Databáze Hot News 2018 February - 2018 January February March April May June July August September October November December
28 .2.2018
Bugtraq
SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management 2018-02-28
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4124-1] lucene-solr security update 2018-02-27
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03826 rev.1 - HPE Integrated Lights-Out 3 (iLO 3) Remote Denial of Service 2018-02-27
security-alert hpe com
SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket 2018-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
ES2018-03 Asterisk pjsip sdp invalid media format description segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-04 Asterisk pjsip tcp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-02 Asterisk pjsip sdp invalid fmtp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
Malware
Phishing
Vulnerebility
Xen 'xen/arch/x86/domain.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103175
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-02-28
http://www.securityfocus.com/bid/103174
Xen 'xen/common/grant_table.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103177
Qemu CVE-2018-7550 Out of Bounds Read and Write Arbitrary Code Execution Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103181
Emerson ControlWave Micro Process Automation Controller Stack Based Buffer Overflow Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103180
Delta Electronics WPLSoft Multiple Security Vulnerabilities
2018-02-27
http://www.securityfocus.com/bid/103179
Duo Network Gateway CVE-2018-7340 Authentication Bypass Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103178
Multiple SAML Libraries Multiple Authentication Bypass Vulnerabilities
2018-02-27
http://www.securityfocus.com/bid/103172
SANS News
How did this Memcache thing happen?
Threatpost
Exploint
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)
Concrete5 < 8.3.0 - Username / Comments Enumeration
CMS Made Simple 2.1.6 - Remote Code Execution
School Management Script 3.0.4 - Authentication Bypass
Joomla! Component K2 2.8.0 - Arbitrary File Download
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting
Schools Alert Management Script 2.0.2 - Authentication Bypass
Sony Playstation 4 4.55 FW - Local Kernel
Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service
27 .2.2018
Bugtraq
SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket 2018-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
ES2018-03 Asterisk pjsip sdp invalid media format description segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-04 Asterisk pjsip tcp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-02 Asterisk pjsip sdp invalid fmtp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-01 Asterisk pjsip subscribe stack corruption 2018-02-26
Sandro Gauci (sandro enablesecurity com)
CMS Made Simple 2.1.6 - Remote Code Execution 2018-02-26
displaymyname gmail con
[SECURITY] [DSA 4123-1] drupal7 security update 2018-02-24
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Linux Kernel 'mm/oom_kill.c' Local Denial of Service Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103161
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102376
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102371
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Access Bypass Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103115
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Security Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103117
Linux Kernel 'fs/f2fs/extent_cache.c' Local Denial of Service Vulnerability
2018-02-26
http://www.securityfocus.com/bid/103147
Wireshark DOCSIS Dissector CVE-2018-7337 Denial of Service Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103164
SANS News
Malspam pushing Formbook info stealer
Threatpost
Drupal Patches Critical Bug That Leaves Platform Open to XSS Attack
Exploint
Sony Playstation 4 4.55 FW - Local Kernel
Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion
Chrome V8 - 'PropertyArray' Integer Overflow
transmission - Integer Overflows Parsing Torrent Files
26 .2.2018
Bugtraq
CMS Made Simple 2.1.6 - Remote Code Execution 2018-02-26
displaymyname gmail con
[SECURITY] [DSA 4123-1] drupal7 security update 2018-02-24
Moritz Muehlenhoff (jmm debian org)
[security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance 2018-02-22
cyber-psrt microfocus com
Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 2018-02-22
Justin Bull (me justinbull ca)
[SECURITY] [DSA 4122-1] squid3 security update 2018-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4120-1] linux security update 2018-02-22
Yves-Alexis Perez (corsac debian org)
Malware
Phishing
Vulnerebility
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102376
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102371
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Access Bypass Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103115
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Security Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103117
Linux Kernel 'fs/f2fs/extent_cache.c' Local Denial of Service Vulnerability
2018-02-26
http://www.securityfocus.com/bid/103147
Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103144
Apple iOS/tvOS/macOS CVE-2017-7154 Local Security Bypass Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103134
SANS News
Threatpost
Exploint
AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit)
CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)
Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)
25 .2.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
Blackhole Advertising Sites with Pi-hole
Threatpost
Exploint
23.2.2018
Bugtraq
[security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance 2018-02-22
cyber-psrt microfocus com
Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 2018-02-22
Justin Bull (me justinbull ca)
[SECURITY] [DSA 4122-1] squid3 security update 2018-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4120-1] linux security update 2018-02-22
Yves-Alexis Perez (corsac debian org)
[SECURITY] [DSA 4121-1] gcc-6 security update 2018-02-22
Moritz Muehlenhoff (jmm debian org)
[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities 2018-02-21
Core Security Advisories Team (advisories coresecurity com)
DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability 2018-02-21
Defense Code (defensecode defensecode com)
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors 2018-02-21
SEC Consult Vulnerability Lab (research sec-consult com)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com) (1 replies)
