Bugtraq
[Prev Page][Next Page]
- Re: [SECURITY] [DSA 4628-1] php7.0 security update
- Re: BugTraq Shutdown
- On Second Thought...
- BugTraq Shutdown
- Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components
- Local information disclosure in OpenSMTPD (CVE-2020-8793)
- From: Qualys Security Advisory
- LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)
- From: Qualys Security Advisory
- [SECURITY] [DSA 4633-1] curl security update
- Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)
- [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass
- [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP)
- [slackware-security] proftpd (SSA:2020-051-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4628-1] php7.0 security update
- [SECURITY] [DSA 4629-1] python-django security update
- [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP)
- [TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN)
- [SECURITY] [DSA 4626-1] php7.3 security update
- [SECURITY] [DSA 4627-1] webkit2gtk security update
- WebKitGTK and WPE WebKit Security Advisory WSA-2020-0002
- From: Carlos Alberto Lopez Perez
- [SECURITY] [DSA 4620-1] firefox-esr security update
- Web Application Firewall bypass via Bluecoat device
- [slackware-security] libarchive (SSA:2020-043-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4621-1] openjdk-8 security update
- [TZO-15-2020] - F-SECURE Generic Malformed Container bypass (RAR)
- CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability
- [SECURITY] [DSA 4624-1] evince security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4625-1] thunderbird security update
- [TZO-11-2020] - ESET Generic Malformed Archive Bypass (BZ2 Checksum)
- [EnumJavaLibs]_ Remote Java classpath enumerator
- [TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG)
- [slackware-security] mozilla-firefox (SSA:2020-042-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4623-1] postgresql-11 security update
- [SECURITY] [DSA 4622-1] postgresql-9.6 security update
- [slackware-security] mozilla-thunderbird (SSA:2020-042-02)
- From: Slackware Security Team
- [SECURITY] [DSA 4618-1] libexif security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4619-1] libxmlrpc3-java security update
- From: Salvatore Bonaccorso
- xglance-bin exploit (CVE-2014-2630)
- [SECURITY] [DSA 4617-1] qtbase-opensource-src security update
- [slackware-security] sudo (SSA:2020-031-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4612-1] prosody-modules security update
- [SECURITY] [DSA 4613-1] libidn2 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4614-1] sudo security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4615-1] spamassassin security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4616-1] qemu security update
- Executable installers are vulnerable^WEVIL (case 58): Intel® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege
- [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED
- [SECURITY] [DSA 4610-1] webkit2gtk security update
- APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
- From: Apple Product Security
- APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2
- From: Apple Product Security
- [SECURITY] [DSA 4611-1] opensmtpd security update
- FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch
- From: FreeBSD Security Advisories
- APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1
- From: Apple Product Security
- FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc
- From: FreeBSD Security Advisories
- APPLE-SA-2020-1-28-3 watchOS 6.1.2
- From: Apple Product Security
- APPLE-SA-2020-1-28-4 tvOS 13.3.1
- From: Apple Product Security
- APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
- From: Apple Product Security
- FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec
- From: FreeBSD Security Advisories
- APPLE-SA-2020-1-28-5 Safari 13.0.5
- From: Apple Product Security
- APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4
- From: Apple Product Security
- Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong)
- LPE and RCE in OpenSMTPD (CVE-2020-7247)
- From: Qualys Security Advisory
- CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template
- [slackware-security] mozilla-thunderbird (SSA:2020-024-01)
- From: Slackware Security Team
- WebKitGTK and WPE WebKit Security Advisory WSA-2020-0001
- From: Carlos Alberto Lopez Perez
- [SECURITY] [DSA 4609-1] python-apt security update
- SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus
- From: SEC Consult Vulnerability Lab
- [REVIVE-SA-2020-001] Revive Adserver Vulnerability
- [SECURITY] [DSA 4608-1] tiff security update
- [SECURITY] [DSA 4607-1] openconnect security update
- From: Salvatore Bonaccorso
- Neowise CarbonFTP v1.4 Insecure Proprietary Password Encryption CVE-2020-6857
- Trend Micro Security 2019 (Consumer) Multiple Products Security Bypass Protected Service Tampering CVE-2019-19697
- Trend Micro Security (Consumer) Multiple Products Persistent Arbitrary Code Execution CVE-2019-20357
- [SECURITY] [DSA 4606-1] chromium security update
- [SECURITY] [DSA 4603-1] thunderbird security update
- [SECURITY] [DSA 4604-1] cacti security update
- [SECURITY] [DSA 4605-1] openjdk-11 security update
- CVE-2020-2656 - Low impact information disclosure via Solaris xlock
- CVE-2020-2696 - Local privilege escalation via CDE dtsession
- [SECURITY] [DSA 4602-1] xen security update
- [TZO-09-2020] - Bitdefender Malformed Archive bypass (RAR Uncompressed Size)
- [TZO-10-2020] - Bitdefender Malformed Archive bypass (RAR Compression Information)
- [slackware-security] mozilla-thunderbird (SSA:2020-010-01)
- From: Slackware Security Team
