|
|
Colapse all |
Post message
Secunia Research: Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()" Information Disclosure Vulnerability 2018-03-21 Secunia Research (remove-vuln secunia com) Secunia Research: Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling Information Disclosure Vulnerability 2018-03-21 Secunia Research (remove-vuln secunia com) CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20 Advisories (advisories compass-security com) (1 replies) ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: Microsoft Intune [1] # Vendor: Microsoft # CSNC ID: CSNC-2017-026 # Sub [ more ] [ reply ] Unsubscribe - Re: CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20 Gary Frank (garoo7 hotmail com) ES2018-05 Kamailio heap overflow 2018-03-20 Sandro Gauci (sandro enablesecurity com) (1 replies) # Off-by-one heap overflow in Kamailio - Authors: - Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]> - Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]> - Fixed versions: Kamailio v5.1.2, v5.0.6 and v4.4.7 - References: no CVE assigned yet - Enable Security Advisory: <https://github.com/EnableSecurity/ad [ more ] [ reply ] [slackware-security] libvorbis (SSA:2018-076-01) 2018-03-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libvorbis (SSA:2018-076-01) New libvorbis packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2018-075-01) 2018-03-17 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-075-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/ [ more ] [ reply ] [SECURITY] [DSA 4141-1] libvorbisidec security update 2018-03-16 Salvatore Bonaccorso (carnil debian org) RedCoded ISR: Abine Blur Password Manager Insecure Permissions (CVE-2018-8213) 2018-03-16 \(RS\) Tyler Schroder (redorhcs redcoded com) Abine Blur Password Manager Insecure Permissions Module: Blur Web Extension Announced: 2018-03-10/16 Credits: RS Tyler Schroder Affects: 7.8.242* BEFORE 7.8.2428 CVE ID: CVE-2018-7213 I. Background Abine Blur is a password management suite combined with online anonymity tools designed to help consu [ more ] [ reply ] [SECURITY] [DSA 4140-1] libvorbis security update 2018-03-16 Salvatore Bonaccorso (carnil debian org) [CVE-2017-1205] IBM Spectrum LSF Privilege Escalation 2018-03-16 john fitzpatrick mwrinfosecurity com ###[IBM Spectrum LSF Privilege Escalation]### * Software: IBM Spectrum LSF * Affected Versions: IBM Spectrum LSF 8.3, 9.1.1, 9.1.2, 9.1.3, 10.1, 10.1.0.1 * CVE Reference: CVE-2017-1205 * Author: John Fitzpatrick (@j0hn__f) * Severity: CVSS 9.3 * Vendor: IBM * Vendor Response: Fixes provided * Date: [ more ] [ reply ] [slackware-security] curl (SSA:2018-074-01) 2018-03-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2018-074-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/c [ more ] [ reply ] Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-03-15 Secunia Research (remove-vuln secunia com) SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net) 2018-03-14 SEC Consult Vulnerability Lab (research sec-consult com) FreeBSD Security Advisory FreeBSD-SA-18:03.speculative_execution 2018-03-14 FreeBSD Security Advisories (security-advisories freebsd org) [slackware-security] mozilla-firefox (SSA:2018-072-01) 2018-03-13 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-072-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/p [ more ] [ reply ] [slackware-security] samba (SSA:2018-072-02) 2018-03-13 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] samba (SSA:2018-072-02) New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security a issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/package [ more ] [ reply ] [RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites 2018-03-13 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Shopware Cart Accessible by Third-Party Websites RedTeam Pentesting discovered that the shopping cart implemented by Shopware offers an insecure API. Malicious, third-party websites may abuse this API to list, add or remove products from a user's cart. Details ======= Product: Shopware [ more ] [ reply ] |
|
Privacy Statement |
Secunia Research 2018/03/15
Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()"
Information Disclosure Vulnerability
==========================================================
[ more ] [ reply ]