Databáze Hot News - Rok - Úvod 2018 2017 2016 2015 2014 2013 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 List - 2018 2017 2016 2015 2014 2013
Poslední aktualizace v 08.10.2016 14:19:38
27.4.2018
Bugtraq
[slackware-security] openvpn (SSA:2018-116-01) 2018-04-27
Slackware Security Team (security slackware com)
[HITB-Announce] HITBGSEC2018 CFP - Final Call 2018-04-26
Hafez Kamal (aphesz hackinthebox org)
[SECURITY] [DSA 4180-1] drupal7 security update 2018-04-25
Salvatore Bonaccorso (carnil debian org)
Secunia Research: Oracle Outside In Technology Use-After-Free Vulnerability 2018-04-25
Secunia Research (remove-vuln secunia com)
APPLE-SA-2018-04-24-2 Security Update 2018-001 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-1 iOS 11.3.1 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4) 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Xen 'x86/x86_64/entry.S' Denial of Service Vulnerability
2018-04-27
http://www.securityfocus.com/bid/104003
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103825
Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103828
Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103818
Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103820
Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103801
Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103814
Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103799
Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103804
Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103831
Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103805
Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103807
Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103811
Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103802
Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2018-04-26
http://www.securityfocus.com/bid/64111
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-04-26
http://www.securityfocus.com/bid/100872
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2018-04-26
http://www.securityfocus.com/bid/97702
Oracle Security Service CVE-2018-2765 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103808
Delta Electronics PMSoft CVE-2018-8839 Multiple Stack Based Buffer Overflow Vulnerabilities
2018-04-26
http://www.securityfocus.com/bid/104013
Apple iOS and macOS Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103957
Drupal JSON API Module Cross Site Request Forgery Vulnerability
2018-04-25
http://www.securityfocus.com/bid/104004
Xen XSA-258 Information Disclosure Vulnerability
2018-04-25
http://www.securityfocus.com/bid/104002
Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
2018-04-25
http://www.securityfocus.com/bid/104001
Drupal Core CVE-2018-7602 Remote Code Execution Vulnerability
2018-04-25
http://www.securityfocus.com/bid/103985
GNU Binutils CVE-2018-10372 Remote Buffer Overflow Vulnerability
2018-04-25
http://www.securityfocus.com/bid/103976
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103958
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
SANS News
More Threat Hunting with User Agent and Drupal Exploits
Threatpost
Exploint
Frog CMS 0.9.5 - Persistent Cross-Site Scripting
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot
GitList 0.6 - Unauthenticated Remote Code Execution
MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting
Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)
26.4.2018
Bugtraq
[SECURITY] [DSA 4180-1] drupal7 security update 2018-04-25
Salvatore Bonaccorso (carnil debian org)
Secunia Research: Oracle Outside In Technology Use-After-Free Vulnerability 2018-04-25
Secunia Research (remove-vuln secunia com)
APPLE-SA-2018-04-24-2 Security Update 2018-001 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-1 iOS 11.3.1 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4) 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2013-2929 Local Privilege Escalation Vulnerability
2018-04-26
http://www.securityfocus.com/bid/64111
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-04-26
http://www.securityfocus.com/bid/100872
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2018-04-26
http://www.securityfocus.com/bid/97702
Oracle Security Service CVE-2018-2765 Remote Security Vulnerability
2018-04-26
http://www.securityfocus.com/bid/103808
Apple iOS and macOS Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103957
Drupal Core CVE-2018-7602 Remote Code Execution Vulnerability
2018-04-25
http://www.securityfocus.com/bid/103985
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103958
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94414
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94417
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94416
Multiple Intel 2G Modem Products CVE-2018-3624 Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103968
Vecna VGo Robot ICSA-18-114-01 Information Disclosure and OS Command Execution Vulnerabilities
2018-04-24
http://www.securityfocus.com/bid/103966
WebKit Multiple Memory Corruption Vulnerabilities
2018-04-24
http://www.securityfocus.com/bid/103961
Linux Kernel 'fs/xfs/libxfs/xfs_inode_buf.c' Local Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103960
Linux Kernel 'fs/xfs/libxfs/xfs_bmap.c' Local Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103959
FFmpeg 'libavformat/img2dec.c' Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103956
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
SANS News
Yet Another Drupal RCE Vulnerability
Threatpost
Exploint
October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting
SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response
WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion
Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command...
Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)
Chrome V8 JIT - Arrow Function Scope Fixing Bug
Chrome V8 JIT - 'AwaitedPromise' Update Bug
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
Adobe Flash - Out-of-Bounds Write in blur Filtering
Adobe Flash - Info Leak in Image Inflation
Adobe Flash - Overflow in Slab Rendering
Adobe Flash - Overflow when Playing Sound
HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion
HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting
HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection
HRSALE The Ultimate HRM v1.0.2 - CSV Injection
Blog Master Pro v1.0 - CSV Injection
Shopy Point of Sale v1.0 - CSV Injection
25.4.2018
Bugtraq
APPLE-SA-2018-04-24-1 iOS 11.3.1 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-04-24-3 Safari 11.1 (v. 11605.1.33.1.4, 12605.1.33.1.4, and 13605.1.33.1.4) 2018-04-24
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180424-0 :: Reflected Cross-Site Scripting in multiple Zyxel ZyWALL products 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult SA-20180423-0 :: Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4176-1] mysql-5.5 security update 2018-04-20
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Apple iOS and macOS Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103957
Apple iOS APPLE-SA-2018-04-24-1 Multiple Security Vulnerabilities
2018-04-25
http://www.securityfocus.com/bid/103958
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94414
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94417
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94416
WebKit Multiple Memory Corruption Vulnerabilities
2018-04-24
http://www.securityfocus.com/bid/103961
Linux Kernel 'fs/xfs/libxfs/xfs_bmap.c' Local Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103959
FFmpeg 'libavformat/img2dec.c' Denial of Service Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103956
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
SANS News
Malicious Network Traffic From /bin/bash
Threatpost
Exploint
24.4.2018
Bugtraq
[SECURITY] [DSA 4179-1] linux-tools security update 2018-04-24
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180424-0 :: Reflected Cross-Site Scripting in multiple Zyxel ZyWALL products 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult SA-20180423-0 :: Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server 2018-04-24
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4176-1] mysql-5.5 security update 2018-04-20
Salvatore Bonaccorso (carnil debian org)
Seagate Media Server path traversal vulnerability 2018-04-19
Summer of Pwnage (lists securify nl)
[SECURITY] [DSA 4175-1] freeplane security update 2018-04-18
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4178-1] libreoffice security update 2018-04-20
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Paramiko CVE-2018-7750 Authentication Bypass Vulnerability
2018-04-24
http://www.securityfocus.com/bid/103713
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94411
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94414
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94417
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2018-04-24
http://www.securityfocus.com/bid/94416
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102122
Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102056
Linux kernel CVE-2017-15265 Use After Free Local Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/101288
Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102101
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103825
Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103807
Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103818
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103820
Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103811
Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103814
Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103828
SANS News
Threatpost
Exploint
23.4.2018
Bugtraq
[SECURITY] [DSA 4176-1] mysql-5.5 security update 2018-04-20
Salvatore Bonaccorso (carnil debian org)
Seagate Media Server path traversal vulnerability 2018-04-19
Summer of Pwnage (lists securify nl)
Malware
Phishing
Vulnerebility
Google Android Qualcomm Components Multiple Security Vulnerabilities
2018-04-23
http://www.securityfocus.com/bid/100658
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102367
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102122
Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102056
Linux kernel CVE-2017-15265 Use After Free Local Denial of Service Vulnerability
2018-04-23
http://www.securityfocus.com/bid/101288
Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2018-04-23
http://www.securityfocus.com/bid/102101
Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103825
Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103807
Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103818
Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103830
Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103824
Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103820
Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103811
Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103814
Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
2018-04-23
http://www.securityfocus.com/bid/103828
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2018-04-19
http://www.securityfocus.com/bid/91453
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103880
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103203
Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/97948
SANS News
Threatpost
Exploint
22.4.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
A malicious word document with a VBA form - video
Threatpost
Exploint
20.4.2018
Bugtraq
Seagate Media Server stored Cross-Site Scripting vulnerability 2018-04-19
Summer of Pwnage (lists securify nl)
[slackware-security] gd (SSA:2018-108-01) 2018-04-19
Slackware Security Team (security slackware com)
WebKitGTK+ Security Advisory WSA-2018-0003 2018-04-17
Michael Catanzaro (mcatanzaro igalia com)
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2018-04-19
http://www.securityfocus.com/bid/91453
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103880
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103203
Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/97948
WPA2 Key Reinstallation Multiple Security Weaknesses
2018-04-18
http://www.securityfocus.com/bid/101274
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/102371
Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91867
Spring Security and Spring Framework CVE-2016-5007 Security Bypass Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91687
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93150
FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/99623
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/100954
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103872
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103868
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/78215
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103847
Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2018-04-18
http://www.securityfocus.com/bid/60534
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103841
SANS News
Malspam pushing ransomware using two layers of password protection to avoid detection
Threatpost
Exploint
19.4.2018
Bugtraq
[slackware-security] gd (SSA:2018-108-01) 2018-04-19
Slackware Security Team (security slackware com)
WebKitGTK+ Security Advisory WSA-2018-0003 2018-04-17
Michael Catanzaro (mcatanzaro igalia com)
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2018-04-19
http://www.securityfocus.com/bid/91453
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103880
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2018-04-19
http://www.securityfocus.com/bid/103203
Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2018-04-19
http://www.securityfocus.com/bid/97948
WPA2 Key Reinstallation Multiple Security Weaknesses
2018-04-18
http://www.securityfocus.com/bid/101274
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/102371
Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91867
Spring Security and Spring Framework CVE-2016-5007 Security Bypass Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91687
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93150
FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/99623
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/100954
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103872
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103868
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/78215
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103847
Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2018-04-18
http://www.securityfocus.com/bid/60534
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103841
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/79091
Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/95429
Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93236
Oracle Java SE and JRockit CVE-2018-2783 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103832
Oracle Retail Back Office CVE-2018-2861 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103809
Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103777
Cisco Unified Computing System Director CVE-2018-0238 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103919
Oracle VM VirtualBox CVE-2018-2845 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103861
Oracle VM VirtualBox CVE-2018-2844 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103855
SANS News
Threatpost
Exploint
18.4.2018
Bugtraq
WebKitGTK+ Security Advisory WSA-2018-0003 2018-04-17
Michael Catanzaro (mcatanzaro igalia com)
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-04-12
cyber-psrt microfocus com
[security bulletin] MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability 2018-04-12
cyber-psrt microfocus com
[SECURITY] [DSA 4079-2] poppler regression update 2018-04-12
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
2018-11-02
http://www.securityfocus.com/bid/103880
WPA2 Key Reinstallation Multiple Security Weaknesses
2018-04-18
http://www.securityfocus.com/bid/101274
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/102371
Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91867
Spring Security and Spring Framework CVE-2016-5007 Security Bypass Vulnerability
2018-04-18
http://www.securityfocus.com/bid/91687
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93150
FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/99623
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/100954
Oracle Java SE and JRockit CVE-2018-2800 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103849
Oracle Java SE and JRockit CVE-2018-2799 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103872
Oracle Java SE and JRockit CVE-2018-2796 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103868
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/78215
Oracle Java SE and JRockit CVE-2018-2815 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103848
Oracle Java SE and JRockit CVE-2018-2795 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103847
Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2018-04-18
http://www.securityfocus.com/bid/60534
Oracle Java SE and JRockit CVE-2018-2797 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103846
Oracle Java SE and JRockit CVE-2018-2798 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103841
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-04-18
http://www.securityfocus.com/bid/79091
Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/95429
Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2018-04-18
http://www.securityfocus.com/bid/93236
Oracle Java SE and JRockit CVE-2018-2783 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103832
Oracle Retail Back Office CVE-2018-2861 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103809
Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103777
Oracle VM VirtualBox CVE-2018-2845 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103861
Oracle VM VirtualBox CVE-2018-2844 Local Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103855
Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103780
Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103779
Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
2018-04-18
http://www.securityfocus.com/bid/103778
Python rhn-setup CVE-2015-1777 SSL Certificate Validation Security Bypass Vulnerability
2018-04-17
http://www.securityfocus.com/bid/72943
SANS News
Threatpost
Exploint
17.4.2018
Bugtraq
[SECURITY] [DSA 4174-1] corosync security update 2018-04-17
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4173-1] r-cran-readxl security update 2018-04-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-04-12
cyber-psrt microfocus com
[security bulletin] MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability 2018-04-12
cyber-psrt microfocus com
[SECURITY] [DSA 4079-2] poppler regression update 2018-04-12
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4169-1] pcs security update 2018-04-11
Yves-Alexis Perez (corsac debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-16
http://www.securityfocus.com/bid/103708
Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability
2018-04-16
http://www.securityfocus.com/bid/103715
Drupal Core CVE-2018-7600 Multiple Remote Code Execution Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103534
Oracle April 2018 Critical Patch Update Multiple Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103743
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
SANS News
Threatpost
Exploint
16.4.2018
Bugtraq
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-16
http://www.securityfocus.com/bid/103708
Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability
2018-04-16
http://www.securityfocus.com/bid/103715
Drupal Core CVE-2018-7600 Multiple Remote Code Execution Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103534
Oracle April 2018 Critical Patch Update Multiple Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103743
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
SANS News
Threatpost
Exploint
15.4.2018
Bugtraq
Malware
Phishing
Vulnerebility
Drupal Core CVE-2018-7600 Multiple Remote Code Execution Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103534
Oracle April 2018 Critical Patch Update Multiple Vulnerabilities
2018-04-13
http://www.securityfocus.com/bid/103743
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2018-04-12
http://www.securityfocus.com/bid/102009
Poppler CVE-2017-9776 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99240
Pivotal Spring Framework CVE-2018-1270 Remote Code Execution Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103696
Microsoft Jet Database Engine CVE-2018-1003 Buffer Overflow Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103655
Microsoft Windows Graphics Component CVE-2018-1008 Local Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103658
Microsoft Windows Graphics Component CVE-2018-8116 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103705
VMware vRealize Automation Cross Site Scripting and Session Hijacking Vulnerabilities
2018-04-12
http://www.securityfocus.com/bid/103752
runV for Docker CVE-2018-9862 Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103738
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
SANS News
Getting Incident Response Help from Richard Feynman
Threatpost
Don’t Trust Android OEM Patching, Claims Researcher
Exploint
13.4.2018
Bugtraq
[security bulletin] MFSBGN03802 - Virtualization Performance Viewer (vPV) / Cloud Optimizer, Local Disclosure of Information 2018-04-12
cyber-psrt microfocus com
[security bulletin] MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability 2018-04-12
cyber-psrt microfocus com
[SECURITY] [DSA 4079-2] poppler regression update 2018-04-12
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4169-1] pcs security update 2018-04-11
Yves-Alexis Perez (corsac debian org)
Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18) 2018-04-10
Yves Younan (wootcfp fort-knox org)
[SECURITY] [DSA 4170-1] pjproject security update 2018-04-09
Moritz Muehlenhoff (jmm debian org)
secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
Malware
Phishing
Vulnerebility
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103518
Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99263
Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2018-04-12
http://www.securityfocus.com/bid/102009
Poppler CVE-2017-9776 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/99240
Pivotal Spring Framework CVE-2018-1270 Remote Code Execution Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103696
Microsoft Jet Database Engine CVE-2018-1003 Buffer Overflow Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103655
Microsoft Windows Graphics Component CVE-2018-1008 Local Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103658
Microsoft Windows Graphics Component CVE-2018-8116 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103705
runV for Docker CVE-2018-9862 Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103738
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
QEMU CVE-2017-15268 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101277
QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101975
QEMU CVE-2017-13673 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100527
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102518
QEMU CVE-2017-13711 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100534
QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100540
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-11
http://www.securityfocus.com/bid/103708
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103642
SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100170
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102371
Juniper Junos CVE-2018-0022 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103740
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102376
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0143 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/85896
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/99137
GNU Binutils CVE-2018-9996 Remote Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103733
FFmpeg 'libavcodec/utvideodec.c' Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103732
SANS News
Drupal CVE-2018-7600 PoC is Public
Threatpost
Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords
Exploint
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
12.4.2018
Bugtraq
[SECURITY] [DSA 4169-1] pcs security update 2018-04-11
Yves-Alexis Perez (corsac debian org)
Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18) 2018-04-10
Yves Younan (wootcfp fort-knox org)
[SECURITY] [DSA 4170-1] pjproject security update 2018-04-09
Moritz Muehlenhoff (jmm debian org)
secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
Defense in depth -- the Microsoft way (part 53): our MSRC doesn't know how Windows handles PATH 2018-04-09
Stefan Kanthak (stefan kanthak nexgo de)
secuvera-SA-2017-03: Reflected Cross-Site-Scripting Vulnerabilities in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Pivotal Spring Framework CVE-2018-1270 Remote Code Execution Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103696
Microsoft Jet Database Engine CVE-2018-1003 Buffer Overflow Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103655
Microsoft Windows Graphics Component CVE-2018-1008 Local Privilege Escalation Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103658
Microsoft Windows Graphics Component CVE-2018-8116 Denial of Service Vulnerability
2018-04-12
http://www.securityfocus.com/bid/103705
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
QEMU CVE-2017-15268 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101277
QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101975
QEMU CVE-2017-13673 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100527
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102518
QEMU CVE-2017-13711 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100534
QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100540
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-11
http://www.securityfocus.com/bid/103708
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103642
SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100170
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102376
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0143 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/85896
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/99137
FFmpeg 'libavcodec/utvideodec.c' Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103732
Atlassian Application Links CVE-2018-5227 Cross Site Scripting Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103731
Atlassian JIRA CVE-2017-18101 Security Bypass Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103730
Atlassian JIRA CVE-2017-18100 Cross Site Scripting Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103729
SAP Disclosure Management Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103727
Multiple SAP Products Multiple Unspecified Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103723
ATI Systems Multiple Emergency Mass Notification Systems Products Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103721
SAP Crystal Reports Server CVE-2018-2406 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103719
Adobe ColdFusion APSB18-14 Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103718
SANS News
Glitch in malspam campaign temporarily reduces spread of GandCrab
Threatpost
Exploint
Linux/x64 - x64 Assembly Shellcode (Generator)
11.4.2018
Bugtraq
Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18) 2018-04-10
Yves Younan (wootcfp fort-knox org)
[SECURITY] [DSA 4170-1] pjproject security update 2018-04-09
Moritz Muehlenhoff (jmm debian org)
secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
Defense in depth -- the Microsoft way (part 53): our MSRC doesn't know how Windows handles PATH 2018-04-09
Stefan Kanthak (stefan kanthak nexgo de)
secuvera-SA-2017-03: Reflected Cross-Site-Scripting Vulnerabilities in OCS Inventory NG ocsreports Web application 2018-04-09
Simon Bieber (sbieber secuvera de)
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2017-015] CyberArk Password Vault Memory Disclosure 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
Malware
Phishing
Vulnerebility
QEMU CVE-2017-15124 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102295
QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102011
QEMU CVE-2017-15268 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101277
QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2018-04-11
http://www.securityfocus.com/bid/101975
QEMU CVE-2017-13673 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100527
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102518
QEMU CVE-2017-13711 Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100534
QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100540
Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities
2018-04-11
http://www.securityfocus.com/bid/103708
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/103642
SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2018-04-11
http://www.securityfocus.com/bid/100170
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-04-11
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/102376
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0143 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/85896
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2018-04-10
http://www.securityfocus.com/bid/99137
SAP Disclosure Management Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103727
Multiple SAP Products Multiple Unspecified Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103723
ATI Systems Multiple Emergency Mass Notification Systems Products Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103721
SAP Crystal Reports Server CVE-2018-2406 Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103719
Adobe ColdFusion APSB18-14 Multiple Security Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103718
Adobe InDesign CC CVE-2018-4927 DLL Loading Local Privilege Escalation Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103716
Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103715
Adobe InDesign CC CVE-2018-4928 Memory Corruption Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103714
Adobe Digital Editions APSB18-13 Multiple Information Disclosure Vulnerabilities
2018-04-10
http://www.securityfocus.com/bid/103712
Microsoft Wireless Keyboard CVE-2018-8117 Local Security Bypass Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103711
Adobe PhoneGap Push Plugin CVE-2018-4943 Security Bypass Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103710
Adobe Experience Manager CVE-2018-4931 HTML Injection Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103709
Adobe Experience Manager CVE-2018-4929 HTML Injection Vulnerability
2018-04-10
http://www.securityfocus.com/bid/103707
SANS News
Threatpost
Exploint
Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion
WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS
WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid...
WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery
WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery
Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
DVD X Player Standard 5.5.3.9 - Buffer Overflow
10.4.2018
Bugtraq
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2017-015] CyberArk Password Vault Memory Disclosure 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[slackware-security] patch (SSA:2018-096-01) 2018-04-07
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Oracle Java SE and JRockit CVE-2018-2579 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102663
Oracle Java SE and JRockit CVE-2018-2588 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102661
Oracle Java SE and JRockit CVE-2018-2603 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102625
Oracle Java SE and JRockit CVE-2018-2663 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102662
Oracle Java SE and JRockit CVE-2018-2629 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102615
Oracle Java SE and JRockit CVE-2018-2678 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102659
Oracle Java SE CVE-2018-2677 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102656
Oracle Java SE and JRockit CVE-2018-2637 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102576
Oracle Java SE CVE-2018-2641 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102605
Oracle Java SE and JRockit CVE-2018-2599 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102633
Oracle Java SE and JRockit CVE-2018-2618 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102612
Oracle Java SE CVE-2018-2634 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102592
SANS News
Threatpost
Word Attachment Delivers FormBook Malware, No Macros Required
Exploint
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
9 .4.2018
Bugtraq
[SECURITY] [DSA 4168-1] squirrelmail security update 2018-04-08
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2017-015] CyberArk Password Vault Memory Disclosure 2018-04-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
[slackware-security] patch (SSA:2018-096-01) 2018-04-07
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4167-1] sharutils security update 2018-04-05
Luciano Bello (luciano debian org)
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Malware
Phishing
Vulnerebility
SANS News
Cisco Smart Install vulnerability exploited in the wild
Threatpost
Exploint
WordPress Plugin Google Drive 2.2 - Remote Code Execution
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code...
Yahei PHP Prober 0.4.7 - Cross-Site Scripting
WolfCMS 0.8.3.1 - Open Redirection
MyBB Plugin Recent Threads On Index - Cross-Site Scripting
Cobub Razor 0.7.2 - Add New Superuser Account
WolfCMS 0.8.3.1 - Cross Site Request Forgery
PMS 0.42 - Local Stack-Based Overflow (ROP)
GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)
H2 Database - 'Alias' Arbitrary Code Execution
CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure
WebKit - WebAssembly Parsing Does not Correctly Check Section Order
8.4.2018
Bugtraq
[SECURITY] [DSA 4167-1] sharutils security update 2018-04-05
Luciano Bello (luciano debian org)
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Advisory - Bamboo - CVE-2018-5224 2018-04-05
Atlassian (security atlassian com)
[SECURITY] [DSA 4166-1] openjdk-7 security update 2018-04-04
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
Phishing
Vulnerebility
SANS News
Threat Hunting & Adversary Emulation: The HELK vs APTSimulator - Part 2
Threatpost
Exploint
LineageOS 14.1 Blueborne - Remote Code Execution
Cobub Razor 0.7.2 - Cross Site Request Forgery
DotNetNuke DNNarticle Module 11 - Directory Traversal
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
6 .4.2018
Bugtraq
[SECURITY] [DSA 4167-1] sharutils security update 2018-04-05
Luciano Bello (luciano debian org)
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Advisory - Bamboo - CVE-2018-5224 2018-04-05
Atlassian (security atlassian com)
[SECURITY] [DSA 4166-1] openjdk-7 security update 2018-04-04
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4165-1] ldap-account-manager security update 2018-04-04
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption
Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass
GetSimple CMS 3.3.13 - Cross-Site Scripting
Z-Blog 1.5.1.1740 - Full Path Disclosure
Z-Blog 1.5.1.1740 - Cross-Site Scripting
YzmCMS 3.6 - Cross-Site Scripting
5 .4.2018
Bugtraq
Advisory - Fisheye and Crucible - CVE-2018-5223 2018-04-05
Atlassian (security atlassian com)
Advisory - Bamboo - CVE-2018-5224 2018-04-05
Atlassian (security atlassian com)
[SECURITY] [DSA 4166-1] openjdk-7 security update 2018-04-04
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4165-1] ldap-account-manager security update 2018-04-04
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4164-1] apache2 security update 2018-04-03
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Oracle Java SE and JRockit CVE-2018-2579 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102663
Oracle Java SE and JRockit CVE-2018-2588 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102661
Oracle Java SE and JRockit CVE-2018-2603 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102625
Oracle Java SE and JRockit CVE-2018-2663 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102662
Oracle Java SE and JRockit CVE-2018-2629 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102615
Oracle Java SE and JRockit CVE-2018-2678 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102659
Oracle Java SE CVE-2018-2677 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102656
Oracle Java SE and JRockit CVE-2018-2637 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102576
Oracle Java SE CVE-2018-2641 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102605
Oracle Java SE and JRockit CVE-2018-2599 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102633
Oracle Java SE and JRockit CVE-2018-2618 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102612
Oracle Java SE CVE-2018-2634 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102592
Oracle Java SE CVE-2018-2602 Local Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102642
Oracle Java SE and JRockit CVE-2018-2633 Remote Security Vulnerability
2018-04-05
http://www.securityfocus.com/bid/102557
FreeBSD CVE-2018-6917 Multiple Integer Overflow Vulnerabilities
2018-04-04
http://www.securityfocus.com/bid/103668
FreeBSD CVE-2018-6918 Denial of Service Vulnerability
2018-04-04
http://www.securityfocus.com/bid/103666
Atlassian Bamboo CVE-2018-5224 Remote Security Bypass Vulnerability
2018-04-04
http://www.securityfocus.com/bid/103653
Microsoft Malware Protection Engine CVE-2018-0986 Remote Code Execution Vulnerability
2018-04-03
http://www.securityfocus.com/bid/103593
Google Android Qualcomm Component CVE-2017-11087 Information Disclosure Vulnerability
2018-04-02
http://www.securityfocus.com/bid/103669
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
Apple Xcode CVE-2018-4164 Multiple Security Vulnerabilities
2018-03-29
http://www.securityfocus.com/bid/103583
SANS News
Threat Hunting & Adversary Emulation: The HELK vs APTSimulator - Part 1
Threatpost
Exploint
Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods
Microsoft Windows Defender - 'mpengine.dll' Memory Corruption
ProcessMaker - Plugin Upload (Metasploit)
Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting
MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting
4 .4.2018
Bugtraq
FreeBSD Security Advisory FreeBSD-SA-18:05.ipsec 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-18:04.vt 2018-04-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4165-1] ldap-account-manager security update 2018-04-04
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4164-1] apache2 security update 2018-04-03
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4163-1] beep security update 2018-04-02
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4161-1] python-django security update 2018-04-01
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Microsoft Malware Protection Engine CVE-2018-0986 Remote Code Execution Vulnerability
2018-04-03
http://www.securityfocus.com/bid/103593
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
Apple Xcode CVE-2018-4164 Multiple Security Vulnerabilities
2018-03-29
http://www.securityfocus.com/bid/103583
SANS News
A Suspicious Use of certutil.exe
Threatpost
Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks
Exploint
3 .4.2018
Bugtraq
[SECURITY] [DSA 4163-1] beep security update 2018-04-02
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4161-1] python-django security update 2018-04-01
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4159-1] remctl security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4162-1] irssi security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4160-1] libevt security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[slackware-security] php (SSA:2018-090-01) 2018-04-01
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
SANS News
Phishing PDFs with multiple links - Detection
Threatpost
Google’s April Android Security Bulletin Warns of 9 Critical Bugs
U.S. DoD Hopes To Stamp Out Threats With Bug Bounty Program
Cloudflare Launches Publicly DNS-Over-HTTPS Service
Exploint
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)
Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion
Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change
OpenCMS 10.5.3 - Cross-Site Scripting
OpenCMS 10.5.3 - Cross-Site Request Forgery
DLink DIR-601 - Admin Password Disclosure
VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials
VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal
WampServer 3.1.2 - Cross-Site Request Forgery
WebLog Expert Enterprise 9.4 - Privilege Escalation
2 .4.2018
Bugtraq
[SECURITY] [DSA 4161-1] python-django security update 2018-04-01
Luciano Bello (luciano debian org)
[SECURITY] [DSA 4159-1] remctl security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4162-1] irssi security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4160-1] libevt security update 2018-04-01
Moritz Muehlenhoff (jmm debian org)
[slackware-security] php (SSA:2018-090-01) 2018-04-01
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
DLink DIR-601 - Admin Password Disclosure
VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials
VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal
WampServer 3.1.2 - Cross-Site Request Forgery
WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
WebLog Expert Enterprise 9.4 - Privilege Escalation s
1 .4.2018
Bugtraq
[SECURITY] [DSA 4158-1] openssl1.0 security update 2018-03-29
Salvatore Bonaccorso (carnil debian org)
APPLE-SA-2018-3-29-2 watchOS 4.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Vulnerebility
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2018-03-28
http://www.securityfocus.com/bid/102118
SANS News
Phishing PDFs with multiple links
Threatpost
Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack
Exploint
Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer...
Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change
Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change
osCommerce 2.3.4.1 - Remote Code Execution
Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change
WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure
Joomla! Component AcySMS 3.5.0 - CSV Macro Injection
Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection
Homematic CCU2 2.29.23 - Remote Command Execution
WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection
WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting
MiniCMS 1.10 - Cross-Site Request Forgery
Homematic CCU2 2.29.23 - Arbitrary File Write
Open-AuditIT Professional 2.1 - Cross-Site Request Forgery
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)
Systematic SitAware - NVG Denial of Service
SysGauge 4.5.18 - Local Denial of Service
31 .3.2018
Bugtraq
[SECURITY] [DSA 4158-1] openssl1.0 security update 2018-03-29
Salvatore Bonaccorso (carnil debian org)
APPLE-SA-2018-3-29-2 watchOS 4.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
CA20180329-01: Security Notice for CA Workload Automation AE and CA Workload Control Center 2018-03-30
Williams, Ken (Ken Williams ca com)
[SECURITY] [DSA 4157-1] openssl security update 2018-03-29
Salvatore Bonaccorso (carnil debian org)
APPLE-SA-2018-3-29-4 Xcode 9.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-3-29-3 tvOS 11.3 2018-03-29
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Vulnerebility
Microsoft Windows Kernel CVE-2018-1038 Local Privilege Escalation Vulnerability
2018-03-30
http://www.securityfocus.com/bid/103549
OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2018-03-28
http://www.securityfocus.com/bid/102118
Cisco IOS XE Software CVE-2018-0157 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103561
Cisco IOS XE Software CVE-2018-0170 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103560
Cisco IOS Software Integrated Services Module for VPN CVE-2018-0154 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103559
Cisco IOS XE Software CVE-2018-0152 Remote Privilege Escalation Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103558
Cisco IOS XE Software CVE-2018-0195 Authorization Bypass Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103557
Cisco IOS Login Enhancements Feature Multiple Denial of Service Vulnerabilities
2018-03-28
http://www.securityfocus.com/bid/103556
Cisco IOS XE Software CVE-2018-0183 Local Privilege Escalation Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103555
Cisco IOS and IOS XE Software CVE-2018-0174 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103554
Cisco IOS XE Software CVE-2018-0164 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103553
Cisco IOS and IOS XE Software CVE-2018-0172 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103552
Cisco IOS XE Software Multiple Cross Site Scripting Vulnerabilities
2018-03-28
http://www.securityfocus.com/bid/103551
Cisco IOS XE Software CVE-2018-0184 Local Privilege Escalation Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103550
Cisco IOS and IOS XE Software CVE-2018-0189 Denial of Service Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103548
Cisco IOS XE Software Multiple Command Injection Vulnerabilities
2018-03-28
http://www.securityfocus.com/bid/103547
SANS News
Version 7 of the CIS Controls Released
Threatpost
Exploint
Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)
30 .3.2018
Bugtraq
[SECURITY] [DSA 4156-1] drupal7 security update 2018-03-28
Salvatore Bonaccorso (carnil debian org)
CA20180328-01: Security Notice for CA API Developer Portal 2018-03-29
Kotas, Kevin J (Kevin Kotas ca com)
[SECURITY] [DSA 4155-1] thunderbird security update 2018-03-28
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4154-1] net-snmp security update 2018-03-28
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4153-1] firefox-esr security update 2018-03-27
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4152-1] mupdf security update 2018-03-27
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2018-03-28
http://www.securityfocus.com/bid/102118
ImageMagick CVE-2018-8960 Heap Buffer Overflow Vulnerability
2018-03-28
http://www.securityfocus.com/bid/103523
Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2018-03-27
http://www.securityfocus.com/bid/102098
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103518
OpenSSL CVE-2018-0733 Security Bypass Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103517
Apache Struts CVE-2018-1327 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103516
Nortek Linear eMerge E3 Series CVE-2018-5439 Remote Command Injection Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103053
Novell NetIQ Identity Manager CVE-2018-1350 Information Disclosure Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103532
SANS News
One hash to rule them all: drupalgeddon2
Threatpost
Exploint
Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)
GitStack - Unsanitized Argument Remote Code Execution (Metasploit)
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)
29 .3.2018
Bugtraq
[SECURITY] [DSA 4154-1] net-snmp security update 2018-03-28
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4153-1] firefox-esr security update 2018-03-27
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4152-1] mupdf security update 2018-03-27
Luciano Bello (luciano debian org)
Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2018-03-28
http://www.securityfocus.com/bid/102118
Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2018-03-27
http://www.securityfocus.com/bid/102098
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103518
OpenSSL CVE-2018-0733 Security Bypass Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103517
Apache Struts CVE-2018-1327 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103516
Nortek Linear eMerge E3 Series CVE-2018-5439 Remote Command Injection Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103053
Mozilla Firefox and Firefox ESR CVE-2018-5148 Use After Free Denial of Service Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103506
Symantec Norton App Lock for Android CVE-2017-15534 Local Authentication Bypass Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103377
GraphicsMagick CVE-2018-9018 Denial of Service Vulnerability
2018-03-25
http://www.securityfocus.com/bid/103526
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/103409
ARM mbed TLS CVE-2017-18187 Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103055
ARM mbed TLS CVE-2018-0488 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103057
ARM mbed TLS CVE-2018-0487 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103056
Memcached Multiple Integer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/94083
Memcached CVE-2017-9951 Incomplete Fix Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/99874
Memcached verbose mode CVE-2013-7291 Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64989
memcache SASL Authentication Security Bypass Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64559
memcached Verbose Mode Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64978
Memcached 'items.c' Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64988
SANS News
Threatpost
Alleged Mastermind Behind Carbanak Crime Gang Arrested
Exploint
Microsoft Windows Remote Assistance - XML External Entity Injection
TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting
TwonkyMedia Server 7.0.11-8.5 - Directory Traversal
ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)
ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
28 .3.2018
Bugtraq
Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
[slackware-security] mozilla-firefox (SSA:2018-085-01) 2018-03-27
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4151-1] librelp security update 2018-03-26
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2018-03-27
http://www.securityfocus.com/bid/102098
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103518
OpenSSL CVE-2018-0733 Security Bypass Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103517
Apache Struts CVE-2018-1327 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103516
Nortek Linear eMerge E3 Series CVE-2018-5439 Remote Command Injection Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103053
Mozilla Firefox and Firefox ESR CVE-2018-5148 Use After Free Denial of Service Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103506
Symantec Norton App Lock for Android CVE-2017-15534 Local Authentication Bypass Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103377
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/103409
ARM mbed TLS CVE-2017-18187 Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103055
ARM mbed TLS CVE-2018-0488 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103057
ARM mbed TLS CVE-2018-0487 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103056
Memcached Multiple Integer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/94083
Memcached CVE-2017-9951 Incomplete Fix Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/99874
SANS News
Side-channel information leakage in mobile applications
Threatpost
Sanny Malware Updates Delivery Method
Facebook Woes Continue as FTC Opens Data Privacy Probe
Exploint
ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
27 .3.2018
Bugtraq
Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Sandoba CP:Shop CMS v2016.1 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
Weblication CMS Core & Grid v12.6.24 - Multiple Cross Site Scripting Vulnerabilities 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
AEF CMS v1.0.9 - (PM) Persistent Cross Site Scripting Vulnerability 2018-03-27
Vulnerability Lab (research vulnerability-lab com)
[slackware-security] mozilla-firefox (SSA:2018-085-01) 2018-03-27
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4151-1] librelp security update 2018-03-26
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
2018-12-15
http://www.securityfocus.com/bid/103513
Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2018-03-27
http://www.securityfocus.com/bid/102098
OpenSSL CVE-2018-0739 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103518
OpenSSL CVE-2018-0733 Security Bypass Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103517
Apache Struts CVE-2018-1327 Denial of Service Vulnerability
2018-03-27
http://www.securityfocus.com/bid/103516
Nortek Linear eMerge E3 Series CVE-2018-5439 Remote Command Injection Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103053