- [TZO-08-2020] Bitdefender Generic Malformed Archive Bypass (ZIP GPFLAG)
- [TZO-06-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN)
- [TZO-05-2020] Kaspersky Generic Malformed Archive Bypass (ZIP Compressed Size)
- [TZO-07-2020] Bitdefender Generic Malformed Archive Bypass (RAR HOST_OS)
- [SECURITY] [DSA 4601-1] ldm security update
- [SECURITY] [DSA 4600-1] firefox-esr security update
- [slackware-security] mozilla-firefox (SSA:2020-009-01)
- From: Slackware Security Team
- [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4598-1] python-django security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4599-1] wordpress security update
- [slackware-security] mozilla-firefox (SSA:2020-006-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4597-1] netty security update
- From: Salvatore Bonaccorso
- [TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2)
- [TZO-01-2020] AVIRA Generic Malformed Container bypass (ISO)
- [RT-SA-2019-015] IceWarp: Cross-Site Scripting in Notes for Contacts
- From: RedTeam Pentesting GmbH
- [TZO-02-2020] Kaspersyk Generic Malformed Archive Bypass (ZIP GFlag)
- [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information)
- [RT-SA-2019-016] IceWarp: Cross-Site Scripting in Notes
- From: RedTeam Pentesting GmbH
- Microsoft Windows .Group File / URL Field Code Execution
- Microsoft Exchange Server, External Service Interaction (DNS)
- [SECURITY] [DSA 4593-1] freeimage security update
- [SECURITY] [DSA 4592-1] mediawiki security update
- [SECURITY] [DSA 4594-1] openssl1.0 security update
- [SECURITY] [DSA 4595-1] debian-lan-config security update
- [SECURITY] [DSA 4596-1] tomcat8 security update
- [SECURITY] [DSA 4591-1] cyrus-sasl2 security update
- From: Salvatore Bonaccorso
- CA20191218-01: Security Notice for CA Client Automation Agent for Windows
- [slackware-security] tigervnc (SSA:2019-354-02)
- From: Slackware Security Team
- [slackware-security] openssl (SSA:2019-354-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4590-1] cyrus-imapd security update
- [slackware-security] wavpack (SSA:2019-353-01)
- From: Slackware Security Team
- Confluence Server and Data Center Security Advisory - 2019-12-18 - CVE-2019-15006
- From: Alexander Minozhenko
- Deutsche Bahn Ticket Vending Machine Windows XP - Local Kiosk Privilege Escalation Vulnerability
- [SECURITY] [DSA 4589-1] debian-edu-config security update
- [SECURITY] [DSA 4588-1] python-ecdsa security update
- [SECURITY] [DSA 4586-1] ruby2.5 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4587-1] ruby2.3 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4582-1] davical security update
- [SECURITY] [DSA 4583-1] spip security update
- [SECURITY] [DSA 4565-2] intel-microcode security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4584-1] spamassassin security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4585-1] thunderbird security update
- Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)
- From: Qualys Security Advisory
- SEC Consult SA-20191211-0 :: File Extension Spoofing in Windows Defender Antivirus
- From: SEC Consult Vulnerability Lab
- APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
- From: Apple Product Security
- APPLE-SA-2019-12-10-4 watchOS 5.3.4
- From: Apple Product Security
- APPLE-SA-2019-12-10-2 iOS 12.4.4
- From: Apple Product Security
- APPLE-SA-2019-12-10-5 tvOS 13.3
- From: Apple Product Security
- APPLE-SA-2019-12-10-6 Safari 13.0.4
- From: Apple Product Security
- APPLE-SA-2019-12-10-7 Xcode 11.3
- From: Apple Product Security
- APPLE-SA-2019-12-10-8 watchOS 6.1.1
- From: Apple Product Security
- CA20191209-01: Security Notice for CA Nolio (Release Automation)
- [SECURITY] [DSA 4581-1] git security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4579-1] nss security update
- [SYSS-2019-045] "Scoutnet Kalender" for WordPress - Cross-Site Scripting
- [SECURITY] [DSA 4580-1] firefox-esr security update
- CVE-2019-17554 - Apache Olingo OData 4.0 - XML External Entity Resolution (XXE)
- External Service Interaction (DNS) on Skype for Business
- External Service Interaction (DNS) on Skype for Business
- Authentication vulnerabilities in OpenBSD
- From: Qualys Security Advisory
- BeeGFS Privilege Escalation (CVE-2019-15897)
- [slackware-security] mozilla-firefox (SSA:2019-337-01)
- From: Slackware Security Team
- SEC Consult SA-20191203-0 :: Multiple vulnerabilites in Fronius Solar Inverter Series
- From: SEC Consult Vulnerability Lab
- Microsoft Windows Media Center XXE MotW Bypass (Anniversary Edition)
- SEC Consult SA-20191202-0 :: Multiple Critical Vulnerabilities in SALTO ProAccess SPACE
- From: SEC Consult Vulnerability Lab
- NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 Pre-Auth SQL Injection 0Day CVE-2019-19245
- Max Secure Anti Virus Plus v19.0.4.020 Insecure Permissions CVE-2019-19382
- Microsoft Excel 2016 v1901 Import Error XML External Entity Injection
- [SECURITY] [DSA 4577-1] haproxy security update
- [SECURITY] [DSA 4578-1] libvpx security update
- Re: SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
- From: SEC Consult Vulnerability Lab
- Anhui Huami Mi Fit Android Application - Unencrypted Update Check
- pari/gp on debian stable allow arbitrary file write
- [SECURITY] [DSA 4576-1] php-imagick security update
- From: Salvatore Bonaccorso
- SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4571-2] enigmail update
- [SECURITY] [DSA 4575-1] chromium security update
- AST-2019-007: AMI user could execute system commands.
- From: Asterisk Security Team
- AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
- From: Asterisk Security Team
- AST-2019-006: SIP request can change address of a SIP peer.
