Databáze Hot News 2018 April - 2018 January February March April May June July August September October November December
30.4.2018
Bugtraq
Advisory - Sourcetree for Windows - CVE-2018-5226 2018-04-30
Atlassian (security atlassian com)
[SECURITY] [DSA 4183-1] tor security update 2018-04-28
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4186-1] gunicorn security update 2018-04-28
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Xen 'x86/x86_64/entry.S' Denial of Service Vulnerability
2018-04-30
http://www.securityfocus.com/bid/104003
Xen XSA-258 Information Disclosure Vulnerability
2018-04-30
http://www.securityfocus.com/bid/104002
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-30
http://www.securityfocus.com/bid/102371
Mozilla Firefox and Firefox ESR Multiple Out of Bounds Write Remote Code Execution Vulnerabilities
2018-04-30
http://www.securityfocus.com/bid/103432
Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2018-04-30
http://www.securityfocus.com/bid/102009
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-30
http://www.securityfocus.com/bid/102376
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-30
http://www.securityfocus.com/bid/99263
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-30
http://www.securityfocus.com/bid/102378
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103872
Oracle Java SE CVE-2018-2790 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103877
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103868
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103841
Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103817
Oracle Java SE CVE-2018-2814 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103798
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103847
Symantec Norton Core CVE-2018-5234 Local Command Injection Vulnerability
2018-04-30
http://www.securityfocus.com/bid/103955
PHP CVE-2018-5712 Incomplete Fix Cross Site Scripting Vulnerability
2018-04-29
http://www.securityfocus.com/bid/104020
SANS News
Another approach to webapplication fingerprinting
Threatpost
Exploint
macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership...
macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG...
Navicat < 12.0.27 - Oracle Connection Overflow
Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)
Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...
Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root
WordPress Plugin Form Maker 1.12.20 - CSV Injection
29.4.2018
Bugtraq
[slackware-security] openvpn (SSA:2018-116-01) 2018-04-27
Slackware Security Team (security slackware com)
[HITB-Announce] HITBGSEC2018 CFP - Final Call 2018-04-26
Hafez Kamal (aphesz hackinthebox org)
Malware
Phishing
Vulnerebility
Xen 'x86/x86_64/entry.S' Denial of Service Vulnerability
2018-04-27
http://www.securityfocus.com/bid/104003
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103825
SANS News
Microsoft Security Update for Spectre V2
Threatpost
Exploint
Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...
27.4.2018
Bugtraq
[slackware-security] openvpn (SSA:2018-116-01) 2018-04-27
Slackware Security Team (security slackware com)
[HITB-Announce] HITBGSEC2018 CFP - Final Call 2018-04-26
Hafez Kamal (aphesz hackinthebox org)
[SECURITY] [DSA 4180-1] drupal7 security update 2018-04-25
Salvatore Bonaccorso (carnil debian org)
Secunia Research: Oracle Outside In Technology Use-After-Free Vulnerability 2018-04-25
Secunia Research (remove-vuln secunia com)
APPLE-SA-2018-04-24-2 Security Update 2018-001 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-1 iOS 11.3.1 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4) 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Xen 'x86/x86_64/entry.S' Denial of Service Vulnerability
2018-04-27
http://www.securityfocus.com/bid/104003
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103825
Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103828
Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103818
Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103820
Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103801
Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103814
Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103799
Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103804
Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103831
Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103805
Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103807
Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103811
Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103802
Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2018-04-26
http://www.securityfocus.com/bid/64111
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-04-26
http://www.securityfocus.com/bid/100872
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2018-04-26
http://www.securityfocus.com/bid/97702
Oracle Security Service CVE-2018-2765 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103808
Delta Electronics PMSoft CVE-2018-8839 Multiple Stack Based Buffer Overflow Vulnerabilities
2018-04-26
http://www.securityfocus.com/bid/104013
Apple iOS and macOS Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103957
Drupal JSON API Module Cross Site Request Forgery Vulnerability
2018-04-25
http://www.securityfocus.com/bid/104004
Xen XSA-258 Information Disclosure Vulnerability
2018-04-25
http://www.securityfocus.com/bid/104002
Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
2018-04-25
http://www.securityfocus.com/bid/104001
Drupal Core CVE-2018-7602 Remote Code Execution Vulnerability
2018-04-25
http://www.securityfocus.com/bid/103985
GNU Binutils CVE-2018-10372 Remote Buffer Overflow Vulnerability
2018-04-25
http://www.securityfocus.com/bid/103976
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103958
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
SANS News
More Threat Hunting with User Agent and Drupal Exploits
Threatpost
Exploint
Frog CMS 0.9.5 - Persistent Cross-Site Scripting
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot
GitList 0.6 - Unauthenticated Remote Code Execution
MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting
Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)
26.4.2018
Bugtraq
[SECURITY] [DSA 4180-1] drupal7 security update 2018-04-25