Malware
Phishing
Vulnerebility
Apple iOS/tvOS/macOS CVE-2017-7154 Local Security Bypass Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103134
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
2018-02-21
http://www.securityfocus.com/bid/103080
Cisco Jabber CVE-2018-0201 Cross Site Scripting Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103133
Atlassian Floodlight Controller CVE-2015-6569 Denial of Service Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103132
Cisco Data Center Analytics Framework CVE-2018-0145 Cross Site Scripting Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103131
Multiple Asterisk Products CVE-2018-7286 Denial of Service Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103129
SANS News
Threatpost
Cryptojacking Attack Found on Los Angeles Times Website
Exploint
Groupon Clone Script 3.0.2 - Cross-Site Scripting
Alibaba Clone Script 1.0.2 - Cross-Site Scripting
Learning and Examination Management System - Cross-Site Scripting
Armadito Antivirus 0.12.7.2 - Detection Bypass
22.2.2018
Bugtraq
[SECURITY] [DSA 4121-1] gcc-6 security update 2018-02-22
Moritz Muehlenhoff (jmm debian org)
[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities 2018-02-21
Core Security Advisories Team (advisories coresecurity com)
DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability 2018-02-21
Defense Code (defensecode defensecode com)
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors 2018-02-21
SEC Consult Vulnerability Lab (research sec-consult com)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com) (1 replies)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com)
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS 2018-02-21
preethiknambiar gmail com
Malware
Phishing
Vulnerebility
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
2018-02-21
http://www.securityfocus.com/bid/103080
Juniper Junos J-Web Interface CVE-2018-0001 Remote Code Execution Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103092
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103066
ABB netCADOPS Web Application CVE-2018-5477 Information Disclosure Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103089
Linux Kernel 'drivers/block/floppy.c' Local Security Bypass Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103088
Yab Quarx CVE-2018-7274 Multiple HTML Injection Vulnerabilities
2018-02-20
http://www.securityfocus.com/bid/103081
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103003
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
Atlassian FishEye and Crucible CVE-2017-18093 Cross Site Scripting Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103095
SANS News
Passwords Part 2 - Passwords off the Wire using LLMNR
Threatpost
Exploint
Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH)
Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)
EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow
Wavpack 5.1.0 - Denial of Service
Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities
Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection
Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload
Joomla! Component CheckList 1.1.1 - SQL Injection
Joomla! Component Alexandria Book Library 3.1.2 - 'letter' SQL Injection
Joomla! Component Ek Rishta 2.9 - SQL Injection
Joomla! Component PrayerCenter 3.0.2 - 'sessionid' SQL Injection
NoMachine x64 < 6.0.80 - 'nxfuse' Privilege Escalation
NoMachine x86 < 6.0.80 - 'nxfuse' Privilege Escalation
21.2.2018
Bugtraq
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS 2018-02-21
preethiknambiar gmail com
Multiple Persistent XSS vulnerabilities in Radiant Content Management System 2018-02-20
suparna kachru gmail com
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors 2018-02-21
SEC Consult Vulnerability Lab (research sec-consult com)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com) (1 replies)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com)
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS 2018-02-21
preethiknambiar gmail com
Multiple Persistent XSS vulnerabilities in Radiant Content Management System 2018-02-20
suparna kachru gmail com
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-3 tvOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-1 iOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
8-02-19-2 macOS High Sierra 10.13.3 Supplemental Update 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-3 tvOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-1 iOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-4 watchOS 4.2.3 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4119-1] libav security update 2018-02-19
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
2018-02-21
http://www.securityfocus.com/bid/103080
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103066
Yab Quarx CVE-2018-7274 Multiple HTML Injection Vulnerabilities
2018-02-20
http://www.securityfocus.com/bid/103081
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103003
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
SANS News
Should We Call it Quits for Passwords? Or, "Password Spraying for the Win!"
Threatpost
Flight Sim Labs’ ‘Heavy Handed’ Anti-Piracy Tactics Raise Hackles
Exploint
utorrent - JSON-RPC Remote Code Execution / Information Disclosure
20.2.2018
Bugtraq
Multiple Persistent XSS vulnerabilities in Radiant Content Management System 2018-02-20
suparna kachru gmail com
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-3 tvOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-1 iOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-4 watchOS 4.2.3 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4119-1] libav security update 2018-02-19
Moritz Muehlenhoff (jmm debian org)
Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) 2018-02-18
displaymyname gmail com
[SECURITY] [DSA 4118-1] tomcat-native security update 2018-02-17
Salvatore Bonaccorso (carnil debian org)
Kentico CMS version 9 through 11 - Arbitrary Code Execution 2018-02-17
displaymyname gmail com
Malware
Win32/TrojanDownloader.Agent.DVC
Phishing
Vulnerebility
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103066
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103003
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
GNU Binutils CVE-2018-7208 Remote Denial of Service Vulnerability
2018-02-17
http://www.securityfocus.com/bid/103077
SANS News
Threatpost
Exploint
utorrent - JSON-RPC Remote Code Execution / Information Disclosure
Microsoft Windows - StorSvc SvcMoveFileInheritSecurity Arbitrary File Creation Privilege...
