Mail Index

• Thread Index

• CA20180829-01: Security Notice for CA PPM
  • From: Williams, Ken
• CA20180829-02: Security Notice for CA Unified Infrastructure Management
  • From: Williams, Ken
• CA20180829-03: Security Notice for CA Release Automation
  • From: Williams, Ken
• [SECURITY] [DSA 4282-1] trafficserver security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4283-1] ruby-json-jwt security update
  • From: Moritz Muehlenhoff
• Defense in depth -- the Microsoft way (part 57): installation of security updates fails on Windows Embedded POSReady 2009
  • From: Stefan Kanthak
• Amcrest Cameras SSL Key Reuse Across installations
  • From: jack . m . mckenna
• [SECURITY] [DSA 4284-1] lcms2 security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4285-1] sympa security update
  • From: Salvatore Bonaccorso
• [SECURITY] [DSA 4286-1] curl security update
  • From: Alessandro Ghedini
• [slackware-security] ghostscript (SSA:2018-249-02)
  • From: Slackware Security Team
• [slackware-security] curl (SSA:2018-249-01)
  • From: Slackware Security Team
• [slackware-security] mozilla-firefox (SSA:2018-249-03)
  • From: Slackware Security Team
• [slackware-security] Slackware 14.2 mozilla-thunderbird (SSA:2018-249-04)
  • From: Slackware Security Team
• Vulnerabilities in KONEs Group Controller (KGC)
  • From: Sebastian Neuner
• CVE-2017-17762 - XXE Vulnerability in Episerver
  • From: Jonas Lejon
• SEC Consult SA-20180906-0 :: CSV Formula Injection in DokuWiki
  • From: SEC Consult Vulnerability Lab
• [CVE-2018-15876] Ajax BootModal Login Captcha Reuse
  • From: Lyderic LEFEBVRE
• [SECURITY] [DSA 4287-1] firefox-esr security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4288-1] ghostscript security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4289-1] chromium-browser security update
  • From: Michael Gilbert
• CVE-2017-16541 details: Deanonymize Tor Browser Users with Automount
  • From: Filippo Cavallarin
• [SECURITY] [DSA 4290-1] libextractor security update
  • From: Salvatore Bonaccorso
• [SECURITY] [DSA 4291-1] mgetty security update
  • From: Yves-Alexis Perez
• [SECURITY] [DSA 4292-1] kamailio security update
  • From: Salvatore Bonaccorso
• FreeBSD Security Advisory FreeBSD-SA-18:12.elf
  • From: FreeBSD Security Advisories
• Disclose SSRF Vulnerability
  • From: Alphan Yavaş
• [SYSS-2018-015] HiScout GRC Suite < 3.1.5 - Unrestricted Upload of File with Dangerous Type
  • From: sebastian . auwaerter
• Seagate Personal Cloud multiple information disclosure vulnerabilities
  • From: Summer of Pwnage
• CVE-2017-16639 - Tor Browser Deanonymization With SMB
  • From: Filippo Cavallarin
• CVE-2018-16242 - oBike Electronic Lock Bypass
  • From: Antoine Neuenschwander
• [slackware-security] ghostscript (SSA:2018-256-01)
  • From: Slackware Security Team
• [SECURITY] [DSA 4293-1] discount security update
  • From: Alessandro Ghedini
• [slackware-security] php (SSA:2018-257-01)
  • From: Slackware Security Team
• [SECURITY] [DSA 4273-2] intel-microcode security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4294-1] ghostscript security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4295-1] thunderbird security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4296-1] mbedtls security update
  • From: Moritz Muehlenhoff
• Disclose SSRF Vulnerability
  • From: alphan yavaş
• APPLE-SA-2018-9-17-2 watchOS 5
  • From: Apple Product Security
• APPLE-SA-2018-9-17-1 iOS 12
  • From: Apple Product Security
• APPLE-SA-2018-9-17-3 tvOS 12
  • From: Apple Product Security
• APPLE-SA-2018-9-17-4 Safari 12
  • From: Apple Product Security
• APPLE-SA-2018-9-17-5 Apple Support 2.4 for iOS
  • From: Apple Product Security
• race condition in .net core System.IO.Directory.Delete allowing deletion of entire drives
  • From: Joshua Hudson
• SEC Consult SA-20180918-0 :: Remote Code Execution via PHP unserialize in Moodle open-source learning platform
  • From: SEC Consult Vulnerability Lab
• Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privileges
  • From: Securify B.V.
