Mail Index

• Thread Index

• [FD] [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities
  • From: Core Security Advisories Team
• [FD] [CORE-2018-0004] - Quest KACE System Management Appliance Multiple Vulnerabilities
  • From: Core Security Advisories Team
• [FD] CSRF on piazza.com (fixed as of 2018-06-01)
  • From: David Fifield
• [FD] DisplayLink Installer 8.2.1956 DLL Hijack to privilege escalation CVE-2018-7884
  • From: Aleix Sala Bach
• [FD] New BlackArch Linux ISOs+OVA Image (2018.06.01, high-quality) Released!
  • From: Black Arch
• [FD] Vulnerabilities in TP-Link TL-WR841N and TL-WR841ND
  • From: MustLive
• [FD] DSA-2018-085: RSA Web Threat Detection SQL Injection Vulnerability
  • From: EMC Product Security Response Center
• [FD] CVE-2018-10058 and CVE-2018-10057 - cgminer <=4.10.0 and bfgminer <=5.5.0 remote management api post-auth buffer overflow and path traversal
  • From: oststrom (public)
• [FD] APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan
  • From: Apple Product Security
• [FD] APPLE-SA-2018-06-01-2 Safari 11.1.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-06-01-3 iCloud for Windows 7.5
  • From: Apple Product Security
• [FD] APPLE-SA-2018-06-01-4 iOS 11.4
  • From: Apple Product Security
• [FD] APPLE-SA-2018-06-01-5 watchOS 4.3.1
  • From: Apple Product Security
• [FD] APPLE-SA-2018-06-01-6 tvOS 11.4
  • From: Apple Product Security
• [FD] APPLE-SA-2018-06-01-7 iTunes 12.7.5 for Windows
  • From: Apple Product Security
• [FD] Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688)
  • From: yavuz atlas
• [FD] [SRP-2018-01] Reverse engineering tools for ST DVB chipsets (public release)
  • From: Security Explorations
• [FD] libpff 20180428 vulnerability
  • From: 熊文彬
• [FD] libmobi 0.3 vulnerabilities
  • From: 熊文彬
• [FD] libfsntfs 20180420 vulns
  • From: 熊文彬
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Form Maker Plugin Multiple Security Vulnerabilities
  • From: Defense Code
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Contact Form Maker Plugin Multiple Security Vulnerabilities
  • From: Defense Code
• [FD] ClassLink browser extension vulnerable to UXSS; ClassLink Agent vulnerable to Remote Code Execution.
  • From: EdTech Secure via Fulldisclosure
• [FD] Multiple Automated Logic Corporation WebCTRL XML External Entity Injection (CVE-2018-8819)
  • From: Hate Shape
• [FD] ESPN Reflected XSS
  • From: Ismail Doe
• [FD] Open-Xchange Security Advisory 2018-06-08
  • From: Open-Xchange GmbH
• Re: [FD] Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688)
  • From: Simon Waters
• [FD] Major Vulnerabilities in Foscam IP Cameras
  • From: Vulnerability Report
• [FD] Gridbox extension for Joomla! <= 2.4.0 Reflected Cross Site Scripting (XSS)
  • From: yavuz atlas
• [FD] AST-2018-007: Infinite loop when reading iostreams
  • From: Asterisk Security Team
• [FD] AST-2018-008: PJSIP endpoint presence disclosure when using ACL
  • From: Asterisk Security Team
• [FD] ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem (WordPress plugin)
  • From: dxw Security
• [FD] Reflected XSS in Tooltipy (tooltips for WP) could allow anybody to do almost anything an admin can (WordPress plugin)
  • From: dxw Security
• [FD] CSRF in Tooltipy (tooltips for WP) could allow anybody to duplicate posts (WordPress plugin)
  • From: dxw Security
• [FD] WordPress Plugin Pie Register 3.0.9 - Blind SQL Injection
  • From: Manuel Garcia Cardenas
• [FD] liblnk 20180419 vulns
  • From: 熊文彬
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities (XSS and SQLi)
  • From: Defense Code
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress WP Google Map Plugin Multiple SQL injection Security Vulnerabilities
  • From: Defense Code
• [FD] Multiple Security Issues in Ecos Secure Boot Stick (SBS)
  • From: Michael Rossberg
• [FD] APPLE-SA-2018-06-13-01 Xcode 9.4.1
  • From: Apple Product Security
• [FD] CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018
  • From: Branco, Rodrigo
• [FD] DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities
  • From: EMC Product Security Response Center
• [FD] Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) CVE-2018-11689
  • From: yavuz atlas
• [FD] Unserialization vulnerability in Redirection could allow admin to execute arbitrary code in some circumstances (WordPress plugin)
  • From: dxw Security
• [FD] Tapplock api multiple vulnerabilities
  • From: Vangelis Stykas
• [FD] CA20180614-01: Security Notice for CA Privileged Access Manager
  • From: Williams, Ken
• [FD] MagniComp SysInfo Information Exposure [CVE-2018-7268]
  • From: Harry Sintonen
• [FD] XSS in Canopy login page
  • From: RYT