- From: Asterisk Security Team
- [slackware-security] bind (SSA:2019-324-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4574-1] redmine security update
- [SECURITY] [DSA 4572-1] slurm-llnl security update
- [SECURITY] [DSA 4573-1] symfony security update
- [SECURITY] [DSA 4568-1] postgresql-common security update
- [SECURITY] [DSA 4569-1] ghostscript security update
- From: Salvatore Bonaccorso
- [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4570-1] mosquitto security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4571-1] thunderbird security update
- Vulnerability Disclosure and CVE assign
- Vulnerability Disclosure
- [SECURITY] [DSA 4563-1] webkit2gtk security update
- [SECURITY] [DSA 4567-1] dpdk security update
- [SECURITY] [DSA 4566-1] qemu security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4565-1] intel-microcode security update
- From: Salvatore Bonaccorso
- FreeBSD Security Advisory FreeBSD-SA-19:25.mcepsc
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:26.mcu
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4564-1] linux security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4562-1] chromium security update
- Minor security issue in punbb with SQLite
- WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006
- From: Carlos Alberto Lopez Perez
- [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4561-1] fribidi security update
- From: Salvatore Bonaccorso
- Jira Service Desk Server and Jira Service Desk Data Center Security Advisory - 2019-11-06 - CVE-2019-15003, CVE-2019-15004
- From: Alexander Minozhenko
- [SECURITY] [DSA 4560-1] simplesamlphp security update
- [SECURITY] [DSA 4559-1] proftpd-dfsg security update
- [SECURITY] [DSA 4558-1] webkit2gtk security update
- [slackware-security] libtiff (SSA:2019-308-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4556-1] qtbase-opensource-src security update
- [SECURITY] [DSA 4557-1] libarchive security update
- APPLE-SA-2019-11-01-1 Xcode 11.2
- From: Apple Product Security
- Security Advisory for Jira Plug-in: In-App & Desktop Notification
- [SECURITY] [DSA 4549-1] firefox-esr security update
- [SYSS-2019-009]: Fujitsu Wireless Keyboard Set LX390 - Missing Protection against Replay Attacks (CVE-2019-18199)
- [SYSS-2019-010]: Fujitsu Wireless Keyboard Set LX390 - Missing Encryption of Sensitive Data (CWE-311) (CVE-2019-18201)
- [SYSS-2019-011]: Fujitsu Wireless Keyboard Set LX390 - Keystroke Injection Vulnerability (CVE-2019-18200)
- [slackware-security] mozilla-firefox (SSA:2019-295-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4545-1] mediawiki security update
- Trend Micro Anti-Threat Toolkit <= v1.62.0.1218 / Remote Code Execution 0day
- [SECURITY] [DSA 4546-1] openjdk-11 security update
- [slackware-security] python (SSA:2019-293-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4547-1] tcpdump security update
- [SECURITY] [DSA 4548-1] openjdk-8 security update
- CA20191015-01: Security Notice for CA Performance Management
- CVE-2019-5533 - VMware VeloCloud Authorization Bypass
- [SECURITY] [DSA 4509-3] apache2 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4544-1] unbound security update
- CVE-2019-3010 - Local privilege escalation on Solaris 11.x via xscreensaver
- [SECURITY] [DSA 4543-1] sudo security update
- From: Salvatore Bonaccorso
- [slackware-security] sudo (SSA:2019-287-01)
- From: Slackware Security Team
- SEC Consult SA-20191014-0 :: Reflected XSS vulnerability in OpenProject
- From: SEC Consult Vulnerability Lab
- APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu
- From: Apple Product Security
- [SECURITY] [DSA 4539-3] openssl regression update
- From: Salvatore Bonaccorso
- [SYSS-2019-033]: Microsoft Designer Bluetooth Desktop - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)
- [SYSS-2019-034]: Microsoft Surface Keyboard - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)
- [SYSS-2019-035]: Microsoft Surface Mouse - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)
- PBS Professional MoM Authentication Bypass (CVE-2019-15719)
- [SECURITY] [DSA 4539-2] openssh regression update
- From: Salvatore Bonaccorso
- APPLE-SA-2019-10-07-2 iTunes for Windows 12.10.1
- From: Apple Product Security
- APPLE-SA-2019-10-07-3 iCloud for Windows 10.7
- From: Apple Product Security
- APPLE-SA-2019-10-07-1 macOS Catalina 10.15
- From: Apple Product Security
- APPLE-SA-2019-10-07-4 iCloud for Windows 7.14
- From: Apple Product Security
- [SECURITY] [DSA 4541-1] libapreq2 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4542-1] jackson-databind security update
- CVE-2019-10181, CVE-2019-10182, CVE-2019-10185: IcedTea-Web vulnerabilities leading to RCE
- CA20190930-01: Security Notice for CA Network Flow Analysis
- [SECURITY] [DSA 4509-2] subversion update
- [slackware-security] tcpdump (SSA:2019-274-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4539-1] openssl security update
- [SECURITY] [DSA 4540-1] openssl1.0 security update
- APPLE-SA-2019-9-27-1 iOS 13.1.1 and iPadOS 13.1.1
- From: Apple Product Security
- [SECURITY] [DSA 4534-1] golang-1.11 security update
- [SECURITY] [DSA 4535-1] e2fsprogs security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4536-1] exim4 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4537-1] file-roller security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4538-1] wpa security update
- APPLE-SA-2019-9-26-1 iOS 12.4.2
- From: Apple Product Security
- APPLE-SA-2019-9-26-5 watchOS 6
- From: Apple Product Security
- APPLE-SA-2019-9-26-2 macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra
- From: Apple Product Security
- APPLE-SA-2019-9-26-3 iOS 13
- From: Apple Product Security
- APPLE-SA-2019-9-26-4 Safari 13
- From: Apple Product Security
- APPLE-SA-2019-9-26-6 tvOS 13
- From: Apple Product Security
- APPLE-SA-2019-9-26-7 Xcode 11.0
- From: Apple Product Security
- APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1
- From: Apple Product Security
- APPLE-SA-2019-9-26-9 Safari 13.0.1
- From: Apple Product Security
- [SECURITY] [DSA 4533-1] lemonldap-ng security update
- [slackware-security] mozilla-thunderbird (SSA:2019-268-01)
- From: Slackware Security Team
- SEC Consult SA-20190926-0 :: Multiple SQL Injection vulnerabilities in eBrigade
- From: SEC Consult Vulnerability Lab
- Bitbucket Server security advisory 2019-09-18
- Jira Security Advisory - 2019-09-18 - CVE-2019-15001
- [SECURITY] [DSA 4531-1] linux security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4532-1] spip security update
- Jira Service Desk Server and Jira Service Desk Data Center - URL path traversal allows information disclosure - CVE-2019-14994
- [SECURITY] [DSA 4529-1] php7.0 security update
- [SECURITY] [DSA 4530-1] expat security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4526-1] opendmarc security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4527-1] php7.3 security update
- [SECURITY] [DSA 4528-1] bird security update
- [SECURITY] [DSA 4525-1] ibus security update
- From: Salvatore Bonaccorso
- SEC Consult SA-20190918-0 :: Reflected Cross-Site Scripting (XSS) in Oracle Mojarra JSF
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4524-1] dino-im security update
- [slackware-security] expat (SSA:2019-259-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4523-1] thunderbird security update
- [SECURITY] [DSA 4522-1] faad2 security update
- SEC Consult SA-20190912-0 :: Stored and reflected XSS vulnerabilities in LimeSurvey
- From: SEC Consult Vulnerability Lab
- [slackware-security] mozilla-thunderbird (SSA:2019-254-02)
- From: Slackware Security Team
- [slackware-security] openssl (SSA:2019-254-03)
- From: Slackware Security Team
- [slackware-security] curl (SSA:2019-254-01)
- From: Slackware Security Team
- [CVE-2019-12517] SlickQuiz for Wordpress 1.3.7.1 "/wp-admin/admin.php?page=slickquiz" Multiple Stored XSS
- [SECURITY] [DSA 4521-1] docker.io security update
- [SECURITY] [DSA 4520-1] trafficserver security update
- [CVE-2019-12516] SlickQuiz for Wordpress 1.3.7.1 "/wp-admin/admin.php?page=slickquiz-*" Multiple Authenticated SQL Injections
- Dabman & Imperial (i&d) Web Radio Devices - Undocumented Telnet Backdoor & Command Execution Vulnerability
- [SECURITY] [DSA 4519-1] libreoffice security update
- NtFileSins v2.1 Windows NTFS Privileged File Access Enumeration Tool
- NtFileSins / Windows NTFS Privileged File Access Enumeration Tool
- [SECURITY] [DSA 4518-1] ghostscript security update
- From: Salvatore Bonaccorso
- CA20190904-01: Security Notice for CA Common Services Distributed Intelligence Architecture (DIA)
- Windows NTFS / Privileged File Access Enumeration
- [SECURITY] [DSA 4517-1] exim4 security update
- [SECURITY] [DSA 4516-1] firefox-esr security update
- AST-2019-005: Remote Crash Vulnerability in audio transcoding
- From: Asterisk Security Team
- AST-2019-004: Crash when negotiating for T.38 with a declined stream
- From: Asterisk Security Team
- [slackware-security] seamonkey (SSA:2019-247-01)
- From: Slackware Security Team
- SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4515-1] webkit2gtk security update
- [SECURITY] [DSA 4514-1] varnish security update
- [SECURITY] [DSA 4513-1] samba security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4512-1] qemu security update
- Wolters Kluwer TeamMate+ Cross-Site Request Forgery (CSRF) vulnerability
- [SECURITY] [DSA 4511-1] nghttp2 security update
- Advisory for Confluence Server Local File Disclosure Vulnerability (CVE-2019-3394)
- SEC Consult SA-20190829-1 :: External DNS Requests in Zyxel USG/UAG/ATP/VPN/NXC series
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20190829-0 :: Hardcoded FTP Credentials in Zyxel NWA/NAP/WAC wireless access point series
- From: SEC Consult Vulnerability Lab
- WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004
- From: Adrian Perez de Castro
- [SECURITY] [DSA 4510-1] dovecot security update
- From: Salvatore Bonaccorso
- Multiple vulns in Cisco UCS Director: from unauth remote access to code execution as root
- [slackware-security] Slackware 14.2 kernel (SSA:2019-238-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4509-1] apache2 security update
- From: Salvatore Bonaccorso
- APPLE-SA-2019-8-26-3 tvOS 12.4.1
- APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental Update
- APPLE-SA-2019-8-26-1 iOS 12.4.1
- [SECURITY] [DSA 4508-1] h2o security update
- [SECURITY] [DSA 4507-1] squid security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4506-1] qemu security update
- [SECURITY] [DSA 4505-1] nginx security update
- FreeBSD Security Advisory FreeBSD-SA-19:23.midi [REVISED]
- From: FreeBSD Security Advisories
- SEC Consult SA-20190822-0 :: Multiple Vulnerabilities in OpenPGP.js
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20190821-0 :: Unauthenticated sensitive information leakage in Zoho Corporation ManageEngine ServiceDesk Plus
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4504-1] vlc security update
- FreeBSD Security Advisory FreeBSD-SA-19:24.mqueuefs
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:23.midi
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:22.mbuf
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4503-1] golang-1.11 security update
- [CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3
- [SECURITY] [DSA 4502-1] ffmpeg security update
- Details about recent GNU patch vulnerabilities
- [SECURITY] [DSA 4501-1] libreoffice security update
- [slackware-security] mozilla-firefox (SSA:2019-226-02)
- From: Slackware Security Team
- APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4
- From: Apple Product Security
- APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4
- From: Apple Product Security
- [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)
- From: Slackware Security Team
- APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0
- From: Apple Product Security
- APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3
- From: Apple Product Security
- APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra
- From: Apple Product Security
- TortoiseSVN v1.12.1 - Remote Code Execution Vulnerability
- [SECURITY] [DSA 4500-1] chromium security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4497-1] linux security update
