Mail Thread Index

• Date Index

• [FD] [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities, Core Security Advisories Team
• [FD] [CORE-2018-0004] - Quest KACE System Management Appliance Multiple Vulnerabilities, Core Security Advisories Team
• [FD] CSRF on piazza.com (fixed as of 2018-06-01), David Fifield
• [FD] DisplayLink Installer 8.2.1956 DLL Hijack to privilege escalation CVE-2018-7884, Aleix Sala Bach
• [FD] New BlackArch Linux ISOs+OVA Image (2018.06.01, high-quality) Released!, Black Arch
• [FD] Vulnerabilities in TP-Link TL-WR841N and TL-WR841ND, MustLive
• [FD] DSA-2018-085: RSA Web Threat Detection SQL Injection Vulnerability, EMC Product Security Response Center
• [FD] CVE-2018-10058 and CVE-2018-10057 - cgminer <=4.10.0 and bfgminer <=5.5.0 remote management api post-auth buffer overflow and path traversal, oststrom (public)
• [FD] APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan, Apple Product Security
• [FD] APPLE-SA-2018-06-01-2 Safari 11.1.1, Apple Product Security
• [FD] APPLE-SA-2018-06-01-3 iCloud for Windows 7.5, Apple Product Security
• [FD] APPLE-SA-2018-06-01-4 iOS 11.4, Apple Product Security
• [FD] APPLE-SA-2018-06-01-5 watchOS 4.3.1, Apple Product Security
• [FD] APPLE-SA-2018-06-01-6 tvOS 11.4, Apple Product Security
• [FD] APPLE-SA-2018-06-01-7 iTunes 12.7.5 for Windows, Apple Product Security
• [FD] Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688), yavuz atlas
  • Re: [FD] Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688), Simon Waters
• [FD] [SRP-2018-01] Reverse engineering tools for ST DVB chipsets (public release), Security Explorations
• [FD] libpff 20180428 vulnerability, 熊文彬
• [FD] libmobi 0.3 vulnerabilities, 熊文彬
• [FD] libfsntfs 20180420 vulns, 熊文彬
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Form Maker Plugin Multiple Security Vulnerabilities, Defense Code
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Contact Form Maker Plugin Multiple Security Vulnerabilities, Defense Code
• [FD] ClassLink browser extension vulnerable to UXSS; ClassLink Agent vulnerable to Remote Code Execution., EdTech Secure via Fulldisclosure
• [FD] Multiple Automated Logic Corporation WebCTRL XML External Entity Injection (CVE-2018-8819), Hate Shape
• [FD] ESPN Reflected XSS, Ismail Doe
• [FD] Open-Xchange Security Advisory 2018-06-08, Open-Xchange GmbH
• [FD] Major Vulnerabilities in Foscam IP Cameras, Vulnerability Report
• [FD] Gridbox extension for Joomla! <= 2.4.0 Reflected Cross Site Scripting (XSS), yavuz atlas
• [FD] AST-2018-007: Infinite loop when reading iostreams, Asterisk Security Team
• [FD] AST-2018-008: PJSIP endpoint presence disclosure when using ACL, Asterisk Security Team
• [FD] ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem (WordPress plugin), dxw Security
• [FD] Reflected XSS in Tooltipy (tooltips for WP) could allow anybody to do almost anything an admin can (WordPress plugin), dxw Security
• [FD] CSRF in Tooltipy (tooltips for WP) could allow anybody to duplicate posts (WordPress plugin), dxw Security
• [FD] WordPress Plugin Pie Register 3.0.9 - Blind SQL Injection, Manuel Garcia Cardenas
• [FD] liblnk 20180419 vulns, 熊文彬
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities (XSS and SQLi), Defense Code
• [FD] DefenseCode ThunderScan SAST Advisory: WordPress WP Google Map Plugin Multiple SQL injection Security Vulnerabilities, Defense Code
• [FD] Multiple Security Issues in Ecos Secure Boot Stick (SBS), Michael Rossberg
• [FD] APPLE-SA-2018-06-13-01 Xcode 9.4.1, Apple Product Security
• [FD] CALL FOR PAPERS - INTEL SECURITY CONFERENCE (iSecCon) 2018, Branco, Rodrigo
• [FD] DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities, EMC Product Security Response Center
• [FD] Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) CVE-2018-11689, yavuz atlas
• [FD] Unserialization vulnerability in Redirection could allow admin to execute arbitrary code in some circumstances (WordPress plugin), dxw Security
• [FD] Tapplock api multiple vulnerabilities, Vangelis Stykas
• [FD] CA20180614-01: Security Notice for CA Privileged Access Manager, Williams, Ken
• [FD] MagniComp SysInfo Information Exposure [CVE-2018-7268], Harry Sintonen
• [FD] XSS in Canopy login page, RYT