BugTraq Mode:
(Page 7 of 1746)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
[slackware-security] Slackware 14.2 kernel (SSA:2018-142-01) 2018-05-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] Slackware 14.2 kernel (SSA:2018-142-01)

New kernel packages are available for Slackware 14.2 to fix a regression in the
getsockopt() function and to fix two denial-of-service security issues.

Here are the details from the Slack

[ more ]  [ reply ]
[slackware-security] procps-ng (SSA:2018-142-03) 2018-05-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] procps-ng (SSA:2018-142-03)

New procps-ng packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/proc

[ more ]  [ reply ]
[SECURITY] [DSA 4207-1] packagekit security update 2018-05-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4207-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
May 22, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4206-1] gitlab security update 2018-05-21
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4206-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 21, 2018

[ more ]  [ reply ]
Qualys Security Advisory - Procps-ng Audit Report 2018-05-21
Qualys Security Advisory (qsa qualys com)

Qualys Security Advisory

Procps-ng Audit Report

========================================================================

Contents
========================================================================

Summary
1. FUSE-backed /proc/PID/cmdline
2. Unprivileged process hiding
3. Local Privilege E

[ more ]  [ reply ]
[SECURITY] [DSA 4205-1] Advance notification for upcoming end-of-life for 2018-05-18
Moritz Muehlenhoff (jmm debian org)
Debian oldstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4205-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 18, 2

[ more ]  [ reply ]
[SECURITY] [DSA 4204-1] imagemagick security update 2018-05-18
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4204-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
May 18, 2018

[ more ]  [ reply ]
[SYSS-2018-007] ILIAS e-Learning - Reflected Cross-Site-Scripting 2018-05-18
Moritz Bechler (moritz bechler syss de)
Advisory ID: SYSS-2018-007
Product: ILIAS
Affected Version(s): 5.3.2, 5.2.14, 5.1.25
Tested Version(s): 5.3.2, 5.2.12
Vulnerability Type: Reflected Cross-Site-Scripting
Risk Level: MEDIUM
Solution Status: Fixed
Manufacturer Notification: 2018-03-29
Solution Date: 2018-04-25
Public Disclosure: 2018-0

[ more ]  [ reply ]
MagniComp SysInfo Information Exposure [CVE-2018-7268] 2018-05-18
Harry Sintonen (bugtraq kyber fi)
MagniComp SysInfo Information Exposure [CVE-2018-7268]
======================================================
The latest version of this advisory is available at:
https://sintonen.fi/advisories/magnicomp-sysinfo-information-exposure.tx
t

Overview
--------

MagniComp SysInfo contains a information e

[ more ]  [ reply ]
[SECURITY] [DSA 4203-1] vlc security update 2018-05-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4203-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 17, 2018

[ more ]  [ reply ]
[slackware-security] curl (SSA:2018-136-01) 2018-05-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] curl (SSA:2018-136-01)

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/c

[ more ]  [ reply ]
[slackware-security] php (SSA:2018-136-02) 2018-05-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2018-136-02)

New php packages are available for Slackware 14.0, 14.1, and 14.2 to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php-5.6.36-i5

[ more ]  [ reply ]
[SECURITY] [DSA 4202-1] curl security update 2018-05-16
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4202-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
May 16, 2018

[ more ]  [ reply ]
CVE-2018-11101: Signal-desktop HTML tag injection variant 2 2018-05-16
Alfredo Ortega (ortegaalfredo gmail com)

Title: Signal-desktop HTML tag injection variant 2

Date Published: 2018-05-16

Last Update: 2018-05-16

CVE Name: CVE-2018-11101

Class: Code injection

Remotely Exploitable: Yes

Locally Exploitable: No

Vendors contacted: Signal.org

Vulnerability Description:

Signal-desktop is the standalone d

[ more ]  [ reply ]
SEC Consult SA-20180516-0 :: XXE & XSS vulnerabilities in RSA Authentication Manager 2018-05-16
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20180516-0 >
=======================================================================
title: XXE & XSS vulnerabilities
product: RSA Authentication Manager
vulnerable version: 8.2.1.4.0-build1394922, < 8.3 P1
fixed vers

[ more ]  [ reply ]
[SECURITY] [DSA 4201-1] xen security update 2018-05-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4201-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 15, 2018

[ more ]  [ reply ]
CSNC-2018-002 totemomail Encryption Gateway - JSONP hijacking 2018-05-15
Advisories (advisories compass-security com)
########################################################################
########
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
########################################################################
########
#
# Product: totemomail Encryption Gateway
# Vend

[ more ]  [ reply ]
CSNC-2018-003 totemomail Encryption Gateway - Cross-Site Request Forgery 2018-05-15
Advisories (advisories compass-security com)
########################################################################
########
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
########################################################################
########
#
# Product: totemomail Encryption Gateway
# Vend

[ more ]  [ reply ]
CVE-2018-10994: HTML tag injection in Signal-desktop 2018-05-14
Alfredo Ortega (ortegaalfredo gmail com)
Title: HTML tag injection in Signal-desktop

Date Published: 14-05-2018

CVE Name: CVE-2018-10994

Class: Code injection

Remotely Exploitable: Yes

Locally Exploitable: No

Vendors contacted: Signal.org

Vulnerability Description:

Signal-desktop is the standalone desktop version of the secure Sign

[ more ]  [ reply ]
[SECURITY] [DSA 4200-1] kwallet-pam security update 2018-05-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4200-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 14, 2018

[ more ]  [ reply ]
SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet 2018-05-14
SEC Consult Vulnerability Lab (research sec-consult com) (1 replies)
SEC Consult Vulnerability Lab Security Advisory < 20180514-0 >
=======================================================================
title: Arbitrary File Upload & Cross-site scripting
product: MyBiz MyProcureNet
vulnerable version: 5.0.0
fixed version: unknown

[ more ]  [ reply ]
Re: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet 2018-05-15
SEC Consult Vulnerability Lab (research sec-consult com)
Vulnerabilities in IBMs Flashsystems and Storwize Products 2018-05-11
Sebastian Neuner (sneuner google com)
Vulnerabilities in IBMs Flashsystems and Storwize Products
------------------------------------------------------------------------
-

Introduction
============
Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem
900 and IBM Storwize V7000. These were discovered during a black

[ more ]  [ reply ]
[slackware-security] mariadb (SSA:2018-130-01) 2018-05-10
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mariadb (SSA:2018-130-01)

New mariadb packages are available for Slackware 14.1 and 14.2 to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mariadb-10.0

[ more ]  [ reply ]
[security bulletin] MFSBGN03807 rev.1 - HP Service Manager Software, SQL Injection 2018-05-10
cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM031586
56

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03158656

Version: 1

MFSBGN03807 rev.1

[ more ]  [ reply ]
[SECURITY] [DSA 4199-1] firefox-esr security update 2018-05-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4199-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
May 10, 2018

[ more ]  [ reply ]
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-05-10
cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM031586
29

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03158629

Version: 2

MFSBGN03802 - Vir

[ more ]  [ reply ]
[security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information 2018-05-10
cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM031586
13

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03158613

Version: 1

MFSBGN03805 - HP

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2018-129-01) 2018-05-10
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2018-129-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[slackware-security] wget (SSA:2018-129-02) 2018-05-10
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] wget (SSA:2018-129-02)

New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
(Page 7 of 1746)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus