Mail Thread Index

• Date Index

• [slackware-security] mozilla-firefox (SSA:2018-120-02), Slackware Security Team
• [slackware-security] libwmf (SSA:2018-120-01), Slackware Security Team
• CVE-2016-6811: Apache Hadoop Privilege escalation vulnerability, Akira Ajisaka
• Trovebox <= 4.0.0-rc6 Authentication Bypass, SQLi, SSRF, robin . verton
• [SECURITY] [DSA 4188-1] linux security update, Salvatore Bonaccorso
• [SECURITY] [DSA 4187-1] linux security update, Ben Hutchings
• CA20180501-01: Security Notice for CA Spectrum, Kotas, Kevin J
• [SECURITY] [DSA 4189-1] quassel security update, Moritz Muehlenhoff
• Command injections via USB upgrade in MSTAR Set-Top box products, IM
• SEC Consult SA-20180503-0 :: Authentication Bypass in Oracle Access Manager (OAM), SEC Consult Vulnerability Lab
• [SECURITY] [DSA 4190-1] jackson-databind security update, Sebastien Delafond
• [SECURITY] [DSA 4191-1] redmine security update, Sebastien Delafond
• Updated VMSA-2018-0007.3: VMware Virtual Appliance updates address side-channel analysis due to speculative execution, VMware Security Response Center
• [slackware-security] seamonkey (SSA:2018-123-01), Slackware Security Team
• APPLE-SA-2018-05-04-1 Security Update 2018-001 Swift 4.1.1 for Ubuntu 14.04, Apple Product Security
• [slackware-security] python (SSA:2018-124-01), Slackware Security Team
• [SECURITY] [DSA 4192-1] libmad security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4193-1] wordpress security update, Salvatore Bonaccorso
• CANADIAN JOB VACANCY!!!, SUNCOR ENERGY
• [SECURITY] [DSA 4194-1] lucene-solr security update, Moritz Muehlenhoff
• WebKitGTK+ Security Advisory WSA-2018-0004, Michael Catanzaro
• [SECURITY] [DSA 4195-1] wget security update, Salvatore Bonaccorso
• APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001, Apple Product Security
• FreeBSD Security Advisory FreeBSD-SA-18:06.debugreg, FreeBSD Security Advisories
• [SECURITY] [DSA 4196-1] linux security update, Salvatore Bonaccorso
• [ADV170017] Defense in depth -- the Microsoft way (part 54): escalation of privilege during installation of Microsoft Office 20xy, Stefan Kanthak
• t2'18: Call For Papers 2018 (Helsinki, Finland), Tomi Tuominen
• [security bulletin] MFSBGN03806 rev.1 - HP Network Automation Software, Network Operations Management (NOM) Suite, Multiple Vulnerabilities, cyber-psrt
• [security bulletin] MFSBGN03804 - HP Service Manager Software, Remote Disclosure of Information, cyber-psrt
• [SECURITY] [DSA 4198-1] prosody security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4197-1] wavpack security updaze, Moritz Muehlenhoff
• [slackware-security] wget (SSA:2018-129-02), Slackware Security Team
• [slackware-security] mozilla-firefox (SSA:2018-129-01), Slackware Security Team
• [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information, cyber-psrt
• [security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information, cyber-psrt
• [security bulletin] MFSBGN03807 rev.1 - HP Service Manager Software, SQL Injection, cyber-psrt
• [SECURITY] [DSA 4199-1] firefox-esr security update, Moritz Muehlenhoff
• [slackware-security] mariadb (SSA:2018-130-01), Slackware Security Team
• Vulnerabilities in IBMs Flashsystems and Storwize Products, Sebastian Neuner
• SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet, SEC Consult Vulnerability Lab
  • Re: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet, SEC Consult Vulnerability Lab
• [SECURITY] [DSA 4200-1] kwallet-pam security update, Moritz Muehlenhoff
• CVE-2018-10994: HTML tag injection in Signal-desktop, Alfredo Ortega
• CSNC-2018-002 totemomail Encryption Gateway - JSONP hijacking, Advisories
• CSNC-2018-003 totemomail Encryption Gateway - Cross-Site Request Forgery, Advisories
• [SECURITY] [DSA 4201-1] xen security update, Moritz Muehlenhoff
• SEC Consult SA-20180516-0 :: XXE & XSS vulnerabilities in RSA Authentication Manager, SEC Consult Vulnerability Lab
• CVE-2018-11101: Signal-desktop HTML tag injection variant 2, Alfredo Ortega
• [SECURITY] [DSA 4202-1] curl security update, Alessandro Ghedini
• [slackware-security] php (SSA:2018-136-02), Slackware Security Team
• [slackware-security] curl (SSA:2018-136-01), Slackware Security Team
• [SECURITY] [DSA 4203-1] vlc security update, Moritz Muehlenhoff
• MagniComp SysInfo Information Exposure [CVE-2018-7268], Harry Sintonen
• [SYSS-2018-007] ILIAS e-Learning - Reflected Cross-Site-Scripting, Moritz Bechler
• [SECURITY] [DSA 4204-1] imagemagick security update, Sebastien Delafond
• [SECURITY] [DSA 4205-1] Advance notification for upcoming end-of-life for, Moritz Muehlenhoff
• Qualys Security Advisory - Procps-ng Audit Report, Qualys Security Advisory
• [SECURITY] [DSA 4206-1] gitlab security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4207-1] packagekit security update, Salvatore Bonaccorso
• [SECURITY] [DSA 4208-1] procps security update, Salvatore Bonaccorso
• [slackware-security] Slackware 14.2 kernel (SSA:2018-142-01), Slackware Security Team
• K2 smartforms runtime application - 4.6.11 SSRF, fuming22
• [slackware-security] procps-ng (SSA:2018-142-03), Slackware Security Team
• [slackware-security] mozilla-thunderbird (SSA:2018-142-02), Slackware Security Team
• [CVE-2018-8013] Apache Batik information disclosure vulnerability, Simon Steiner
• [security bulletin] MFSBGN03808 rev.1 - Micro Focus UCMDB, Cross-Site Scripting, cyber-psrt
• PHP Login & User Management <= 4.1.0 - Arbitrary File Upload (CVE-2018-11392), reggie . dodd30
• Android OS Didnt use FLAG_SECURE for Sensitive Settings [CVE-2017-13243], research
• Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting, Yavuz Atlas
• [SECURITY] [DSA 4210-1] xen security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4209-1] thunderbird security update, Moritz Muehlenhoff