Mozilla Firefox and Firefox ESR CVE-2018-5148 Use After Free Denial of Service Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103506
Symantec Norton App Lock for Android CVE-2017-15534 Local Authentication Bypass Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103377
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/103409
ARM mbed TLS CVE-2017-18187 Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103055
ARM mbed TLS CVE-2018-0488 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103057
ARM mbed TLS CVE-2018-0487 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103056
Memcached Multiple Integer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/94083
Memcached CVE-2017-9951 Incomplete Fix Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/99874
SANS News
Side-channel information leakage in mobile applications
Threatpost
Sanny Malware Updates Delivery Method
Facebook Woes Continue as FTC Opens Data Privacy Probe
Exploint
ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
26 .3.2018
Bugtraq
Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links 2018-03-24
Securify B.V. (lists securify nl)
[slackware-security] mozilla-thunderbird (SSA:2018-082-01) 2018-03-24
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4150-1] icu security update 2018-03-23
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4148-1] kamailio security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Nortek Linear eMerge E3 Series CVE-2018-5439 Remote Command Injection Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103053
Symantec Norton App Lock for Android CVE-2017-15534 Local Authentication Bypass Vulnerability
2018-03-26
http://www.securityfocus.com/bid/103377
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/103409
ARM mbed TLS CVE-2017-18187 Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103055
ARM mbed TLS CVE-2018-0488 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103057
ARM mbed TLS CVE-2018-0487 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103056
SANS News
Threatpost
Facebook Woes Continue as FTC Opens Data Privacy Probe
FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign
Exploint
Acrolinx Server < 5.2.5 - Directory Traversal
Laravel Log Viewer < 0.13.0 - Local File Download
LabF nfsAxe 3.7 - Privilege Escalation
Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow
24 .3.2018
Bugtraq
[SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4148-1] kamailio security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
ModSecurity WAF 3.0 for Nginx - Denial of Service 2018-03-22
x ksi (s3810 pjwstk edu pl)
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22
x ksi (s3810 pjwstk edu pl)
Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22
x ksi (s3810 pjwstk edu pl)
Malware
Phishing
Vulnerebility
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/103409
ARM mbed TLS CVE-2017-18187 Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103055
ARM mbed TLS CVE-2018-0488 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103057
ARM mbed TLS CVE-2018-0487 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103056
Memcached Multiple Integer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/94083
Memcached CVE-2017-9951 Incomplete Fix Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/99874
Memcached verbose mode CVE-2013-7291 Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64989
memcache SASL Authentication Security Bypass Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64559
memcached Verbose Mode Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64978
Memcached 'items.c' Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64988
memcached Remote Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/59567
Qemu CVE-2018-7550 Out of Bounds Read and Write Arbitrary Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103181
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/102518
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-03-23
http://www.securityfocus.com/bid/102376
Linux Kernel CVE-2018-1068 Local Privilege Escalation Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103459
Linux Kernel 'drivers/net/wireless/mac80211_hwsim.c' Local Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103397
Xen 'xen/common/grant_table.c' Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103177
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-03-23
http://www.securityfocus.com/bid/103174
Open vSwitch CVE-2016-2074 Multiple Buffer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/85700
SIMATIC WinCC OA UI CVE-2018-4844 Access Bypass Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103475
Google Updater for MacOS CVE-2018-6084 Local Privilege Escalation Vulnerability
2018-03-22
http://www.securityfocus.com/bid/103468
Atlassian Bitbucket Server CVE-2018-5225 Remote Code Execution Vulnerability
2018-03-22
http://www.securityfocus.com/bid/103488
Beckhoff TwinCAT CVE-2018-7502 Multiple Local Privilege Escalation Vulnerabilities
2018-03-22
http://www.securityfocus.com/bid/103487
Linux Kernel CVE-2018-8822 Multiple Memory Corruption Vulnerabilities
2018-03-22
http://www.securityfocus.com/bid/103476
Linux Kernel CVE-2017-17806 Stack Based Buffer Overflow Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102293
Linux Kernel CVE-2017-17741 Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102227
Linux kernel Multiple CVE-2017-17805 Local Denial of Service Vulnerabilities
2018-03-21
http://www.securityfocus.com/bid/102291
Linux Kernel CVE-2017-17807 Local Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102301
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102378
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102122
SANS News
Threatpost
Exploint
23 .3.2018
Bugtraq
[SECURITY] [DSA 4149-1] plexus-utils2 security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4148-1] kamailio security update 2018-03-22
Moritz Muehlenhoff (jmm debian org)
ModSecurity WAF 3.0 for Nginx - Denial of Service 2018-03-22
x ksi (s3810 pjwstk edu pl)
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22
x ksi (s3810 pjwstk edu pl)
Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22
x ksi (s3810 pjwstk edu pl)
Secunia Research: Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
Advisory - Bitbucket Server - CVE-2018-5225 2018-03-22
Matthew Hart (mhart atlassian com)
Malware
Phishing
Vulnerebility
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/103409
ARM mbed TLS CVE-2017-18187 Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103055
ARM mbed TLS CVE-2018-0488 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103057
ARM mbed TLS CVE-2018-0487 Remote Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103056
Memcached Multiple Integer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/94083
Memcached CVE-2017-9951 Incomplete Fix Integer Overflow Vulnerability
2018-03-23
http://www.securityfocus.com/bid/99874
Memcached verbose mode CVE-2013-7291 Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64989
memcache SASL Authentication Security Bypass Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64559
memcached Verbose Mode Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64978
Memcached 'items.c' Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/64988
memcached Remote Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/59567
Qemu CVE-2018-7550 Out of Bounds Read and Write Arbitrary Code Execution Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103181
QEMU CVE-2018-5683 Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/102518
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-03-23
http://www.securityfocus.com/bid/102376
Linux Kernel CVE-2018-1068 Local Privilege Escalation Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103459
Linux Kernel 'drivers/net/wireless/mac80211_hwsim.c' Local Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103397
Xen 'xen/common/grant_table.c' Denial of Service Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103177
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-03-23
http://www.securityfocus.com/bid/103174
Open vSwitch CVE-2016-2074 Multiple Buffer Overflow Vulnerabilities
2018-03-23
http://www.securityfocus.com/bid/85700
SIMATIC WinCC OA UI CVE-2018-4844 Access Bypass Vulnerability
2018-03-23
http://www.securityfocus.com/bid/103475
Google Updater for MacOS CVE-2018-6084 Local Privilege Escalation Vulnerability
2018-03-22
http://www.securityfocus.com/bid/103468
Atlassian Bitbucket Server CVE-2018-5225 Remote Code Execution Vulnerability
2018-03-22
http://www.securityfocus.com/bid/103488
Beckhoff TwinCAT CVE-2018-7502 Multiple Local Privilege Escalation Vulnerabilities
2018-03-22
http://www.securityfocus.com/bid/103487
Linux Kernel CVE-2018-8822 Multiple Memory Corruption Vulnerabilities
2018-03-22
http://www.securityfocus.com/bid/103476
Linux Kernel CVE-2017-17806 Stack Based Buffer Overflow Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102293
Linux Kernel CVE-2017-17741 Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102227
Linux kernel Multiple CVE-2017-17805 Local Denial of Service Vulnerabilities
2018-03-21
http://www.securityfocus.com/bid/102291
Linux Kernel CVE-2017-17807 Local Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102301
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102378
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102122
SANS News
Extending Hunting Capabilities in Your Network
Threatpost
A Closer Look at APT Group Sofacy’s Latest Targets
Exploint
Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion
MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting
XenForo 2 - CSS Loader Denial of Service
TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control...
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)
Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow
Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak
Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service
WM Recorder 16.8.1 - Denial of Service
Dell EMC NetWorker - Denial of Service
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
22 .3.2018
Bugtraq
ModSecurity WAF 3.0 for Nginx - Denial of Service 2018-03-22
x ksi (s3810 pjwstk edu pl)
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal 2018-03-22
x ksi (s3810 pjwstk edu pl)
Kaseya AgentMon.exe <= 9.3.0.11 - Local Privilege Escalation 2018-03-22
x ksi (s3810 pjwstk edu pl)
Secunia Research: Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
Advisory - Bitbucket Server - CVE-2018-5225 2018-03-22
Matthew Hart (mhart atlassian com)
Secunia Research: Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()" Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
Secunia Research: Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling Information Disclosure Vulnerability 2018-03-21
Secunia Research (remove-vuln secunia com)
[SECURITY] [DSA 4147-1] polarssl security update 2018-03-21
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4146-1] plexus-utils security update 2018-03-20
Moritz Muehlenhoff (jmm debian org)
CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20
Advisories (advisories compass-security com) (1 replies)
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2017-17806 Stack Based Buffer Overflow Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102293
Linux Kernel CVE-2017-17741 Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102227
Linux kernel Multiple CVE-2017-17805 Local Denial of Service Vulnerabilities
2018-03-21
http://www.securityfocus.com/bid/102291
Linux Kernel CVE-2017-17807 Local Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102301
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102378
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102122
Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102101
Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102038
Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102056
Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102084
Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102117
Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/101954
Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102110
ISC BIND CVE-2017-3145 Remote Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102716
Google Updater for MacOS CVE-2018-6084 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/103468
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-03-20
http://www.securityfocus.com/bid/102376
SANS News
Automatic Hunting for Malicous Files Crossing your Network
Threatpost
Exploint
21 .3.2018
Bugtraq
[SECURITY] [DSA 4146-1] plexus-utils security update 2018-03-20
Moritz Muehlenhoff (jmm debian org)
CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20
Advisories (advisories compass-security com) (1 replies)
Unsubscribe - Re: CSNC-2017-026 Microsoft Intune - Preserved Keychain Entries 2018-03-20
Gary Frank (garoo7 hotmail com)
ES2018-05 Kamailio heap overflow 2018-03-20
Sandro Gauci (sandro enablesecurity com) (1 replies)
Unsubscribe - Re: ES2018-05 Kamailio heap overflow 2018-03-20
Gary Frank (garoo7 hotmail com)
[SECURITY] [DSA 4145-1] gitlab security update 2018-03-18
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4142-1] uwsgi security update 2018-03-17
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2017-17806 Stack Based Buffer Overflow Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102293
Linux Kernel CVE-2017-17741 Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102227
Linux kernel Multiple CVE-2017-17805 Local Denial of Service Vulnerabilities
2018-03-21
http://www.securityfocus.com/bid/102291
Linux Kernel CVE-2017-17807 Local Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102301
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102378
Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102122
Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102101
Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102038
Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102056
Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102084
Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102117
Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/101954
Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102110
ISC BIND CVE-2017-3145 Remote Denial of Service Vulnerability
2018-03-21
http://www.securityfocus.com/bid/102716
Google Updater for MacOS CVE-2018-6084 Local Privilege Escalation Vulnerability
2018-03-21
http://www.securityfocus.com/bid/103468
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-03-20
http://www.securityfocus.com/bid/102376
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-03-20
http://www.securityfocus.com/bid/102371
Siemens SIMATIC/SINUMERIK/PROFINET IO CVE-2018-4843 Denial of Service Vulnerability
2018-03-20
http://www.securityfocus.com/bid/103465
Bouncy Castle BKS-V1 CVE-2018-5382 Security Weakness
2018-03-19
http://www.securityfocus.com/bid/103453
SANS News
Administrator's Password Bad Practice
Threatpost
Telegram Ordered to Hand Over Encryption Keys to Russian Authorities
Facebook Data Privacy Policies Bashed By Critics After Cambridge Analytica Incident
A Mirai Botnet Postscript: Lessons Learned
Exploint
Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write...
Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege...
Microsoft Windows - Desktop Bridge VFS Privilege Escalation
Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure
Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure
Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit...
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit...
Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation
Cisco node-jos < 0.11.0 - Re-sign Tokens
Vehicle Sales Management System - Multiple Vulnerabilities
Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Cisco node-jos < 0.11.0 - Re-sign Tokens
Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)
19 .3.2018
Bugtraq
[SECURITY] [DSA 4145-1] gitlab security update 2018-03-18
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4142-1] uwsgi security update 2018-03-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] libvorbis (SSA:2018-076-01) 2018-03-18
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4143-1] firefox-esr security update 2018-03-17
Moritz Muehlenhoff (jmm debian org)
[slackware-security] mozilla-firefox (SSA:2018-075-01) 2018-03-17
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4144-1] openjdk-8 security update 2018-03-17
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4141-1] libvorbisidec security update 2018-03-16
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege...
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege...
Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation
18 .3.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
[Wireshark-announce] Wireshark 2.5.1 is now available
Threatpost
Exploint
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution
MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
Contec Smart Home 4.15 - Unauthorized Password Reset
Android DRM Services - Buffer Overflow
16 .3.2018
Bugtraq
[SECURITY] [DSA 4139-1] firefox-esr security update 2018-03-15
Moritz Muehlenhoff (jmm debian org)
[slackware-security] curl (SSA:2018-074-01) 2018-03-16
Slackware Security Team (security slackware com)
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-03-15
Secunia Research (remove-vuln secunia com)
[SECURITY] [DSA 4138-1] mbedtls security update 2018-03-15
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4137-1] libvirt security update 2018-03-14
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4136-1] curl security update 2018-03-14
Alessandro Ghedini (ghedo debian org)
SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net) 2018-03-14
SEC Consult Vulnerability Lab (research sec-consult com)
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2017-18232 Local Denial of Service Vulnerability
2018-03-16
http://www.securityfocus.com/bid/103423
MikroTik RouterOS CVE-2018-7445 Buffer Overflow Vulnerability
2018-03-15
http://www.securityfocus.com/bid/103427
ZOHO ManageEngine Event LogAnalyzer CVE-2018-8721 HTML Injection Vulnerability
2018-03-15
http://www.securityfocus.com/bid/103424
IBM DB2 CVE-2017-1677 Local Arbitrary Code Execution Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103422
cURL/libcURL CVE-2018-1000121 Denial of Service Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103415
cURL/libcURL CVE-2018-1000120 Buffer Overflow Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103414
spice-gtk CVE-2017-12194 Integer Overflow Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103413
SANS News
Threatpost
Intel Details CPU ‘Virtual Fences’ Fix As Safeguard Against Spectre, Meltdown Flaws
GandCrab Ransomware Crooks Take Agile Development Approach
Walmart Jewelry Partner Exposes Personal Data Of 1.3M Customers
Iran-Linked Group ‘TEMP.Zagros’ Updates Tactics, Techniques In Latest Campaign
Exploint
15 .3.2018
Bugtraq
[SECURITY] [DSA 4137-1] libvirt security update 2018-03-14
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4136-1] curl security update 2018-03-14
Alessandro Ghedini (ghedo debian org)
SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net) 2018-03-14
SEC Consult Vulnerability Lab (research sec-consult com)
FreeBSD Security Advisory FreeBSD-SA-18:03.speculative_execution 2018-03-14
FreeBSD Security Advisories (security-advisories freebsd org)
[slackware-security] mozilla-firefox (SSA:2018-072-01) 2018-03-13
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
cURL/libcURL CVE-2018-1000121 Denial of Service Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103415
cURL/libcURL CVE-2018-1000120 Buffer Overflow Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103414
spice-gtk CVE-2017-12194 Integer Overflow Vulnerability
2018-03-14
http://www.securityfocus.com/bid/103413
Multiple AMD Processors Multiple Remote Security Vulnerabilities
2018-03-14
http://www.securityfocus.com/bid/103409
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-03-13
http://www.securityfocus.com/bid/102997
GE Medical Devices CVE-2017-14002 Authentication Bypass Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103405
GE Medical Devices CVE-2017-14008 Authentication Bypass Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103400
OSIsoft PI Data Archive Privilege Escalation and Denial of Service Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103399
OSIsoft PI Web API Privilege Escalation and Cross Site Scripting Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103396
Adobe Dreamweaver CC CVE-2018-4924 OS Command Injection Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103395
Omron CX-Supervisor Multiple Security Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103394
Adobe Connect CVE-2018-4921 Arbitrary File Upload Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103393
Adobe Connect CVE-2018-4923 OS Command Injection Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103391
OSIsoft PI Vision Cross Site Scripting and Information Disclosure Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103390
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103388
Samba CVE-2018-1050 Remote Denial of Service Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103387
Mozilla Firefox MFSA2018-06 Multiple Security Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103386
Adobe Flash Player CVE-2018-4919 Use After Free Remote Code Execution Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103385
SANS News
SPECTRE and Meltdown To patch or not to patch?..and HOW (Guest Diary)
Threatpost
Exploint
Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code...
WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting
14 .3.2018
Bugtraq
FreeBSD Security Advisory FreeBSD-SA-18:03.speculative_execution 2018-03-14
FreeBSD Security Advisories (security-advisories freebsd org)
[slackware-security] mozilla-firefox (SSA:2018-072-01) 2018-03-13
Slackware Security Team (security slackware com)
[slackware-security] samba (SSA:2018-072-02) 2018-03-13
Slackware Security Team (security slackware com)
[RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites 2018-03-13
RedTeam Pentesting GmbH (release redteam-pentesting de)
[SECURITY] [DSA 4135-1] samba security update 2018-03-13
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-03-13
http://www.securityfocus.com/bid/102997
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103388
Samba CVE-2018-1050 Remote Denial of Service Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103387
Mozilla Firefox MFSA2018-06 Multiple Security Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103386
Adobe Flash Player CVE-2018-4919 Use After Free Remote Code Execution Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103385
Mozilla Firefox ESR Multiple Security Vulnerabilities
2018-03-13
http://www.securityfocus.com/bid/103384
SANS News
Threatpost
Exploint
13 .3.2018
Bugtraq
[RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites 2018-03-13
RedTeam Pentesting GmbH (release redteam-pentesting de)
[SECURITY] [DSA 4135-1] samba security update 2018-03-13
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180312-0 :: Multiple Critical Vulnerabilities in SecurEnvoy SecurMail 2018-03-12
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4134-1] util-linux security update 2018-03-10
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-03-13
http://www.securityfocus.com/bid/102997
REDWOOD Business Process Automation CVE-2018-2400 Information Disclosure Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103375
REDWOOD Business Process Automation CVE-2018-2401 XML External Entity Injection Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103374
SAP Business Objects Business Intelligence Platform CVE-2018-2397 Cross Site Scripting Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103373
SAP Process Monitoring Infrastructure CVE-2018-2399 Cross Site Scripting Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103372
REDWOOD Business Process Automation CVE-2018-2366 Directory Traversal Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103371
SAP NetWeaver Business Client CVE-2018-2398 Unspecified Information Disclosure Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103370
SAP HANA CVE-2018-2402 Information Disclosure Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103369
Microsoft SharePoint Server CVE-2018-0910 Remote Privilege Escalation Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103280
Microsoft SharePoint Server CVE-2018-0909 Remote Privilege Escalation Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103279
Microsoft ChakraCore Scripting Engine CVE-2018-0936 Remote Memory Corruption Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103270
Microsoft ChakraCore Scripting Engine CVE-2018-0874 Remote Memory Corruption Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103269
Microsoft ChakraCore Scripting Engine CVE-2018-0873 Remote Memory Corruption Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103268
Microsoft ChakraCore Scripting Engine CVE-2018-0872 Remote Memory Corruption Vulnerability
2018-03-13
http://www.securityfocus.com/bid/103267
Cisco Secure Access Control System CVE-2018-0147 Deserialization Remote Code Execution Vulnerability
2018-03-12
http://www.securityfocus.com/bid/103328
Samba CVE-2018-1057 Remote Security Bypass Vulnerability
2018-03-12
http://www.securityfocus.com/bid/103382
Linux Kernel 'fs/ocfs2/aops.c' Local Denial of Service Vulnerability
2018-03-11
http://www.securityfocus.com/bid/103353
SANS News
How did it all start? Early Memcached DDoS Attack Precursors and Ransom Notes
Threatpost
CCleaner Attackers Intended To Deploy Keylogger In Third Stage
Exploint
Tuleap 9.17.99.189 - Blind SQL Injection
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities
ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution
MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution
MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution
Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)
DEWESoft X3 SP1 (64-bit) - Remote Command Execution
ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution
Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution
SC 7.16 - Stack-Based Buffer Overflow
Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)
12 .3.2018
Bugtraq
[SECURITY] [DSA 4134-1] util-linux security update 2018-03-10
Salvatore Bonaccorso (carnil debian org)
[RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08
RedTeam Pentesting GmbH (release redteam-pentesting de)
FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec [REVISED] 2018-03-08
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
Phishing
Vulnerebility
Cisco Secure Access Control System CVE-2018-0147 Deserialization Remote Code Execution Vulnerability
2018-03-12
http://www.securityfocus.com/bid/103328
Linux Kernel 'fs/ocfs2/aops.c' Local Denial of Service Vulnerability
2018-03-11
http://www.securityfocus.com/bid/103353
Zsh 'exec.c:hashcmd()' Function Local Denial of Service Vulnerability
2018-03-09
http://www.securityfocus.com/bid/103359
SANS News
Threatpost
Exploint
Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)
DEWESoft X3 SP1 (64-bit) - Remote Command Execution
Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution
TextPattern 4.6.2 - 'qty' SQL Injection
Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials
ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)
SC 7.16 - Stack-Based Buffer Overflow
11 .3.2018
Bugtraq
[RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08
RedTeam Pentesting GmbH (release redteam-pentesting de)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Cyber Espionage Campaign ‘Slingshot’ Targets Victims Via Routers
Exploint
8 .3.2018
Bugtraq
[RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08
RedTeam Pentesting GmbH (release redteam-pentesting de)
FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec [REVISED] 2018-03-08
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4133-1] isc-dhcp security update 2018-03-07
Salvatore Bonaccorso (carnil debian org)
FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec 2018-03-07
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02
Sebastien Delafond (seb debian org)
Malware
Phishing
Vulnerebility
GraphicsMagick CVE-2017-18219 Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103258
Cisco Identity Services Engine CVE-2018-0221 Local Command Injection Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103347
Cisco StarOS for ASR 5000 Series Routers CVE-2018-0217 Local Command Injection Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103346
Cisco Secure Access Control Server XML External Entity Information Disclosure Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103345
Cisco StarOS for ASR 5000 Series Routers CVE-2018-0224 Local Command Injection Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103344
Cisco Secure Access Control Server XML External Entity Information Disclosure Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103343
Cisco Videoscape AnyRes Live CVE-2018-0220 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103342
Cisco Security Manager CVE-2018-0223 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103341
Cisco Registered Envelope Service CVE-2018-0208 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103337
Cisco Identity Services Engine CVE-2018-0216 Cross Site Request Forgery Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103336
Cisco Data Center Network Manager CVE-2018-0210 Cross Site Request Forgery Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103335
Cisco Identity Services Engine CVE-2018-0211 Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103334
Cisco Identity Services Engine CVE-2018-0212 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103333
Cisco Identity Services Engine CVE-2018-0213 Privilege Escalation Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103332
Cisco Identity Services Engine CVE-2018-0214 Local Command Injection Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103331
Cisco Prime Collaboration Provisioning Hardcoded Credentials Local Security Bypass Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103329
Cisco Secure Access Control System CVE-2018-0147 Deserialization Remote Code Execution Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103328
Cisco Prime Data Center Network Manager CVE-2018-0144 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103327
Cisco Unified Computing System (UCS) Director CVE-2018-0219 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103326
Cisco Identity Services Engine CVE-2018-0215 Cross Site Request Forgery Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103324
Linux Kernel 'mm/hugetlb.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103316
Linux Kernel 'fs/ocfs2/cluster/nodemanager.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103278
Linux Kernel 'drivers/net/ethernet/hisilicon/hns/hns_enet.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103277
Multiple Belden Products Multiple Security Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103340
Multiple Schneider Electric Products CVE-2018-7239 DLL Loading Local Code Execution Vulnerability
2018-03-06
http://www.securityfocus.com/bid/103338
Eaton ELCSoft Programming Software CVE-2018-7511 Multiple Buffer Overflow Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103301
Google Chrome Prior to 65.0.3325.146 Multiple Security Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103297
EMC RSA Archer GRC Multiple Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103319
Multiple EMC Products CVE-2018-1182 Local Privilege Escalation Vulnerability
2018-03-05
http://www.securityfocus.com/bid/103317
Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103292
SANS News
Apache SOLR: the new target for cryptominers
Threatpost
Exploint
Bacula-Web < 8.0.0-rc2 - SQL Injection
WebLog Expert Enterprise 9.4 - Authentication Bypass
WebLog Expert Enterprise 9.4 - Denial of Service
Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of...
8 .3.2018
Bugtraq
[RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08
RedTeam Pentesting GmbH (release redteam-pentesting de)
FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec [REVISED] 2018-03-08
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4133-1] isc-dhcp security update 2018-03-07
Salvatore Bonaccorso (carnil debian org)
FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec 2018-03-07
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02
Sebastien Delafond (seb debian org)
Malware
Phishing
Vulnerebility
GraphicsMagick CVE-2017-18219 Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103258
Cisco Prime Collaboration Provisioning Hardcoded Credentials Local Security Bypass Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103329
Cisco Secure Access Control System CVE-2018-0147 Deserialization Remote Code Execution Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103328
Cisco Prime Data Center Network Manager CVE-2018-0144 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103327
Cisco Unified Computing System (UCS) Director CVE-2018-0219 Cross Site Scripting Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103326
Cisco Identity Services Engine CVE-2018-0215 Cross Site Request Forgery Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103324
Linux Kernel 'mm/hugetlb.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103316
Linux Kernel 'fs/ocfs2/cluster/nodemanager.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103278
Linux Kernel 'drivers/net/ethernet/hisilicon/hns/hns_enet.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103277
Eaton ELCSoft Programming Software CVE-2018-7511 Multiple Buffer Overflow Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103301
Google Chrome Prior to 65.0.3325.146 Multiple Security Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103297
EMC RSA Archer GRC Multiple Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103319
Multiple EMC Products CVE-2018-1182 Local Privilege Escalation Vulnerability
2018-03-05
http://www.securityfocus.com/bid/103317
Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103292
Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103286
Google Android Kernel Components CVE-2017-16529 Information Disclosure Vulnerability
2018-03-05
http://www.securityfocus.com/bid/103284
GraphicsMagick CVE-2017-18220 Multiple Denial of Service Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103276
Google Android Media framework Multiple Remote Code Execution Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103255
Google Android Qualcomm Component Multiple Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103254
Google Android System Component Multiple Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103253
SANS News
Threatpost
Lookout: Dark Caracal Points To APT Actors Moving To Mobile Targets
Exploint
antMan 0.9.0c - Authentication Bypass
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection
7 .3.2018
Bugtraq
FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec 2018-03-07
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02
Sebastien Delafond (seb debian org)
DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06
Defense Code (defensecode defensecode com)
KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service 2018-03-02
KoreLogic Disclosures (disclosures korelogic com)
[SECURITY] [DSA 4131-1] xen security update 2018-03-04
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4129-1] freexl security update 2018-03-02
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
GraphicsMagick CVE-2017-18219 Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103258
Linux Kernel 'fs/ocfs2/cluster/nodemanager.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103278
Linux Kernel 'drivers/net/ethernet/hisilicon/hns/hns_enet.c' Local Denial of Service Vulnerability
2018-03-07
http://www.securityfocus.com/bid/103277
Eaton ELCSoft Programming Software CVE-2018-7511 Multiple Buffer Overflow Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103301
Google Chrome Prior to 65.0.3325.146 Multiple Security Vulnerabilities
2018-03-06
http://www.securityfocus.com/bid/103297
Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103292
Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103286
Google Android Kernel Components CVE-2017-16529 Information Disclosure Vulnerability
2018-03-05
http://www.securityfocus.com/bid/103284
GraphicsMagick CVE-2017-18220 Multiple Denial of Service Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103276
Google Android Media framework Multiple Remote Code Execution Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103255
Google Android Qualcomm Component Multiple Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103254
Google Android System Component Multiple Security Vulnerabilities
2018-03-05
http://www.securityfocus.com/bid/103253
Red Hat '389-ds-base' CVE-2018-1054 Remote Denial of Service Vulnerability
2018-03-05
http://www.securityfocus.com/bid/103228
SANS News
Ransomware news: GlobeImposter gets a facelift, GandCrab is still out there
Threatpost
Exploint
Bravo Tejari Web Portal - Cross-Site Request Forgery
Memcached - 'memcrashed' Denial of Service
antMan 0.9.0c - Authentication Bypass
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection
Bravo Tejari Web Portal - Cross-Site Request Forgery
6 .3.2018
Bugtraq
DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities 2018-03-06
Defense Code (defensecode defensecode com)
DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Product Attributes 2018-03-06
Defense Code (defensecode defensecode com)
DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Downloadable Products 2018-03-06
Defense Code (defensecode defensecode com)
DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06
Defense Code (defensecode defensecode com)
[SECURITY] [DSA 4127-1] simplesamlphp security update 2018-03-02
Thijs Kinkhorst (thijs debian org)
Malware
Phishing
Vulnerebility
SANS News
The joys of changing Privacy Laws
Threatpost
Exploint
Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read
Chrome V8 JIT - 'GetSpecializationContext' Type Confusion
Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype...
Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement...
Softros Network Time System Server 2.3.4 - Denial of Service
Memcached - 'memcrashed' Denial of Service
Bravo Tejari Web Portal - Cross-Site Request Forgery
5 .3.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
NETGEAR - 'TelnetEnable' Magic Packet (Metasploit)
ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection
Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation
Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow
Xion 1.0.125 - '.m3u' Local SEH-Based Unicode Venetian Exploit
ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions Suricata < 4.0.4 - IDS Detection Bypass
4 .3.2018
Bugtraq
Malware
Phishing
Vulnerebility
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-03-02
http://www.securityfocus.com/bid/102376
GNU libcdio 'iso-info.c' Denial of Service Vulnerability
2018-03-02
http://www.securityfocus.com/bid/103200
PHP CVE-2018-7584 Stack Buffer Overflow Vulnerability
2018-03-01
http://www.securityfocus.com/bid/103204
Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
2018-03-01
http://www.securityfocus.com/bid/103201
Delta Industrial Automation DOPSoft CVE-2018-5476 Stack Based Buffer Overflow Vulnerability
2018-03-01
http://www.securityfocus.com/bid/103195
Xen 'xen/arch/x86/domain.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103175
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-02-28
http://www.securityfocus.com/bid/103174
SANS News
Reminder: Beware of the "Cloud"
Threatpost
Exploint
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution
uWSGI < 2.0.17 - Directory Traversal
D-Link DIR-600M Wireless - Cross-Site Scripting
DualDesk 20 - 'Proxy.exe' Denial of Service SEGGER embOS/IP FTP Server 3.22 - Denial of Service
2 .3.2018
Bugtraq
Malware
Phishing
Vulnerebility
Delta Industrial Automation DOPSoft CVE-2018-5476 Stack Based Buffer Overflow Vulnerability
2018-03-01
http://www.securityfocus.com/bid/103195
Xen 'xen/arch/x86/domain.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103175
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-02-28
http://www.securityfocus.com/bid/103174
Xen 'xen/common/grant_table.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103177
ISC BIND CVE-2018-5734 Remote Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103189
ISC DHCP CVE-2018-5733 Remote Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103188
ISC DHCP CVE-2018-5732 Remote Buffer Overflow Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103187
SANS News
Threatpost
Exploint
D-Link DIR-600M Wireless - Cross-Site Scripting
IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)
IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)
SEGGER embOS/IP FTP Server 3.22 - Denial of Service
1 .3.2018
Bugtraq
[security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities 2018-02-28
cyber-psrt microfocus com
Secunia Research: Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability 2018-02-28
Secunia Research (remove-vuln secunia com)
SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management 2018-02-28
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4124-1] lucene-solr security update 2018-02-27
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03826 rev.1 - HPE Integrated Lights-Out 3 (iLO 3) Remote Denial of Service 2018-02-27
security-alert hpe com
SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket 2018-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
ES2018-03 Asterisk pjsip sdp invalid media format description segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
Malware
Phishing
Vulnerebility
Xen 'xen/arch/x86/domain.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103175
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-02-28
http://www.securityfocus.com/bid/103174
Xen 'xen/common/grant_table.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103177
ISC BIND CVE-2018-5734 Remote Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103189
ISC DHCP CVE-2018-5733 Remote Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103188
ISC DHCP CVE-2018-5732 Remote Buffer Overflow Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103187
Citrix NetScaler ADC and NetScaler Gateway CVE-2018-5314 Authentication Bypass Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103186
NTP CVE-2018-7184 Denial of Service Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103192
SANS News
Why Does Emperor Xi Dislike Winnie the Pooh and Scrambled Eggs?
Threatpost
Massive Malspam Campaign Targets Unpatched Systems
Exploint
Sony Playstation 4 (PS4) 4.55 - Jailbreak (WebKit 5.01 / 'bpf' Kernel Loader 4.55)
Routers2 2.24 - Cross-Site Scripting
Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption
Sony Playstation 4 (PS4) 5.01 < 5.05 - WebKit Code Execution (PoC)
28 .2.2018
Bugtraq
SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management 2018-02-28
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4124-1] lucene-solr security update 2018-02-27
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03826 rev.1 - HPE Integrated Lights-Out 3 (iLO 3) Remote Denial of Service 2018-02-27
security-alert hpe com
SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket 2018-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
ES2018-03 Asterisk pjsip sdp invalid media format description segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-04 Asterisk pjsip tcp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-02 Asterisk pjsip sdp invalid fmtp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
Malware
Phishing
Vulnerebility
Xen 'xen/arch/x86/domain.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103175
Xen 'xen/common/memory.c' Denial of Service vulnerability
2018-02-28
http://www.securityfocus.com/bid/103174
Xen 'xen/common/grant_table.c' Denial of Service Vulnerability
2018-02-28
http://www.securityfocus.com/bid/103177
Qemu CVE-2018-7550 Out of Bounds Read and Write Arbitrary Code Execution Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103181
Emerson ControlWave Micro Process Automation Controller Stack Based Buffer Overflow Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103180
Delta Electronics WPLSoft Multiple Security Vulnerabilities
2018-02-27
http://www.securityfocus.com/bid/103179
Duo Network Gateway CVE-2018-7340 Authentication Bypass Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103178
Multiple SAML Libraries Multiple Authentication Bypass Vulnerabilities
2018-02-27
http://www.securityfocus.com/bid/103172
SANS News
How did this Memcache thing happen?