Salvatore Bonaccorso (carnil debian org)
Secunia Research: Oracle Outside In Technology Use-After-Free Vulnerability 2018-04-25
Secunia Research (remove-vuln secunia com)
APPLE-SA-2018-04-24-2 Security Update 2018-001 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-1 iOS 11.3.1 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4) 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2018-04-26
http://www.securityfocus.com/bid/64111
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-04-26
http://www.securityfocus.com/bid/100872
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2018-04-26
http://www.securityfocus.com/bid/97702
Oracle Security Service CVE-2018-2765 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103808
Apple iOS and macOS Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103957
Drupal Core CVE-2018-7602 Remote Code Execution Vulnerability
2018-04-25
http://www.securityfocus.com/bid/103985
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103958
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94414
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94417
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94416
Multiple Intel 2G Modem Products CVE-2018-3624 Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103968
Vecna VGo Robot ICSA-18-114-01 Information Disclosure and OS Command Execution Vulnerabilities
2018-04-24
http://www.securityfocus.com/bid/103966
WebKit Multiple Memory Corruption Vulnerabilities
2018-04-24
http://www.securityfocus.com/bid/103961
Linux Kernel 'fs/xfs/libxfs/xfs_inode_buf.c' Local Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103960
Linux Kernel 'fs/xfs/libxfs/xfs_bmap.c' Local Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103959
FFmpeg 'libavformat/img2dec.c' Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103956
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
SANS News
Yet Another Drupal RCE Vulnerability
Threatpost
Exploint
October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting
SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response
WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion
Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command...
Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)
Chrome V8 JIT - Arrow Function Scope Fixing Bug
Chrome V8 JIT - 'AwaitedPromise' Update Bug
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
Adobe Flash - Out-of-Bounds Write in blur Filtering
Adobe Flash - Info Leak in Image Inflation
Adobe Flash - Overflow in Slab Rendering
Adobe Flash - Overflow when Playing Sound
HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion
HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting
HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection
HRSALE The Ultimate HRM v1.0.2 - CSV Injection
Blog Master Pro v1.0 - CSV Injection
Shopy Point of Sale v1.0 - CSV Injection
25.4.2018
Bugtraq
APPLE-SA-2018-04-24-1 iOS 11.3.1 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4) 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180424-0 :: Reflected Cross-Site Scripting in multiple Zyxel ZyWALL products 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult SA-20180423-0 :: Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4176-1] mysql-5.5 security update 2018-04-20
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Apple iOS and macOS Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103957
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103958
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94414
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94417
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94416
WebKit Multiple Memory Corruption Vulnerabilities
2018-04-24
http://www.securityfocus.com/bid/103961
Linux Kernel 'fs/xfs/libxfs/xfs_bmap.c' Local Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103959
FFmpeg 'libavformat/img2dec.c' Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103956
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
SANS News
Malicious Network Traffic From /bin/bash
Threatpost
Exploint
24.4.2018
Bugtraq
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180424-0 :: Reflected Cross-Site Scripting in multiple Zyxel ZyWALL products 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult SA-20180423-0 :: Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4176-1] mysql-5.5 security update 2018-04-20
Salvatore Bonaccorso (carnil debian org)
Seagate Media Server path traversal vulnerability 2018-04-19
Summer of Pwnage (lists securify nl)
[SECURITY] [DSA 4175-1] freeplane security update 2018-04-18
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4178-1] libreoffice security update 2018-04-20
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94414
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94417
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94416
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102122
Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102056
Linux kernel CVE-2017-15265 Use After Free Local Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/101288
Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102101
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103825
Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103807
Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103818
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103820
Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103811
Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103814
Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103828
SANS News
Threatpost
Exploint
23.4.2018
Bugtraq
[SECURITY] [DSA 4176-1] mysql-5.5 security update 2018-04-20
Salvatore Bonaccorso (carnil debian org)
Seagate Media Server path traversal vulnerability 2018-04-19
Summer of Pwnage (lists securify nl)
Malware
Phishing
Vulnerebility
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102122
Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102056
Linux kernel CVE-2017-15265 Use After Free Local Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/101288
Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102101
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103825
Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103807
Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103818
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103820
Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103811
Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103814
Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103828
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2018-04-19
http://www.securityfocus.com/bid/91453
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103880
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103203
Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/97948
SANS News
Threatpost
Exploint
22.4.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
A malicious word document with a VBA form - video
Threatpost
Exploint
20.4.2018
Bugtraq
Seagate Media Server stored Cross-Site Scripting vulnerability 2018-04-19
Summer of Pwnage (lists securify nl)
[slackware-security] gd (SSA:2018-108-01) 2018-04-19
Slackware Security Team (security slackware com)
WebKitGTK+ Security Advisory WSA-2018-0003 2018-04-17
Michael Catanzaro (mcatanzaro igalia com)
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2018-04-19
http://www.securityfocus.com/bid/91453
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103880
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103203
Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/97948
WPA2 Key Reinstallation Multiple Security Weaknesses
2018-04-18
http://www.securityfocus.com/bid/101274
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/102371
Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91867
Spring Security and Spring Framework CVE-2016-5007 Security Bypass Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91687
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93150
FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/99623
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/100954
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103872
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103868
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/78215
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103847
Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2018-04-18
http://www.securityfocus.com/bid/60534
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103841
SANS News
Malspam pushing ransomware using two layers of password protection to avoid detection
Threatpost
Exploint
19.4.2018
Bugtraq
[slackware-security] gd (SSA:2018-108-01) 2018-04-19
Slackware Security Team (security slackware com)
WebKitGTK+ Security Advisory WSA-2018-0003 2018-04-17
Michael Catanzaro (mcatanzaro igalia com)
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2018-04-19
http://www.securityfocus.com/bid/91453
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103880
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103203
Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/97948
WPA2 Key Reinstallation Multiple Security Weaknesses
2018-04-18
http://www.securityfocus.com/bid/101274
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/102371
Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91867
Spring Security and Spring Framework CVE-2016-5007 Security Bypass Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91687
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93150
FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/99623
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/100954
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103872
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103868
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/78215
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103847
Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2018-04-18
http://www.securityfocus.com/bid/60534
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103841
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/79091
Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/95429
Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93236
Oracle Java SE and JRockit CVE-2018-2783 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103832
Oracle Retail Back Office CVE-2018-2861 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103809
Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103777
Cisco Unified Computing System Director CVE-2018-0238 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103919
Oracle VM VirtualBox CVE-2018-2845 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103861
Oracle VM VirtualBox CVE-2018-2844 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103855
SANS News
Threatpost
Exploint
18.4.2018
Bugtraq
WebKitGTK+ Security Advisory WSA-2018-0003 2018-04-17
Michael Catanzaro (mcatanzaro igalia com)
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-04-12
cyber-psrt microfocus com
[security bulletin] MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability 2018-04-12
cyber-psrt microfocus com
[SECURITY] [DSA 4079-2] poppler regression update 2018-04-12
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-11-02
http://www.securityfocus.com/bid/103880
WPA2 Key Reinstallation Multiple Security Weaknesses
2018-04-18
http://www.securityfocus.com/bid/101274
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/102371
Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91867
Spring Security and Spring Framework CVE-2016-5007 Security Bypass Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91687
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93150
FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/99623
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/100954
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103872
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103868
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/78215
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103847
Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2018-04-18
http://www.securityfocus.com/bid/60534
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103841
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/79091
Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/95429
Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93236
Oracle Java SE and JRockit CVE-2018-2783 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103832
