|
|
Colapse all |
Post message
APPLE-SA-2018-3-29-4 Xcode 9.3 2018-03-29 Apple Product Security (product-security-noreply lists apple com) APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows iTunes 12.7.4 for Windows is now available and addresses the following: Security Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffe [ more ] [ reply ] APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 iCloud for Windows 7.4 is now available and addresses the following: Security Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffer over [ more ] [ reply ] APPLE-SA-2018-3-29-3 tvOS 11.3 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-3 tvOS 11.3 tvOS 11.3 is now available and addresses the following: CoreFoundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race conditi [ more ] [ reply ] APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan Admin Framework Available for: macOS High Sierra 10.13.3 Impact: Passwords supplied to sysadminctl may be exposed to other local [ more ] [ reply ] [slackware-security] ruby (SSA:2018-088-01) 2018-03-29 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ruby (SSA:2018-088-01) New ruby packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ruby-2.2.10-i5 [ more ] [ reply ] APPLE-SA-2018-3-29-6 Safari 11.1 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-6 Safari 11.1 Safari 11.1 is now available and addresses the following: Safari Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Visiting a malicious website may lead to address ba [ more ] [ reply ] APPLE-SA-2018-3-29-1 iOS 11.3 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to se [ more ] [ reply ] CA20180328-01: Security Notice for CA API Developer Portal 2018-03-29 Kotas, Kevin J (Kevin Kotas ca com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CA20180328-01: Security Notice for CA API Developer Portal Issued: March 28, 2018 Last Updated: March 28, 2018 CA Technologies Support is alerting customers to multiple potential risks with CA API Developer Portal. Multiple vulnerabilities exist tha [ more ] [ reply ] [SECURITY] [DSA 4154-1] net-snmp security update 2018-03-28 Salvatore Bonaccorso (carnil debian org) Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2116 Video: https://www.vulnerability-lab.com/get_content.php?id=2117 MSRC ID: 43520â?? CR [ more ] [ reply ] Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2122 Release Date: ============= 2018-03-02 Vulnerability Laboratory ID (VL-ID): ========== [ more ] [ reply ] Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2121 Release Date: ============= 2018-02-21 Vulnerability Laboratory ID (VL-ID): = [ more ] [ reply ] AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2123 Release Date: ============= 2018-02-18 Vulnerability Laboratory ID (VL-ID): ================= [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2018-085-01) 2018-03-27 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-085-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/p [ more ] [ reply ] Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links 2018-03-24 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links ------------------------------------------------------------------------ Stephan Kaag, January 2018 ------------------ [ more ] [ reply ] [slackware-security] mozilla-thunderbird (SSA:2018-082-01) 2018-03-24 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2018-082-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] [SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22 Moritz Muehlenhoff (jmm debian org) Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22 x ksi (s3810 pjwstk edu pl) Hey, The Path Traversal vulnerability was found in the component of the Bomgar Remote Support Portal (RSP) [1]. The affected component is a JavaStart.jar applet that is hosted at https://TARGET/api/content/JavaStart.jar on the vulnerable RSP deployments. The JavaStart version 52970 and prior were c [ more ] [ reply ] Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22 x ksi (s3810 pjwstk edu pl) Hey, The Local Privilege Escalation vulnerability was found in the Kaseya Virtual System Administrator (VSA) [1] agent "AgentMon.exe". The agent is a Windows service that periodically executes various programs with â??NT AUTHORITY\SYSTEMâ? privileges. In the Kaseya's default configuration, Window [ more ] [ reply ] Secunia Research: Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure Vulnerability 2018-03-21 Secunia Research (remove-vuln secunia com) Advisory - Bitbucket Server - CVE-2018-5225 2018-03-22 Matthew Hart (mhart atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/3WNsO CVE ID: CVE-2018-5225 Products: Bitbucket Server Affected Bitbucket Server Versions: 4.13.0 <= version < 5.4.8 5.5.0 <= version < 5.5.8 5.6.0 <= version < 5.6.5 5 [ more ] [ reply ] Secunia Research: Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()" Information Disclosure Vulnerability 2018-03-21 Secunia Research (remove-vuln secunia com) Secunia Research: Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling Information Disclosure