Microsoft Windows - Constrained Impersonation Capability Privilege Escalation
Microsoft Windows - NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous...
Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege
Microsoft Internet Explorer 11 - 'Js::RegexHelper::RegexReplace' Use-After-Free
Microsoft Windows Kernel - 'nt!RtlpCopyLegacyContextX86' Stack Memory Disclosure
MagniComp SysInfo - mcsiwrapper Privilege Escalation (Metasploit)
19.2.2018
Bugtraq
Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) 2018-02-18
displaymyname gmail com
[SECURITY] [DSA 4118-1] tomcat-native security update 2018-02-17
Salvatore Bonaccorso (carnil debian org)
Kentico CMS version 9 through 11 - Arbitrary Code Execution 2018-02-17
displaymyname gmail com
Malware
Phishing
Vulnerebility
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
Dell EMC Isilon OneFS Multiple Security Vulnerabilities
2018-02-16
http://www.securityfocus.com/bid/103033
General Electric D60 Line Distance Relay Multiple Buffer Overflow Vulnerabilities
2018-02-15
http://www.securityfocus.com/bid/103054
SANS News
Finding VBA signatures in .docm files
Threatpost
Exploint
Aastra 6755i SIP SP4 - Denial of Service
October CMS < 1.0.431 - Cross-Site Scripting
Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) +...
17.2.2018
Bugtraq
[slackware-security] irssi (SSA:2018-046-01) 2018-02-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4115-1] quagga security update 2018-02-15
Salvatore Bonaccorso (carnil debian org)
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload 2018-02-15
Arvind Vishwakarma (arvind12786 gmail com)
Malware
Phishing
Vulnerebility
SANS News
Malware Delivered via Windows Installer Files
Threatpost
Apple Rushes Fix for Latest ‘Text Bomb’ Bug As Abuse Spreads
Exploint
Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting
PSNews Website 1.0.0 - 'Keywords' SQL Injection
PHIMS - Hospital Management Information System - 'Password' SQL Injection
Front Accounting ERP 2.4.3 - Cross-Site Request Forgery
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service
JBoss Remoting 6.14.18 - Denial of Service
Microsoft Edge - 'UnmapViewOfFile' ACG Bypass
16.2.2018
Bugtraq
[slackware-security] irssi (SSA:2018-046-01) 2018-02-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4115-1] quagga security update 2018-02-15
Salvatore Bonaccorso (carnil debian org)
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload 2018-02-15
Arvind Vishwakarma (arvind12786 gmail com)
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF 2018-02-15
Arvind Vishwakarma (arvind12786 gmail com)
[SECURITY] [DSA 4114-1] jackson-databind security update 2018-02-15
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4113-1] libvorbis security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4112-1] xen security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 15th February 2018 |
Vulnerebility
Dell EMC Isilon OneFS Multiple Security Vulnerabilities
2018-02-16
http://www.securityfocus.com/bid/103033
Cisco StarOS CVE-2018-0122 Local Arbitrary File Overwrite Vulnerability
2018-02-15
http://www.securityfocus.com/bid/103028
Jenkins CVE-2018-6356 Directory Traversal Vulnerability
2018-02-14
http://www.securityfocus.com/bid/103037
Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102920
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102919
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102376
Microsoft Internet Explorer Scripting Engine CVE-2018-0866 Remote Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103032
Schneider Electric IGSS SCADA Software CVE-2017-9967 Local Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103022
SAP Internet Graphics Server CVE-2018-2395 Unspecified Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103019
SAP HANA Extended Application Services CVE-2018-2374 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103018
SAP ERP CVE-2018-2381 Remote Authorization Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103010
Trixbox CVE-2017-14536 Multiple Cross Site Scripting Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103009
Trixbox CVE-2017-14537 Multiple Directory Traversal Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103007
SAP ABAP File Interface CVE-2018-2367 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103006
SAP NetWeaver CVE-2018-2371 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103005
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103003
SAP Customer Relationship Management (CRM) WebClient UI Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103002
SAP Customer Relationship Management CVE-2018-2380 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103001
SAP NetWeaver System Landscape Directory CVE-2018-2368 Authentication Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103000
SAP NetWeaver CVE-2018-2365 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102999
SAP BI Launchpad CVE-2018-2370 SSRF Security Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102998