Oracle Retail Back Office CVE-2018-2861 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103809
Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103777
Oracle VM VirtualBox CVE-2018-2845 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103861
Oracle VM VirtualBox CVE-2018-2844 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103855
Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103780
Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103779
Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103778
Python rhn-setup CVE-2015-1777 SSL Certificate Validation Security Bypass Vulnerability
2018-04-17
http://www.securityfocus.com/bid/72943
SANS News
Threatpost
Exploint
17.4.2018
Bugtraq
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-04-12
cyber-psrt microfocus com
[security bulletin] MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability 2018-04-12
cyber-psrt microfocus com
[SECURITY] [DSA 4079-2] poppler regression update 2018-04-12
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4169-1] pcs security update 2018-04-11
Yves-Alexis Perez (corsac debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-16
http://www.securityfocus.com/bid/103708
Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability
2018-04-16
http://www.securityfocus.com/bid/103715
Drupal Core CVE-2018-7600 Multiple Remote Code Execution Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103534
Oracle April 2018 Critical Patch Update Multiple Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103743
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
SANS News
Threatpost
Exploint
16.4.2018
Bugtraq
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-16
http://www.securityfocus.com/bid/103708
Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability
2018-04-16
http://www.securityfocus.com/bid/103715
Drupal Core CVE-2018-7600 Multiple Remote Code Execution Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103534
Oracle April 2018 Critical Patch Update Multiple Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103743
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
SANS News
Threatpost
Exploint
15.4.2018
Bugtraq
Malware
Phishing
Vulnerebility
Drupal Core CVE-2018-7600 Multiple Remote Code Execution Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103534
Oracle April 2018 Critical Patch Update Multiple Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103743
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2018-04-12
http://www.securityfocus.com/bid/102009
Poppler CVE-2017-9776 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99240
Pivotal Spring Framework CVE-2018-1270 Remote Code Execution Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103696
Microsoft Jet Database Engine CVE-2018-1003 Buffer Overflow Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103655
Microsoft Windows Graphics Component CVE-2018-1008 Local Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103658
Microsoft Windows Graphics Component CVE-2018-8116 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103705
VMware vRealize Automation Cross Site Scripting and Session Hijacking Vulnerabilities
2018-04-12
http://www.securityfocus.com/bid/103752
runV for Docker CVE-2018-9862 Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103738
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
SANS News
Getting Incident Response Help from Richard Feynman
Threatpost
Don’t Trust Android OEM Patching, Claims Researcher
Exploint
13.4.2018
Bugtraq
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-04-12
cyber-psrt microfocus com
[security bulletin] MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability 2018-04-12
cyber-psrt microfocus com
[SECURITY] [DSA 4079-2] poppler regression update 2018-04-12
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4169-1] pcs security update 2018-04-11
Yves-Alexis Perez (corsac debian org)
Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18) 2018-04-10
Yves Younan (wootcfp fort-knox org)
[SECURITY] [DSA 4170-1] pjproject security update 2018-04-09
Moritz Muehlenhoff (jmm debian org)
secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
Malware
Phishing
Vulnerebility
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2018-04-12
http://www.securityfocus.com/bid/102009
Poppler CVE-2017-9776 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99240
Pivotal Spring Framework CVE-2018-1270 Remote Code Execution Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103696
Microsoft Jet Database Engine CVE-2018-1003 Buffer Overflow Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103655
Microsoft Windows Graphics Component CVE-2018-1008 Local Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103658
Microsoft Windows Graphics Component CVE-2018-8116 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103705
runV for Docker CVE-2018-9862 Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103738
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
QEMU CVE-2017-15268 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101277
QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101975
QEMU CVE-2017-13673 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100527
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102518
QEMU CVE-2017-13711 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100534
QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100540
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-11
http://www.securityfocus.com/bid/103708
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103642
SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100170
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102371
Juniper Junos CVE-2018-0022 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103740
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102376
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0143 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/85896
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/99137
GNU Binutils CVE-2018-9996 Remote Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103733
FFmpeg 'libavcodec/utvideodec.c' Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103732
SANS News
Drupal CVE-2018-7600 PoC is Public
Threatpost
Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords
Exploint
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
12.4.2018
Bugtraq
[SECURITY] [DSA 4169-1] pcs security update 2018-04-11
Yves-Alexis Perez (corsac debian org)
Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18) 2018-04-10
Yves Younan (wootcfp fort-knox org)
[SECURITY] [DSA 4170-1] pjproject security update 2018-04-09
Moritz Muehlenhoff (jmm debian org)
secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
Defense in depth -- the Microsoft way (part 53): our MSRC doesn't know how Windows handles PATH 2018-04-09
Stefan Kanthak (stefan kanthak nexgo de)
secuvera-SA-2017-03: Reflected Cross-Site-Scripting Vulnerabilities in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Pivotal Spring Framework CVE-2018-1270 Remote Code Execution Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103696
Microsoft Jet Database Engine CVE-2018-1003 Buffer Overflow Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103655
Microsoft Windows Graphics Component CVE-2018-1008 Local Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103658
Microsoft Windows Graphics Component CVE-2018-8116 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103705
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
QEMU CVE-2017-15268 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101277
QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101975
QEMU CVE-2017-13673 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100527
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102518
QEMU CVE-2017-13711 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100534
QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100540
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-11
http://www.securityfocus.com/bid/103708
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103642
SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100170
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102376
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0143 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/85896
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/99137
FFmpeg 'libavcodec/utvideodec.c' Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103732
Atlassian Application Links CVE-2018-5227 Cross Site Scripting Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103731
Atlassian JIRA CVE-2017-18101 Security Bypass Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103730
Atlassian JIRA CVE-2017-18100 Cross Site Scripting Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103729
SAP Disclosure Management Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103727
Multiple SAP Products Multiple Unspecified Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103723
ATI Systems Multiple Emergency Mass Notification Systems Products Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103721
SAP Crystal Reports Server CVE-2018-2406 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103719
Adobe ColdFusion APSB18-14 Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103718
SANS News
Glitch in malspam campaign temporarily reduces spread of GandCrab
Threatpost
Exploint
Linux/x64 - x64 Assembly Shellcode (Generator)
11.4.2018
Bugtraq
Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18) 2018-04-10
Yves Younan (wootcfp fort-knox org)
[SECURITY] [DSA 4170-1] pjproject security update 2018-04-09
Moritz Muehlenhoff (jmm debian org)
secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
Defense in depth -- the Microsoft way (part 53): our MSRC doesn't know how Windows handles PATH 2018-04-09
Stefan Kanthak (stefan kanthak nexgo de)
secuvera-SA-2017-03: Reflected Cross-Site-Scripting Vulnerabilities in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2017-015] CyberArk Password Vault Memory Disclosure 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
Malware
Phishing
Vulnerebility
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
QEMU CVE-2017-15268 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101277
QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101975
QEMU CVE-2017-13673 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100527
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102518
QEMU CVE-2017-13711 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100534
QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100540
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-11
http://www.securityfocus.com/bid/103708
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103642
SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100170
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102376
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0143 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/85896
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/99137
SAP Disclosure Management Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103727
Multiple SAP Products Multiple Unspecified Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103723
ATI Systems Multiple Emergency Mass Notification Systems Products Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103721
SAP Crystal Reports Server CVE-2018-2406 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103719
Adobe ColdFusion APSB18-14 Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103718
Adobe InDesign CC CVE-2018-4927 DLL Loading Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103716
Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103715
Adobe InDesign CC CVE-2018-4928 Memory Corruption Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103714
Adobe Digital Editions APSB18-13 Multiple Information Disclosure Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103712
Microsoft Wireless Keyboard CVE-2018-8117 Local Security Bypass Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103711
Adobe PhoneGap Push Plugin CVE-2018-4943 Security Bypass Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103710
Adobe Experience Manager CVE-2018-4931 HTML Injection Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103709
Adobe Experience Manager CVE-2018-4929 HTML Injection Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103707
SANS News
Threatpost
Exploint
Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion
WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS
WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid...
WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery
WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery
Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
DVD X Player Standard 5.5.3.9 - Buffer Overflow
10.4.2018
Bugtraq
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2017-015] CyberArk Password Vault Memory Disclosure 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[slackware-security] patch (SSA:2018-096-01) 2018-04-07
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Oracle Java SE and JRockit CVE-2018-2579 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102663
Oracle Java SE and JRockit CVE-2018-2588 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102661
Oracle Java SE and JRockit CVE-2018-2603 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102625
Oracle Java SE and JRockit CVE-2018-2663 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102662
Oracle Java SE and JRockit CVE-2018-2629 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102615
Oracle Java SE and JRockit CVE-2018-2678 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102659
Oracle Java SE CVE-2018-2677 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102656
Oracle Java SE and JRockit CVE-2018-2637 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102576
Oracle Java SE CVE-2018-2641 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102605
Oracle Java SE and JRockit CVE-2018-2599 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102633
Oracle Java SE and JRockit CVE-2018-2618 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102612
Oracle Java SE CVE-2018-2634 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102592
SANS News
Threatpost
Word Attachment Delivers FormBook Malware, No Macros Required
Exploint
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
9 .4.2018
Bugtraq
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2017-015] CyberArk Password Vault Memory Disclosure 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[slackware-security] patch (SSA:2018-096-01) 2018-04-07
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4167-1] sharutils security update 2018-04-05
Luciano Bello (luciano debian org)
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Malware
Phishing
Vulnerebility
SANS News
Cisco Smart Install vulnerability exploited in the wild
Threatpost
Exploint
WordPress Plugin Google Drive 2.2 - Remote Code Execution
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code...
Yahei PHP Prober 0.4.7 - Cross-Site Scripting
WolfCMS 0.8.3.1 - Open Redirection
MyBB Plugin Recent Threads On Index - Cross-Site Scripting
Cobub Razor 0.7.2 - Add New Superuser Account
WolfCMS 0.8.3.1 - Cross Site Request Forgery
PMS 0.42 - Local Stack-Based Overflow (ROP)
GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)
H2 Database - 'Alias' Arbitrary Code Execution
CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure
WebKit - WebAssembly Parsing Does not Correctly Check Section Order
8.4.2018
Bugtraq
[SECURITY] [DSA 4167-1] sharutils security update 2018-04-05
Luciano Bello (luciano debian org)
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Advisory - Bamboo - CVE-2018-5224 2018-04-05
Atlassian (security atlassian com)
[SECURITY] [DSA 4166-1] openjdk-7 security update 2018-04-04
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
Phishing
Vulnerebility
SANS News
Threat Hunting & Adversary Emulation: The HELK vs APTSimulator - Part 2
Threatpost
Exploint
LineageOS 14.1 Blueborne - Remote Code Execution
Cobub Razor 0.7.2 - Cross Site Request Forgery
DotNetNuke DNNarticle Module 11 - Directory Traversal
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
6 .4.2018
Bugtraq
[SECURITY] [DSA 4167-1] sharutils security update 2018-04-05
Luciano Bello (luciano debian org)
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Advisory - Bamboo - CVE-2018-5224 2018-04-05
Atlassian (security atlassian com)
[SECURITY] [DSA 4166-1] openjdk-7 security update 2018-04-04
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4165-1] ldap-account-manager security update 2018-04-04
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption
Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass
GetSimple CMS 3.3.13 - Cross-Site Scripting
Z-Blog 1.5.1.1740 - Full Path Disclosure
Z-Blog 1.5.1.1740 - Cross-Site Scripting
YzmCMS 3.6 - Cross-Site Scripting
5 .4.2018
Bugtraq
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Advisory - Bamboo - CVE-2018-5224 2018-04-05
Atlassian (security atlassian com)
[SECURITY] [DSA 4166-1] openjdk-7 security update 2018-04-04
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4165-1] ldap-account-manager security update 2018-04-04
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4164-1] apache2 security update 2018-04-03
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Oracle Java SE and JRockit CVE-2018-2579 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102663
Oracle Java SE and JRockit CVE-2018-2588 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102661
Oracle Java SE and JRockit CVE-2018-2603 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102625
Oracle Java SE and JRockit CVE-2018-2663 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102662
Oracle Java SE and JRockit CVE-2018-2629 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102615
Oracle Java SE and JRockit CVE-2018-2678 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102659
Oracle Java SE CVE-2018-2677 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102656
Oracle Java SE and JRockit CVE-2018-2637 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102576
Oracle Java SE CVE-2018-2641 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102605
Oracle Java SE and JRockit CVE-2018-2599 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102633
