BugTraq Mode:
(Page 6 of 1746)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[slackware-security] mozilla-firefox (SSA:2018-157-01) 2018-06-07
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2018-157-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 4218-1] memcached security update 2018-06-06
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4218-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 06, 2018

[ more ]  [ reply ]
Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) 2018-06-05
yavuz atlas (yavatlas gmail com)
I. VULNERABILITY
-------------------------
Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting

II. CVE REFERENCE
-------------------------
CVE-2018-11688

III. VENDOR HOMEPAGE
-------------------------
https://www.igniterealtime.org/projects/openfire/

IV. DESCRIPTION
---------

[ more ]  [ reply ]
[SECURITY] [DSA 4214-1] zookeeper security update 2018-06-01
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4214-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 01, 2018

[ more ]  [ reply ]
APPLE-SA-2018-06-01-4 iOS 11.4 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-4 iOS 11.4

iOS 11.4 addresses the following:

Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer

[ more ]  [ reply ]
[CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities 2018-05-31
Core Security Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Quest DR Series Disk Backup Multiple Vulnerabilities

1. *Advisory Information*

Title: Quest DR Series Disk Backup Multiple Vulnerabilities
Advisory ID: CORE-2018-0002
Advisory URL:
http://www.coresecurity.com/advisories/quest-dr-

[ more ]  [ reply ]
[SECURITY] [DSA 4216-1] prosody security update 2018-06-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4216-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 02, 2018

[ more ]  [ reply ]
APPLE-SA-2018-06-01-3 iCloud for Windows 7.5 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-3 iCloud for Windows 7.5

iCloud for Windows 7.5 is now available and addresses the following:

Security
Available for: Windows 7 and later
Impact: A local user may be able to read a persistent device
identifier
Description: An aut

[ more ]  [ reply ]
APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5,
Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan

macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and
Security Update 2018-003 El Capitan are now available and address
th

[ more ]  [ reply ]
[CORE-2018-0004] - Quest KACE System Management Appliance Multiple Vulnerabilities 2018-05-31
Core Security Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Quest KACE System Management Appliance Multiple Vulnerabilities

1. *Advisory Information*

Title: Quest KACE System Management Appliance Multiple Vulnerabilities
Advisory ID: CORE-2018-0004
Advisory URL:
http://www.coresecurity.co

[ more ]  [ reply ]
[SECURITY] [DSA 4191-2] redmine regression update 2018-06-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4191-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 03, 2018

[ more ]  [ reply ]
APPLE-SA-2018-06-01-2 Safari 11.1.1 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-2 Safari 11.1.1

Safari 11.1.1 is now available and addresses the following:

Safari
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.4
Impact: A malicious website may be able to cause a den

[ more ]  [ reply ]
[SECURITY] [DSA 4217-1] wireshark security update 2018-06-03
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4217-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 03, 2018

[ more ]  [ reply ]
APPLE-SA-2018-06-01-6 tvOS 11.4 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-6 tvOS 11.4

tvOS 11.4 addresses the following:

Crash Reporter
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addr

[ more ]  [ reply ]
APPLE-SA-2018-06-01-7 iTunes 12.7.5 for Windows 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-7 iTunes 12.7.5 for Windows

iTunes 12.7.5 for Windows addresses the following:

Security
Available for: Windows 7 and later
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issu

[ more ]  [ reply ]
[SECURITY] [DSA 4215-1] batik security update 2018-06-02
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4215-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
June 02, 2018

[ more ]  [ reply ]
[slackware-security] git (SSA:2018-152-01) 2018-06-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] git (SSA:2018-152-01)

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
MachForm Multiple Vulnerabilities CVE-2018-6409/CVE-2018-6410/CVE-2018-6411 2018-05-30
Amine Taouirsa (taouirsa gmail com)
Vendor: Appnitro
Product webpage: https://www.machform.com/
Full-Disclose: https://metalamin.github.io/MachForm-not-0-day-EN/
Fix: https://www.machform.com/blog-machform-423-security-release/