- From: Salvatore Bonaccorso
- Dlink-CVE-2019-13101
- [SECURITY] [DSA 4499-1] ghostscript security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4498-1] python-django security update
- [SECURITY] [DSA 4496-1] pango1.0 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4495-1] linux security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4494-1] kconfig security update
- [SECURITY] [DSA 4493-1] postgresql-11 security update
- [SECURITY] [DSA 4492-1] postgresql-9.6 security update
- [slackware-security] kdelibs (SSA:2019-220-01)
- From: Slackware Security Team
- [waraxe-2019-SA#110] - Reflected XSS in MapProxy 1.11.0
- FreeBSD Security Advisory FreeBSD-SA-19:21.bhyve
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:20.bsnmp
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:19.mldv2
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4491-1] proftpd-dfsg security update
- Microsoft Windows PowerShell Unsanitized Filename Command Execution
- [slackware-security] mariadb (SSA:2019-213-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4490-1] subversion security update
- From: Salvatore Bonaccorso
- CVE-2019-13635: Directory traversal in WP Fastest Cache 0.8.9.5 and below
- [SECURITY] [DSA 4489-1] patch security update
- From: Salvatore Bonaccorso
- [SYSS-2019-004]: ABUS Secvest (FUAA50000) - Message Transmission - Unchecked Error Condition (CWE-391)
- [SECURITY] [DSA 4488-1] exim4 security update
- From: Salvatore Bonaccorso
- [SYSS-2019-016] SquirrelMail script filter bypass/XSS (update)
- FreeBSD Security Advisory FreeBSD-SA-19:17.fd
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:15.mqueuefs
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:16.bhyve
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:14.freebsd32
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:12.telnet
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:13.pts
- From: FreeBSD Security Advisories
- APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6
- From: Apple Product Security
- Trend Micro Deep Discovery Inspector IDS / Percent Encoding IDS Bypass
- APPLE-SA-2019-7-23-1 iCloud for Windows 7.13
- From: Apple Product Security
- APPLE-SA-2019-7-23-3 iCloud for Windows 10.6
- From: Apple Product Security
- [SECURITY] [DSA 4487-1] neovim security update
- APPLE-SA-2019-7-22-3 Safari 12.1.2
- From: Apple Product Security
- APPLE-SA-2019-7-22-5 tvOS 12.4
- From: Apple Product Security
- APPLE-SA-2019-7-22-4 watchOS 5.3
- From: Apple Product Security
- APPLE-SA-2019-7-22-1 iOS 12.4
- From: Apple Product Security
- [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)
- From: Slackware Security Team
- Jira Server - Template injection in various resources - CVE-2019-11581
- [SECURITY] [DSA 4486-1] openjdk-11 security update
- [SECURITY] [DSA 4485-1] openjdk-8 security update
- [SECURITY] [DSA 4484-1] linux security update
- From: Salvatore Bonaccorso
- CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day
- [SECURITY] [DSA 4483-1] libreoffice security update
- Deutsche Telekom CERT Advisory [DTC-A-20170323-001]
- [**Fixed Typo] Microsoft Compiled HTML Help / Uncompiled .chm File XML External Entity
- Microsoft Compiled HTML Help / Uncompiled .chm File XML External Entity
- [SYSS-2019-024] FANUC Robotics Virtual Robot Controller - Stack-based Buffer Overflow (CWE-121)
- [SYSS-2019-025] FANUC Robotics Virtual Robot Controller - Path Traversal (CWE-22)
- [slackware-security] bzip2 (SSA:2019-195-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4482-1] thunderbird security update
- [SECURITY] [DSA 4481-1] ruby-mini-magick security update
- From: Salvatore Bonaccorso
- AST-2019-002: Remote crash vulnerability with MESSAGE messages
- From: Asterisk Security Team
- [SECURITY] [DSA 4480-1] redis security update
- AST-2019-003: Remote Crash Vulnerability in chan_sip channel driver
- From: Asterisk Security Team
- [SECURITY] [DSA 4479-1] firefox-esr security update
- [slackware-security] mozilla-firefox (SSA:2019-191-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4478-1] dosbox security update
- [SECURITY] [DSA 4477-1] zeromq3 security update
- From: Salvatore Bonaccorso
- Two vulnerabilities found in Sony Bravia Smart TVs
- Cisco Data Center Manager multiple vulns; RCE as root
- [SECURITY] [DSA 4476-1] python-django security update
- [SYSS-2019-021]: WolfVision Cynap - Use of Hard-coded Cryptographic Key (CWE-321)
- Microsoft File Checksum Integrity Verifier "fciv.exe" v2.05 / DLL Hijack Arbitrary Code Execution
- [SYSS-2019-017] EBK BKS Buskoppler - Unauthenticated Remote Code Execution
- From: sebastian . auwaerter
- FreeBSD Security Advisory FreeBSD-SA-19:10.ufs
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:11.cd_ioctl
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:09.iconv
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4475-1] openssl security update
- [SECURITY] [DSA 4474-1] firefox-esr security update
- [RT-SA-2019-012] Information Disclosure in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [SYSS-2019-016] SquirrelMail script filter bypass/XSS
- [slackware-security] irssi (SSA:2019-180-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4473-1] rdesktop security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4472-1] expat security update
- From: Salvatore Bonaccorso
- [SYSS-2019-006] Adobe Coldfusion (Windows) - Remote Code Execution through JNBridge listener
- [SECURITY] [DSA 4471-1] thunderbird security update
- [SECURITY] [DSA 4470-1] pdns security update
- [SECURITY] [DSA 4469-1] libvirt security update
- From: Salvatore Bonaccorso
- [slackware-security] mozilla-thunderbird (SSA:2019-172-02)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2019-172-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4467-2] vim regression update
- [SECURITY] [DSA 4468-1] php-horde-form security update
- From: Salvatore Bonaccorso
- APPLE-SA-2019-6-20-1 AirPort Base Station Firmware Update 7.8.1
- From: Apple Product Security
- [slackware-security] bind (SSA:2019-171-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4447-2] intel-microcode security update