Threatpost
Exploint
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)
Concrete5 < 8.3.0 - Username / Comments Enumeration
CMS Made Simple 2.1.6 - Remote Code Execution
School Management Script 3.0.4 - Authentication Bypass
Joomla! Component K2 2.8.0 - Arbitrary File Download
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting
Schools Alert Management Script 2.0.2 - Authentication Bypass
Sony Playstation 4 4.55 FW - Local Kernel
Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service
27 .2.2018
Bugtraq
SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket 2018-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
ES2018-03 Asterisk pjsip sdp invalid media format description segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-04 Asterisk pjsip tcp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-02 Asterisk pjsip sdp invalid fmtp segfault 2018-02-26
Sandro Gauci (sandro enablesecurity com)
ES2018-01 Asterisk pjsip subscribe stack corruption 2018-02-26
Sandro Gauci (sandro enablesecurity com)
CMS Made Simple 2.1.6 - Remote Code Execution 2018-02-26
displaymyname gmail con
[SECURITY] [DSA 4123-1] drupal7 security update 2018-02-24
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Linux Kernel 'mm/oom_kill.c' Local Denial of Service Vulnerability
2018-02-27
http://www.securityfocus.com/bid/103161
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102376
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102371
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Access Bypass Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103115
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Security Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103117
Linux Kernel 'fs/f2fs/extent_cache.c' Local Denial of Service Vulnerability
2018-02-26
http://www.securityfocus.com/bid/103147
Wireshark DOCSIS Dissector CVE-2018-7337 Denial of Service Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103164
SANS News
Malspam pushing Formbook info stealer
Threatpost
Drupal Patches Critical Bug That Leaves Platform Open to XSS Attack
Exploint
Sony Playstation 4 4.55 FW - Local Kernel
Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion
Chrome V8 - 'PropertyArray' Integer Overflow
transmission - Integer Overflows Parsing Torrent Files
26 .2.2018
Bugtraq
CMS Made Simple 2.1.6 - Remote Code Execution 2018-02-26
displaymyname gmail con
[SECURITY] [DSA 4123-1] drupal7 security update 2018-02-24
Moritz Muehlenhoff (jmm debian org)
[security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance 2018-02-22
cyber-psrt microfocus com
Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 2018-02-22
Justin Bull (me justinbull ca)
[SECURITY] [DSA 4122-1] squid3 security update 2018-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4120-1] linux security update 2018-02-22
Yves-Alexis Perez (corsac debian org)
Malware
Phishing
Vulnerebility
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102376
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-26
http://www.securityfocus.com/bid/102371
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Access Bypass Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103115
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Security Vulnerabilities
2018-02-26
http://www.securityfocus.com/bid/103117
Linux Kernel 'fs/f2fs/extent_cache.c' Local Denial of Service Vulnerability
2018-02-26
http://www.securityfocus.com/bid/103147
Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103144
Apple iOS/tvOS/macOS CVE-2017-7154 Local Security Bypass Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103134
SANS News
Threatpost
Exploint
AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit)
CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)
Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)
25 .2.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
Blackhole Advertising Sites with Pi-hole
Threatpost
Exploint
23.2.2018
Bugtraq
[security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance 2018-02-22
cyber-psrt microfocus com
Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 2018-02-22
Justin Bull (me justinbull ca)
[SECURITY] [DSA 4122-1] squid3 security update 2018-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 4120-1] linux security update 2018-02-22
Yves-Alexis Perez (corsac debian org)
[SECURITY] [DSA 4121-1] gcc-6 security update 2018-02-22
Moritz Muehlenhoff (jmm debian org)
[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities 2018-02-21
Core Security Advisories Team (advisories coresecurity com)
DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability 2018-02-21
Defense Code (defensecode defensecode com)
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors 2018-02-21
SEC Consult Vulnerability Lab (research sec-consult com)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com) (1 replies)
Malware
Phishing
Vulnerebility
Apple iOS/tvOS/macOS CVE-2017-7154 Local Security Bypass Vulnerability
2018-02-23
http://www.securityfocus.com/bid/103134
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
2018-02-21
http://www.securityfocus.com/bid/103080
Cisco Jabber CVE-2018-0201 Cross Site Scripting Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103133
Atlassian Floodlight Controller CVE-2015-6569 Denial of Service Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103132
Cisco Data Center Analytics Framework CVE-2018-0145 Cross Site Scripting Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103131
Multiple Asterisk Products CVE-2018-7286 Denial of Service Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103129
SANS News
Threatpost
Cryptojacking Attack Found on Los Angeles Times Website
Exploint
Groupon Clone Script 3.0.2 - Cross-Site Scripting
Alibaba Clone Script 1.0.2 - Cross-Site Scripting
Learning and Examination Management System - Cross-Site Scripting
Armadito Antivirus 0.12.7.2 - Detection Bypass
22.2.2018
Bugtraq
[SECURITY] [DSA 4121-1] gcc-6 security update 2018-02-22
Moritz Muehlenhoff (jmm debian org)
[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities 2018-02-21
Core Security Advisories Team (advisories coresecurity com)
DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability 2018-02-21
Defense Code (defensecode defensecode com)
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors 2018-02-21
SEC Consult Vulnerability Lab (research sec-consult com)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com) (1 replies)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com)
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS 2018-02-21
preethiknambiar gmail com
Malware
Phishing
Vulnerebility
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
2018-02-21
http://www.securityfocus.com/bid/103080
Juniper Junos J-Web Interface CVE-2018-0001 Remote Code Execution Vulnerability
2018-02-21
http://www.securityfocus.com/bid/103092
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103066
ABB netCADOPS Web Application CVE-2018-5477 Information Disclosure Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103089
Linux Kernel 'drivers/block/floppy.c' Local Security Bypass Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103088
Yab Quarx CVE-2018-7274 Multiple HTML Injection Vulnerabilities
2018-02-20
http://www.securityfocus.com/bid/103081
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103003
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
Atlassian FishEye and Crucible CVE-2017-18093 Cross Site Scripting Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103095
SANS News
Passwords Part 2 - Passwords off the Wire using LLMNR
Threatpost
Exploint
Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH)
Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)
EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow
Wavpack 5.1.0 - Denial of Service
Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities
Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection
Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload
Joomla! Component CheckList 1.1.1 - SQL Injection
Joomla! Component Alexandria Book Library 3.1.2 - 'letter' SQL Injection
Joomla! Component Ek Rishta 2.9 - SQL Injection
Joomla! Component PrayerCenter 3.0.2 - 'sessionid' SQL Injection
NoMachine x64 < 6.0.80 - 'nxfuse' Privilege Escalation
NoMachine x86 < 6.0.80 - 'nxfuse' Privilege Escalation
21.2.2018
Bugtraq
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS 2018-02-21
preethiknambiar gmail com
Multiple Persistent XSS vulnerabilities in Radiant Content Management System 2018-02-20
suparna kachru gmail com
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors 2018-02-21
SEC Consult Vulnerability Lab (research sec-consult com)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com) (1 replies)
Sharutils 4.15.2 Heap-Buffer-Overflow 2018-02-21
nafiez (nafiez skins gmail com)
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS 2018-02-21
preethiknambiar gmail com
Multiple Persistent XSS vulnerabilities in Radiant Content Management System 2018-02-20
suparna kachru gmail com
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-3 tvOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-1 iOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
8-02-19-2 macOS High Sierra 10.13.3 Supplemental Update 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-3 tvOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-1 iOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-4 watchOS 4.2.3 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4119-1] libav security update 2018-02-19
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
2018-02-21
http://www.securityfocus.com/bid/103080
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103066
Yab Quarx CVE-2018-7274 Multiple HTML Injection Vulnerabilities
2018-02-20
http://www.securityfocus.com/bid/103081
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103003
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
SANS News
Should We Call it Quits for Passwords? Or, "Password Spraying for the Win!"
Threatpost
Flight Sim Labs’ ‘Heavy Handed’ Anti-Piracy Tactics Raise Hackles
Exploint
utorrent - JSON-RPC Remote Code Execution / Information Disclosure
20.2.2018
Bugtraq
Multiple Persistent XSS vulnerabilities in Radiant Content Management System 2018-02-20
suparna kachru gmail com
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-3 tvOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-1 iOS 11.2.6 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-02-19-4 watchOS 4.2.3 2018-02-19
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 4119-1] libav security update 2018-02-19
Moritz Muehlenhoff (jmm debian org)
Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) 2018-02-18
displaymyname gmail com
[SECURITY] [DSA 4118-1] tomcat-native security update 2018-02-17
Salvatore Bonaccorso (carnil debian org)
Kentico CMS version 9 through 11 - Arbitrary Code Execution 2018-02-17
displaymyname gmail com
Malware
Win32/TrojanDownloader.Agent.DVC
Phishing
Vulnerebility
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
2018-02-20
http://www.securityfocus.com/bid/103066
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-19
http://www.securityfocus.com/bid/103003
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
GNU Binutils CVE-2018-7208 Remote Denial of Service Vulnerability
2018-02-17
http://www.securityfocus.com/bid/103077
SANS News
Threatpost
Exploint
utorrent - JSON-RPC Remote Code Execution / Information Disclosure
Microsoft Windows - StorSvc SvcMoveFileInheritSecurity Arbitrary File Creation Privilege...
Microsoft Windows - Constrained Impersonation Capability Privilege Escalation
Microsoft Windows - NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous...
Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege
Microsoft Internet Explorer 11 - 'Js::RegexHelper::RegexReplace' Use-After-Free
Microsoft Windows Kernel - 'nt!RtlpCopyLegacyContextX86' Stack Memory Disclosure
MagniComp SysInfo - mcsiwrapper Privilege Escalation (Metasploit)
19.2.2018
Bugtraq
Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) 2018-02-18
displaymyname gmail com
[SECURITY] [DSA 4118-1] tomcat-native security update 2018-02-17
Salvatore Bonaccorso (carnil debian org)
Kentico CMS version 9 through 11 - Arbitrary Code Execution 2018-02-17
displaymyname gmail com
Malware
Phishing
Vulnerebility
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102938
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-02-19
http://www.securityfocus.com/bid/102765
Dell EMC Isilon OneFS Multiple Security Vulnerabilities
2018-02-16
http://www.securityfocus.com/bid/103033
General Electric D60 Line Distance Relay Multiple Buffer Overflow Vulnerabilities
2018-02-15
http://www.securityfocus.com/bid/103054
SANS News
Finding VBA signatures in .docm files
Threatpost
Exploint
Aastra 6755i SIP SP4 - Denial of Service
October CMS < 1.0.431 - Cross-Site Scripting
Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) +...
17.2.2018
Bugtraq
[slackware-security] irssi (SSA:2018-046-01) 2018-02-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4115-1] quagga security update 2018-02-15
Salvatore Bonaccorso (carnil debian org)
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload 2018-02-15
Arvind Vishwakarma (arvind12786 gmail com)
Malware
Phishing
Vulnerebility
SANS News
Malware Delivered via Windows Installer Files
Threatpost
Apple Rushes Fix for Latest ‘Text Bomb’ Bug As Abuse Spreads
Exploint
Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting
PSNews Website 1.0.0 - 'Keywords' SQL Injection
PHIMS - Hospital Management Information System - 'Password' SQL Injection
Front Accounting ERP 2.4.3 - Cross-Site Request Forgery
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service
JBoss Remoting 6.14.18 - Denial of Service
Microsoft Edge - 'UnmapViewOfFile' ACG Bypass
16.2.2018
Bugtraq
[slackware-security] irssi (SSA:2018-046-01) 2018-02-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4115-1] quagga security update 2018-02-15
Salvatore Bonaccorso (carnil debian org)
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload 2018-02-15
Arvind Vishwakarma (arvind12786 gmail com)
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF 2018-02-15
Arvind Vishwakarma (arvind12786 gmail com)
[SECURITY] [DSA 4114-1] jackson-databind security update 2018-02-15
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4113-1] libvorbis security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4112-1] xen security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 15th February 2018 |
Vulnerebility
Dell EMC Isilon OneFS Multiple Security Vulnerabilities
2018-02-16
http://www.securityfocus.com/bid/103033
Cisco StarOS CVE-2018-0122 Local Arbitrary File Overwrite Vulnerability
2018-02-15
http://www.securityfocus.com/bid/103028
Jenkins CVE-2018-6356 Directory Traversal Vulnerability
2018-02-14
http://www.securityfocus.com/bid/103037
Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102920
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102919
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102376
Microsoft Internet Explorer Scripting Engine CVE-2018-0866 Remote Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103032
Schneider Electric IGSS SCADA Software CVE-2017-9967 Local Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103022
SAP Internet Graphics Server CVE-2018-2395 Unspecified Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103019
SAP HANA Extended Application Services CVE-2018-2374 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103018
SAP ERP CVE-2018-2381 Remote Authorization Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103010
Trixbox CVE-2017-14536 Multiple Cross Site Scripting Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103009
Trixbox CVE-2017-14537 Multiple Directory Traversal Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103007
SAP ABAP File Interface CVE-2018-2367 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103006
SAP NetWeaver CVE-2018-2371 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103005
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103003
SAP Customer Relationship Management (CRM) WebClient UI Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103002
SAP Customer Relationship Management CVE-2018-2380 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103001
SAP NetWeaver System Landscape Directory CVE-2018-2368 Authentication Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103000
SAP NetWeaver CVE-2018-2365 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102999
SAP BI Launchpad CVE-2018-2370 SSRF Security Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102998
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102997
Adobe Acrobat and Reader APSB18-02 Out of Bounds Read Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102996
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102995
Adobe Acrobat and Reader APSB18-02 Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102994
Adobe Acrobat and Reader CVE-2018-4872 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102993
Adobe Acrobat and Reader APSB18-02 Multiple Heap Buffer Overflow Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102992
SANS News
Threatpost
Exploint
ABRT - raceabrt Privilege Escalation(Metasploit)
Joomla! Component Gallery WD 1.3.6 - SQL Injection
Joomla! Component Form Maker 3.6.12 - SQL Injection
Joomla! Component File Download Tracker 3.0 - SQL Injection
Joomla! Component Fastball 2.5 - 'season' SQL Injection
Joomla! Component DT Register 3.2.7 - 'id' SQL Injection
Joomla! Component AllVideos Reloaded 1.2.x - 'divid' SQL Injection
Joomla! Component Aist 2.0 - 'id' SQL Injection
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service
JBoss Remoting 6.14.18 - Denial of Service
Microsoft Edge - 'UnmapViewOfFile' ACG Bypass
15.2.2018
Bugtraq
[SECURITY] [DSA 4114-1] jackson-databind security update 2018-02-15
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 4113-1] libvorbis security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4112-1] xen security update 2018-02-14
Moritz Muehlenhoff (jmm debian org)
NAT32 Build (22284) Remote Code Execution CVE-2018-6940 (hyp3rlinx / apparition security) 2018-02-14
apparitionsec gmail com
Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS 2018-02-14
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] MFSBGN03800 rev.1 - Micro Focus Performance Center, Remote Arbitrary Code Execution or Remote Arbitrary File Modification 2018-02-13
cyber-psrt microfocus com
CSNC-2017-027 Microsoft Intune - App PIN Bypass 2018-02-13
Advisories (advisories compass-security com)
Malware
Phishing
Vulnerebility
Cisco StarOS CVE-2018-0122 Local Arbitrary File Overwrite Vulnerability
2018-02-15
http://www.securityfocus.com/bid/103028
Dell EMC Isilon OneFS Multiple Security Vulnerabilities
2018-02-14
http://www.securityfocus.com/bid/103033
Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102920
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102919
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102376
Microsoft Internet Explorer Scripting Engine CVE-2018-0866 Remote Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103032
Schneider Electric IGSS SCADA Software CVE-2017-9967 Local Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103022
SAP Internet Graphics Server CVE-2018-2395 Unspecified Memory Corruption Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103019
SAP HANA Extended Application Services CVE-2018-2374 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103018
SAP ERP CVE-2018-2381 Remote Authorization Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103010
Trixbox CVE-2017-14536 Multiple Cross Site Scripting Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103009
Trixbox CVE-2017-14537 Multiple Directory Traversal Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/103007
SAP ABAP File Interface CVE-2018-2367 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103006
SAP NetWeaver CVE-2018-2371 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103005
Google Chrome CVE-2018-6056 Remote Security Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103003
SAP Customer Relationship Management (CRM) WebClient UI Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103002
SAP Customer Relationship Management CVE-2018-2380 Directory Traversal Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103001
SAP NetWeaver System Landscape Directory CVE-2018-2368 Authentication Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/103000
SAP NetWeaver CVE-2018-2365 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102999
SAP BI Launchpad CVE-2018-2370 SSRF Security Bypass Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102998
SAP HANA CVE-2018-2369 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102997
Adobe Acrobat and Reader APSB18-02 Out of Bounds Read Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102996
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102995
Adobe Acrobat and Reader APSB18-02 Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102994
Adobe Acrobat and Reader CVE-2018-4872 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102993
Adobe Acrobat and Reader APSB18-02 Multiple Heap Buffer Overflow Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102992
Adobe Experience Manager CVE-2018-4875 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102991
SANS News
Threatpost
Exploint
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Pdfium - Pattern Shading Integer Overflows
Microsoft Edge Chakra JIT - 'LdThis' Type Confusion
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion
Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass
Microsoft Edge Chakra JIT - Memory Corruption
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly...