Vulnerability 2018-03-21 Secunia Research (remove-vuln secunia com) CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20 Advisories (advisories compass-security com) (1 replies) ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: Microsoft Intune [1] # Vendor: Microsoft # CSNC ID: CSNC-2017-026 # Sub [ more ] [ reply ] Unsubscribe - Re: CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20 Gary Frank (garoo7 hotmail com) ES2018-05 Kamailio heap overflow 2018-03-20 Sandro Gauci (sandro enablesecurity com) (1 replies) # Off-by-one heap overflow in Kamailio - Authors: - Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]> - Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]> - Fixed versions: Kamailio v5.1.2, v5.0.6 and v4.4.7 - References: no CVE assigned yet - Enable Security Advisory: <https://github.com/EnableSecurity/ad [ more ] [ reply ] [slackware-security] libvorbis (SSA:2018-076-01) 2018-03-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libvorbis (SSA:2018-076-01) New libvorbis packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2018-075-01) 2018-03-17 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-075-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/ [ more ] [ reply ] [SECURITY] [DSA 4141-1] libvorbisidec security update 2018-03-16 Salvatore Bonaccorso (carnil debian org) RedCoded ISR: Abine Blur Password Manager Insecure Permissions (CVE-2018-8213) 2018-03-16 \(RS\) Tyler Schroder (redorhcs redcoded com) Abine Blur Password Manager Insecure Permissions Module: Blur Web Extension Announced: 2018-03-10/16 Credits: RS Tyler Schroder Affects: 7.8.242* BEFORE 7.8.2428 CVE ID: CVE-2018-7213 I. Background Abine Blur is a password management suite combined with online anonymity tools designed to help consu [ more ] [ reply ] [SECURITY] [DSA 4140-1] libvorbis security update 2018-03-16 Salvatore Bonaccorso (carnil debian org) [CVE-2017-1205] IBM Spectrum LSF Privilege Escalation 2018-03-16 john fitzpatrick mwrinfosecurity com ###[IBM Spectrum LSF Privilege Escalation]### * Software: IBM Spectrum LSF * Affected Versions: IBM Spectrum LSF 8.3, 9.1.1, 9.1.2, 9.1.3, 10.1, 10.1.0.1 * CVE Reference: CVE-2017-1205 * Author: John Fitzpatrick (@j0hn__f) * Severity: CVSS 9.3 * Vendor: IBM * Vendor Response: Fixes provided * Date: [ more ] [ reply ] [slackware-security] curl (SSA:2018-074-01) 2018-03-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2018-074-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/c [ more ] [ reply ] Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-03-15 Secunia Research (remove-vuln secunia com) SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net) 2018-03-14 SEC Consult Vulnerability Lab (research sec-consult com) FreeBSD Security Advisory FreeBSD-SA-18:03.speculative_execution 2018-03-14 FreeBSD Security Advisories (security-advisories freebsd org) [slackware-security] mozilla-firefox (SSA:2018-072-01) 2018-03-13 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-072-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/p [ more ] [ reply ] [slackware-security] samba (SSA:2018-072-02) 2018-03-13 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] samba (SSA:2018-072-02) New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security a issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/package [ more ] [ reply ] [RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites 2018-03-13 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Shopware Cart Accessible by Third-Party Websites RedTeam Pentesting discovered that the shopping cart implemented by Shopware offers an insecure API. Malicious, third-party websites may abuse this API to list, add or remove products from a user's cart. Details ======= Product: Shopware [ more ] [ reply ] SEC Consult SA-20180312-0 :: Multiple Critical Vulnerabilities in SecurEnvoy SecurMail 2018-03-12 SEC Consult Vulnerability Lab (research sec-consult com) [SECURITY] [DSA 4134-1] util-linux security update 2018-03-10 Salvatore Bonaccorso (carnil debian org) [RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Arbitrary Redirect in Tuleap RedTeam Pentesting discovered an arbitrary redirect vulnerability in the redirect mechanism of the application lifecycle management platform Tuleap. Details ======= Product: Tuleap Affected Versions: > 9.17.99.93 Fixed Versions: >= 9.17.99.93 Vulnerability [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec [REVISED] 2018-03-08 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4133-1] isc-dhcp security update 2018-03-07 Salvatore Bonaccorso (carnil debian org) FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec 2018-03-07 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02 Sebastien Delafond (seb debian org) DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06 Defense Code (defensecode defensecode com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service 2018-03-02 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt 1. Vul [ more ] [ reply ] DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Product Attributes 