- FreeBSD Security Advisory FreeBSD-SA-19:08.rack
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4465-1] linux security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4464-1] thunderbird security update
- Microsoft Word (2016) Deceptive File Reference ZDI-CAN-7949
- [SECURITY] [DSA 4463-1] znc security update
- From: Salvatore Bonaccorso
- [SE-2019-01] Java Card vulnerabilities (post shutdown release)
- [slackware-security] mozilla-thunderbird (SSA:2019-164-01)
- From: Slackware Security Team
- X41 D-Sec GmbH Security Advisory X41-2019-004: Type confusion in Thunderbird
- From: X41 D-Sec GmbH Advisories
- X41 D-Sec GmbH Security Advisory X41-2019-003: Stack-based buffer overflow in Thunderbird
- From: X41 D-Sec GmbH Advisories
- X41 D-Sec GmbH Security Advisory X41-2019-002: Heap-based buffer overflow in Thunderbird
- From: X41 D-Sec GmbH Advisories
- X41 D-Sec GmbH Security Advisory X41-2019-001: Heap-based buffer overflow in Thunderbird
- From: X41 D-Sec GmbH Advisories
- [SECURITY] [DSA 4462-1] dbus security update
- From: Salvatore Bonaccorso
- X41 D-Sec GmbH Security Advisory X41-2019-001: Heap-based buffer overflow in Thunderbird
- From: X41 D-Sec GmbH Advisories
- SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4461-1] zookeeper security update
- [SECURITY] [DSA 4460-1] mediawiki security update
- [SECURITY] [DSA 4459-1] vlc security update
- CVE-2019-11517: CSRF in Wampserver 3.1.4-3.1.8
- [SECURITY] [DSA 4458-1] cyrus-imapd security update
- From: Salvatore Bonaccorso
- Newly releases IoT security issues
- [SECURITY] [DSA 4457-1] evolution security update
- [SECURITY] [DSA 4454-2] qemu regression update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4456-1] exim4 security update
- From: Salvatore Bonaccorso
- [SYSS-2019-015]: Logitech R700 Laser Presentation Remote - Keystroke Injection Vulnerability
- [SYSS-2019-008]: Inateck 2.4 GHz Wearable Wireless Presenter WP2002 - Keystroke Injection Vulnerability
- [SYSS-2019-007]: Inateck 2.4 GHz Wireless Presenter WP1001 - Keystroke Injection Vulnerability
- [SECURITY] [DSA 4455-1] heimdal security update
- From: Salvatore Bonaccorso
- Rapid7’s Windows InsightIDR Agent: Local Privilege Escalation
- Unauthorized Access Vulnerability in ZyXEL P-660HN-T1 V2 (2.00(AAKK.3))
- Unauthorized Access Vulnerability in ZyXEL P-660HN-T1 V2 (2.00(AAKK.3))
- APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1
- From: Apple Product Security
- [SECURITY] [DSA 4454-1] qemu security update
- [SECURITY] [DSA 4453-1] openjdk-8 security update
- [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)
- [SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)
- [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)
- APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5
- From: Apple Product Security
- APPLE-SA-2019-5-28-2 iCloud for Windows 7.12
- From: Apple Product Security
- [SECURITY] [DSA 4452-1] jackson-databind security update
- Crowd Security Advisory - 2019-05-22
- [SECURITY] [DSA 4451-1] thunderbird security update
- CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication
- MacOS X GateKeeper Bypass
- [SECURITY] [DSA 4450-1] wpa security update
- [CVE-2019-11604] Quest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected Cross-Site Scripting
- [slackware-security] curl (SSA:2019-142-01)
- From: Slackware Security Team
- Bitbucket Server security advisory 2019-05-22
- [SECURITY] [DSA 4449-1] ffmpeg security update
- [SECURITY] [DSA 4448-1] firefox-esr security update
- Anviz M3 RFID Access Control security issues
- [SYSS-2019-002] Blue Prism Robotic Process Automation (RPA) - Privilege Escalation
- [slackware-security] mozilla-firefox (SSA:2019-141-01)
- From: Slackware Security Team
- [REVIVE-SA-2019-002] Revive Adserver Vulnerability
- CSRF in Darktrace Enterprise Immune System <=3.0.10
- From: Gerwout Van der Veen
- WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
- Advisory: security controls configured in php.ini could be bypassed on Linux
- Emerson Network Power Cross Site Scripting(XSS) Vulnerability
- From: Kubilay Onur Gungor
- local privilege escalation via CDE dtprintinfo
- [RT-SA-2019-002] Directory Traversal in Cisco Expressway Gateway
- From: RedTeam Pentesting GmbH
- [slackware-security] rdesktop (SSA:2019-135-01)
- From: Slackware Security Team
- FreeBSD Security Advisory FreeBSD-SA-19:07.mds [REVISED]
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:07.mds
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4447-1] intel-microcode security update
- SEC Consult SA-20190515-0 :: Authorization Bypass in RSA NetWitness (@sec_consult)
- From: SEC Consult Vulnerability Lab
- FreeBSD Security Advisory FreeBSD-SA-19:06.pf
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:05.pf
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:07.mds
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:04.ntp
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-19:03.wpa
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 4446-1] lemonldap-ng security update
- [SECURITY] [DSA 4444-1] linux security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4445-1] drupal7 security update
- [CVE-2019-8978] Improper Authentication (CWE-287) in Ellucian Banner Web Tailor and Banner Enterprise Identity Services
- [SECURITY] [DSA 4443-1] samba security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4442-2] cups-filters regression update
- From: Salvatore Bonaccorso
- [CVE-2019-8978] Improper Authentication (CWE-287) in Ellucian Banner Web Tailor and Banner Enterprise Identity Services
- APPLE-SA-2019-5-13-5 Safari 12.1.1
- From: Apple Product Security
- APPLE-SA-2019-5-13-6 Apple TV Software 7.3
- From: Apple Product Security
- APPLE-SA-2019-5-13-4 watchOS 5.2.1
- From: Apple Product Security
- APPLE-SA-2019-5-13-3 tvOS 12.3
- From: Apple Product Security
- APPLE-SA-2019-5-13-2 macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
- From: Apple Product Security
- APPLE-SA-2019-5-13-1 iOS 12.3
- From: Apple Product Security
- Re: System Down: A systemd-journald exploit
- From: Qualys Security Advisory