GNU binutils 2.26.1 - Integer Overflow (PoC)
Dell EMC Isilon OneFS - Multiple Vulnerabilities
userSpice 4.3 - Cross-Site Scripting
SOA School Management - 'access_login' SQL Injection
Social Oauth Login PHP - Authentication Bypass
GNU binutils 2.26.1 - Integer Overflow (POC)
14.2.2018
Bugtraq
Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS 2018-02-14
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] MFSBGN03800 rev.1 - Micro Focus Performance Center, Remote Arbitrary Code Execution or Remote Arbitrary File Modification 2018-02-13
cyber-psrt microfocus com
CSNC-2017-027 Microsoft Intune - App PIN Bypass 2018-02-13
Advisories (advisories compass-security com)
[SECURITY] [DSA 4111-2] libreoffice security update 2018-02-12
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03819 rev.1 - HPE XP Storage using HGLM, Local Authentication Bypass 2018-02-12
security-alert hpe com
CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow (hyp3rlinx / apparition security) 2018-02-12
apparitionsec gmail com
[SECURITY] [DSA 4111-1] libreoffice security update 2018-02-11
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
iTunes - Order Confirmation | 13th February 2018 |
Vulnerebility
Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102920
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102919
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102371
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102378
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102376
Adobe Acrobat and Reader APSB18-02 Out of Bounds Read Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102996
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102995
Adobe Acrobat and Reader APSB18-02 Multiple Remote Code Execution Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102994
Adobe Acrobat and Reader CVE-2018-4872 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102993
Adobe Acrobat and Reader APSB18-02 Multiple Heap Buffer Overflow Vulnerabilities
2018-02-13
http://www.securityfocus.com/bid/102992
Adobe Experience Manager CVE-2018-4875 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102991
Adobe Experience Manager CVE-2018-4876 Cross Site Scripting Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102990
Microsoft SharePoint Server CVE-2018-0869 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102963
Microsoft SharePoint Server CVE-2018-0864 Remote Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102962
Microsoft Excel CVE-2018-0841 Remote Code Execution Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102957
Microsoft Windows CVE-2018-0760 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102953
Microsoft Windows CVE-2018-0761 Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102952
Microsoft Windows Kernel CVE-2018-0843 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102951
Microsoft Windows Kernel CVE-2018-0830 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102949
Microsoft Windows Kernel CVE-2018-0829 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102948
Microsoft Windows Kernel CVE-2018-0757 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102947
Microsoft Windows CVE-2018-0842 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102946
Microsoft Windows Kernel CVE-2018-0820 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102945
Microsoft Windows CVE-2018-0826 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102944
Microsoft Windows Kernel CVE-2018-0831 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102943
Microsoft Windows CVE-2018-0822 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102942
Microsoft Windows Kernel CVE-2018-0756 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102941
Microsoft Windows CVE-2018-0821 Local Privilege Escalation Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102939
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
2018-02-13
http://www.securityfocus.com/bid/102938
SANS News
February 2018 Microsoft (and Adobe) Patch Tuesday
Threatpost
Exploint
NAT32 2.2 Build 22284 - Cross-Site Request Forgery
NAT32 2.2 Build 22284 - Remote Command Execution
13.2.2018
Bugtraq
CSNC-2017-027 Microsoft Intune - App PIN Bypass 2018-02-13
Advisories (advisories compass-security com)
[SECURITY] [DSA 4111-2] libreoffice security update 2018-02-12
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03819 rev.1 - HPE XP Storage using HGLM, Local Authentication Bypass 2018-02-12
security-alert hpe com
CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow (hyp3rlinx / apparition security) 2018-02-12
apparitionsec gmail com
[SECURITY] [DSA 4111-1] libreoffice security update 2018-02-11
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4109-1] ruby-omniauth security update 2018-02-10
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
Kaspersky Secure Mail Gateway Multiple Security Vulnerabilities
2018-02-12
http://www.securityfocus.com/bid/102910
phpMyAdmin Cross Site Request Forgery Vulnerability
2018-02-09
http://www.securityfocus.com/bid/102271
Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability
2018-02-09
http://www.securityfocus.com/bid/70937
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
GraphicsMagick CVE-2018-6799 Denial of Service Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102981
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Firepower System Software CVE-2018-0138 Remote Security Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102978
Cisco IOS XR Software CVE-2018-0132 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102975
Cisco Virtualized Packet Core-Distributed Instance CVE-2018-0117 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102970
Multiple Cisco Wireless VPN Routers CVE-2018-0127 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102969
Cisco Policy Suite CVE-2018-0116 Authentication Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102968
Cisco IOS and IOS XE Software CVE-2018-0123 Local Arbitrary File Overwrite Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102967
Cisco UCS Central Software CVE-2018-0113 Remote Command Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102966
Cisco Unified Communications Manager CVE-2018-0198 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102965
Cisco Unified Communications Manager CVE-2018-0135 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102964
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
SANS News
Threatpost
Exploint
LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation (Metasploit)
glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)
Juju-run Agent - Privilege Escalation (Metasploit)
Advantech WebAccess 8.3.0 - Remote Code Execution
CloudMe Sync < 1.11.0 - Buffer Overflow
News Website Script 2.0.4 - 'search' SQL Injection
TypeSetter CMS 5.1 - Cross-Site Request Forgery
TypeSetter CMS 5.1 - 'Host' Header Injection
LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution
12.2.2018
Bugtraq
[SECURITY] [DSA 4111-1] libreoffice security update 2018-02-11
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4109-1] ruby-omniauth security update 2018-02-10
Luciano Bello (luciano debian org)
KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
[SECURITY] [DSA 4110-1] exim4 security update 2018-02-10
Salvatore Bonaccorso (carnil debian org)
Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM 2018-02-09
Stefan Kanthak (stefan kanthak nexgo de)
KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2018-003 : NetEx HyperIP Post-Auth Command Execution 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2018-006 : Trend Micro IMSVA Management Portal Authentication Bypass 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2018-002 : NetEx HyperIP Authentication Bypass 2018-02-09
KoreLogic Disclosures (disclosures korelogic com)
[SECURITY] [DSA 4108-1] mailman security update 2018-02-09
Thijs Kinkhorst (thijs debian org)
Malware
Phishing
Apple | 11th February 2018 |
Support Account | 8th February 2018 |
[REMINDER] : YOUR APPLE ID WAS | |
Vulnerebility
SANS News
Analyzing compressed shellcode
Threatpost
Exploint
11.2.2018
Bugtraq
[SECURITY] [DSA 4108-1] mailman security update 2018-02-09
Thijs Kinkhorst (thijs debian org)
Advisory - Fisheye and Crucible - CVE-2017-16861 2018-02-09
David Black (dblack atlassian com)
[SECURITY] [DSA 4105-2] mpv security update 2018-02-09
Luciaon Bello (luciano debian org)
SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro 2018-02-08
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Support Account | 8th February 2018 |
[REMINDER] : YOUR APPLE ID WAS | |
Bank of America | 7th February 2018 |
Vulnerebility
phpMyAdmin Cross Site Request Forgery Vulnerability
2018-02-09
http://www.securityfocus.com/bid/102271
Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability
2018-02-09
http://www.securityfocus.com/bid/70937
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Virtualized Packet Core-Distributed Instance CVE-2018-0117 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102970
Multiple Cisco Wireless VPN Routers CVE-2018-0127 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102969
Cisco Policy Suite CVE-2018-0116 Authentication Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102968
Cisco IOS and IOS XE Software CVE-2018-0123 Local Arbitrary File Overwrite Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102967
Cisco UCS Central Software CVE-2018-0113 Remote Command Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102966
Cisco Unified Communications Manager CVE-2018-0198 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102965
Cisco Unified Communications Manager CVE-2018-0135 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102964
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
Cisco Unified Communications Manager CVE-2018-0120 SQL Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102958
Cisco Prime Network CVE-2018-0137 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102955
Cisco Policy Suite CVE-2018-0134 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102954
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
SANS News
Threatpost
Cisco Confirms Critical Firewall Software Bug Is Under Attack
Exploint
JBoss 4.2.x/4.3.x - Information Disclosure
Multi Language Olx Clone Script - Cross-Site Scripting
Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting
Select Your College Script 2.0.2 - Authentication Bypass
Bitcoin MLM Software 1.0.2 - Cross-Site Scripting
Lawyer Search Script 1.0.2 - Cross-Site Scripting
Schools Alert Management Script 2.0.2 - Arbitrary File Upload
Facebook Clone Script 1.0.5 - Cross-Site Scripting
macOS Kernel - Use-After-Free Due to Lack of Locking in...
9.2.2018
Bugtraq
[SECURITY] [DSA 4108-1] mailman security update 2018-02-09
Thijs Kinkhorst (thijs debian org)
Advisory - Fisheye and Crucible - CVE-2017-16861 2018-02-09
David Black (dblack atlassian com)
[SECURITY] [DSA 4105-2] mpv security update 2018-02-09
Luciaon Bello (luciano debian org)
SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro 2018-02-08
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2018-02-07
security-alert hpe com
[SECURITY] [DSA 4106-1] libtasn1-6 security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
phpMyAdmin Cross Site Request Forgery Vulnerability
2018-02-09
http://www.securityfocus.com/bid/102271
Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability
2018-02-09
http://www.securityfocus.com/bid/70937
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Virtualized Packet Core-Distributed Instance CVE-2018-0117 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102970
Multiple Cisco Wireless VPN Routers CVE-2018-0127 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102969
Cisco Policy Suite CVE-2018-0116 Authentication Bypass Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102968
Cisco IOS and IOS XE Software CVE-2018-0123 Local Arbitrary File Overwrite Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102967
Cisco UCS Central Software CVE-2018-0113 Remote Command Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102966
Cisco Unified Communications Manager CVE-2018-0198 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102965
Cisco Unified Communications Manager CVE-2018-0135 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102964
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
Cisco Unified Communications Manager CVE-2018-0120 SQL Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102958
SANS News
An autograph from the Dridex gang
Threatpost
Exploint
HPE iLO 4 < 2.53 - Add New Administrator User
Marked2 - Local File Disclosure
macOS Kernel - Use-After-Free Due to Lack of Locking in...
8.2.2018
Bugtraq
[SECURITY] [DSA 4107-1] django-anymail security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2018-02-07
security-alert hpe com
[SECURITY] [DSA 4106-1] libtasn1-6 security update 2018-02-07
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07
Slackware Security Team (security slackware com)
[SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform 2018-02-07
Security Explorations (contact security-explorations com)
[SECURITY] [DSA 4105-1] mpv security update 2018-02-07
Luciano Bello (luciano debian org)
Malware
Phishing
Support Account | 8th February 2018 |
[REMINDER] : YOUR APPLE ID WAS | |
Bank of America | 7th February 2018 |
Vulnerebility
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-02-08
http://www.securityfocus.com/bid/102371
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Cisco Spark CVE-2018-0119 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102961
Cisco Data Center Analytics Framework CVE-2018-0128 HTML Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102960
Cisco Data Center Analytics Framework CVE-2018-0129 Cross Site Scripting Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102959
Cisco Unified Communications Manager CVE-2018-0120 SQL Injection Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102958
Cisco Prime Network CVE-2018-0137 Denial of Service Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102955
Cisco Policy Suite CVE-2018-0134 Information Disclosure Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102954
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92628
OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92117
OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92982
OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91081
OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91319
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
2018-02-05
http://www.securityfocus.com/bid/102904
SANS News
Threatpost
Exploint
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...
HPE iLO4 < 2.53 - Add New Administrator User
Geovision Inc. IP Camera & Video - Remote Command Execution
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...
Entrepreneur Dating Script 2.0.2 - Authentication Bypass
Online Test Script 2.0.7 - 'cid' SQL Injection
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
Android - 'getpidcon' Permission Bypass in KeyStore Service
7.2.2018
Bugtraq
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip 2018-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) 2018-02-07
Slackware Security Team (security slackware com)
[SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform 2018-02-07
Security Explorations (contact security-explorations com)
[SECURITY] [DSA 4105-1] mpv security update 2018-02-07
Luciano Bello (luciano debian org)
[CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities 2018-02-05
Core Security Advisories Team (advisories coresecurity com)
[SECURITY] [DSA 4104-1] p7zip security update 2018-02-04
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102930
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-07
http://www.securityfocus.com/bid/102893
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
SANS News
3 examples of malspam pushing Loki-Bot malware
Threatpost
Exploint
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...
Geovision Inc. IP Camera & Video - Remote Command Execution
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...
Entrepreneur Dating Script 2.0.2 - Authentication Bypass
Online Test Script 2.0.7 - 'cid' SQL Injection
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting
Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting
Android - 'getpidcon' Permission Bypass in KeyStore Service
Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption
6.2.2018
Bugtraq
[CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities 2018-02-05
Core Security Advisories Team (advisories coresecurity com)
[SECURITY] [DSA 4104-1] p7zip security update 2018-02-04
Salvatore Bonaccorso (carnil debian org)
[slackware-security] php (SSA:2018-034-01) 2018-02-04
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
Joomla! Core CVE-2018-6379 Cross Site Scripting Vulnerabilitiy
2018-02-06
http://www.securityfocus.com/bid/102918
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102890
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-02-06
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92628
OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92117
OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92982
OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91081
OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91319
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
2018-02-05
http://www.securityfocus.com/bid/102904
Siemens TeleControl Server Basic CVE-2018-4835 Authentication Bypass Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102894
Siemens TeleControl Server Basic CVE-2018-4836 Privilege Escalation Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102897
Siemens TeleControl Server Basic CVE-2018-4837 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102819
Citrix NetScaler VPX CVE-2018-6186 Privilege Escalation Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102915
GNU C Library CVE-2018-6485 Multiple Integer Overflow Vulnerabilities
2018-02-01
http://www.securityfocus.com/bid/102912
Kaspersky Secure Mail Gateway Multiple Security Vulnerabilities
2018-02-01
http://www.securityfocus.com/bid/102910
CODESYS Web Server CVE-2018-5440 Stack Based Buffer Overflow Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102909
Gemalto Sentinel License Manager Multiple Security Vulnerabilities
2018-02-01
http://www.securityfocus.com/bid/102906
Fuji Electric V-Server VPR CVE-2018-5442 Stack Based Buffer Overflow Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102903
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102893
IBM Cognos Analytics CVE-2017-1783 Local Security Bypass Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102863
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
SANS News
Threatpost
Exploint
Netis WF2419 Router - Cross-Site Scripting
Student Profile Management System Script 2.0.6 - Authentication Bypass
Joomla! Component JSP Tickets 1.1 - SQL Injection
Joomla! Component jLike 1.0 - Information Leak
Joomla! Component Zh GoogleMap 8.4.0.0 - SQL Injection
Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection
Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection
5.2.2018
Bugtraq
[SECURITY] [DSA 4104-1] p7zip security update 2018-02-04
Salvatore Bonaccorso (carnil debian org)
[slackware-security] php (SSA:2018-034-01) 2018-02-04
Slackware Security Team (security slackware com)
[security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection 2018-02-01
cyber-psrt microfocus com A
SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01
Michael Gilbert (mgilbert debian org)
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01
Atlassian (security atlassian com)
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-23
http://www.securityfocus.com/bid/102890
OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/95813
OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/94242
OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93171
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93153
OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/93150
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92984
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92557
OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92628
OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92117
OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/92982
OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91081
OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2018-02-05
http://www.securityfocus.com/bid/91319
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
2018-02-05
http://www.securityfocus.com/bid/102904
Siemens TeleControl Server Basic CVE-2018-4835 Authentication Bypass Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102894
Siemens TeleControl Server Basic CVE-2018-4836 Privilege Escalation Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102897
Siemens TeleControl Server Basic CVE-2018-4837 Denial of Service Vulnerability
2018-02-05
http://www.securityfocus.com/bid/102819
Citrix NetScaler VPX CVE-2018-6186 Privilege Escalation Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102915
SANS News
Threatpost
Exploint
Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution...
Online Voting System - Authentication Bypass
NixCMS 1.0 - 'category_id' SQL Injection
Matrimonial Website Script 2.1.6 - 'uid' SQL Injection
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)
Claymore Dual GPU Miner 10.5 - Format String
WordPress Core - 'load-scripts.php' Denial of Service
Wonder CMS 2.3.1 - 'Host' Header Injection
Wonder CMS 2.3.1 - Unrestricted File Upload
4.2.2018
Bugtraq
Malware
Phishing
Account PayPaI | 4th February 2018 |
Vulnerebility
SANS News
Threatpost
Exploint
2.2.2018
Bugtraq
[security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection 2018-02-01
cyber-psrt microfocus com
SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01
Michael Gilbert (mgilbert debian org)
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01
Atlassian (security atlassian com)
KonaKart Path Traversal Vulnerability 2018-02-01
ajcraggs gmail com
Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key 2018-01-31
cfpmontreal2018 recon cx
SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4094-2] smarty3 security update 2018-01-30
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-23
http://www.securityfocus.com/bid/102890
Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102893
IBM Cognos Analytics CVE-2017-1783 Local Security Bypass Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102863
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2018-01-31
http://www.securityfocus.com/bid/101552
IBM Content Navigator CVE-2017-1192 XML External Entity Injection Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102864
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102103
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Atlassian Activity Streams CVE-2017-9513 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102869
FreePBX CVE-2018-6393 SQL Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102854
FFmpeg 'libavfilter/vf_transpose.c' Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102848
Mozilla Firefox CVE-2018-5124 Arbitrary Code Execution Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102843
SANS News
Threatpost
Exploint
Microsoft Windows Subsystem for Linux - Local Privilege Escalation
FiberHome AN5506 - Unauthenticated Remote DNS Change
Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal
Joomla! Component JMS Music 1.1.1 - SQL Injection
Joomla! Component Jimtawl 2.1.6 - Arbitrary File Upload
Joomla! Component JEXTN Classified 1.0.0 - 'sid' SQL Injection
Joomla! Component JEXTN Reverse Auction 3.1.0 - SQL Injection
Event Manager 1.0 - SQL Injection
Joomla! Component JE PayperVideo 3.0.0 - 'usr_plan' SQL Injection
IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting
Advance Loan Management System - 'id' SQL Injection
Real Estate Custom Script - 'route' SQL Injection
Fancy Clone Script - 'search_browse_product' SQL Injection
Joomla! Component JEXTN Membership 3.1.0 - 'usr_plan' SQL Injection
BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)
WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free
WebKit - 'detachWrapper' Use-After-Free
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode
1.2.2018
Bugtraq
SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range 2018-02-01
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4103-1] chromium-browser security update 2018-02-01
Michael Gilbert (mgilbert debian org)
Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831 2018-02-01
Atlassian (security atlassian com)
KonaKart Path Traversal Vulnerability 2018-02-01
ajcraggs gmail com
Recon Montreal 2018 Call For Papers - 0xE - Registration - Training - Conference - Submit! - PGP key 2018-01-31
cfpmontreal2018 recon cx
SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4094-2] smarty3 security update 2018-01-30
Luciano Bello (luciano debian org)
Defense in depth -- the Microsoft way (part 49): fun with application manifests 2018-01-30
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 4098-1] curl security update 2018-01-26
Alessandro Ghedini (ghedo debian org)
Malware
Trojan.Trensil.B
Win32/Agent.SMB
Win64/Gadoopt.AA
Phishing
eBay | 1st February 2018 |
Help us protect your account - | |
Apple | 31st January 2018 |
App Store | 28th January 2018 |
APPLE PURCHASE SUCCESSFULLY | |
Vulnerebility
IBM Rational DOORS Web Access CVE-2017-1540 Cross Site Scripting Vulnerability
2018-02-23
http://www.securityfocus.com/bid/102890
IBM Cognos Analytics CVE-2017-1783 Local Security Bypass Vulnerability
2018-02-01
http://www.securityfocus.com/bid/102863
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2018-01-31
http://www.securityfocus.com/bid/101552
IBM Content Navigator CVE-2017-1192 XML External Entity Injection Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102864
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102103
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Atlassian Activity Streams CVE-2017-9513 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102869
FreePBX CVE-2018-6393 SQL Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102854
FFmpeg 'libavfilter/vf_transpose.c' Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102848
Mozilla Firefox CVE-2018-5124 Arbitrary Code Execution Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102843
Jenkins Multijob Plugin CVE-2017-1000390 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102824
libming 'util/decompile.c' Denial of Service Vulnerability
2018-01-27
http://www.securityfocus.com/bid/102856
Jenkins Active Choices Plugin HTML Injection Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101538
Jenkins Build Publisher Plugin Information Disclosure Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101544
Apache NiFi CVE-2016-8748 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/95621
IBM Rational DOORS CVE-2017-1532 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/102888
SANS News
Threatpost
Exploint
Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)
systemd (systemd-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation
31.1.2018
Bugtraq
SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433 2018-01-31
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 4094-2] smarty3 security update 2018-01-30
Luciano Bello (luciano debian org)
Defense in depth -- the Microsoft way (part 49): fun with application manifests 2018-01-30
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 4098-1] curl security update 2018-01-26
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 4101-1] wireshark security update 2018-01-28
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
Cisco Adaptive Security Appliance CVE-2018-0101 Remote Code Execution Vulnerability
2018-01-31
http://www.securityfocus.com/bid/102845
OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2018-01-31
http://www.securityfocus.com/bid/101552
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102103
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Mozilla Firefox CVE-2018-5124 Arbitrary Code Execution Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102843
Jenkins Multijob Plugin CVE-2017-1000390 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102824
Jenkins Active Choices Plugin HTML Injection Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101538
Jenkins Build Publisher Plugin Information Disclosure Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101544
Apache NiFi CVE-2016-8748 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/95621
VMware AirWatch Console CVE-2017-4951 Cross Site Request Forgery Vulnerability
2018-01-26
http://www.securityfocus.com/bid/102849
w3m 'form.c' Null Pointer Dereference Denial of Service Vulnerability
2018-01-26
http://www.securityfocus.com/bid/102846
GNU Binutils CVE-2018-6323 Integer Overflow Vulnerability
2018-01-26
http://www.securityfocus.com/bid/102821
cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102057
Multiple Siemens Desigo Automation Controllers CVE-2018-4834 Authentication Bypass Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102850
Lenovo Fingerprint Manager Pro CVE-2017-3762 Multiple Local Security Weaknesses
2018-01-25
http://www.securityfocus.com/bid/102837
libming 'util/outputscript.c' Null Pointer Dereference Denial of Service Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102828
Siemens TeleControl Server Basic CVE-2018-4837 Denial of Service Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102819
Multiple Siemens Products Multiple Denial of Service Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/98369
SANS News
Threatpost
Google Booted 700,000 Bad Apps From Its Marketplace in 2017
Exploint
30.1.2018
Bugtraq
[SECURITY] [DSA 4098-1] curl security update 2018-01-26
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 4101-1] wireshark security update 2018-01-28
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4099-1] ffmpeg security update 2018-01-27
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBHF03814 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Unauthorized Modification 2018-01-26
security-alert hpe com
[slackware-security] mozilla-thunderbird (SSA:2018-025-01) 2018-01-26
Slackware Security Team (security slackware com)
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-01-29
Secunia Research (remove-vuln secunia com)
[SYSS-2017-026] Microsoft Surface Hub Keyboard - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2018-01-29
matthias deeg syss de
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102378
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-30
http://www.securityfocus.com/bid/102103
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Mozilla Firefox CVE-2018-5124 Arbitrary Code Execution Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102843
Jenkins Multijob Plugin CVE-2017-1000390 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102824
Jenkins Active Choices Plugin HTML Injection Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101538
Jenkins Build Publisher Plugin Information Disclosure Vulnerability
2018-01-26
http://www.securityfocus.com/bid/101544
Apache NiFi CVE-2016-8748 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/95621
GNU Binutils CVE-2018-6323 Integer Overflow Vulnerability
2018-01-26
http://www.securityfocus.com/bid/102821
cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102057
Lenovo Fingerprint Manager Pro CVE-2017-3762 Multiple Local Security Weaknesses
2018-01-25
http://www.securityfocus.com/bid/102837
libming 'util/outputscript.c' Null Pointer Dereference Denial of Service Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102828
Siemens TeleControl Server Basic CVE-2018-4837 Denial of Service Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102819
Multiple Siemens Products Multiple Denial of Service Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/98369
Artifex MuJS CVE-2018-6191 Integer Overflow Vulnerability
2018-01-24
http://www.securityfocus.com/bid/102840
Artifex MuJS CVE-2018-5759 Denial of Service Vulnerability
2018-01-24
http://www.securityfocus.com/bid/102833
Artifex MuPDF CVE-2018-6187 Heap Based Buffer Overflow Vulnerability
2018-01-24
http://www.securityfocus.com/bid/102823
SANS News
Cisco ASA WebVPN Vulnerability
Threatpost
Cisco Patches Critical VPN Vulnerability
Exploint
macOS - 'sysctl_vfs_generic_conf' Stack Leak Through Struct Padding
HPE iMC 7.3 - RMI Java Deserialization
Advantech WebAccess < 8.3 - SQL Injection
BMC BladeLogic RSCD Agent 8.3.00.64 - Windows Users Disclosure
Joomla! Component Visual Calendar 3.1.3 - 'id' SQL Injection
Joomla! Component CP Event Calendar 3.0.1 - 'id' SQL Injection
Joomla! Component Picture Calendar for Joomla 3.1.4 - Directory Traversal
29.1.2018
Bugtraq
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102826
Jenkins Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101773
Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2018-01-29
http://www.securityfocus.com/bid/101539
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102387
Jenkins Multijob Plugin CVE-2017-1000390 Security Bypass Vulnerability
2018-01-29
http://www.securityfocus.com/bid/102824
SANS News
Comment your Packet Captures - Extra!
