Mail Index

Thread Index

[security bulletin] MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities
- From: security-alert
Asserts considered harmful (or GMP spills its sensitive information)
- From: Jeffrey Walton
[KIS-2018-01] Oracle Application Express (AnyChart) Flash-based Cross-Site Scripting Vulnerability
- From: Egidio Romano
[KIS-2018-02] SugarCRM (WorkFlow module) PHP Code Injection Vulnerability
- From: Egidio Romano
[KIS-2018-04] SugarCRM (ConnectorsController) Server-Side Request Forgery Vulnerability
- From: Egidio Romano
[KIS-2018-06] SugarCRM (addLabels) PHP Code Injection Vulnerability
- From: Egidio Romano
[KIS-2018-03] SugarCRM (portal_get_related_notes) SQL Injection Vulnerability
- From: Egidio Romano
[KIS-2018-07] SugarCRM (Web Logic Hooks module) PHP Code Injection Vulnerability
- From: Egidio Romano
[KIS-2018-08] SugarCRM (Web Logic Hooks module) Path Traversal Vulnerability
- From: Egidio Romano
[KIS-2018-05] SugarCRM (SaveDropDown) PHP Code Injection Vulnerability
- From: Egidio Romano
[SECURITY] [DSA 4362-1] thunderbird security update
- From: Moritz Muehlenhoff
[SECURITY] [DSA 4363-1] python-django security update
- From: Moritz Muehlenhoff
[SECURITY] [DSA 4364-1] ruby-loofah security update
- From: Moritz Muehlenhoff
System Down: A systemd-journald exploit
- From: Qualys Security Advisory
SEC Consult SA-20190109-0 :: Multiple Vulnerabilities in Cisco VoIP Phones (88xx series)
- From: SEC Consult Vulnerability Lab
X41 D-Sec GmbH Security Advisory X41-2018-009: ReDoS Vulnerability in UA-Parser
- From: X41 D-Sec GmbH Advisories
[SECURITY] [DSA 4365-1] tmpreaper security update
- From: Moritz Muehlenhoff
[SYSS-2018-011] Portier - SQL Injection
- From: christian . pappas
[SYSS-2018-011] Portier - Cryptographic Issues
- From: christian . pappas
[SYSS-2018-042] XSS in HMS Netbiter WS100 - CVE-2018-19694
- From: Micha Borrmann
[slackware-security] irssi (SSA:2019-011-01)
- From: Slackware Security Team
[SECURITY] [DSA 4366-1] vlc security update
- From: Moritz Muehlenhoff
[SECURITY] [DSA 4367-1] systemd security update
- From: Salvatore Bonaccorso
[slackware-security] zsh (SSA:2019-013-01)
- From: Slackware Security Team
[SECURITY] [DSA 4368-1] zeromq3 security update
- From: Moritz Muehlenhoff
[SECURITY] [DSA 4369-1] xen security update
- From: Moritz Muehlenhoff
Microsoft Windows VCF File Insufficient UI Warning Remote Code Execution 0day ZDI-CAN-6920
- From: apparitionsec
Microsoft Windows VCF File Insufficient UI Warning Remote Code Execution 0day ZDI-CAN-6920
- From: apparitionsec
CVE-2018-13798 Siemens - SICAM A8000 Series Webinterface XXE DoS
- From: Advisories
[SECURITY] [DSA 4367-2] systemd regression update
- From: Salvatore Bonaccorso
[SYSS-2018-041] Mozilla Firefox - Information Exposure
- From: vladimir . bostanov
[SYSS-2018-043] Authentication Bypass in Kentix MultiSensor LAN - CVE-2018-19783
- From: Micha Borrmann
[SECURITY] [DSA 4370-1] drupal7 security update
- From: Moritz Muehlenhoff
Defense in depth -- the Microsoft way (part 59): we only fix every other vulnerability
- From: Stefan Kanthak
CA20190117-01: Security Notice for CA Service Desk Manager
- From: Kevin Kotas
[Several CVE]: NUUO CMS - multiple vulnerabilities resulting in unauth RCE
- From: Pedro Ribeiro
[SRP-2018-02] Security of NC+ SAT TV platform and ST chipsets
- From: Security Explorations
[SECURITY] [DSA 4371-1] apt security update
- From: Yves-Alexis Perez
APPLE-SA-2019-1-22-1 iOS 12.1.3
- From: Apple Product Security
APPLE-SA-2019-1-22-6 iCloud for Windows 7.10
- From: Apple Product Security
APPLE-SA-2019-1-22-5 Safari 12.0.3
- From: Apple Product Security
APPLE-SA-2019-1-22-3 watchOS 5.1.3
- From: Apple Product Security
APPLE-SA-2019-1-22-4 tvOS 12.1.2
- From: Apple Product Security
CVE-2018-13042 - 1Password Android < 7.0 - Denial Of Service
- From: Valerio Brussani
APPLE-SA-2019-1-22-2 macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra
- From: Apple Product Security
[slackware-security] httpd (SSA:2019-022-01)
- From: Slackware Security Team
[RT-SA-2018-002] Cisco RV320 Unauthenticated Configuration Export
- From: RedTeam Pentesting GmbH
[RT-SA-2018-003] Cisco RV320 Unauthenticated Diagnostic Data Retrieval
- From: RedTeam Pentesting GmbH
[RT-SA-2018-004] Cisco RV320 Command Injection
- From: RedTeam Pentesting GmbH
APPLE-SA-2019-1-24-1 iTunes 12.9.3 for Windows
- From: Apple Product Security
SEC Consult SA-20190124-0 :: Cross-site scripting in CA Automic Workload Automation Web Interface (AWI)
- From: SEC Consult Vulnerability Lab
CVE-2019-6690: Improper Input Validation in python-gnupg
- From: Stig Palmquist
[SECURITY] [DSA 4372-1] ghostscript security update
- From: Salvatore Bonaccorso
Microsoft Windows ".contact" File HTML Injection Mailto: Link Remote Code Execution 0day ZDI-CAN-75
- From: apparitionsec
[SECURITY] [DSA 4373-1] coturn security update
- From: Yves-Alexis Perez
[SECURITY] [DSA 4374-1] qtbase-opensource-src security update
- From: Sebastien Delafond
Fwd: CA20190124-01: Security Notice for CA Automic Workload Automation
- From: James Williams
[SECURITY] [DSA 4375-1] spice security update
- From: Salvatore Bonaccorso
[slackware-security] mozilla-firefox (SSA:2019-029-01)
- From: Slackware Security Team
[SECURITY] [DSA 4376-1] firefox-esr security update
- From: Moritz Muehlenhoff
[SECURITY] [DSA 4377-1] rssh security update
- From: Moritz Muehlenhoff
[SECURITY] [DSA 4378-1] php-pear security update
- From: Salvatore Bonaccorso
[slackware-security] Slackware 14.2 kernel (SSA:2019-030-01)
- From: Slackware Security Team

Mail converted by MHonArc