Mail Thread Index

• Date Index

• [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser, Andreas Lehmkuehler
  • <Possible follow-ups>
  • [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser, Andreas Lehmkuehler
• [SECURITY] [DSA 4237-1] chromium-browser security update, Michael Gilbert
• [SECURITY] [DSA 4238-1] exiv2 security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4239-1] gosa security update, Moritz Muehlenhoff
• [CVE-2018-3667, CVE-2018-3668] Escalation of priviilege via executable installer of Intel Processor Diagnostic Tool, Stefan Kanthak
• SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers, SEC Consult Vulnerability Lab
• SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers, SEC Consult Vulnerability Lab
• SEC Consult SA-20180704-2 :: Privilege escalation via linux group manipulation in all ADB Broadband Gateways / Routers, SEC Consult Vulnerability Lab
• [SECURITY] [DSA 4240-1] php7.0 security update, Moritz Muehlenhoff
• APPLE-SA-2018-7-05-1 Wi-Fi Update for Boot Camp 6.4.0, Apple Product Security
• [slackware-security] mozilla-thunderbird (SSA:2018-186-01), Slackware Security Team
• [SECURITY] [DSA 4241-1] libsoup2.4 security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4242-1] ruby-sprockets security update, Salvatore Bonaccorso
• APPLE-SA-2018-7-9-1 iOS 11.4.1, Apple Product Security
• APPLE-SA-2018-7-9-6 iCloud for Windows 7.6, Apple Product Security
• APPLE-SA-2018-7-9-5 Safari 11.1.2, Apple Product Security
• APPLE-SA-2018-7-9-2 watchOS 4.3.2, Apple Product Security
• APPLE-SA-2018-7-9-3 tvOS 11.4.1, Apple Product Security
• APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan, Apple Product Security
• APPLE-SA-2018-7-9-7 iTunes 12.8 for Windows, Apple Product Security
• [slackware-security] mozilla-thunderbird (SSA:2018-191-01), Slackware Security Team
• SEC Consult SA-20180711-0 :: Remote code execution via multiple attack vectors in WAGO e!DISPLAY 7300T, SEC Consult Vulnerability Lab
• Secutech DSL WR RIS 330 - Filter Bypass Vulnerability, Vulnerability Lab
• Intel System CU - Buffer Overflow (Denial of Service) Vulnerability, Vulnerability Lab
• ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability, Vulnerability Lab
• Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability, Vulnerability Lab
• Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability, Vulnerability Lab
• AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities, Vulnerability Lab
• [SECURITY] [DSA 4243-1] cups security update, Luciano Bello
• [CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities, Core Security Advisories Team
• [slackware-security] curl (SSA:2018-192-02), Slackware Security Team
• [slackware-security] bind (SSA:2018-192-01), Slackware Security Team
• Lenovo SU v5.07 - Buffer Overflow & Arbitrary Code Execution Vulnerability, Vulnerability Lab
• Barracuda ADC v5.x - Multiple Persistent Vulnerabilities, Vulnerability Lab
• [security bulletin] MFSBGN03811 rev.1 - Fortify Software Security Center (SSC), Multiple vulnerabilities, cyber-psrt
• SEC Consult SA-20180712-0 :: Remote Code Execution & Local File Disclosure in Zeta Producer Desktop CMS, SEC Consult Vulnerability Lab
• Secunia Research: Clam AntiVirus "parsehwp3_paragraph()" Denial of Service Vulnerability, Secunia Research
• Huawei eNSP v1 - Buffer Overflow (DoS) Vulnerability, Vulnerability Lab
• [SECURITY] [DSA 4245-1] imagemagick security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4244-1] thunderbird security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4246-1] mailman security update, Salvatore Bonaccorso
• [SECURITY] [DSA 4247-1] ruby-rack-protection security update, Moritz Muehlenhoff