Oracle Java SE and JRockit CVE-2018-2618 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102612
Oracle Java SE CVE-2018-2634 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102592
Oracle Java SE CVE-2018-2602 Local Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102642
Oracle Java SE and JRockit CVE-2018-2633 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102557
FreeBSD CVE-2018-6917 Multiple Integer Overflow Vulnerabilities
2018-04-04
http://www.securityfocus.com/bid/103668
FreeBSD CVE-2018-6918 Denial of Service Vulnerability
2018-04-04
http://www.securityfocus.com/bid/103666
Atlassian Bamboo CVE-2018-5224 Remote Security Bypass Vulnerability
2018-04-04
http://www.securityfocus.com/bid/103653
Microsoft Malware Protection Engine CVE-2018-0986 Remote Code Execution Vulnerability
2018-04-03
http://www.securityfocus.com/bid/103593
Google Android Qualcomm Component CVE-2017-11087 Information Disclosure Vulnerability
2018-04-02
http://www.securityfocus.com/bid/103669
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
Apple Xcode CVE-2018-4164 Multiple Security Vulnerabilities
2018-03-29
http://www.securityfocus.com/bid/103583
SANS News
Threat Hunting & Adversary Emulation: The HELK vs APTSimulator - Part 1
Threatpost
Exploint
Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods
Microsoft Windows Defender - 'mpengine.dll' Memory Corruption
ProcessMaker - Plugin Upload (Metasploit)
Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting
MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting
4 .4.2018
Bugtraq
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4165-1] ldap-account-manager security update 2018-04-04
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4164-1] apache2 security update 2018-04-03
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4163-1] beep security update 2018-04-02
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4161-1] python-django security update 2018-04-01
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Microsoft Malware Protection Engine CVE-2018-0986 Remote Code Execution Vulnerability
2018-04-03
http://www.securityfocus.com/bid/103593
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
Apple Xcode CVE-2018-4164 Multiple Security Vulnerabilities
2018-03-29
http://www.securityfocus.com/bid/103583
SANS News
A Suspicious Use of certutil.exe
Threatpost
Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks
Exploint
3 .4.2018
Bugtraq
[SECURITY] [DSA 4163-1] beep security update 2018-04-02
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4161-1] python-django security update 2018-04-01
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4159-1] remctl security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4162-1] irssi security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4160-1] libevt security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[slackware-security] php (SSA:2018-090-01) 2018-04-01
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
SANS News
Phishing PDFs with multiple links - Detection
Threatpost
Google’s April Android Security Bulletin Warns of 9 Critical Bugs
U.S. DoD Hopes To Stamp Out Threats With Bug Bounty Program
Cloudflare Launches Publicly DNS-Over-HTTPS Service
Exploint
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)
Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion
Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change
OpenCMS 10.5.3 - Cross-Site Scripting
OpenCMS 10.5.3 - Cross-Site Request Forgery
DLink DIR-601 - Admin Password Disclosure
VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials
VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal
WampServer 3.1.2 - Cross-Site Request Forgery
WebLog Expert Enterprise 9.4 - Privilege Escalation
2 .4.2018
Bugtraq
[SECURITY] [DSA 4161-1] python-django security update 2018-04-01
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4159-1] remctl security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4162-1] irssi security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4160-1] libevt security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[slackware-security] php (SSA:2018-090-01) 2018-04-01
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
DLink DIR-601 - Admin Password Disclosure
VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials
VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal
WampServer 3.1.2 - Cross-Site Request Forgery
WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
WebLog Expert Enterprise 9.4 - Privilege Escalation s
1 .4.2018
Bugtraq
[SECURITY] [DSA 4158-1] openssl1.0 security update 2018-03-29
Salvatore Bonaccorso (carnil debian org)
APPLE-SA-2018-3-29-2 watchOS 4.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Vulnerebility
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2018-03-28
http://www.securityfocus.com/bid/102118
SANS News
Phishing PDFs with multiple links
Threatpost
Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack
Exploint
Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer...
Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change
Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change
osCommerce 2.3.4.1 - Remote Code Execution
Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change
WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure
Joomla! Component AcySMS 3.5.0 - CSV Macro Injection
Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection
Homematic CCU2 2.29.23 - Remote Command Execution
WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection
WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting
MiniCMS 1.10 - Cross-Site Request Forgery
Homematic CCU2 2.29.23 - Arbitrary File Write
Open-AuditIT Professional 2.1 - Cross-Site Request Forgery
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)