- SEC Consult SA-20190513-0 :: Cleartext message spoofing in supplementary Go Cryptography Libraries (@sec_consult)
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4442-1] ghostscript security update
- From: Salvatore Bonaccorso
- SEC Consult SA-20190510-0 :: Unauthenticated SQL Injection vulnerability in OpenProject
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4441-1] symfony security update
- [SECURITY] [DSA 4440-1] bind9 security update
- [SECURITY] [DSA 4439-1] postgresql-9.6 security update
- dotCMS v5.1.1 Vulnerabilities
- SEC Consult SA-20190509-0 :: Multiple Vulnerabilities in Gemalto (Thales Group) DS3 Authentication Server / Ezio Server
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 4438-1] atftp security update
- From: Salvatore Bonaccorso
- [Newsletter/Marketing] [ISN] Hundreds of Orpak gas station systems can be easily hacked thanks to hardcoded passwords
- [Newsletter/Marketing] [ISN] Executive Order on America's Cybersecurity Workforce
- [Newsletter/Marketing] [ISN] Why local governments are a hot target for cyberattacks
- [Newsletter/Marketing] [ISN] Hackers Steal and Ransom Financial Data Related to Some of the World's Largest Companies
- [Newsletter/Marketing] [ISN] Spot the not-Fed: A day at AvengerCon, the Army's answer to hacker conferences
- [Newsletter/Marketing] [ISN] After account hacks, Twitch streamers take security into their own hands
- [Newsletter/Marketing] [ISN] Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are -- oh no, wait, it's Cisco again
- [Newsletter/Marketing] [ISN] Subscribing and Unsubscribing from InfoSec News
- [Newsletter/Marketing] [ISN] DHS Orders Agencies to Patch Critical Vulnerabilities Within 15 Days
- [Newsletter/Marketing] [ISN] Going Toe-to-Toe With Ukraine's Separatist Hackers
- [Newsletter/Marketing] [ISN] Wall Street spending big to protect against hacking: report
- [Newsletter/Marketing] [ISN] MITRE asks vendors to do more to detect stealthy hacks
- [Newsletter/Marketing] [ISN] Attackers Used Red-Team, Pen-Testing Tools to Hack Wipro
- 2019 Public Bug bounty launched
- [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310)
- Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution 0day
- [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server
- [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS
- [Newsletter/Marketing] [ISN] Augusta cyber-attacker sought more than $100,000 in ransom
- [Newsletter/Marketing] [ISN] Microsoft Patch Alert: April patches have sharp edges, with several missing, others reappearing
- [Newsletter/Marketing] [ISN] Ransomware: The key lesson Maersk learned from battling the NotPetya attack
- [Newsletter/Marketing] [ISN] Man who allegedly leaked CIA hacking tools says he's been tortured and is owed $50 billion
- [Newsletter/Marketing] [ISN] Russian Hackers Were 'In a Position' to Alter Florida Voter Rolls, Rubio Confirms
- [Newsletter/Marketing] [ISN] 'A Goldmine for Identity Thieves': Unprotected Database Puts 65% of American Households At Risk
- [Newsletter/Marketing] [ISN] Docker Hacked: 190,000 Accounts Breached
- [SECURITY] [DSA 4437-1] gst-plugins-base1.0 security update
- [REVIVE-SA-2019-001] Revive Adserver - Multiple vulnerabilities
- [SECURITY] [DSA 4436-1] imagemagick security update
- [SECURITY] [DSA 4435-1] libpng1.6 security update
- From: Salvatore Bonaccorso
- [slackware-security] bind (SSA:2019-116-01)
- From: Slackware Security Team
- Multiple vulnerabilities in Sony Smart TVs
- Confluence Security Advisory - 2019-04-17
- [SECURITY] [DSA 4434-1] drupal7 security update
- From: Salvatore Bonaccorso
- WordPress Plugin Contact Form Builder [CSRF → LFI]
- [slackware-security] libpng (SSA:2019-107-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4433-1] ruby2.3 security update
- [SECURITY] [DSA 4432-1] ghostscript security update
- From: Salvatore Bonaccorso
- CVE-2018-2879 - anniversary
- [SE-2019-01] Gemalto SIM card applet loading vulnerability
- From: Security Explorations
- [SECURITY] [DSA 4431-1] libssh2 security update
- From: Salvatore Bonaccorso
- [**UPDATED] Microsoft Internet Explorer v11 / XML External Entity Injection 0day
- [SECURITY] [DSA 4430-1] wpa security update
- Microsoft Internet Explorer v11 XML External Entity Injection 0day
- WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002
- [SECURITY] [DSA 4429-1] spip security update
- [SECURITY] [DSA 4428-1] systemd security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4427-1] samba security update
- RE: [EXTERNAL] CALL FOR PAPERS - Hackers 2 Hackers Conference 16th edition
- From: Michael Artemio Go Rebultan
- [SECURITY] [DSA 4426-1] tryton-server security update
- CALL FOR PAPERS - Hackers 2 Hackers Conference 16th edition
- From: Rodrigo Rubira Branco (BSDaemon)
- [slackware-security] httpd (SSA:2019-096-01)
- From: Slackware Security Team
- [slackware-security] wget (SSA:2019-095-02)
- From: Slackware Security Team
- [slackware-security] openjpeg (SSA:2019-095-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4425-1] wget security update
- From: Salvatore Bonaccorso
- WordPress plugin Contact Form by WD [CSRF → LFI]
- WordPress Plugin Form Maker by WD [CSRF → LFI]
- [SECURITY] [DSA 4424-1] pdns security update
- Various vulnerabilities in Lupusec XT2 Plus home alarm system
- [SECURITY] [DSA 4423-1] putty security update
- [SECURITY] [DSA 4422-1] apache2 security update
- From: Salvatore Bonaccorso
- [slackware-security] ghostscript (SSA:2019-092-01)
- From: Slackware Security Team
- [slackware-security] wget (SSA:2019-092-02)
- From: Slackware Security Team
- CVE-2019-7727 - JMX/RMI Nice ENGAGE <= 6.5 Remote Command Execution
- [SECURITY] [DSA 4421-1] chromium security update
- [SECURITY] [DSA 4420-1] thunderbird security update
- [SECURITY] [DSA 4419-1] twig security update
- [SECURITY] [DSA 4418-1] dovecot security update
- From: Salvatore Bonaccorso
- [SAUTH-2019-0002] - Pydio 8 Multiple Vulnerabilities
- From: SecureAuth Advisories
- [slackware-security] gnutls (SSA:2019-086-01)
- From: Slackware Security Team
- APPLE-SA-2019-3-27-1 watchOS 5.2
- From: Apple Product Security
- [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval
