|
|
Colapse all |
Post message
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01 Atlassian (security atlassian com) KonaKart Path Traversal Vulnerability 2018-02-01 ajcraggs gmail com Product overview: "KonaKart is a java based eCommerce software platform trusted by top brands throughout the world to give them a stable, high- performance online store". Vulnerability overview: KonaKart eCommerce Platform prior to verion 8.8 is vulnerable to a directory traversal flaw in the adm [ more ] [ reply ] Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key 2018-01-31 cfpmontreal2018 recon cx - RECON MONTREAL 2018 - 0xE - CFP - Training Registration - Conference - Submit! - PGP key â??â??â??â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? â? [ more ] [ reply ] SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31 SEC Consult Vulnerability Lab (research sec-consult com) Defense in depth -- the Microsoft way (part 49): fun with application manifests 2018-01-30 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, Microsoft built several bugs^W^Wfollowing features into the processing of (external) application manifests, i.e. XML files named <program>.exe.manifest which can accompany any portable executable <program>.exe JFTR: the file extension ".exe" is only used per convention; CreateProcess [ more ] [ reply ] [security bulletin] HPESBHF03814 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Unauthorized Modification 2018-01-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03814en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03814en_us Version: 1 HP [ more ] [ reply ] [slackware-security] mozilla-thunderbird (SSA:2018-025-01) 2018-01-26 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2018-025-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ p [ more ] [ reply ] Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-01-29 Secunia Research (remove-vuln secunia com) [SYSS-2017-026] Microsoft Surface Hub Keyboard - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2018-01-29 matthias deeg syss de [security bulletin] HPESBHF03811 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Multiple Vulnerabilities 2018-01-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03811en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03811en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03812 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Multiple Vulnerabilities 2018-01-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03812en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03812en_us Version: 1 HP [ more ] [ reply ] KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting Vulnerability 2018-01-26 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting Vulnerability Title: Sophos Web Gateway Persistent Cross Site Scripting Vulnerability Advisory ID: KL-001-2018-001 Publication Date: 2018.01.26 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-001.txt [ more ] [ reply ] [security bulletin] HPESBHF03813 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03813en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03813en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03810 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Disclosure of Information 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03810en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03810en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03815 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03815en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03815en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03808 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03808en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03808en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03809 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Authentication Restriction Bypass 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03809en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03809en_us Version: 1 HP [ more ] [ reply ] [slackware-security] curl (SSA:2018-024-01) 2018-01-25 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2018-024-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/c [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2018-0002 2018-01-24 Carlos Alberto Lopez Perez (clopez igalia com) CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability 2018-01-24 Akira Ajisaka (aajisaka apache org) CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Hadoop 2.7.3, 2.7.4 Description: In Apache Hadoop 2.7.3 and 2.7.4, the security fix for CVE-2016-3086 is incomplete. The YARN NodeManager can leak the passwo [ more ] [ reply ] APPLE-SA-2018-1-23-1 iOS 11.2.5 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-1 iOS 11.2.5 iOS 11.2.5 is now available and addresses the following: Audio Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted audio file may lead to arbi [ more ] [ reply ] APPLE-SA-2018-1-23-4 tvOS 11.2.5 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-4 tvOS 11.2.5 tvOS 11.2.5 is now available and addresses the following: Audio Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Descri [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
This email refers to the advisory found at
https://confluence.atlassian.com/x/lIIyO.
CVE ID:
* CVE-2017-14592
* CVE-2017-14593
* CVE-2017-17458
* CVE-2017-17831
Product: Sourcetree
Affected Sourcetree product versions:
Sourcetree for macOS 1.0b2
[ more ] [ reply ]