Mail Thread Index

• Date Index

• Mac OS X Local Javascript Quarantine Bypass, Filippo Cavallarin
  • <Possible follow-ups>
  • Mac OS X Local Javascript Quarantine Bypass, filippo . cavallarin
• Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Memory Corruption CVE-2017-14089 (apparitionsec / hyp3rlinx), apparitionsec
• Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Change Prevention Image File Execution Bypass (apparitionsec / hyp3rlinx), apparitionsec
• Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Encryption Key Disclosure CVE-2017-14083 (apparitionsec / hyp3rlinx), apparitionsec
• Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Start Remote Process Code Execution / DOS - INI Corruption CVE-2017-14086 (apparitionsec / hyp3rlinx), apparitionsec
• Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution CVE-2017-14084 (apparitionsec / hyp3rlinx), apparitionsec
• [SECURITY] [DSA 3986-1] ghostscript security update, Salvatore Bonaccorso
• [SECURITY] [DSA 3987-1] firefox-esr security update, Moritz Muehlenhoff
• Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx), apparitionsec
• Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx), apparitionsec
• [SECURITY] [DSA 3988-1] libidn2-0 security update, Salvatore Bonaccorso
• HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities, HPE Product Security Response Team
• [security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download, security-alert
• DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1, DefenseCode
• [slackware-security] xorg-server (SSA:2017-279-03), Slackware Security Team
• [SECURITY] [DSA 3993-1] tor security update, Moritz Muehlenhoff
• [SECURITY] [DSA 3994-1] nautilus security update, Yves-Alexis Perez
• [SECURITY] [DSA 3995-1] libxfont security update, Moritz Muehlenhoff
• Multiple vulnerabilities in OpenText Documentum Content Server, Andrey B. Panfilov
• [RCESEC-2017-002][CVE-2017-14956] AlienVault USM v5.4.2 "/ossim/report/wizard_email.php" Cross-Site Request Forgery leading to Sensitive Information Disclosure, Julien Ahrens
• Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks, X41 D-Sec GmbH Advisories
• Advisory X41-2017-010: Command Execution in Shadowsocks-libev, X41 D-Sec GmbH Advisories
• [security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege, swpmb . cyber-psrt
• SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++, SEC Consult Vulnerability Lab
• [SECURITY] [DSA 3999-1] wpa security update, Yves-Alexis Perez
• [security bulletin] HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data, security-alert
• SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products, SEC Consult Vulnerability Lab
• WebKitGTK+ Security Advisory WSA-2017-0008, Carlos Alberto Lopez Perez
• [slackware-security] libXres (SSA:2017-291-01), Slackware Security Team
• [slackware-security] wpa_supplicant (SSA:2017-291-02), Slackware Security Team
• [slackware-security] xorg-server (SSA:2017-291-03), Slackware Security Team
• FreeBSD Security Advisory FreeBSD-SA-17:07.wpa [REVISED], FreeBSD Security Advisories
• [SECURITY] [DSA 4002-1] mysql-5.5 security update, Salvatore Bonaccorso
• [SECURITY] [DSA 4003-1] libvirt security update, Salvatore Bonaccorso
• [security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service, HPE Product Security Response Team
• [SECURITY] [DSA 4006-1] mupdf security update, Luciano Bello
• KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation, KoreLogic Disclosures
• KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions, KoreLogic Disclosures
• October 2017 - Bamboo - Critical Security Advisory, Atlassian
• Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996), VSR Advisories
• [VulnWatch] Advisory 02/2002: PHP remote vulnerability, e-matters Security