BugTraq Mode:
(Page 10 of 1745)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2121

Release Date:
=============
2018-02-21

Vulnerability Laboratory ID (VL-ID):
=

[ more ]  [ reply ]
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2123

Release Date:
=============
2018-02-18

Vulnerability Laboratory ID (VL-ID):
=================

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2018-085-01) 2018-03-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2018-085-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 4151-1] librelp security update 2018-03-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4151-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 26, 2018

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links 2018-03-24
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to
the way it handles attachment links
------------------------------------------------------------------------

Stephan Kaag, January 2018

------------------

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2018-082-01) 2018-03-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2018-082-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[SECURITY] [DSA 4150-1] icu security update 2018-03-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4150-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 23, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4149-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 22, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4148-1] kamailio security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4148-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 22, 2018

[ more ]  [ reply ]
ModSecurity WAF 3.0 for Nginx - Denial of Service 2018-03-22
x ksi (s3810 pjwstk edu pl)
Hey,

TL;DR: UAF in a "non-release" version of ModSecurity for Nginx.
!RCE|DoS, no need to panic.
Plus some old and even older exploitation vector(s).

/*
* 1. Use-After-Free (UAF)
*/

During one of the engagements my team tested a WAF running in production
Nginx + ModSecurity + OWAS

[ more ]  [ reply ]
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22
x ksi (s3810 pjwstk edu pl)
Hey,

The Path Traversal vulnerability was found in the component of the Bomgar
Remote Support Portal (RSP) [1]. The affected component is a JavaStart.jar
applet that is hosted at https://TARGET/api/content/JavaStart.jar on the
vulnerable RSP deployments. The JavaStart version 52970 and prior were
c

[ more ]  [ reply ]
Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22
x ksi (s3810 pjwstk edu pl)
Hey,

The Local Privilege Escalation vulnerability was found in the Kaseya
Virtual System Administrator (VSA) [1] agent "AgentMon.exe". The agent is a
Windows service that periodically executes various programs with â??NT
AUTHORITY\SYSTEM� privileges.

In the Kaseya's default configuration, Window

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/03/15

Microsoft Windows Embedded OpenType Font Engine hdmx Table
Information Disclosure Vulnerability

==============================================================

[ more ]  [ reply ]
Advisory - Bitbucket Server - CVE-2018-5225 2018-03-22
Matthew Hart (mhart atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/x/3WNsO

CVE ID: CVE-2018-5225

Products: Bitbucket Server

Affected Bitbucket Server Versions:
4.13.0 <= version < 5.4.8
5.5.0 <= version < 5.5.8
5.6.0 <= version < 5.6.5
5

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()" Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/03/15

Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()"
Information Disclosure Vulnerability
==========================================================

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2018/03/14

Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling
Information Disclosure Vulnerability

=========================================================

[ more ]  [ reply ]
[SECURITY] [DSA 4147-1] polarssl security update 2018-03-21
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4147-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 21, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4146-1] plexus-utils security update 2018-03-20
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4146-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 20, 2018

[ more ]  [ reply ]
CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20
Advisories (advisories compass-security com) (1 replies)
#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: Microsoft Intune [1]
# Vendor: Microsoft
# CSNC ID: CSNC-2017-026
# Sub

[ more ]  [ reply ]
ES2018-05 Kamailio heap overflow 2018-03-20
Sandro Gauci (sandro enablesecurity com) (1 replies)
# Off-by-one heap overflow in Kamailio

- Authors:
- Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]>
- Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]>
- Fixed versions: Kamailio v5.1.2, v5.0.6 and v4.4.7
- References: no CVE assigned yet
- Enable Security Advisory: <https://github.com/EnableSecurity/ad

[ more ]  [ reply ]
Unsubscribe - Re: ES2018-05 Kamailio heap overflow 2018-03-20
Gary Frank (garoo7 hotmail com)
[SECURITY] [DSA 4145-1] gitlab security update 2018-03-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4145-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 18, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4142-1] uwsgi security update 2018-03-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4142-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 17, 2018

[ more ]  [ reply ]
[slackware-security] libvorbis (SSA:2018-076-01) 2018-03-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libvorbis (SSA:2018-076-01)

New libvorbis packages are available for Slackware 13.37, 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[SECURITY] [DSA 4143-1] firefox-esr security update 2018-03-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4143-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 17, 2018

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2018-075-01) 2018-03-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2018-075-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/

[ more ]  [ reply ]
[SECURITY] [DSA 4144-1] openjdk-8 security update 2018-03-17
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4144-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 17, 2018

[ more ]  [ reply ]
[SECURITY] [DSA 4141-1] libvorbisidec security update 2018-03-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4141-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 16, 2018

[ more ]  [ reply ]
RedCoded ISR: Abine Blur Password Manager Insecure Permissions (CVE-2018-8213) 2018-03-16
\(RS\) Tyler Schroder (redorhcs redcoded com)
Abine Blur Password Manager Insecure Permissions
Module: Blur Web Extension
Announced: 2018-03-10/16
Credits: RS Tyler Schroder
Affects: 7.8.242* BEFORE 7.8.2428
CVE ID: CVE-2018-7213

I. Background
Abine Blur is a password management suite combined with online anonymity
tools designed to help consu

[ more ]  [ reply ]
(Page 10 of 1745)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus