|
|
Colapse all |
Post message
SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro 2018-02-08 SEC Consult Vulnerability Lab (research sec-consult com) [SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07 Salvatore Bonaccorso (carnil debian org) [security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2018-02-07 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c041977 64 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04197764 Version: 2 HPSBHF02981 rev.2 [ more ] [ reply ] [SECURITY] [DSA 4106-1] libtasn1-6 security update 2018-02-07 Salvatore Bonaccorso (carnil debian org) SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07 SEC Consult Vulnerability Lab (research sec-consult com) [slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 2. Here are the details from the Slackware 14.2 ChangeLog: +- [ more ] [ reply ] [SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform 2018-02-07 Security Explorations (contact security-explorations com) Hello All, A couple of weeks ago, Platform NC+ [1], one of the major digital SAT TV providers in Poland issued an official message [2] to subscribers about the policy of content security. Among other things, the following statements were included in it: "Platform nc+ as a technology leader in the [ more ] [ reply ] [CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities 2018-02-05 Core Security Advisories Team (advisories coresecurity com) Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Kaspersky Secure Mail Gateway Multiple Vulnerabilities 1. *Advisory Information* Title: Kaspersky Secure Mail Gateway Multiple Vulnerabilities Advisory ID: CORE-2017-0010 Advisory URL: http://www.coresecurity.com/advisories/kaspe [ more ] [ reply ] [slackware-security] php (SSA:2018-034-01) 2018-02-04 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] php (SSA:2018-034-01) New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/php [ more ] [ reply ] [security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection 2018-02-01 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM030836 53 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03083653 Version: 1 MFSBGN03797 rev.1 [ more ] [ reply ] SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01 SEC Consult Vulnerability Lab (research sec-consult com) We have published an accompanying blog post to this technical advisory with further information: https://www.sec-consult.com/en/blog/2018/02/internet-of-dildos-a-long-wa y-to-a-vibrant-future-from-iot-to-iod/index.html SEC Consult Vulnerability Lab Security Advisory < 20180201-0 > ================ [ more ] [ reply ] [SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01 Michael Gilbert (mgilbert debian org) Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01 Atlassian (security atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 This email refers to the advisory found at https://confluence.atlassian.com/x/lIIyO. CVE ID: * CVE-2017-14592 * CVE-2017-14593 * CVE-2017-17458 * CVE-2017-17831 Product: Sourcetree Affected Sourcetree product versions: Sourcetree for macOS 1.0b2 [ more ] [ reply ] KonaKart Path Traversal Vulnerability 2018-02-01 ajcraggs gmail com Product overview: "KonaKart is a java based eCommerce software platform trusted by top brands throughout the world to give them a stable, high- performance online store". Vulnerability overview: KonaKart eCommerce Platform prior to verion 8.8 is vulnerable to a directory traversal flaw in the adm [ more ] [ reply ] Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key 2018-01-31 cfpmontreal2018 recon cx - RECON MONTREAL 2018 - 0xE - CFP - Training Registration - Conference - Submit! - PGP key â??â??â??â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? [ more ] [ reply ] SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31 SEC Consult Vulnerability Lab (research sec-consult com) Defense in depth -- the Microsoft way (part 49): fun with application manifests 2018-01-30 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, Microsoft built several bugs^W^Wfollowing features into the processing of (external) application manifests, i.e. XML files named <program>.exe.manifest which can accompany any portable executable <program>.exe JFTR: the file extension ".exe" is only used per convention; CreateProcess [ more ] [ reply ] [security bulletin] HPESBHF03814 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Unauthorized Modification 2018-01-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03814en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03814en_us Version: 1 HP [ more ] [ reply ] [slackware-security] mozilla-thunderbird (SSA:2018-025-01) 2018-01-26 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2018-025-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-01-29 Secunia Research (remove-vuln secunia com) [SYSS-2017-026] Microsoft Surface Hub Keyboard - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2018-01-29 matthias deeg syss de [security bulletin] HPESBHF03811 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Multiple Vulnerabilities 2018-01-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03811en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03811en_us Version: 1 HP [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
This email refers to the advisory found at
https://confluence.atlassian.com/x/iPQyO and
https://confluence.atlassian.com/x/h-QyO .
CVE ID:
* CVE-2017-16861.
Product: Fisheye and Crucible.
Affected Fisheye and Crucible product versions:
version
[ more ] [ reply ]