbitrary code execution with escalation of privilege, plus a fourth which allows denial of service. Intel published advisory SA-00140 <https [ more ] [ reply ] [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser 2018-06-29 Andreas Lehmkuehler (lehmi apache org) [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache PDFBox 1.8.0 to 1.8.14 Apache PDFBox 2.0.0 to 2.0.10 Earlier, unsupported Apache PDFBox versions may be affected as well Description: A carefu [ more ] [ reply ] [SECURITY] [DSA 4237-1] chromium-browser security update 2018-07-01 Michael Gilbert (mgilbert debian org) [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser 2018-06-29 Andreas Lehmkuehler (lehmi apache org) [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache PDFBox 1.8.0 to 1.8.14 Apache PDFBox 2.0.0 to 2.0.10 Earlier, unsupported Apache PDFBox versions may be affected as well Description: A carefu [ more ] [ reply ] TP-Link TL-WR841N v13: Broken Authentication (CVE-2018-12575) 2018-06-27 Tim Coen (tc coen gmail com) * Vulnerability: Broken Authentication * Affected Software: TP-Link TL-WR841N v13 * Affected Version: 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n * Patched Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n * Risk: High * Vendor Contacted: 05/20/2018 * Vendor Fix: Issue was independent [ more ] [ reply ] TP-Link TL-WR841N v13: Authenticated Blind Command Injection (CVE-2018-12577) 2018-06-27 Tim Coen (tc coen gmail com) * Vulnerability: Authenticated Blind Command Injection * Affected Software: TP-Link TL-WR841N v13 * Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n * Patched Version: None * Risk: High * Vendor Contacted: 05/20/2018 * Vendor Fix: None * Public Disclosure: 06/27/2018 ### [ more ] [ reply ] APPLE-SA-2018-06-27-1 SwiftNIO 1.8.0 2018-06-27 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-06-27-1 SwiftNIO 1.8.0 SwiftNIO 1.8.0 is now available and addresses the following: SwiftNIO Available for: macOS Sierra 10.12 and later, Ubuntu 14.04 and later Impact: A remote attacker may be able to overwrite arbitrary memory Descri [ more ] [ reply ] |
|
Privacy Statement |
===============
Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1423
Release Date:
=============
2018-07-09
Vulnerability Laboratory ID (VL-ID):
===============
[ more ] [ reply ]