• Defense in depth -- the Microsoft way (part 55): new software built with 5.5 year old tool shows 20+ year old vulnerabilities, Stefan Kanthak
• [CVE-2018-1000211] Public apps can't revoke OAuth access & refresh tokens in Doorkeeper, Justin Bull
• [SECURITY] [DSA 4249-1] ffmpeg security update, Moritz Muehlenhoff
• [slackware-security] mutt (SSA:2018-198-01), Slackware Security Team
• [SECURITY] [DSA 4248-1] blender security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4250-1] wordpress security update, Sebastien Delafond
• Defense in depth -- the Microsoft way (part 56): 10+ year old security update installers are susceptiblle to 20+ year old vulnerability, Stefan Kanthak
• Binance v1.5.0 - Insecure File Permission Vulnerability, Vulnerability Lab
• [SECURITY] [DSA 4251-1] vlc security update, Moritz Muehlenhoff
• Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability, Vulnerability Lab
• GhostMail - (Status Message) Persistent Web Vulnerability, Vulnerability Lab
• GhostMail - (filename to link) POST Inject Web Vulnerability, Vulnerability Lab
• [SECURITY] [DSA 4252-1] znc security update, Moritz Muehlenhoff
• [slackware-security] httpd (SSA:2018-199-01), Slackware Security Team
• Adobe Systems - Arbitrary Code Injection Vulnerability, Vulnerability Lab
• Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities, Secunia Research
• Secunia Research: LibRaw "parse_minolta()" Infinite Loop Denial of Service Vulnerability, Secunia Research
• Secunia Research: Oracle Outside In Technology Multiple Vulnerabilities, Secunia Research
  • <Possible follow-ups>
  • Secunia Research: Oracle Outside In Technology Multiple Vulnerabilities, Secunia Research
• [slackware-security] php (SSA:2018-201-01), Slackware Security Team
• Sourcetree - Remote Code Execution vulnerabilities - CVE-2018-11235, Anton Black
• APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan, Apple Product Security
• APPLE-SA-2018-7-23-4 Additional information for APPLE-SA-2018-06-01-6 tvOS 11.4, Apple Product Security
• APPLE-SA-2018-7-23-5 Additional information for APPLE-SA-2018-06-01-5 watchOS 4.3.1, Apple Product Security
• APPLE-SA-2018-7-23-2 Additional information for APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan, Apple Product Security
• APPLE-SA-2018-7-23-3 Additional information for APPLE-SA-2018-06-01-4 iOS 11.4, Apple Product Security
• [SECURITY] [DSA 4253-1] network-manager-vpnc security update, Salvatore Bonaccorso
• FINAL CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018, Branco, Rodrigo
• [SECURITY] [DSA 4254-1] slurm-llnl security update, Salvatore Bonaccorso
• DefenseCode ThunderScan SAST Advisory: WordPress Snazzy Maps Plugin Multiple XSS Security Vulnerabilities, Defense Code
• DefenseCode ThunderScan SAST Advisory: WordPress Strong Testimonials Plugin Multiple XSS Security Vulnerabilities, Defense Code
• [SECURITY] [DSA 4255-1] ant security update, Salvatore Bonaccorso
• DefenseCode ThunderScan SAST Advisory: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability, Defense Code
• [CORE-2018-0009] - SoftNAS Cloud OS Command Injection, Core Security Advisories Team
• [SECURITY] [DSA 4256-1] chromium-browser security update, Michael Gilbert
• [slackware-security] Slackware 14.2 kernel (SSA:2018-208-01), Slackware Security Team
• secuvera-SA-2018-03: Command Injection, Broken Access Control and Evil-Twin-Attack in Microsoft Wireless Display Adapter V2 - CVE-2018-8306, Tobias Glemser
• [SECURITY] [DSA 4258-1] ffmpeg security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4257-1] fuse security update, Salvatore Bonaccorso
• [slackware-security] file (SSA:2018-212-01), Slackware Security Team
• [slackware-security] seamonkey (SSA:2018-212-02), Slackware Security Team