- From: RedTeam Pentesting GmbH
- [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval
- From: RedTeam Pentesting GmbH
- [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export
- From: RedTeam Pentesting GmbH
- [RT-SA-2019-007] Code Execution via Insecure Shell Function getopt_simple
- From: RedTeam Pentesting GmbH
- APPLE-SA-2019-3-25-1 iOS 12.2
- From: Apple Product Security
- [article2pdf (Wordpress plug-in)] Multiple vulnerabilities (CVE-2019-1000031, CVE-2019-1010257)
- Recon 2019 Call For Papers - June 28 - 30, 2019 - Montreal, Canada
- [slackware-security] mozilla-thunderbird (SSA:2019-084-01)
- From: Slackware Security Team
- APPLE-SA-2019-3-25-4 Safari 12.1
- From: Apple Product Security
- APPLE-SA-2019-3-25-6 iCloud for Windows 7.11
- From: Apple Product Security
- APPLE-SA-2019-3-25-5 iTunes 12.9.4 for Windows
- From: Apple Product Security
- APPLE-SA-2019-3-25-3 tvOS 12.2
- From: Apple Product Security
- APPLE-SA-2019-3-25-7 Xcode 10.2
- From: Apple Product Security
- APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
- From: Apple Product Security
- Multiple vulnerabilities in DASAN H660RM GPON router firmware
- From: Krzysztof Burghardt
- Atlassian - Confluence Security Advisory - 2019-03-20
- [SYSS-2018-036]: ABUS Secvest Remote Control - Denial of Service - Uncontrolled Resource Consumption (CWE-400)
- [SYSS-2018-035]: ABUS Secvest Remote Control - Missing Encryption of Sensitive Data (CWE-311)
- [SYSS-2018-034]: ABUS Secvest - Rolling Code - Predictable from Observable State (CWE-341)
- [SECURITY] [DSA 4417-1] firefox-esr security update
- [SECURITY] [DSA 4416-1] wireshark security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4415-1] passenger security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4414-1] libapache2-mod-auth-mellon security update
- [slackware-security] mozilla-firefox (SSA:2019-081-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4413-1] ntfs-3g security update
- From: Salvatore Bonaccorso
- March 2019 Sourcetree Advisory - Multiple Remote Code Execution Vulnerabilities
- [SECURITY] [DSA 4412-1] drupal7 security update
- [SECURITY] [DSA 4411-1] firefox-esr security update
- [SECURITY] [DSA 4410-1] openjdk-8 security update
- [SE-2019-01] Java Card vulnerabilities
- From: Security Explorations
- [slackware-security] libssh2 (SSA:2019-077-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4409-1] neutron security update
- Gitea 1.7.3 stored HTML injection (XSS)
- [SECURITY] [DSA 4408-1] liblivemedia security update
- NEW: VMSA-2019-0003 - VMware Horizon update addresses Connection Server information disclosure vulnerability
- From: VMware Security Response Center
- NEW: VMSA-2019-0002 - VMware Workstation update addresses elevation of privilege issues.
- From: VMware Security Response Center
- [SYSS-2018-033]: Fujitsu Wireless Keyboard Set LX901 - Keystroke Injection Vulnerability
- IPv6 Security for IPv4 Engineers
- Cisco Common Service Platform Collector - Hardcoded Credentials (CVE-2019-1723)
- [SECURITY] [DSA 4407-1] xmltooling security update
- [SECURITY] [DSA 4406-1] waagent security update
- Microsoft Windows .Reg File Dialog Box Message Spoofing 0day
- [**UPDATED] Microsoft Windows .Reg File Dialog Box Message Spoofing 0day
- FlexPaper <= 2.3.6 Remote Command Execution
- [SECURITY] [DSA 4405-1] openjpeg2 security update
- [SECURITY] [DSA 4404-1] chromium security update
- [SECURITY] [DSA 4403-1] php7.0 security update
- [slackware-security] ntp (SSA:2019-067-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4402-1] mumble security update
- SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS)
- SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS)
- SAP J2EE Engine/7.01/Portal/EPP Reflected Cross Site Scripting (XSS)
- [slackware-security] python (SSA:2019-062-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4387-2] openssh security update
- [slackware-security] infozip (SSA:2019-060-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4401-1] wordpress security update
- [SECURITY] [DSA 4399-1] ikiwiki security update
- [SECURITY] [DSA 4400-1] openssl1.0 security update
- [SECURITY] [DSA 4398-1] php7.0 security update
- AST-2019-001: Remote crash vulnerability with SDP protocol violation
- From: Asterisk Security Team
- [SECURITY] [DSA 4397-1] ldb security update
- From: Salvatore Bonaccorso
- [CORE-2018-0012] - Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2
- [SECURITY] [DSA 4395-2] chromium regression update
- [slackware-security] openssl (slackware 14.2) (SSA:2019-057-01)
- From: Slackware Security Team
- SHAREit for Android Authentication Bypass and Remote File Download
- Defense in depth -- the Microsoft way (part 60): same old sins and incompetence!
- [slackware-security] file (SSA:2019-054-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4377-3] rssh security update
- [SRP-2018-02] Details of a vulnerability in STMicroelectronics' chipset
- [SAUTH-2019-0001] - Micro Focus Filr Multiple Vulnerabilities
- [SECURITY] [DSA 4396-1] ansible security update
- [SECURITY] [DSA 4395-1] chromium security update
- [SECURITY] [DSA 4394-1] rdesktop security update
- [SECURITY] [DSA 4393-1] systemd security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 4388-2] mosquitto regression update
- From: Salvatore Bonaccorso
- CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape
- [SECURITY] [DSA 4392-1] thunderbird security update
- DASAN H665 has vendor backdoor built into BusyBox’s /bin/login
- From: Krzysztof Burghardt
- [slackware-security] mozilla-thunderbird (SSA:2019-045-01)
- From: Slackware Security Team
- [SECURITY] [DSA 4391-1] firefox-esr security update
- [slackware-security] mozilla-firefox (SSA:2019-044-01)
- From: Slackware Security Team
- Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702)
- [slackware-security] lxc (SSA:2019-043-01)
- From: Slackware Security Team
- CA20190212-01: Security Notice for CA Privileged Access Manager
- [SECURITY] [DSA 4390-1] flatpak security update
- [SECURITY] [DSA 4377-2] rssh regression update
- From: Salvatore Bonaccorso
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]