Mail Thread Index

• Date Index

• Microsoft Windows .Group File / URL Field Code Execution, apparitionsec
• [RT-SA-2019-016] IceWarp: Cross-Site Scripting in Notes, RedTeam Pentesting GmbH
• [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information), Thierry Zoller
• [TZO-02-2020] Kaspersyk Generic Malformed Archive Bypass (ZIP GFlag), Thierry Zoller
• [TZO-01-2020] AVIRA Generic Malformed Container bypass (ISO), Thierry Zoller
• [RT-SA-2019-015] IceWarp: Cross-Site Scripting in Notes for Contacts, RedTeam Pentesting GmbH
• [TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2), Thierry Zoller
• [SECURITY] [DSA 4597-1] netty security update, Salvatore Bonaccorso
• [slackware-security] mozilla-firefox (SSA:2020-006-01), Slackware Security Team
• [SECURITY] [DSA 4599-1] wordpress security update, Sebastien Delafond
• [SECURITY] [DSA 4598-1] python-django security update, Salvatore Bonaccorso
• [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01), Slackware Security Team
• [slackware-security] mozilla-firefox (SSA:2020-009-01), Slackware Security Team
• [SECURITY] [DSA 4600-1] firefox-esr security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4601-1] ldm security update, Moritz Muehlenhoff
• [TZO-07-2020] Bitdefender Generic Malformed Archive Bypass (RAR HOST_OS), Thierry Zoller
• [TZO-05-2020] Kaspersky Generic Malformed Archive Bypass (ZIP Compressed Size), Thierry Zoller
• [TZO-06-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN), Thierry Zoller
• [TZO-08-2020] Bitdefender Generic Malformed Archive Bypass (ZIP GPFLAG), Thierry Zoller
• [slackware-security] mozilla-thunderbird (SSA:2020-010-01), Slackware Security Team
• [TZO-10-2020] - Bitdefender Malformed Archive bypass (RAR Compression Information), Thierry Zoller
• [TZO-09-2020] - Bitdefender Malformed Archive bypass (RAR Uncompressed Size), Thierry Zoller
• [SECURITY] [DSA 4602-1] xen security update, Moritz Muehlenhoff
• CVE-2020-2696 - Local privilege escalation via CDE dtsession, Marco Ivaldi
• CVE-2020-2656 - Low impact information disclosure via Solaris xlock, Marco Ivaldi
• [SECURITY] [DSA 4605-1] openjdk-11 security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4604-1] cacti security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4603-1] thunderbird security update, Moritz Muehlenhoff
• [SECURITY] [DSA 4606-1] chromium security update, Michael Gilbert
• Trend Micro Security (Consumer) Multiple Products Persistent Arbitrary Code Execution CVE-2019-20357, apparitionsec
• Trend Micro Security 2019 (Consumer) Multiple Products Security Bypass Protected Service Tampering CVE-2019-19697, apparitionsec
• Neowise CarbonFTP v1.4 Insecure Proprietary Password Encryption CVE-2020-6857, apparitionsec
• [SECURITY] [DSA 4607-1] openconnect security update, Salvatore Bonaccorso
• [SECURITY] [DSA 4608-1] tiff security update, Moritz Muehlenhoff
• [REVIVE-SA-2020-001] Revive Adserver Vulnerability, Matteo Beccati
• SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus, SEC Consult Vulnerability Lab
• SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS, SEC Consult Vulnerability Lab
• [SECURITY] [DSA 4609-1] python-apt security update, Moritz Muehlenhoff
• WebKitGTK and WPE WebKit Security Advisory WSA-2020-0001, Carlos Alberto Lopez Perez
• [slackware-security] mozilla-thunderbird (SSA:2020-024-01), Slackware Security Team
• CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template, Gianluca Baldi
• LPE and RCE in OpenSMTPD (CVE-2020-7247), Qualys Security Advisory
• Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong), Stefan Kanthak
• APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4, Apple Product Security
• APPLE-SA-2020-1-28-5 Safari 13.0.5, Apple Product Security
• APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1, Apple Product Security
• FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc, FreeBSD Security Advisories
• APPLE-SA-2020-1-28-3 watchOS 6.1.2, Apple Product Security
• APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra, Apple Product Security
• APPLE-SA-2020-1-28-4 tvOS 13.3.1, Apple Product Security
• FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch, FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec, FreeBSD Security Advisories
• [SECURITY] [DSA 4611-1] opensmtpd security update, Moritz Muehlenhoff
• APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2, Apple Product Security
• APPLE-SA-2020-1-29-1 iCloud for Windows 7.17, Apple Product Security
• [SECURITY] [DSA 4610-1] webkit2gtk security update, Moritz Muehlenhoff
• [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED, Stefan Kanthak
• Executable installers are vulnerable^WEVIL (case 58): Intel® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege, Stefan Kanthak