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102997
Adobe Acrobat and Reader APSB18-02 Out of Bounds Read Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102996
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102995
Adobe Acrobat and Reader APSB18-02 Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102994
Adobe Acrobat and Reader CVE-2018-4872 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102993
Adobe Acrobat and Reader APSB18-02 Multiple Heap Buffer Overflow Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102992
SANS News
Threatpost
Exploint
ABRT - raceabrt Privilege Escalation(Metasploit)
Joomla! Component Gallery WD 1.3.6 - SQL Injection
Joomla! Component Form Maker 3.6.12 - SQL Injection
Joomla! Component File Download Tracker 3.0 - SQL Injection
Joomla! Component Fastball 2.5 - 'season' SQL Injection
Joomla! Component DT Register 3.2.7 - 'id' SQL Injection
Joomla! Component AllVideos Reloaded 1.2.x - 'divid' SQL Injection
Joomla! Component Aist 2.0 - 'id' SQL Injection
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service
JBoss Remoting 6.14.18 - Denial of Service
Microsoft Edge - 'UnmapViewOfFile' ACG Bypass
15.2.2018
Bugtraq
[SECURITY] [DSA 4114-1] jackson-databind security update 2018-02-15
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4113-1] libvorbis security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4112-1] xen security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
NAT32 Build (22284) Remote Code Execution CVE-2018-6940 (hyp3rlinx / apparition security) 2018-02-14
apparitionsec gmail com
Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS 2018-02-14
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] MFSBGN03800 rev.1 - Micro Focus Performance Center, Remote Arbitrary Code Execution or Remote Arbitrary File Modification 2018-02-13
cyber-psrt microfocus com
CSNC-2017-027 Microsoft Intune - App PIN Bypass 2018-02-13
Advisories (advisories compass-security com)
Malware
Phishing
Vulnerebility
Cisco StarOS CVE-2018-0122 Local Arbitrary File Overwrite Vulnerability
2018-02-15
http://www.securityfocus.com/bid/103028
Dell EMC Isilon OneFS Multiple Security Vulnerabilities
2018-02-14
http://www.securityfocus.com/bid/103033
Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102920
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102919
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102376
Microsoft Internet Explorer Scripting Engine CVE-2018-0866 Remote Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103032
Schneider Electric IGSS SCADA Software CVE-2017-9967 Local Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103022
SAP Internet Graphics Server CVE-2018-2395 Unspecified Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103019
SAP HANA Extended Application Services CVE-2018-2374 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103018
SAP ERP CVE-2018-2381 Remote Authorization Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103010
Trixbox CVE-2017-14536 Multiple Cross Site Scripting Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103009
Trixbox CVE-2017-14537 Multiple Directory Traversal Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103007
SAP ABAP File Interface CVE-2018-2367 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103006
SAP NetWeaver CVE-2018-2371 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103005
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103003
SAP Customer Relationship Management (CRM) WebClient UI Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103002
SAP Customer Relationship Management CVE-2018-2380 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103001
SAP NetWeaver System Landscape Directory CVE-2018-2368 Authentication Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103000
SAP NetWeaver CVE-2018-2365 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102999
SAP BI Launchpad CVE-2018-2370 SSRF Security Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102998
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102997
Adobe Acrobat and Reader APSB18-02 Out of Bounds Read Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102996
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102995
Adobe Acrobat and Reader APSB18-02 Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102994
Adobe Acrobat and Reader CVE-2018-4872 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102993
Adobe Acrobat and Reader APSB18-02 Multiple Heap Buffer Overflow Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102992
Adobe Experience Manager CVE-2018-4875 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102991
SANS News
Threatpost
Exploint
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Pdfium - Pattern Shading Integer Overflows
Microsoft Edge Chakra JIT - 'LdThis' Type Confusion
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion
Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass
Microsoft Edge Chakra JIT - Memory Corruption
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly...
