|
|
Colapse all |
Post message
[security bulletin] HPESBHF03812 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Multiple Vulnerabilities 2018-01-26 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03812en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03812en_us Version: 1 HP [ more ] [ reply ] KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting Vulnerability 2018-01-26 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting Vulnerability Title: Sophos Web Gateway Persistent Cross Site Scripting Vulnerability Advisory ID: KL-001-2018-001 Publication Date: 2018.01.26 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-001.txt [ more ] [ reply ] [security bulletin] HPESBHF03813 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03813en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03813en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03810 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Disclosure of Information 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03810en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03810en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03815 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03815en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03815en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03808 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03808en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03808en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBHF03809 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Authentication Restriction Bypass 2018-01-25 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03809en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03809en_us Version: 1 HP [ more ] [ reply ] [slackware-security] curl (SSA:2018-024-01) 2018-01-25 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2018-024-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/c [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2018-0002 2018-01-24 Carlos Alberto Lopez Perez (clopez igalia com) CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability 2018-01-24 Akira Ajisaka (aajisaka apache org) CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Hadoop 2.7.3, 2.7.4 Description: In Apache Hadoop 2.7.3 and 2.7.4, the security fix for CVE-2016-3086 is incomplete. The YARN NodeManager can leak the passwo [ more ] [ reply ] APPLE-SA-2018-1-23-1 iOS 11.2.5 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-1 iOS 11.2.5 iOS 11.2.5 is now available and addresses the following: Audio Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted audio file may lead to arbi [ more ] [ reply ] APPLE-SA-2018-1-23-4 tvOS 11.2.5 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-4 tvOS 11.2.5 tvOS 11.2.5 is now available and addresses the following: Audio Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Descri [ more ] [ reply ] APPLE-SA-2018-1-23-3 watchOS 4.2.2 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-3 watchOS 4.2.2 watchOS 4.2.2 is now available and addresses the following: Audio Available for: All Apple Watch models Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory [ more ] [ reply ] APPLE-SA-2018-1-23-5 Safari 11.0.3 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-5 Safari 11.0.3 Safari 11.0.3 is now available and addresses the following: WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3 Impact: Processing maliciously crafted web content may [ more ] [ reply ] APPLE-SA-2018-1-23-7 iCloud for Windows 7.3 2018-01-24 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-7 iCloud for Windows 7.3 iCloud for Windows 7.3 is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Descri [ more ] [ reply ] APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan 2018-01-23 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan are now available and address [ more ] [ reply ] APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows 2018-01-24 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows iTunes 12.7.3 for Windows is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution [ more ] [ reply ] DefenseCode ThunderScan SAST Advisory: SugarCRM Community Edition Multiple SQL Injection Vulnerabilities 2018-01-23 DefenseCode (defensecode defensecode com) SEC Consult SA-20180123-0 :: XXE & Reflected XSS in Oracle Financial Services Analytical Applications 2018-01-23 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] HPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. 2018-01-22 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03805en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03805en_us Version: 7 HP [ more ] [ reply ] CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities 2018-01-22 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1833 Release Date: ============= 2018-01-22 Vulnerability Laboratory ID (VL-ID): ===================== [ more ] [ reply ] Photo Vault v1.2 iOS - Insecure Authentication Vulnerability 2018-01-19 Vulnerability Lab (admin vulnerability-lab com) Document Title: =============== Photo Vault v1.2 iOS - Insecure Authentication Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2110 Release Date: ============= 2018-01-16 Vulnerability Laboratory ID (VL-ID): ========================= [ more ] [ reply ] Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities 2018-01-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1922 Shopware Security Tracking ID: SW-19834 Security Update: http://community.shopware.com/Dow [ more ] [ reply ] CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities 2018-01-19 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1836 Release Date: ============= 2018-01-19 Vulnerability Laboratory ID (VL-ID): ================== [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4100-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 27, 2018
[ more ] [ reply ]