|
|
Colapse all |
Post message
[slackware-security] httpd (SSA:2018-199-01) 2018-07-18 Slackware Security Team (security slackware com) GhostMail - (Status Message) Persistent Web Vulnerability 2018-07-18 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== GhostMail - (Status Message) Persistent Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1470 Release Date: ============= 2018-06-27 Vulnerability Laboratory ID (VL-ID): ============================= [ more ] [ reply ] Binance v1.5.0 - Insecure File Permission Vulnerability 2018-07-18 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Binance v1.5.0 - Insecure File Permission Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2135 Release Date: ============= 2018-07-17 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] GhostMail - (filename to link) POST Inject Web Vulnerability 2018-07-18 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== GhostMail - (filename to link) POST Inject Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1471 Release Date: ============= 2018-06-26 Vulnerability Laboratory ID (VL-ID): ========================== [ more ] [ reply ] Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability 2018-07-18 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=662 Release Date: ============= 2018-07-18 Vulnerability Laboratory ID (VL-ID): =========================== [ more ] [ reply ] Defense in depth -- the Microsoft way (part 56): 10+ year old security update installers are susceptiblle to 20+ year old vulnerability 2018-07-18 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, Microsoft released <https://support.microsoft.com/en-us/help/4336919> "Description of the security update for the remote code execution vulnerability in Visual Studio 2010 Service Pack 1: July 10, 2018" some days ago. The executable installer VS10SP1-KB4336919-x86.exe offered for download [ more ] [ reply ] [slackware-security] mutt (SSA:2018-198-01) 2018-07-17 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mutt (SSA:2018-198-01) New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/m [ more ] [ reply ] [CVE-2018-1000211] Public apps can't revoke OAuth access & refresh tokens in Doorkeeper 2018-07-17 Justin Bull (me justinbull ca) Good morning everyone, A security bulletin for all of you. Software: -------- Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper) Description: ---------- Doorkeeper is an OAuth 2 provider for Rails written in Ruby. Affected Versions: --------------- 4.2.0 - 4.3.2 5.0.0.rc1 Fixed Versions: [ more ] [ reply ] Defense in depth -- the Microsoft way (part 55): new software built with 5.5 year old tool shows 20+ year old vulnerabilities 2018-07-17 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, Microsoft released <https://support.microsoft.com/en-us/help/4340040/> "July 2018 servicing release for Microsoft Desktop Optimization Pack" some days ago. <https://www.microsoft.com/en-us/download/details.aspx?id=57157> offers three executable installers to update existing installations: [ more ] [ reply ] [SECURITY] [DSA 4247-1] ruby-rack-protection security update 2018-07-16 Moritz Muehlenhoff (jmm debian org) Huawei eNSP v1 - Buffer Overflow (DoS) Vulnerability 2018-07-13 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Huawei eNSP v1 - Buffer Overflow (DoS) Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2132 Security ID: huawei-sa-20180309-01-ensp https://nvd.nist.gov/vuln/detail/CVE-2017-17321 https://cve.mitre.org/c [ more ] [ reply ] Secunia Research: Clam AntiVirus "parsehwp3_paragraph()" Denial of Service Vulnerability 2018-07-12 Secunia Research (remove-vuln secunia com) SEC Consult SA-20180712-0 :: Remote Code Execution & Local File Disclosure in Zeta Producer Desktop CMS 2018-07-12 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] MFSBGN03811 rev.1 - Fortify Software Security Center (SSC), Multiple vulnerabilities 2018-07-12 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM032010 85 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03201085 Version: 1 MFSBGN03811 rev.1 [ more ] [ reply ] Barracuda ADC v5.x - Multiple Persistent Vulnerabilities 2018-07-12 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Barracuda ADC v5.x - Multiple Persistent Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1424 Release Date: ============= 2018-07-12 Vulnerability Laboratory ID (VL-ID): ============================== [ more ] [ reply ] Lenovo SU v5.07 - Buffer Overflow & Arbitrary Code Execution Vulnerability 2018-07-12 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Lenovo SU v5.07 - Buffer Overflow & Code Execution Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2131 Lenovo Security ID: LEN-19625 https://nvd.nist.gov/vuln/detail/CVE-2018-9063 https://cve.mitre.org/ [ more ] [ reply ] [slackware-security] curl (SSA:2018-192-02) 2018-07-12 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2018-192-02) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ [ more ] [ reply ] [slackware-security] bind (SSA:2018-192-01) 2018-07-12 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] bind (SSA:2018-192-01) New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/b [ more ] [ reply ] [CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities 2018-07-11 Core Security Advisories Team (advisories coresecurity com) Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ QNAP Qcenter Virtual Appliance Multiple Vulnerabilities 1. *Advisory Information* Title: QNAP Qcenter Virtual Appliance Multiple Vulnerabilities Advisory ID: CORE-2018-0006 Advisory URL: http://www.coresecurity.com/advisories/qna [ more ] [ reply ] AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities 2018-07-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2108 AT&T Reference ID: 1502971499862 Vulnerability Magazine: https://www.vulnerability-db.com/? [ more ] [ reply ] Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability 2018-07-11 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1425 Release Date: ============= 2018-07-10 Vulnerability Laboratory ID (VL-ID): =================== [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] httpd (SSA:2018-199-01)
New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages
[ more ] [ reply ]