Mail Thread Index

• Date Index

• [FD] APPLE-SA-2017-10-31-1 iOS 11.1, Apple Product Security
• [FD] APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan, Apple Product Security
• [FD] APPLE-SA-2017-10-31-3 tvOS 11.1, Apple Product Security
• [FD] APPLE-SA-2017-10-31-4 watchOS 4.1, Apple Product Security
• [FD] APPLE-SA-2017-10-31-5 Safari 11.1, Apple Product Security
• [FD] APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows, Apple Product Security
• [FD] APPLE-SA-2017-10-31-7 iCloud for Windows 7.1, Apple Product Security
• [FD] APPLE-SA-2017-10-31-8 Additional information for APPLE-SA-2017-09-25-1 macOS High Sierra 10.13, Apple Product Security
• [FD] APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11, Apple Product Security
• [FD] APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4, Apple Product Security
• [FD] APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11, Apple Product Security
• [FD] APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4, Apple Product Security
• [FD] CVE-2017-15918: Sera 1.2 local root privesc and password disclosure, Mark Wadham
• [FD] SSD Advisory – GraphicsMagick Multiple Vulnerabilities, Maor Shwartz
• [FD] SSD Advisory – Cisco UCS Platform Emulator Remote Code Execution, Maor Shwartz
• [FD] [RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice, RedTeam Pentesting GmbH
• [FD] KL-001-2017-022 : Splunk Local Privilege Escalation, KoreLogic Disclosures
• [FD] CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow, hyp3rlinx
  • <Possible follow-ups>
  • [FD] CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow, hyp3rlinx
• [FD] mkvalidator libebml2 mkclean multiple vulnerabilities, qflb.wu
• [FD] AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk, Asterisk Security Team
• [FD] AST-2017-010: Buffer overflow in CDR's set user, Asterisk Security Team
• [FD] AST-2017-011: Memory leak in pjsip session resource, Asterisk Security Team
• Re: [FD] An anti theft system allowing attackers to kill remotely the engine in electric scooters made by by INOKIM/MyWay, affected model - model Quick 3, pop shark
• [FD] [SE-2011-01] Some ideas regarding security of ST DVB chipsets, Security Explorations
• [FD] SEC Consult SA-20171114-0 :: Authentication bypass, cross-site scripting & code execution in Siemens SICAM RTUs SM-2556 COM Modules, SEC Consult Vulnerability Lab
• [FD] Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server, X41 D-Sec GmbH Advisories
• [FD] Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331, hyp3rlinx
• [FD] Faraday v2.7: Collaborative Penetration Test & Vulnerability Management Platform, Francisco Amato
• [FD] Getting Local Admin by Abusing the Anti-Virus Quarantine #AVGater, Florian Bogner
• [FD] CA20171114-01: Security Notice for CA Identity Governance, Kotas, Kevin J
• [FD] Vivotek IP Cameras - Remote Stack Overflow, bashis
• [FD] SEC Consult SA-20171116-0 :: Broken access control & LINQ injection in Progress Sitefinity, SEC Consult Vulnerability Lab
• [FD] SSD Advisory – DblTek Multiple Vulnerabilities, Maor Shwartz
• [FD] ESA-2017-152: RSA® Authentication Manager Software Stored Cross-Site Scripting Vulnerability, EMC Product Security Response Center
• [FD] ESA-2017-094: EMC ScaleIO Multiple Vulnerabilities, EMC Product Security Response Center
• [FD] Clickjacking vulnerability in CSRF error page pfSense, Securify B.V. via Fulldisclosure
• [FD] bugtraq@xxxxxxxxxxxxxxxxx, Securify B.V. via Fulldisclosure
• [FD] Edward Snowden free speech at JBFone - Future, Data Security & Privacy, Vulnerability Lab
• [FD] SSD Advisory – Cambium Multiple Vulnerabilities, Maor Shwartz
• [FD] SSD Advisory – Linux Kernel XFRM Privilege Escalation, Maor Shwartz
• [FD] CSC-Cart RCE - CVE-2017-15673, oric one
  • <Possible follow-ups>
  • Re: [FD] CSC-Cart RCE - CVE-2017-15673, jericho
    • Re: [FD] CSC-Cart RCE - CVE-2017-15673, oric one
• [FD] New BlackArch Linux ISOs (2017.11.24) with over 1900 tools released!, Black Arch
• [FD] CVE-2017-14953 - Hikvision Wi-Fi IP Cameras associate to a default unencrypted rogue SSIDs in a wired configuration, IOT Sec
• [FD] SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution, Maor Shwartz
• [FD] SSD Advisory – ZTE ZXDSL Configuration Reset, Maor Shwartz
• [FD] ESA-2017-145: RSA® Authentication Agent for Web for Apache Web Server Authentication Bypass Vulnerability, EMC Product Security Response Center
• [FD] ESA-2017-146: RSA® Authentication Agent SDK for C Error Handling Vulnerability, EMC Product Security Response Center
• [FD] Multiple Issues in CMS Made Simple, Ziyahan Albeniz