• [SECURITY] [DSA 4297-1] chromium-browser security update
  • From: Michael Gilbert
• [HITB-Announce] #HITBSecConf2018PEK Call for CTF
  • From: Hafez Kamal
• X41 D-Sec GmbH Security Advisory X41-2018-008: Multiple Vulnerabilities in HylaFAX
  • From: X41 D-Sec GmbH Advisories
• X41 D-Sec GmbH Security Advisory X41-2018-007: Multiple Vulnerabilities in mgetty
  • From: X41 D-Sec GmbH Advisories
• OPManager SQL Injection Vulnerability
  • From: Murat Aydemir
• [SECURITY] [DSA 4298-1] hylafax security update
  • From: Moritz Muehlenhoff
• AST-2018-009: Remote crash vulnerability in HTTP websocket upgrade
  • From: Asterisk Security Team
• [waraxe-2018-SA#107] - Reflected XSS in FV Flowplayer Wordpress plugin
  • From: come2waraxe
• [SECURITY] [DSA 4299-1] texlive-bin security update
  • From: Yves-Alexis Perez
• [SYSS-2018-016] Postman - Improper Certificate Validation
  • From: ludwig . stage
• [slackware-security] Slackware 14.2 kernel (SSA:2018-264-01)
  • From: Slackware Security Team
• [SECURITY] [DSA 4300-1] libarchive-zip-perl security update
  • From: Salvatore Bonaccorso
• [slackware-security] mozilla-firefox (SSA:2018-265-01)
  • From: Slackware Security Team
• [SECURITY] [DSA 4302-1] openafs security update
  • From: Salvatore Bonaccorso
• [SECURITY] [DSA 4301-1] mediawiki security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4303-1] okular security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4304-1] firefox-esr security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4305-1] strongswan security update
  • From: Yves-Alexis Perez
• APPLE-SA-2018-9-24-1 macOS Mojave 10.14
  • From: Apple Product Security
• APPLE-SA-2018-9-24-3 Additional information for APPLE-SA-2018-9-17-4 Safari 12
  • From: Apple Product Security
• APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows
  • From: Apple Product Security
• APPLE-SA-2018-9-24-6 Additional information for APPLE-SA-2018-9-17-3 tvOS 12
  • From: Apple Product Security
• APPLE-SA-2018-9-24-4 Additional information for APPLE-SA-2018-9-17-1 iOS 12
  • From: Apple Product Security
• APPLE-SA-2018-9-24-5 Additional information for APPLE-SA-2018-9-17-2 watchOS 5
  • From: Apple Product Security
• tekno.Portal v0.1b - Cross-Site Scripting Vulnerability in "link.php"
  • From: Socket_0x03
• Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)
  • From: Qualys Security Advisory
• SEC Consult SA-20180924-0 :: Multiple Vulnerabilities in Citrix StorageZones Controller
  • From: SEC Consult Vulnerability Lab
• Re: SEC Consult SA-20180926-0 :: Stored Cross-Site Scripting in Progress Kendo UI Editor
  • From: SEC Consult Vulnerability Lab
• SEC Consult SA-20180926-0 ::
  • From: SEC Consult Vulnerability Lab
• [waraxe-2018-SA#108] - Username Disclosure in Breadcrumb NavXT Wordpress plugin
  • From: come2waraxe
• [SECURITY] [DSA 4306-1] python2.7 security update
  • From: Moritz Muehlenhoff