GNU binutils 2.26.1 - Integer Overflow (PoC)
Dell EMC Isilon OneFS - Multiple Vulnerabilities
userSpice 4.3 - Cross-Site Scripting
SOA School Management - 'access_login' SQL Injection
Social Oauth Login PHP - Authentication Bypass
GNU binutils 2.26.1 - Integer Overflow (POC)
14.2.2018
Bugtraq
Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS 2018-02-14
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] MFSBGN03800 rev.1 - Micro Focus Performance Center, Remote Arbitrary Code Execution or Remote Arbitrary File Modification 2018-02-13
cyber-psrt microfocus com
CSNC-2017-027 Microsoft Intune - App PIN Bypass 2018-02-13
Advisories (advisories compass-security com)
[SECURITY] [DSA 4111-2] libreoffice security update 2018-02-12
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03819 rev.1 - HPE XP Storage using HGLM, Local Authentication Bypass 2018-02-12
security-alert hpe com
CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow (hyp3rlinx / apparition security) 2018-02-12
apparitionsec gmail com
[SECURITY] [DSA 4111-1] libreoffice security update 2018-02-11
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
iTunes - Order Confirmation | 13th February 2018 |
Vulnerebility
Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102920
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102919
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102376
Adobe Acrobat and Reader APSB18-02 Out of Bounds Read Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102996
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102995
Adobe Acrobat and Reader APSB18-02 Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102994
Adobe Acrobat and Reader CVE-2018-4872 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102993
Adobe Acrobat and Reader APSB18-02 Multiple Heap Buffer Overflow Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102992
Adobe Experience Manager CVE-2018-4875 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102991
Adobe Experience Manager CVE-2018-4876 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102990
Microsoft SharePoint Server CVE-2018-0869 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102963
Microsoft SharePoint Server CVE-2018-0864 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102962
Microsoft Excel CVE-2018-0841 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102957
Microsoft Windows CVE-2018-0760 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102953
Microsoft Windows CVE-2018-0761 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102952
Microsoft Windows Kernel CVE-2018-0843 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102951
Microsoft Windows Kernel CVE-2018-0830 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102949
Microsoft Windows Kernel CVE-2018-0829 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102948
Microsoft Windows Kernel CVE-2018-0757 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102947
Microsoft Windows CVE-2018-0842 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102946
Microsoft Windows Kernel CVE-2018-0820 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102945
Microsoft Windows CVE-2018-0826 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102944
Microsoft Windows Kernel CVE-2018-0831 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102943
Microsoft Windows CVE-2018-0822 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102942
Microsoft Windows Kernel CVE-2018-0756 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102941
Microsoft Windows CVE-2018-0821 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102939
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102938
SANS News
February 2018 Microsoft (and Adobe) Patch Tuesday
Threatpost
Exploint
NAT32 2.2 Build 22284 - Cross-Site Request Forgery
NAT32 2.2 Build 22284 - Remote Command Execution
13.2.2018
Bugtraq
CSNC-2017-027 Microsoft Intune - App PIN Bypass 2018-02-13
Advisories (advisories compass-security com)
[SECURITY] [DSA 4111-2] libreoffice security update 2018-02-12
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03819 rev.1 - HPE XP Storage using HGLM, Local Authentication Bypass 2018-02-12
security-alert hpe com
CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow (hyp3rlinx / apparition security) 2018-02-12
apparitionsec gmail com
[SECURITY] [DSA 4111-1] libreoffice security update 2018-02-11
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4109-1] ruby-omniauth security update 2018-02-10
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
Kaspersky Secure Mail Gateway Multiple Security Vulnerabilities
2018-02-12
http://www.securityfocus.com/bid/102910
phpMyAdmin Cross Site Request Forgery Vulnerability
2018-02-09
http://www.securityfocus.com/bid/102271
Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability
2018-02-09
http://www.securityfocus.com/bid/70937
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
GraphicsMagick CVE-2018-6799 Denial of Service Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102981
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Firepower System Software CVE-2018-0138 Remote Security Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102978
Cisco IOS XR Software CVE-2018-0132 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102975
Cisco Virtualized Packet Core-Distributed Instance CVE-2018-0117 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102970
Multiple Cisco Wireless VPN Routers CVE-2018-0127 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102969
Cisco Policy Suite CVE-2018-0116 Authentication Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102968
Cisco IOS and IOS XE Software CVE-2018-0123 Local Arbitrary File Overwrite Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102967
Cisco UCS Central Software CVE-2018-0113 Remote Command Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102966
Cisco Unified Communications Manager CVE-2018-0198 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102965
Cisco Unified Communications Manager CVE-2018-0135 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102964
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
SANS News
Threatpost
Exploint
LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation (Metasploit)
glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)
Juju-run Agent - Privilege Escalation (Metasploit)
Advantech WebAccess 8.3.0 - Remote Code Execution
CloudMe Sync < 1.11.0 - Buffer Overflow
News Website Script 2.0.4 - 'search' SQL Injection
TypeSetter CMS 5.1 - Cross-Site Request Forgery
TypeSetter CMS 5.1 - 'Host' Header Injection
LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution
12.2.2018
Bugtraq
[SECURITY] [DSA 4111-1] libreoffice security update 2018-02-11
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4109-1] ruby-omniauth security update 2018-02-10
Luciano Bello (luciano debian org)
KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
[SECURITY] [DSA 4110-1] exim4 security update 2018-02-10
Salvatore Bonaccorso (carnil debian org)
Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM 2018-02-09
Stefan Kanthak (stefan kanthak nexgo de)
KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2018-003 : NetEx HyperIP Post-Auth Command Execution 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2018-006 : Trend Micro IMSVA Management Portal Authentication Bypass 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2018-002 : NetEx HyperIP Authentication Bypass 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
[SECURITY] [DSA 4108-1] mailman security update 2018-02-09
Thijs Kinkhorst (thijs debian org)
Malware
Phishing
Apple | 11th February 2018 |
Support Account | 8th February 2018 |
[REMINDER] : YOUR APPLE ID WAS | |
Vulnerebility
SANS News
Analyzing compressed shellcode
Threatpost
Exploint
11.2.2018
Bugtraq
[SECURITY] [DSA 4108-1] mailman security update 2018-02-09
Thijs Kinkhorst (thijs debian org)
Advisory - Fisheye and Crucible - CVE-2017-16861 2018-02-09
David Black (dblack atlassian com)
[SECURITY] [DSA 4105-2] mpv security update 2018-02-09
Luciaon Bello (luciano debian org)
SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro 2018-02-08
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Support Account | 8th February 2018 |
[REMINDER] : YOUR APPLE ID WAS | |
Bank of America | 7th February 2018 |
Vulnerebility
phpMyAdmin Cross Site Request Forgery Vulnerability
2018-02-09
http://www.securityfocus.com/bid/102271
Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability
2018-02-09
http://www.securityfocus.com/bid/70937
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Virtualized Packet Core-Distributed Instance CVE-2018-0117 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102970
Multiple Cisco Wireless VPN Routers CVE-2018-0127 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102969
Cisco Policy Suite CVE-2018-0116 Authentication Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102968
Cisco IOS and IOS XE Software CVE-2018-0123 Local Arbitrary File Overwrite Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102967
Cisco UCS Central Software CVE-2018-0113 Remote Command Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102966
Cisco Unified Communications Manager CVE-2018-0198 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102965
Cisco Unified Communications Manager CVE-2018-0135 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102964
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
Cisco Unified Communications Manager CVE-2018-0120 SQL Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102958
Cisco Prime Network CVE-2018-0137 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102955
Cisco Policy Suite CVE-2018-0134 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102954
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
SANS News
Threatpost
Cisco Confirms Critical Firewall Software Bug Is Under Attack
Exploint
JBoss 4.2.x/4.3.x - Information Disclosure
Multi Language Olx Clone Script - Cross-Site Scripting
Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting
Select Your College Script 2.0.2 - Authentication Bypass
Bitcoin MLM Software 1.0.2 - Cross-Site Scripting
Lawyer Search Script 1.0.2 - Cross-Site Scripting
Schools Alert Management Script 2.0.2 - Arbitrary File Upload
Facebook Clone Script 1.0.5 - Cross-Site Scripting
macOS Kernel - Use-After-Free Due to Lack of Locking in...
9.2.2018
Bugtraq
[SECURITY] [DSA 4108-1] mailman security update 2018-02-09
Thijs Kinkhorst (thijs debian org)
Advisory - Fisheye and Crucible - CVE-2017-16861 2018-02-09
David Black (dblack atlassian com)
[SECURITY] [DSA 4105-2] mpv security update 2018-02-09
Luciaon Bello (luciano debian org)
SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro 2018-02-08
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2018-02-07
security-alert hpe com
[SECURITY] [DSA 4106-1] libtasn1-6 security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
phpMyAdmin Cross Site Request Forgery Vulnerability
2018-02-09
http://www.securityfocus.com/bid/102271
Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability
2018-02-09
http://www.securityfocus.com/bid/70937
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Virtualized Packet Core-Distributed Instance CVE-2018-0117 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102970
Multiple Cisco Wireless VPN Routers CVE-2018-0127 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102969
Cisco Policy Suite CVE-2018-0116 Authentication Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102968
Cisco IOS and IOS XE Software CVE-2018-0123 Local Arbitrary File Overwrite Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102967
Cisco UCS Central Software CVE-2018-0113 Remote Command Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102966
Cisco Unified Communications Manager CVE-2018-0198 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102965
Cisco Unified Communications Manager CVE-2018-0135 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102964
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
Cisco Unified Communications Manager CVE-2018-0120 SQL Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102958
SANS News
An autograph from the Dridex gang
Threatpost
Exploint
HPE iLO 4 < 2.53 - Add New Administrator User
Marked2 - Local File Disclosure
macOS Kernel - Use-After-Free Due to Lack of Locking in...
