|
|
Colapse all |
Post message
APPLE-SA-2018-3-29-4 Xcode 9.3 2018-03-29 Apple Product Security (product-security-noreply lists apple com) APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows iTunes 12.7.4 for Windows is now available and addresses the following: Security Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffe [ more ] [ reply ] APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 iCloud for Windows 7.4 is now available and addresses the following: Security Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffer over [ more ] [ reply ] APPLE-SA-2018-3-29-3 tvOS 11.3 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-3 tvOS 11.3 tvOS 11.3 is now available and addresses the following: CoreFoundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race conditi [ more ] [ reply ] APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan Admin Framework Available for: macOS High Sierra 10.13.3 Impact: Passwords supplied to sysadminctl may be exposed to other local [ more ] [ reply ] [slackware-security] ruby (SSA:2018-088-01) 2018-03-29 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ruby (SSA:2018-088-01) New ruby packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ruby-2.2.10-i5 [ more ] [ reply ] APPLE-SA-2018-3-29-6 Safari 11.1 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-6 Safari 11.1 Safari 11.1 is now available and addresses the following: Safari Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Visiting a malicious website may lead to address ba [ more ] [ reply ] APPLE-SA-2018-3-29-1 iOS 11.3 2018-03-29 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to se [ more ] [ reply ] CA20180328-01: Security Notice for CA API Developer Portal 2018-03-29 Kotas, Kevin J (Kevin Kotas ca com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CA20180328-01: Security Notice for CA API Developer Portal Issued: March 28, 2018 Last Updated: March 28, 2018 CA Technologies Support is alerting customers to multiple potential risks with CA API Developer Portal. Multiple vulnerabilities exist tha [ more ] [ reply ] [SECURITY] [DSA 4154-1] net-snmp security update 2018-03-28 Salvatore Bonaccorso (carnil debian org) Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2116 Video: https://www.vulnerability-lab.com/get_content.php?id=2117 MSRC ID: 43520â?? CR [ more ] [ reply ] Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2122 Release Date: ============= 2018-03-02 Vulnerability Laboratory ID (VL-ID): ========== [ more ] [ reply ] Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2121 Release Date: ============= 2018-02-21 Vulnerability Laboratory ID (VL-ID): = [ more ] [ reply ] AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2123 Release Date: ============= 2018-02-18 Vulnerability Laboratory ID (VL-ID): ================= [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2018-085-01) 2018-03-27 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-085-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/p [ more ] [ reply ] Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links 2018-03-24 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links ------------------------------------------------------------------------ Stephan Kaag, January 2018 ------------------ [ more ] [ reply ] [slackware-security] mozilla-thunderbird (SSA:2018-082-01) 2018-03-24 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2018-082-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] [SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22 Moritz Muehlenhoff (jmm debian org) Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22 x ksi (s3810 pjwstk edu pl) Hey, The Path Traversal vulnerability was found in the component of the Bomgar Remote Support Portal (RSP) [1]. The affected component is a JavaStart.jar applet that is hosted at https://TARGET/api/content/JavaStart.jar on the vulnerable RSP deployments. The JavaStart version 52970 and prior were c [ more ] [ reply ] Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22 x ksi (s3810 pjwstk edu pl) Hey, The Local Privilege Escalation vulnerability was found in the Kaseya Virtual System Administrator (VSA) [1] agent "AgentMon.exe". The agent is a Windows service that periodically executes various programs with â??NT AUTHORITY\SYSTEMâ? privileges. In the Kaseya's default configuration, Window [ more ] [ reply ] Secunia Research: Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure Vulnerability 2018-03-21 Secunia Research (remove-vuln secunia com) Advisory - Bitbucket Server - CVE-2018-5225 2018-03-22 Matthew Hart (mhart atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/3WNsO CVE ID: CVE-2018-5225 Products: Bitbucket Server Affected Bitbucket Server Versions: 4.13.0 <= version < 5.4.8 5.5.0 <= version < 5.5.8 5.6.0 <= version < 5.6.5 5 [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
APPLE-SA-2018-3-29-4 Xcode 9.3
Xcode 9.3 is now available and addresses the following:
LLVM
Available for: macOS High Sierra 10.13.2 or later
Impact: Multiple issues in llvm were addressed in this update
Description: Multiple issues were addressed b
[ more ] [ reply ]