Mail Index

• Thread Index

• [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS
  • From: Martin
• [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server
  • From: Martin
• Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution 0day
  • From: apparitionsec
• [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310)
  • From: matthias . deeg
• 2019 Public Bug bounty launched
  • From: Reports
• [Newsletter/Marketing] [ISN] Attackers Used Red-Team, Pen-Testing Tools to Hack Wipro
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] MITRE asks vendors to do more to detect stealthy hacks
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Going Toe-to-Toe With Ukraine's Separatist Hackers
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Wall Street spending big to protect against hacking: report
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Subscribing and Unsubscribing from InfoSec News
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] After account hacks, Twitch streamers take security into their own hands
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] DHS Orders Agencies to Patch Critical Vulnerabilities Within 15 Days
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Executive Order on America's Cybersecurity Workforce
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Hackers Steal and Ransom Financial Data Related to Some of the World's Largest Companies
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Why local governments are a hot target for cyberattacks
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Hundreds of Orpak gas station systems can be easily hacked thanks to hardcoded passwords
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are -- oh no, wait, it's Cisco again
  • From: InfoSec News
• [Newsletter/Marketing] [ISN] Spot the not-Fed: A day at AvengerCon, the Army's answer to hacker conferences
  • From: InfoSec News
• [SECURITY] [DSA 4438-1] atftp security update
  • From: Salvatore Bonaccorso
• SEC Consult SA-20190509-0 :: Multiple Vulnerabilities in Gemalto (Thales Group) DS3 Authentication Server / Ezio Server
  • From: SEC Consult Vulnerability Lab
• dotCMS v5.1.1 Vulnerabilities
  • From: John Martinelli
• [SECURITY] [DSA 4439-1] postgresql-9.6 security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4440-1] bind9 security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4441-1] symfony security update
  • From: Sebastien Delafond
• SEC Consult SA-20190510-0 :: Unauthenticated SQL Injection vulnerability in OpenProject
  • From: SEC Consult Vulnerability Lab
• [SECURITY] [DSA 4442-1] ghostscript security update
  • From: Salvatore Bonaccorso
• SEC Consult SA-20190513-0 :: Cleartext message spoofing in supplementary Go Cryptography Libraries (@sec_consult)
  • From: SEC Consult Vulnerability Lab
• Re: System Down: A systemd-journald exploit
  • From: Qualys Security Advisory
• APPLE-SA-2019-5-13-1 iOS 12.3
  • From: Apple Product Security
• APPLE-SA-2019-5-13-2 macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
  • From: Apple Product Security
• APPLE-SA-2019-5-13-3 tvOS 12.3
  • From: Apple Product Security
• APPLE-SA-2019-5-13-4 watchOS 5.2.1
  • From: Apple Product Security
• APPLE-SA-2019-5-13-6 Apple TV Software 7.3
  • From: Apple Product Security
• APPLE-SA-2019-5-13-5 Safari 12.1.1
  • From: Apple Product Security
• [CVE-2019-8978] Improper Authentication (CWE-287) in Ellucian Banner Web Tailor and Banner Enterprise Identity Services
  • From: Joshua Mulliken
• [SECURITY] [DSA 4443-1] samba security update
  • From: Salvatore Bonaccorso
• [SECURITY] [DSA 4442-2] cups-filters regression update
  • From: Salvatore Bonaccorso
• [CVE-2019-8978] Improper Authentication (CWE-287) in Ellucian Banner Web Tailor and Banner Enterprise Identity Services
  • From: joshua
• [SECURITY] [DSA 4445-1] drupal7 security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4444-1] linux security update
  • From: Salvatore Bonaccorso
• [SECURITY] [DSA 4446-1] lemonldap-ng security update
  • From: Moritz Muehlenhoff
• FreeBSD Security Advisory FreeBSD-SA-19:03.wpa
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-19:05.pf
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-19:06.pf
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-19:04.ntp
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-19:07.mds
  • From: FreeBSD Security Advisories
• [SECURITY] [DSA 4447-1] intel-microcode security update
  • From: Moritz Muehlenhoff
• SEC Consult SA-20190515-0 :: Authorization Bypass in RSA NetWitness (@sec_consult)
  • From: SEC Consult Vulnerability Lab
• FreeBSD Security Advisory FreeBSD-SA-19:07.mds
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-19:07.mds [REVISED]
  • From: FreeBSD Security Advisories
• [slackware-security] rdesktop (SSA:2019-135-01)
  • From: Slackware Security Team
• [RT-SA-2019-002] Directory Traversal in Cisco Expressway Gateway
  • From: RedTeam Pentesting GmbH
• local privilege escalation via CDE dtprintinfo
  • From: Marco Ivaldi
• Emerson Network Power Cross Site Scripting(XSS) Vulnerability
  • From: Kubilay Onur Gungor
• Advisory: security controls configured in php.ini could be bypassed on Linux
  • From: Imre Rad
• WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
  • From: Michael Catanzaro
• CSRF in Darktrace Enterprise Immune System <=3.0.10
  • From: Gerwout Van der Veen
• [REVIVE-SA-2019-002] Revive Adserver Vulnerability
  • From: Matteo Beccati
• [slackware-security] mozilla-firefox (SSA:2019-141-01)
  • From: Slackware Security Team
• [SYSS-2019-002] Blue Prism Robotic Process Automation (RPA) - Privilege Escalation
  • From: benjamin . hess
• Anviz M3 RFID Access Control security issues
  • From: Marco
• [SECURITY] [DSA 4448-1] firefox-esr security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4449-1] ffmpeg security update
  • From: Moritz Muehlenhoff
• Bitbucket Server security advisory 2019-05-22
  • From: Anton Black
• [slackware-security] curl (SSA:2019-142-01)
  • From: Slackware Security Team
• [CVE-2019-11604] Quest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected Cross-Site Scripting
  • From: RCE Security
• [SECURITY] [DSA 4450-1] wpa security update
  • From: Yves-Alexis Perez
• MacOS X GateKeeper Bypass
  • From: Filippo Cavallarin
• CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication
  • From: Kevin Kotas
• [SECURITY] [DSA 4451-1] thunderbird security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4452-1] jackson-databind security update
  • From: Moritz Muehlenhoff
• Crowd Security Advisory - 2019-05-22
  • From: Atlassian
• APPLE-SA-2019-5-28-2 iCloud for Windows 7.12
  • From: Apple Product Security
• APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5
  • From: Apple Product Security
• [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)
  • From: matthias . deeg
• [SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)
  • From: matthias . deeg
• [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)
  • From: matthias . deeg
• [SECURITY] [DSA 4453-1] openjdk-8 security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 4454-1] qemu security update
  • From: Moritz Muehlenhoff
• APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1
  • From: Apple Product Security
• Unauthorized Access Vulnerability in ZyXEL P-660HN-T1 V2 (2.00(AAKK.3))
  • From: Onur Onur
• Unauthorized Access Vulnerability in ZyXEL P-660HN-T1 V2 (2.00(AAKK.3))
  • From: Onur Onur