8.2.2018
Bugtraq
[SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2018-02-07
security-alert hpe com
[SECURITY] [DSA 4106-1] libtasn1-6 security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07
Slackware Security Team (security slackware com)
[SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform 2018-02-07
Security Explorations (contact security-explorations com)
[SECURITY] [DSA 4105-1] mpv security update 2018-02-07
Luciano Bello (luciano debian org)
Malware
Phishing
Support Account | 8th February 2018 |
[REMINDER] : YOUR APPLE ID WAS | |
Bank of America | 7th February 2018 |
Vulnerebility
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
Cisco Unified Communications Manager CVE-2018-0120 SQL Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102958
Cisco Prime Network CVE-2018-0137 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102955
Cisco Policy Suite CVE-2018-0134 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102954
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92628
OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92117
OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92982
OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91081
OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91319
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
2018-02-05
http://www.securityfocus.com/bid/102904
SANS News
Threatpost
Exploint
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...
HPE iLO4 < 2.53 - Add New Administrator User
Geovision Inc. IP Camera & Video - Remote Command Execution
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...
Entrepreneur Dating Script 2.0.2 - Authentication Bypass
Online Test Script 2.0.7 - 'cid' SQL Injection
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
Android - 'getpidcon' Permission Bypass in KeyStore Service
7.2.2018
Bugtraq
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07
Slackware Security Team (security slackware com)
[SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform 2018-02-07
Security Explorations (contact security-explorations com)
[SECURITY] [DSA 4105-1] mpv security update 2018-02-07
Luciano Bello (luciano debian org)
[CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities 2018-02-05
Core Security Advisories Team (advisories coresecurity com)
[SECURITY] [DSA 4104-1] p7zip security update 2018-02-04
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
SANS News
3 examples of malspam pushing Loki-Bot malware
Threatpost
Exploint
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...
Geovision Inc. IP Camera & Video - Remote Command Execution
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...
Entrepreneur Dating Script 2.0.2 - Authentication Bypass
Online Test Script 2.0.7 - 'cid' SQL Injection
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting
Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting
Android - 'getpidcon' Permission Bypass in KeyStore Service
Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption
6.2.2018
Bugtraq
[CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities 2018-02-05
Core Security Advisories Team (advisories coresecurity com)
[SECURITY] [DSA 4104-1] p7zip security update 2018-02-04
Salvatore Bonaccorso (carnil debian org)
[slackware-security] php (SSA:2018-034-01) 2018-02-04
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92628
OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92117
OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92982
OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91081
OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91319
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
2018-02-05
http://www.securityfocus.com/bid/102904
Siemens TeleControl Server Basic CVE-2018-4835 Authentication Bypass Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102894
Siemens TeleControl Server Basic CVE-2018-4836 Privilege Escalation Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102897
Siemens TeleControl Server Basic CVE-2018-4837 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102819
Citrix NetScaler VPX CVE-2018-6186 Privilege Escalation Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102915
GNU C Library CVE-2018-6485 Multiple Integer Overflow Vulnerabilities
2018-02-01
http://www.securityfocus.com/bid/102912
Kaspersky Secure Mail Gateway Multiple Security Vulnerabilities
2018-02-01
http://www.securityfocus.com/bid/102910
CODESYS Web Server CVE-2018-5440 Stack Based Buffer Overflow Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102909
Gemalto Sentinel License Manager Multiple Security Vulnerabilities
2018-02-01
http://www.securityfocus.com/bid/102906
Fuji Electric V-Server VPR CVE-2018-5442 Stack Based Buffer Overflow Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102903
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102893
IBM Cognos Analytics CVE-2017-1783 Local Security Bypass Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102863
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
SANS News
Threatpost
Exploint
Netis WF2419 Router - Cross-Site Scripting
Student Profile Management System Script 2.0.6 - Authentication Bypass
Joomla! Component JSP Tickets 1.1 - SQL Injection
Joomla! Component jLike 1.0 - Information Leak
Joomla! Component Zh GoogleMap 8.4.0.0 - SQL Injection
Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection
Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection
5.2.2018
Bugtraq
[SECURITY] [DSA 4104-1] p7zip security update 2018-02-04
Salvatore Bonaccorso (carnil debian org)
[slackware-security] php (SSA:2018-034-01) 2018-02-04
Slackware Security Team (security slackware com)
[security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection 2018-02-01
cyber-psrt microfocus com A
SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01
Michael Gilbert (mgilbert debian org)
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01
Atlassian (security atlassian com)
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-23
http://www.securityfocus.com/bid/102890
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92628
OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92117
OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92982
OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91081
OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91319
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
2018-02-05
http://www.securityfocus.com/bid/102904
Siemens TeleControl Server Basic CVE-2018-4835 Authentication Bypass Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102894
Siemens TeleControl Server Basic CVE-2018-4836 Privilege Escalation Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102897
Siemens TeleControl Server Basic CVE-2018-4837 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102819
Citrix NetScaler VPX CVE-2018-6186 Privilege Escalation Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102915
SANS News
Threatpost
Exploint
Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution...