Author: Amine Taouirsa
Twitter: @metalamin

Google dork examples:
----------------------
"machform" inurl:"

[ more ]  [ reply ]
APPLE-SA-2018-06-01-5 watchOS 4.3.1 2018-06-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-01-5 watchOS 4.3.1

watchOS 4.3.1 addresses the following:

Crash Reporter
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with

[ more ]  [ reply ]
CVE-2018-11552 AXON PBX 2.02 Cross Site Scripting Vulnerability 2018-05-30
mehta himanshu21 gmail com
Aloha,

*1. Introduction*

Vendor: NCH Software
Affected Product: AXON PBX - 2.02
Vendor Website: http://www.nch.com.au/pbx/index.html
Vulnerability Type: Reflected XSS
Remote Exploitable: Yes
CVE: CVE-2018-11552

*2. Overview*

There is a reflected

[ more ]  [ reply ]
[SECURITY] [DSA 4209-1] thunderbird security update 2018-05-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4209-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 25, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4210-1] xen security update 2018-05-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4210-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 25, 2018

[ more ]  [ reply ]
Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting 2018-05-24
Yavuz Atlas (yavuz atlas biznet com tr)
I. VULNERABILITY
-------------------------
Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting

II. CVE REFERENCE
-------------------------
CVE-2018-11027

III. VENDOR HOMEPAGE
-------------------------
https://www.ruckuswireless.com

IV. DESCRIPTION
-------------------------
Ruckus (Broca

[ more ]  [ reply ]
Android OS Didnt use FLAG_SECURE for Sensitive Settings [CVE-2017-13243] 2018-05-24
research nightwatchcybersecurity com
[Blog post here:
https://wwws.nightwatchcybersecurity.com/2018/05/24/android-os-didnt-use
-flag_secure-for-sensitive-settings-cve-2017-13243/]

SUMMARY

Android OS did not use the FLAG_SECURE flag for sensitive settings,
potentially exposing sensitive data to other applications on the same
device wit

[ more ]  [ reply ]
PHP Login & User Management <= 4.1.0 - Arbitrary File Upload (CVE-2018-11392) 2018-05-23
reggie dodd30 gmail com
[Title]
PHP Login & User Management <= 4.1.0 - Arbitrary File Upload (CVE-2018-11392)

[Product]
PHP Login & User Management
https://codecanyon.net/item/php-login-user-management/49008

[CVE]
CVE-2018-11392

[Credit]
Reginald Dodd

[Description]
An arbitrary file upload vulnerability in /classes/pro

[ more ]  [ reply ]
[security bulletin] MFSBGN03808 rev.1 - Micro Focus UCMDB, Cross-Site Scripting 2018-05-23
cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM031647
78

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03164778

Version: 1

MFSBGN03808 rev.1

[ more ]  [ reply ]
[CVE-2018-8013] Apache Batik information disclosure vulnerability 2018-05-23
Simon Steiner (simonsteiner1984 gmail com)
CVE-2018-8013:
Apache Batik information disclosure vulnerability

Severity:
Medium

Vendor:
The Apache Software Foundation

Versions Affected:
Batik 1.0 - 1.9.1

Description:
When deserializing subclass of `AbstractDocument`, the class takes a
string from the

[ more ]  [ reply ]
K2 smartforms runtime application - 4.6.11 SSRF 2018-05-22
fuming22 gmail com
# Vulnerability type: Server Side Request Forgery
# Vendor: https://www.k2.com/
# Product: K2 Smartforms
# Affected version: 4.6.11
# Credit: Foo Jong Meng
# CVE ID: CVE-2018-9920

# DESCRIPTION:

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified ho

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2018-142-02) 2018-05-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2018-142-02)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[SECURITY] [DSA 4208-1] procps security update 2018-05-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4208-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
May 22, 2018

[ more ]  [ reply ]
(Page 6 of 1746)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus