Mail Thread Index
- [FD] :,
Asterisk Security Team
- [FD] AST-2017-013: DOS Vulnerability in Asterisk chan_skinny,
Asterisk Security Team
- [FD] Mist Server v2.12 Unauthenticated Persistent XSS CVE-2017-16884,
hyp3rlinx
- [FD] Artica Web Proxy v3.06 Remote Code Execution / CVE-2017-17055,
hyp3rlinx
- [FD] Abyss Web Server < v2.11.6 Memory Heap Corruption,
hyp3rlinx
- [FD] Announcing NorthSec 2018 CFP + Reg - Montreal, May 14-20,
Pierre-David Oriol - Northsec Conference
- [FD] aws-cfn-bootstrap local code execution as root [CVE-2017-9450],
Harry Sintonen
- [FD] Symantec Encryption Desktop & Endpoint Encryption Local Privilege Escalation - Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS,
Kyriakos Economou
- [FD] Axis Communications MPQT/PACS Heap Overflow and Information Leakage,
bashis
- [FD] ZKTime Web Software 2.0.1.12280 CVE-2017-17056 Cross Site Request Forgery,
Himanshu Mehta
- [FD] ZKTime Web Software 2.0.1.12280 CVE-2017-17057 Cross Site Scripting,
Himanshu Mehta
- [FD] APPLE-SA-2017-11-29-1 Security Update 2017-001,
Apple Product Security
- [FD] APPLE-SA-2017-11-29-2 Security Update 2017-001,
Apple Product Security
- [FD] AMD's buddies for Intel's FDIV bug: _llrem and _ullrem yield wrong remainders!,
Stefan Kanthak
- [FD] SEC Consult SA-20171129-0 :: FortiGate SSL VPN Portal XSS Vulnerability,
SEC Consult Vulnerability Lab
- [FD] SEC Consult SA-20171130-0 :: Critical CODESYS vulnerabilities in WAGO PFC 200 Series,
SEC Consult Vulnerability Lab
- [FD] SEC Consult SA-20171130-1 :: OS Command Injection & Reflected Cross Site Scripting in OpenEMR,
SEC Consult Vulnerability Lab
- Re: [FD] Edward Snowden free speech at JBFone - Future, Data Security & Privacy,
Vulnerability Lab
- [FD] [CFP] BSides San Francisco - April 2018,
BSidesSF CFP via Fulldisclosure
- [FD] CVE-2017-15357 Local root privesc in Arq Backup <= 5.9.6,
Mark Wadham
- [FD] CVE-2017-16895 Local root privesc in Arq Backup <= 5.9.7,
Mark Wadham
- [FD] Owning VirtualBox via MITM,
Mark Wadham
- [FD] SSD Advisory – Coredy CX-E120 Repeater Multiple Vulnerabilities,
Maor Shwartz
- [FD] Amazon Audible Software CVE-2017-17069 Privilege Escalation Vulnerability,
Himanshu Mehta
- [FD] CVE-2017-16930 - Claymore's Dual Ethereum Miner unauth stack buffer overflow in remote management interface,
oststrom (public)
- [FD] macOS High Sierra 10.13.1 insecure cron system,
Mark Wadham
- [FD] APPLE-SA-2017-12-6-1 macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan,
Apple Product Security
- [FD] APPLE-SA-2017-12-6-2 iOS 11.2,
Apple Product Security
- [FD] APPLE-SA-2017-12-6-3 watchOS 4.2,
Apple Product Security
- [FD] APPLE-SA-2017-12-6-4 tvOS 11.2,
Apple Product Security
- [FD] Follow-up on CVE-2017-8769 - WhatsApp Issues with Media Files,
Nightwatch Cybersecurity Research
- [FD] Meinberg LANTIME Web Configuration Utility - Arbitrary File Read,
Jakub Palaczynski
- [FD] Meinberg LANTIME Web Configuration Utility - Arbitrary File Upload,
Jakub Palaczynski
- [FD] Meinberg LANTIME Web Configuration Utility - Failure to Restrict URL Access,
Jakub Palaczynski
- [FD] Sony PS4 Remote Play - DLL Hijack vulnerability,
Maelstrom Security via Fulldisclosure
- [FD] SSD Advisory – QNAP QTS Unauthenticated Remote Code Execution,
Maor Shwartz
- [FD] CVE-2017-15944: Palo Alto Networks firewalls remote root code execution,
Philip Pettersson
- [FD] APPLE-SA-2017-12-12-1 AirPort Base Station Firmware Update 7.6.9,
Apple Product Security
- [FD] APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9,
Apple Product Security
- [FD] Qualys Security Advisory - Buffer overflow in glibc's ld.so,
Qualys Security Advisory
- [FD] ESA-2017-153: EMC Isilon OneFS Privilege Escalation Vulnerability,
EMC Product Security Response Center
- [FD] Three exploits for Zivif Web Cameras (may impact others),
Silas
- [FD] SEC Consult SA-20171213-0 :: VPN credentials disclosure in Fortinet FortiClient,
SEC Consult Vulnerability Lab
- [FD] AST-2017-012: Remote Crash Vulnerability in RTCP Stack,
Asterisk Security Team
- [FD] SyncBreeze <= 10.2.12 - Denial of Service,
Manuel Garcia Cardenas
- [FD] [CONVISO-17-002] - Zoom Linux Client Stack-based Buffer Overflow Vulnerability,
Gabriel Quadros
- [FD] [CONVISO-17-003] - Zoom Linux Client Command Injection Vulnerability (RCE),
Gabriel Quadros
- [FD] CVE-2017-17670: vlc: type conversion vulnerability,
Hans Jerry Illikainen
- [FD] SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution,
Maor Shwartz
- [FD] SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion,
Maor Shwartz
- [FD] 0-day: Remote Stack Format String in 'nsd' binary from multiple OEM,
bashis
- [FD] APPLE-SA-2017-12-13-1 iOS 11.2.1,
Apple Product Security
- [FD] APPLE-SA-2017-12-13-2 tvOS 11.2.1,
Apple Product Security
- [FD] APPLE-SA-2017-12-13-3 iCloud for Windows 7.2,
Apple Product Security
- [FD] APPLE-SA-2017-12-13-4 iTunes 12.7.2 for Windows,
Apple Product Security
- [FD] APPLE-SA-2017-12-13-5 Safari 11.0.2,
Apple Product Security
- [FD] APPLE-SA-2017-12-13-6 Additional information for APPLE-SA-2017-12-6-2 iOS 11.2,
Apple Product Security
- [FD] APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2,
Apple Product Security
- [FD] [CFP] Security BSides Ljubljana 0x7E2,
Andraz Sraka
- [FD] CVE-2017-6094 - Genexis GAPS Access Control Vulnerability,
Antoine Neuenschwander
- [FD] [CVE-2017-17704] Broken Cryptography in iStar Ultra & IP ACM by Software House,
David Tomaschik via Fulldisclosure
- [FD] DefenseCode ThunderScan SAST Advisory: WordPress Top-10 Plugin SQL Injection Security Vulnerability,
DefenseCode
- [FD] DefenseCode ThunderScan SAST Advisory: WordPress Clean Up Optimizer Plugin Security Vulnerability,
DefenseCode
- [FD] DefenseCode ThunderScan SAST Advisory: WordPress Booking Calendar Multiple Security Vulnerabilities,
DefenseCode
- [FD] Multiple Vulnerabilities in TP-Link TL-SG108E - CVE-2017-17745, CVE-2017-17746, CVE-2017-17747,
James McLean
- [FD] Google supported XSS kit aka AdExchange iframe buster kit,
Zmx
- [FD] SSD Advisory – Huawei P8 wkupccpu debugfs Kernel Buffer Overflow,
Maor Shwartz
- [FD] SSD Advisory – Ichano AtHome IP Cameras Multiple Vulnerabilities,
Maor Shwartz
- [FD] [SYSS-2017-027] Microsoft Windows Hello Face Authentication - Authentication Bypass by Spoofing (CWE-290),
Matthias Deeg
- [FD] [CVE-2017-17719] Cross-Site Scripting (XSS) vulnerability in WordPress Concours Plugin,
nicolas.buzy-debat
- [FD] [CVE-2017-17744] Cross-Site Scripting (XSS) vulnerability in Custom Map WordPress Plugin,
nicolas.buzy-debat
- [FD] [CVE-2017-17753] Multiple Cross-Site Scripting (XSS) vulnerabilities in CSV Import-Export Wordpress Plugin,
nicolas.buzy-debat
- [FD] ESA-2017-161: EMC Isilon OneFS NFS Export Security Setting Fallback Vulnerability,
EMC Product Security Response Center
- [FD] ESA-2017-157: EMC Data Domain DD OS Memory Overflow Vulnerability,
EMC Product Security Response Center
- [FD] [CORE-2017-0008] - Trend Micro Smart Protection Server Multiple Vulnerabilities,
Core Security Advisories Team
- [FD] AST-2017-014: Crash in PJSIP resource when missing a contact header,
Asterisk Security Team
- [FD] [CVE-2017-17752] Cross-Site Scripting (XSS) vulnerability in Ability Mail Server 3.3.2,
Aloyce J. Makalanga
- [FD] [CVE-2016-6914] Ubiquiti UniFi Video v3.7.3 (Windows) Local Privileges Escalation via Insecure Directory Permissions,
Julien Ahrens
- [FD] Vitek RCE and Information Disclosure (and possible other OEM),
bashis
- [FD] ESA-2017-155: EMC VNX1 and VNX2 Family Reflected Cross Site Scripting Vulnerability in VNX Control Station,
EMC Product Security Response Center
- [FD] SSD Advisory – Trustwave SWG Unauthorized Access,
Maor Shwartz
Mail converted by MHonArc