Online Voting System - Authentication Bypass
NixCMS 1.0 - 'category_id' SQL Injection
Matrimonial Website Script 2.1.6 - 'uid' SQL Injection
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)
Claymore Dual GPU Miner 10.5 - Format String
WordPress Core - 'load-scripts.php' Denial of Service
Wonder CMS 2.3.1 - 'Host' Header Injection
Wonder CMS 2.3.1 - Unrestricted File Upload
4.2.2018
Bugtraq
Malware
Phishing
Account PayPaI | 4th February 2018 |
Vulnerebility
SANS News
Threatpost
Exploint
2.2.2018
Bugtraq
[security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection 2018-02-01
cyber-psrt microfocus com
SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01
Michael Gilbert (mgilbert debian org)
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01
Atlassian (security atlassian com)
KonaKart Path Traversal Vulnerability 2018-02-01
ajcraggs gmail com
Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key 2018-01-31
cfpmontreal2018 recon cx
SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4094-2] smarty3 security update 2018-01-30
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-23
http://www.securityfocus.com/bid/102890
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102893
IBM Cognos Analytics CVE-2017-1783 Local Security Bypass Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102863
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2018-01-31
http://www.securityfocus.com/bid/101552
IBM Content Navigator CVE-2017-1192 XML External Entity Injection Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102864
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102103
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Atlassian Activity Streams CVE-2017-9513 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102869
FreePBX CVE-2018-6393 SQL Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102854
FFmpeg 'libavfilter/vf_transpose.c' Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102848
Mozilla Firefox CVE-2018-5124 Arbitrary Code Execution Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102843
SANS News
Threatpost
Exploint
Microsoft Windows Subsystem for Linux - Local Privilege Escalation
FiberHome AN5506 - Unauthenticated Remote DNS Change
Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal
Joomla! Component JMS Music 1.1.1 - SQL Injection
Joomla! Component Jimtawl 2.1.6 - Arbitrary File Upload
Joomla! Component JEXTN Classified 1.0.0 - 'sid' SQL Injection
Joomla! Component JEXTN Reverse Auction 3.1.0 - SQL Injection
Event Manager 1.0 - SQL Injection
Joomla! Component JE PayperVideo 3.0.0 - 'usr_plan' SQL Injection
IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting
Advance Loan Management System - 'id' SQL Injection
Real Estate Custom Script - 'route' SQL Injection
Fancy Clone Script - 'search_browse_product' SQL Injection
Joomla! Component JEXTN Membership 3.1.0 - 'usr_plan' SQL Injection
BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)
WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free
WebKit - 'detachWrapper' Use-After-Free
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode
1.2.2018
Bugtraq
SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01
Michael Gilbert (mgilbert debian org)
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01
Atlassian (security atlassian com)
KonaKart Path Traversal Vulnerability 2018-02-01
ajcraggs gmail com
Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key 2018-01-31
cfpmontreal2018 recon cx
SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4094-2] smarty3 security update 2018-01-30
Luciano Bello (luciano debian org)
Defense in depth -- the Microsoft way (part 49): fun with application manifests 2018-01-30
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 4098-1] curl security update 2018-01-26
Alessandro Ghedini (ghedo debian org)
Malware
Trojan.Trensil.B
Win32/Agent.SMB
Win64/Gadoopt.AA
Phishing
eBay | 1st February 2018 |
Help us protect your account - | |
Apple | 31st January 2018 |
App Store | 28th January 2018 |
APPLE PURCHASE SUCCESSFULLY | |
Vulnerebility
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-23
http://www.securityfocus.com/bid/102890
IBM Cognos Analytics CVE-2017-1783 Local Security Bypass Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102863
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2018-01-31
http://www.securityfocus.com/bid/101552
IBM Content Navigator CVE-2017-1192 XML External Entity Injection Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102864
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102103
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Atlassian Activity Streams CVE-2017-9513 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102869
FreePBX CVE-2018-6393 SQL Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102854
FFmpeg 'libavfilter/vf_transpose.c' Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102848
Mozilla Firefox CVE-2018-5124 Arbitrary Code Execution Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102843
Jenkins Multijob Plugin CVE-2017-1000390 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102824
libming 'util/decompile.c' Denial of Service Vulnerability
2018-01-27
http://www.securityfocus.com/bid/102856
Jenkins Active Choices Plugin HTML Injection Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101538
Jenkins Build Publisher Plugin Information Disclosure Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101544
Apache NiFi CVE-2016-8748 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/95621
IBM Rational DOORS CVE-2017-1532 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/102888
SANS News
Threatpost
Exploint
Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)
systemd (systemd-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation