|
|
Colapse all |
Post message
SEC Consult SA-20180312-0 :: Multiple Critical Vulnerabilities in SecurEnvoy SecurMail 2018-03-12 SEC Consult Vulnerability Lab (research sec-consult com) [SECURITY] [DSA 4134-1] util-linux security update 2018-03-10 Salvatore Bonaccorso (carnil debian org) [RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Arbitrary Redirect in Tuleap RedTeam Pentesting discovered an arbitrary redirect vulnerability in the redirect mechanism of the application lifecycle management platform Tuleap. Details ======= Product: Tuleap Affected Versions: > 9.17.99.93 Fixed Versions: >= 9.17.99.93 Vulnerability [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec [REVISED] 2018-03-08 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4133-1] isc-dhcp security update 2018-03-07 Salvatore Bonaccorso (carnil debian org) FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec 2018-03-07 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02 Sebastien Delafond (seb debian org) DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06 Defense Code (defensecode defensecode com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service 2018-03-02 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt 1. Vul [ more ] [ reply ] DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Product Attributes 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Downloadable Products 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06 Defense Code (defensecode defensecode com) CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor 2018-03-01 spinfoo (spinfoo protonmail com) Product: HPE System Management Homepage Versions: 7.6.0.11 and minor versions Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact: Allows an attacker to perform an XSS (Cross-Site Scripting) attack, execute arbitrary J [ more ] [ reply ] KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service 2018-03-02 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt 1. Vul [ more ] [ reply ] [SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02 Sebastien Delafond (seb debian org) [security bulletin] MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS) 2018-03-01 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM031038 96 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03103896 Version: 1 MFSBGN03801 rev.1 [ more ] [ reply ] [Newsletter/Marketing] [slackware-security] dhcp (SSA:2018-060-01) 2018-03-01 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] dhcp (SSA:2018-060-01) New dhcp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ [ more ] [ reply ] [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02) 2018-03-01 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2018-060-02) New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ntp [ more ] [ reply ] CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor 2018-03-01 spinfoo (spinfoo protonmail com) Product: HPE System Management Homepage Versions: 7.6.0.11 and minor versions Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact: Allows an attacker to perform an XSS (Cross-Site Scripting) attack, execute arbitrary Ja [ more ] [ reply ] [security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities 2018-02-28 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM030605 44 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03060544 Version: 2 MFSBGN03794 rev.2 [ more ] [ reply ] |
|
Privacy Statement |
=======================================================================
title: Multiple Critical Vulnerabilities
product: SecurEnvoy SecurMail
vulnerable version: 9.1.501
fixed version: 9.2.501 or hotfix
[ more ] [ reply ]