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Downloadable Products 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06 Defense Code (defensecode defensecode com) CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor 2018-03-01 spinfoo (spinfoo protonmail com) Product: HPE System Management Homepage Versions: 7.6.0.11 and minor versions Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact: Allows an attacker to perform an XSS (Cross-Site Scripting) attack, execute arbitrary J [ more ] [ reply ] KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service 2018-03-02 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt 1. Vul [ more ] [ reply ] [SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02 Sebastien Delafond (seb debian org) [security bulletin] MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS) 2018-03-01 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM031038 96 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03103896 Version: 1 MFSBGN03801 rev.1 [ more ] [ reply ] [Newsletter/Marketing] [slackware-security] dhcp (SSA:2018-060-01) 2018-03-01 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] dhcp (SSA:2018-060-01) New dhcp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ [ more ] [ reply ] [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02) 2018-03-01 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2018-060-02) New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ntp [ more ] [ reply ] CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor 2018-03-01 spinfoo (spinfoo protonmail com) Product: HPE System Management Homepage Versions: 7.6.0.11 and minor versions Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact: Allows an attacker to perform an XSS (Cross-Site Scripting) attack, execute arbitrary Ja [ more ] [ reply ] [security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities 2018-02-28 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM030605 44 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03060544 Version: 2 MFSBGN03794 rev.2 [ more ] [ reply ] Secunia Research: Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability 2018-02-28 Secunia Research (remove-vuln secunia com) SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management 2018-02-28 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] HPESBHF03826 rev.1 - HPE Integrated Lights-Out 3 (iLO 3) Remote Denial of Service 2018-02-27 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03826en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03826en_us Version: 1 HP [ more ] [ reply ] SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket 2018-02-27 SEC Consult Vulnerability Lab (research sec-consult com) ES2018-03 Asterisk pjsip sdp invalid media format description segfault 2018-02-26 Sandro Gauci (sandro enablesecurity com) # Segmentation fault occurs in Asterisk with an invalid SDP media format description - Authors: - Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]> - Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]> - Latest vulnerable version: Asterisk 15.2.0 running `chan_pjsip` - References: AST-2018-002 - Enable Secu [ more ] [ reply ] ES2018-04 Asterisk pjsip tcp segfault 2018-02-26 Sandro Gauci (sandro enablesecurity com) # Crash occurs when sending a repeated number of INVITE messages over TCP or TLS transport - Authors: - Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]> - Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]> - Latest vulnerable version: Asterisk 15.2.0 running `chan_pjsip` installed with `--with-pjproject-b [ more ] [ reply ] ES2018-02 Asterisk pjsip sdp invalid fmtp segfault 2018-02-26 Sandro Gauci (sandro enablesecurity com) # Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]> - Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]> - Latest vulnerable version: Asterisk 15.2.0 running `chan_pjsip` - References: AST-2018-003 - Enable Security Advis [ more ] [ reply ] ES2018-01 Asterisk pjsip subscribe stack corruption 2018-02-26 Sandro Gauci (sandro enablesecurity com) # SUBSCRIBE message with a large Accept value causes stack corruption - Authors: - Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]> - Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]> - Latest vulnerable version: Asterisk 15.2.0 running `chan_pjsip` - Tested vulnerable versions: 15.2.0, 13.19.0, 14.7. [ more ] [ reply ] CMS Made Simple 2.1.6 - Remote Code Execution 2018-02-26 displaymyname gmail con # Exploit Title: CMS Made Simple 2.1.6 - Remote Code Execution # Date: 2018-02-26 # Exploit Author: Keerati T. # Vendor Homepage: http://www.cmsmadesimple.org/ # Software Link: http://s3.amazonaws.com/cmsms/downloads/13570/cmsms-2.1.6-install.zip # Version: 2.1.6 # CVE: CVE-2018-7448 # Tested on: Li [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
APPLE-SA-2018-3-29-4 Xcode 9.3
Xcode 9.3 is now available and addresses the following:
LLVM
Available for: macOS High Sierra 10.13.2 or later
Impact: Multiple issues in llvm were addressed in this update
Description: Multiple issues were addressed b
[ more ] [ reply ]