Threatpost
Exploint
Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code...
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free Shellcode (80...
Linux/x86 - Egghunter Shellcode (12 Bytes)
KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery
Netis WF2419 Router - Cross-Site Request Forgery
Buddy Zone 2.9.9 - SQL Injection
Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection
Hot Scripts Clone - 'subctid' SQL Injection
TSiteBuilder 1.0 - SQL Injection
Task Rabbit Clone 1.0 - 'id' SQL Injection
28.1.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
27.1.2018
Bugtraq
[slackware-security] curl (SSA:2018-024-01) 2018-01-25
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4096-1] firefox-esr security update 2018-01-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4095-1] gcab security update 2018-01-24
Salvatore Bonaccorso (carnil debian org)
WebKitGTK+ Security Advisory WSA-2018-0002 2018-01-24
Carlos Alberto Lopez Perez (clopez igalia com)
CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability 2018-01-24
Akira Ajisaka (aajisaka apache org)
APPLE-SA-2018-1-23-1 iOS 11.2.5 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-4 tvOS 11.2.5 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-3 watchOS 4.2.2 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
Malware
TROJ_CVE20175753.POE
TROJ_CVE20175753.POF
TROJ_CVE20175753.POI
TROJ64_CVE20175753.POD
TROJ64_CVE20175754.POC
TROJ_CVE20175753.DAM
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
Apache NiFi CVE-2016-8748 Cross Site Scripting Vulnerability
2018-01-26
http://www.securityfocus.com/bid/95621
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102378
cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102057
Multiple Siemens Products Multiple Denial of Service Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/98369
Google Chrome Multiple Security Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/102797
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102371
SANS News
Investigating Microsoft BITS Activity
Threatpost
ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models
Exploint
26.1.2018
Bugtraq
[slackware-security] curl (SSA:2018-024-01) 2018-01-25
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4096-1] firefox-esr security update 2018-01-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 4095-1] gcab security update 2018-01-24
Salvatore Bonaccorso (carnil debian org)
WebKitGTK+ Security Advisory WSA-2018-0002 2018-01-24
Carlos Alberto Lopez Perez (clopez igalia com)
CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability 2018-01-24
Akira Ajisaka (aajisaka apache org)
APPLE-SA-2018-1-23-1 iOS 11.2.5 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-4 tvOS 11.2.5 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102378
cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2018-01-25
http://www.securityfocus.com/bid/102057
Multiple Siemens Products Multiple Denial of Service Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/98369
Google Chrome Multiple Security Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/102797
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102371
Mozilla Firefox MFSA2018-02 Multiple Security Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102786
SANS News
Threatpost
Exploint
25.1.2018
Bugtraq
CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability 2018-01-24
Akira Ajisaka (aajisaka apache org)
APPLE-SA-2018-1-23-1 iOS 11.2.5 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-4 tvOS 11.2.5 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-3 watchOS 4.2.2 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-5 Safari 11.0.3 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-7 iCloud for Windows 7.3 2018-01-24
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan 2018-01-23
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows 2018-01-24
Apple Product Security (product-security-noreply lists apple com)
DefenseCode ThunderScan SAST Advisory: SugarCRM Community Edition Multiple SQL Injection Vulnerabilities 2018-01-23
DefenseCode (defensecode defensecode com)
SEC Consult SA-20180123-0 :: XXE & Reflected XSS in Oracle Financial Services Analytical Applications 2018-01-23
SEC Consult Vulnerability Lab (research sec-consult com)
[security bulletin] HPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. 2018-01-22
security-alert hpe com
[SECURITY] [DSA 4094-1] smarty3 security update 2018-01-22
Luciano Bello (luciano debian org)
Malware
Phishing
Vulnerebility
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
2018-12-20
http://www.securityfocus.com/bid/102765
Multiple Siemens Products Multiple Denial of Service Vulnerabilities
2018-01-24
http://www.securityfocus.com/bid/98369
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102371
Mozilla Firefox MFSA2018-02 Multiple Security Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102786
Apple macOS APPLE-SA-2018-1-23-2 Multiple Security Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102785
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102783
Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102782
Advantech WebAccess/SCADA ICSA-18-023-01 Directory Traversal and SQL Injection Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102781
WebKit CVE-2018-4089 Memory Corruption Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102778
WebKit Multiple Memory Corruption Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102775
Apple iOS/tvOS/watchOS Memory Corruption Vulnerabilities
2018-01-23
http://www.securityfocus.com/bid/102774
Apple iOS/WatchOS/macOS CVE-2018-4100 Denial of Service Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102772
Mozilla Firefox ESR CVE-2018-5096 Use After Free Denial of Service Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102771
Blizzard Update Agent Arbitrary Code Execution Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102770
Cisco Policy Suite CVE-2018-0089 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102758
Symantec Reporter CVE-2017-15531 Authentication Bypass Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102751
Fortinet FortiOS CVE-2017-14190 HTML Injection Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102779
IBM Business Process Manager CVE-2017-1769 Cross Site Request Forgery Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102777
SANS News
RTF files for Hancitor utilize exploit for CVE-2017-11882
Threatpost
Exploint
24.1.2018
Bugtraq
SEC Consult SA-20180123-0 :: XXE & Reflected XSS in Oracle Financial Services Analytical Applications 2018-01-23
SEC Consult Vulnerability Lab (research sec-consult com)
[security bulletin] HPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. 2018-01-22
security-alert hpe com
[SECURITY] [DSA 4094-1] smarty3 security update 2018-01-22
Luciano Bello (luciano debian org)
CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities 2018-01-22
Vulnerability Lab (research vulnerability-lab com)
Photo Vault v1.2 iOS - Insecure Authentication Vulnerability 2018-01-19
Vulnerability Lab (admin vulnerability-lab com)
Malware
Backdoor.Calderat
Win32/Agent.XRR
Win32/Spy.Agent.OUD
Win32/Filecoder.BTCWare.A
Win32/TrojanDownloader.Chindo.D
Win32/Spy.Agent.PIR
Phishing
Vulnerebility
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102371
Cisco Policy Suite CVE-2018-0089 Information Disclosure Vulnerability
2018-01-23
http://www.securityfocus.com/bid/102758
Moodle CVE-2018-1045 Cross Site Scripting Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102755
Moodle CVE-2018-1044 Unauthorized Access Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102754
Moodle CVE-2018-1042 Server Side Request Forgery Security Bypass Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102752
WordPress MediaElement Cross Site Scripting Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102730
Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102375
Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102373
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102464
QEMU CVE-2017-18043 Local Denial of Service Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102759
Microsoft Office CVE-2018-0862 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102749
Microsoft Office CVE-2018-0849 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102748
Microsoft Office CVE-2018-0848 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102747
Microsoft Office CVE-2018-0845 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102746
SANS News
Threatpost
Intel Halts Spectre/Meltdown Patching for Broadwell and Haswell Systems
Exploint
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download
CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection
HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation
RAVPower 2.000.056 - Memory Disclosure
23.1.2018
Bugtraq
CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities 2018-01-22
Vulnerability Lab (research vulnerability-lab com)
Photo Vault v1.2 iOS - Insecure Authentication Vulnerability 2018-01-19
Vulnerability Lab (admin vulnerability-lab com)
Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities 2018-01-19
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 4093-1] openocd security update 2018-01-22
luciano debian org
CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities 2018-01-19
Vulnerability Lab (research vulnerability-lab com)
Photo Vault v1.2 iOS - Insecure Authentication Vulnerability 2018-01-19
Vulnerability Lab (admin vulnerability-lab com)
Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities 2018-01-19
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 4093-1] openocd security update 2018-01-22
luciano debian org
CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities 2018-01-19
Vulnerability Lab (research vulnerability-lab com)
Oracle JDeveloper IDE Directory Traversal CVE-2017-10273 (hyp3rlinx / apparition security) 2018-01-21
apparitionsec gmail com
Acadmic Microsoft - API Query Filter Cross Site Scripting Vulnerability 2018-01-21
Vulnerability Lab (research vulnerability-lab com)
CentOS Web Panel v0.9.8.12 - Non-Persistent Cross Site Scripting Vulnerabilities 2018-01-19
Vulnerability Lab (research vulnerability-lab com)
CVE-2017-15713: Apache Hadoop MapReduce job history server vulnerability 2018-01-19
Jason Lowe (jlowe apache org)
Malware
Phishing
Vulnerebility
Moodle CVE-2018-1045 Cross Site Scripting Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102755
Moodle CVE-2018-1044 Unauthorized Access Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102754
Moodle CVE-2018-1042 Server Side Request Forgery Security Bypass Vulnerability
2018-01-22
http://www.securityfocus.com/bid/102752
WordPress MediaElement Cross Site Scripting Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102730
Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102375
Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102373
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102464
Microsoft Office CVE-2018-0862 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102749
Microsoft Office CVE-2018-0849 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102748
Microsoft Office CVE-2018-0848 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102747
Microsoft Office CVE-2018-0845 Memory Corruption Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102746
Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91869
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/79091
OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2018-01-18
http://www.securityfocus.com/bid/92987
OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/95814
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100872
Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91067
SANS News
Threatpost
Hacker Infects Gas Pumps with Code to Cheat Customers
Exploint
22.1.2018
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Exploint
19.1.2018
Bugtraq
[SECURITY] [DSA 4092-1] awstats security update 2018-01-19
Sebastien Delafond (seb debian org)
[security bulletin] HPESBMU03806 rev.1 - HPE IceWall Products, Multiple Remote Unauthorized Disclosure of Information, Unauthorized Modificiation 2018-01-17
security-alert hpe com
Malware
Phishing
Vulnerebility
WordPress MediaElement Cross Site Scripting Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102730
Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102375
Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102373
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-19
http://www.securityfocus.com/bid/102464
Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91869
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/79091
OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2018-01-18
http://www.securityfocus.com/bid/92987
OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/95814
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100872
Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91067
OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/89760
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/78215
Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2018-01-18
http://www.securityfocus.com/bid/98050
Oracle WebLogic Server CVE-2017-10352 Remote Security Vulnerability
2018-01-18
http://www.securityfocus.com/bid/102442
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/102103
OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/101666
OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100515
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100954
SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2018-01-18
http://www.securityfocus.com/bid/58796
PHP CVE-2016-5385 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91821
Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/75919
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/97702
Spring Framework CVE-2016-9878 Directory Traversal Vulnerability
2018-01-17
http://www.securityfocus.com/bid/95072
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102378
Oracle Java SE CVE-2018-2602 Local Security Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102642
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102371
Oracle Java SE CVE-2018-2627 Local Security Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102584
Cisco Email Security and Content Security Management Local Privilege Escalation Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102729
Cisco NX-OS Software CVE-2018-0102 Denial of Service Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102728
SANS News
Threatpost
Exploint
18.1.2018
Bugtraq
[security bulletin] HPESBMU03806 rev.1 - HPE IceWall Products, Multiple Remote Unauthorized Disclosure of Information, Unauthorized Modificiation 2018-01-17
security-alert hpe com
[security bulletin] HPESBHF03805 rev.5 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. 2018-01-17
security-alert hpe com
[slackware-security] bind (SSA:2018-017-01) 2018-01-17
Slackware Security Team (security slackware com)
[security bulletin] HPSBGN02925 rev.3 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities 2018-01-17
security-alert hpe com
[SECURITY] [DSA 4090-1] wordpress security update 2018-01-17
Sebastien Delafond (seb debian org)
Malware
Phishing
Vulnerebility
Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91869
Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/79091
OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2018-01-18
http://www.securityfocus.com/bid/92987
OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/95814
Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100872
Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91067
OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/89760
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/78215
Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2018-01-18
http://www.securityfocus.com/bid/98050
Oracle WebLogic Server CVE-2017-10352 Remote Security Vulnerability
2018-01-18
http://www.securityfocus.com/bid/102442
OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/102103
OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2018-01-18
http://www.securityfocus.com/bid/101666
OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100515
Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/100954
SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2018-01-18
http://www.securityfocus.com/bid/58796
PHP CVE-2016-5385 Security Bypass Vulnerability
2018-01-18
http://www.securityfocus.com/bid/91821
Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/75919
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
2018-01-18
http://www.securityfocus.com/bid/97702
Spring Framework CVE-2016-9878 Directory Traversal Vulnerability
2018-01-17
http://www.securityfocus.com/bid/95072
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102378
Oracle Java SE CVE-2018-2602 Local Security Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102642
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102371
Oracle Java SE CVE-2018-2627 Local Security Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102584
Cisco Email Security and Content Security Management Local Privilege Escalation Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102729
Cisco NX-OS Software CVE-2018-0102 Denial of Service Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102728
Cisco Prime Infrastructure CVE-2018-0096 Privilege Escalation Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102727
Cisco Unified Communications Manager CVE-2018-0105 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102725
Cisco Prime Infrastructure CVE-2018-0097 Open Redirection Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102724
Cisco WebEx Meetings Server CVE-2018-0111 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102723
SANS News
Threatpost
Exploint
17.1.2018
Bugtraq
Malware
Backdoor.Spoofrand
Win32/Spy.Agent.OTL
Win32/Agent.ZEA
Phishing
Vulnerebility
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102378
Oracle Java SE CVE-2018-2602 Local Security Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102642
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102371
Oracle Java SE CVE-2018-2627 Local Security Vulnerability
2018-01-17
http://www.securityfocus.com/bid/102584
Oracle WebLogic Server CVE-2017-10271 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/101304
Linux Kernel CVE-2017-1000405 Local Race Condition Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102032
Oracle Financial Services Analytical Applications Infrastructure Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102677
Oracle Financial Services Profitability Management CVE-2018-2670 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102676
Oracle Financial Services Profitability Management CVE-2018-2679 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102675
Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102674
Oracle Financial Services Price Creation and Discovery CVE-2018-2722 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102673
Oracle Financial Services Market Risk Measurement and Management Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102672
Oracle Communications Order and Service Management CVE-2018-2567 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102671
Oracle Java Advanced Management Console CVE-2018-2675 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102670
Oracle Communications Unified Inventory Management CVE-2018-2571 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102669
Oracle Financial Services Price Creation and Discovery CVE-2018-2721 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102668
Oracle Financial Services Market Risk Measurement and Management Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102667
Oracle Financial Services Market Risk CVE-2018-2714 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102666
Oracle Communications Unified Inventory Management CVE-2018-2570 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102665
Oracle Financial Services Market Risk CVE-2018-2726 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102664
Oracle Java SE and JRockit CVE-2018-2579 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102663
Oracle Java SE and JRockit CVE-2018-2663 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102662
Oracle Java SE and JRockit CVE-2018-2588 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102661
Oracle Financial Services Loan Loss Forecasting and Provisioning Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102660
Oracle Java SE and JRockit CVE-2018-2678 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102659
Oracle Financial Services Loan Loss Forecasting and Provisioning Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102658
Oracle Financial Services Liquidity Risk Management CVE-2018-2682 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102657
Oracle Java SE CVE-2018-2677 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102656
Oracle Financial Services Liquidity Risk Management CVE-2018-2720 Remote Security Vulnerability
2018-01-16
http://www.securityfocus.com/bid/102655
SANS News
Threatpost
Exploint
12.1.2018
Bugtraq
CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting 2018-01-11
Advisories (advisories compass-security com)
[SECURITY] [DSA 4083-1] poco security update 2018-01-11
Sebastien Delafond (seb debian org)
WebKitGTK+ Security Advisory WSA-2018-0001 2018-01-10
Carlos Alberto Lopez Perez (clopez igalia com)
Malware
Phishing
Vulnerebility
Moxa MXview CVE-2017-14030 Local Privilege Escalation Vulnerability
2018-01-11
http://www.securityfocus.com/bid/102494
Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Buffer Overflow Vulnerabilities
2018-01-11
http://www.securityfocus.com/bid/102493
Juniper Junos CVE-2018-0009 Security Bypass Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102491
Multiple VMware Products CVE-2017-4950 Integer Overflow Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102490
Multiple VMware Products CVE-2017-4949 Remote Code Execution Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102489
RubyGems 'rails_admin' CVE-2017-12098 Cross Site Scripting Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102486
RubyGems 'delayed_job_web' CVE-2017-12097 Cross Site Scripting Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102484
SANS News
Threatpost
House Votes to Reauthorize Controversial Spy Provision, Section 702
Exploint
Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read
macOS - 'process_policy' Stack Leak Through Uninitialized Field
Microsoft Windows SMB Server (v1/v2) - Mount Point Arbitrary Device Open Privilege...
Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon
phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
Parity Browser < 1.6.10 - Bypass Same Origin Policy
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode...
11.1.2018
Bugtraq
[SECURITY] [DSA 4083-1] poco security update 2018-01-11
Sebastien Delafond (seb debian org)
WebKitGTK+ Security Advisory WSA-2018-0001 2018-01-10
Carlos Alberto Lopez Perez (clopez igalia com)
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities 2018-01-10
DefenseCode (defensecode defensecode com)
Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637) 2018-01-10
chunibalon gmail com
Malware
Phishing
Vulnerebility
Cisco Unified Communications Manager CVE-2018-0118 Cross Site Scripting Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102478
Multiple F5 BIG-IP Products CVE-2017-6133 Remote Denial of Service Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102467
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102371
SAP Plant Connectivity CVE-2017-16690 DLL Loading Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102145
CPP-Ethereum Multiple Security Vulnerabilities
2018-01-09
http://www.securityfocus.com/bid/102475
Rockwell Automation MicroLogix 1400 Controllers CVE-2017-16740 Stack Buffer Overflow Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102474
Adobe Flash Player Out-Of-Bounds Read Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102465
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102464
Microsoft Office CVE-2018-0812 Memory Corruption Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102463
Microsoft Word CVE-2018-0807 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102461
Microsoft Word CVE-2018-0806 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102460
Microsoft Word CVE-2018-0805 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102459
Microsoft Word CVE-2018-0804 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102457
Symantec ProxySG and ASG CVE-2016-9099 Open Redirection Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102455
Symantec ProxySG and ASG CVE-2016-9100 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102454
SAP HANA CVE-2018-2362 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102452
Symantec ProxySG CVE-2016-10256 Cross Site Scripting Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102451
SAP Solution Manager CVE-2018-2361 Remote Authorization Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102450
SAP Netweaver CVE-2018-2363 Remote Code Injection Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102449
SAP Kernel CVE-2018-2360 Authentication Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102448
Symantec ProxySG and ASG CVE-2016-10257 Cross Site Scripting Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102447
Microsoft Access CVE-2018-0799 Cross Site Scripting Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102411
Microsoft Word CVE-2018-0797 Memory Corruption Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102406
Microsoft SharePoint Server CVE-2018-0789 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102394
Microsoft SharePoint Server CVE-2018-0790 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102391
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102387
Microsoft Outlook CVE-2018-0791 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102383
Microsoft Word CVE-2018-0792 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102381
SANS News
Threatpost
FBI Director Calls Smartphone Encryption an ‘Urgent Public Safety Issue’
Exploint
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode...
Parity Browser < 1.6.10 - Bypass Same Origin Policy
Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
Linux/x86 - execve /bin/dash Shellcode (30 bytes)
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)
DiskBoss Enterprise 8.8.16 - Buffer Overflow
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege...
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege...
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
WordPress Plugin Events Calendar - 'event_id' SQL Injection
Jungo Windriver 12.5.1 - Privilege Escalation
Multiple CPUs - Information Leak Using Speculative Execution
10.1.2018
Bugtraq
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin SQL injection Security Vulnerability 2018-01-10
DefenseCode (defensecode defensecode com)
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities 2018-01-10
DefenseCode (defensecode defensecode com)
Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637) 2018-01-10
chunibalon gmail com
[security bulletin] HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. 2018-01-09
security-alert hpe com
[SECURITY] [DSA 4082-1] linux security update 2018-01-09
Salvatore Bonaccorso (carnil debian org)
CVE-2017-17485: one more way of rce in jackson-databind when defaultTyping+objects are used 2018-01-09
Imre Rad (radimre83 gmail com)
[SECURITY] [DSA 4080-1] php7.0 security update 2018-01-08
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Multiple F5 BIG-IP Products CVE-2017-6133 Remote Denial of Service Vulnerability
2018-01-10
http://www.securityfocus.com/bid/102467
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102371
SAP Plant Connectivity CVE-2017-16690 DLL Loading Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102145
Adobe Flash Player Out-Of-Bounds Read Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102465
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102464
Microsoft Office CVE-2018-0812 Memory Corruption Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102463
Microsoft Word CVE-2018-0807 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102461
Microsoft Word CVE-2018-0806 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102460
Microsoft Word CVE-2018-0805 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102459
Microsoft Word CVE-2018-0804 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102457
Symantec ProxySG and ASG CVE-2016-9099 Open Redirection Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102455
Symantec ProxySG and ASG CVE-2016-9100 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102454
SAP HANA CVE-2018-2362 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102452
Symantec ProxySG CVE-2016-10256 Cross Site Scripting Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102451
SAP Solution Manager CVE-2018-2361 Remote Authorization Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102450
SAP Netweaver CVE-2018-2363 Remote Code Injection Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102449
SAP Kernel CVE-2018-2360 Authentication Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102448
Symantec ProxySG and ASG CVE-2016-10257 Cross Site Scripting Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102447
Microsoft Access CVE-2018-0799 Cross Site Scripting Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102411
Microsoft Word CVE-2018-0797 Memory Corruption Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102406
Microsoft SharePoint Server CVE-2018-0789 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102394
Microsoft SharePoint Server CVE-2018-0790 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102391
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102387
Microsoft Outlook CVE-2018-0791 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102383
Microsoft Word CVE-2018-0792 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102381
Microsoft .NET Framework CVE-2018-0786 Security Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102380
Microsoft ASP.NET Core CVE-2018-0785 Cross Site Request Forgery Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102379
Microsoft ASP.NET Core CVE-2018-0784 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102377
SANS News
Threatpost
Exploint
Commvault Communications Service (cvd) - Command Injection (Metasploit)
DiskBoss Enterprise 8.8.16 - Buffer Overflow
Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
Linux/x86 - execve /bin/dash Shellcode (30 bytes)
9.1.2018
Bugtraq
[SECURITY] [DSA 4082-1] linux security update 2018-01-09
Salvatore Bonaccorso (carnil debian org)
CVE-2017-17485: one more way of rce in jackson-databind when defaultTyping+objects are used 2018-01-09
Imre Rad (radimre83 gmail com)
[SECURITY] [DSA 4080-1] php7.0 security update 2018-01-08
Moritz Muehlenhoff (jmm debian org)
[slackware-security] irssi (SSA:2018-008-01) 2018-01-09
Slackware Security Team (security slackware com)
[SECURITY] [DSA 4081-1] php5 security update 2018-01-08
Moritz Muehlenhoff (jmm debian org)
Response to Meltdown and Spectre 2018-01-08
Gordon Tetlow (gordon tetlows org)
APPLE-SA-2018-1-8-3 Safari 11.0.2 2018-01-08
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update 2018-01-08
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2018-1-8-1 iOS 11.2.2 2018-01-08
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
MR. KEVIN BEN | 9th January 2018 |
Aρρle-ID | 7th January 2018 |
INVOICE: This email confirms | |
Vulnerebility
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102371
SAP Plant Connectivity CVE-2017-16690 DLL Loading Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102145
Adobe Flash Player Out-Of-Bounds Read Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102465
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102464
Microsoft Office CVE-2018-0812 Memory Corruption Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102463
Microsoft Word CVE-2018-0804 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102457
SAP HANA CVE-2018-2362 Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102452
SAP Solution Manager CVE-2018-2361 Remote Authorization Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102450
SAP Netweaver CVE-2018-2363 Remote Code Injection Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102449
SAP Kernel CVE-2018-2360 Authentication Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102448
Microsoft SharePoint Server CVE-2018-0790 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102391
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102387
Microsoft .NET Framework CVE-2018-0786 Security Bypass Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102380
Microsoft ASP.NET Core CVE-2018-0785 Cross Site Request Forgery Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102379
Microsoft ASP.NET Core CVE-2018-0784 Remote Privilege Escalation Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102377
Microsoft Office CVE-2018-0801 Remote Code Execution Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102348
Microsoft Office CVE-2018-0802 Memory Corruption Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102347
Xen 'Hypervisor' Memory Corruption Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102169
Xen 'arch/x86/mm/paging.c' Denial of Service vulnerability
2018-01-08
http://www.securityfocus.com/bid/102175
Xen '/mm/hap/hap.c' Memory Corruption Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102167
Xen 'mm/shadow/multi.c' Memory Corruption Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102172
Malwarebytes Premium CVE-2018-5279 Local Denial of Service Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102453
Cisco Node-jose Library CVE-2018-0114 Remote Security Bypass Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102445
Dell SonicWall SonicOS NSA CVE-2018-5281 Multiple HTML Injection Vulnerabilities
2018-01-08
http://www.securityfocus.com/bid/102443
Dell SonicWall SonicOS NSA CVE-2018-5280 HTML Injection Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102438
ImageMagick CVE-2017-18022 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102437
IBM Security Key Lifecycle Manager CVE-2017-1666 XML External Entity Injection Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102434
Xen CVE-2018-5244 Memory Corruption Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102433
SANS News
Threatpost
Apple Releases Spectre Patches for Safari, macOS and iOS
New Rules Announced for Border Inspection of Electronic Devices
Anti-Virus Updates Required Ahead of Microsoft’s Meltdown, Spectre Patches
Exploint
Commvault Communications Service (cvd) - Command Injection (Metasploit)
Android - Inter-Process munmap due to Race Condition in ashmem
Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138,...
Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76,...
Microsoft Edge Chakra JIT - Escape Analysis Bug
Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read
Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert...
Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call...
Microsoft Windows - Local XPS Print Spooler Sandbox Escape
Linux/x86 - chmod 777 /etc/sudoers Shellcode (36 bytes)
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)
Vanilla < 2.1.5 - Cross-Site Request Forgery
8.1.2018
Bugtraq
Wickr Inc - App Clock & Message Deletion Glitch - Bug Bounty 2018-01-06
Vulnerability Lab (research vulnerability-lab com)
SonicWall SonicOS NSA Web Firewall - Multiple Web Vulnerabilities 2018-01-06
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 4079-1] poppler security update 2018-01-07
Moritz Muehlenhoff (jmm debian org)
CVE-2017-16884 Mist Server v2.12 Unauthenticated Persistent XSS (hyp3rlinx / ApparitionSec) 2018-01-06
apparitionsec gmail com
CVE-2017-17055 Artica Web Proxy v3.06 Remote Code Execution (hyp3rlinx / ApparitionSec) 2018-01-06
apparitionsec gmail com
Social Media Widget by Acurax [CSRF] 2018-01-07
Panagiotis Vagenas (pan vagenas gmail com) (1 replies)
CMS Tree Page View [CSRF, Privilege Escalation] 2018-01-07
Panagiotis Vagenas (pan vagenas gmail com)
Abyss Web Server < v2.11.6 Memory Heap Corruption (hyp3rlinx / apparitionsec) 2018-01-06
apparitionsec gmail com
iJoomla com_adagency 6.0.9 - SQL Injection Vulnerabilities 2018-01-05
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
Aρρle-ID | 7th January 2018 |
INVOICE: This email confirms | |
HSBC Bank plc | 6th January 2018 |
Vulnerebility
Xen 'Hypervisor' Memory Corruption Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102169
Xen 'arch/x86/mm/paging.c' Denial of Service vulnerability
2018-01-08
http://www.securityfocus.com/bid/102175
Xen '/mm/hap/hap.c' Memory Corruption Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102167
Xen 'mm/shadow/multi.c' Memory Corruption Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102172
Dell SonicWall SonicOS NSA CVE-2018-5280 HTML Injection Vulnerability
2018-01-08
http://www.securityfocus.com/bid/102438
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102378
IBM Security Key Lifecycle Manager CVE-2017-1666 XML External Entity Injection Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102434
Xen CVE-2018-5244 Memory Corruption Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102433
ImageMagick CVE-2018-5248 Heap Buffer Overflow Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102431
IBM Security Key Lifecycle Manage CVE-2017-1668 Unspecified Open Redirect Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102430
IBM Security Key Lifecycle Manager CVE-2017-1670 Unspecified SQL Injection Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102429
Google Android Runtime CVE-2017-13176 Privilege Escalation Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102422
Microsoft Windows Kernel CVE-2018-0746 Local Information Disclosure Vulnerability
2018-01-04
http://www.securityfocus.com/bid/102365
Multiple Pivotal Cloud Foundry products CVE-2018-1190 Cross Site Scripting Vulnerability
2018-01-04
http://www.securityfocus.com/bid/102427
Delta Electronics Delta Industrial Automation Screen Editor Multiple Security Vulnerabilities
2018-01-04
http://www.securityfocus.com/bid/102426
Advantech WebAccess ICSA-18-004-02 Multiple Security Vulnerabilities
2018-01-04
http://www.securityfocus.com/bid/102424
ImageMagick CVE-2017-1000476 Denial of Service Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102428
Microsoft ChakraCore Scripting Engine CVE-2018-0818 Security Bypass Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102412
HP Moonshot Provisioning Manager Multiple Security Vulnerabilities
2018-01-03
http://www.securityfocus.com/bid/102410
Microsoft Internet Explorer and Edge CVE-2018-0772 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102409
Microsoft Internet Explorer and Edge CVE-2018-0762 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102408
Red Hat JBoss Enterprise Application Incomplete Fix Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102407
Microsoft Edge Scripting Engine CVE-2018-0758 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102405
Microsoft Edge Scripting Engine CVE-2018-0781 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102404
Microsoft Edge Scripting Engine CVE-2018-0778 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102403
Microsoft Edge Scripting Engine CVE-2018-0777 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102402
Microsoft Edge Scripting Engine CVE-2018-0776 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102401
Microsoft Edge Scripting Engine CVE-2018-0775 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102400
SANS News
Threatpost
Experts Weigh In On Spectre Patch Challenges
Exploint
DiskBoss Enterprise 8.5.12 - Denial of Service
Sync Breeze Enterprise 10.1.16 - Denial of Service
Disk Pulse Enterprise 10.1.18 - Denial of Service
VX Search Enterprise 10.1.12 - Denial of Service
Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
Photos in Wifi 1.0.1 - Path Traversal
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
FiberHome LM53Q1 - Multiple Vulnerabilities
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)
7.1.2018
Bugtraq
Malware
Phishing
HSBC Bank plc | 6th January 2018 |
service@intl.paypal.com | 6th January 2018 |
Re : Someone has your password | |
Order Confirmation AppIe | 4th January 2018 |
Re: [Invoice] Thank you for | |
Vulnerebility
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102371
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102378
Google Android Runtime CVE-2017-13176 Privilege Escalation Vulnerability
2018-01-05
http://www.securityfocus.com/bid/102422
Microsoft Windows Kernel CVE-2018-0746 Local Information Disclosure Vulnerability
2018-01-04
http://www.securityfocus.com/bid/102365
Multiple Pivotal Cloud Foundry products CVE-2018-1190 Cross Site Scripting Vulnerability
2018-01-04
http://www.securityfocus.com/bid/102427
Delta Electronics Delta Industrial Automation Screen Editor Multiple Security Vulnerabilities
2018-01-04
http://www.securityfocus.com/bid/102426
Advantech WebAccess ICSA-18-004-02 Multiple Security Vulnerabilities
2018-01-04
http://www.securityfocus.com/bid/102424
ImageMagick CVE-2017-1000476 Denial of Service Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102428
Microsoft ChakraCore Scripting Engine CVE-2018-0818 Security Bypass Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102412
HP Moonshot Provisioning Manager Multiple Security Vulnerabilities
2018-01-03
http://www.securityfocus.com/bid/102410
Microsoft Internet Explorer and Edge CVE-2018-0772 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102409
Microsoft Internet Explorer and Edge CVE-2018-0762 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102408
Red Hat JBoss Enterprise Application Incomplete Fix Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102407
Microsoft Edge Scripting Engine CVE-2018-0758 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102405
Microsoft Edge Scripting Engine CVE-2018-0781 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102404
Microsoft Edge Scripting Engine CVE-2018-0778 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102403
Microsoft Edge Scripting Engine CVE-2018-0777 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102402
Microsoft Edge Scripting Engine CVE-2018-0776 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102401
Microsoft Edge Scripting Engine CVE-2018-0775 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102400
Microsoft Edge Scripting Engine CVE-2018-0774 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102399
Microsoft Edge Scripting Engine CVE-2018-0773 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102398
Microsoft Edge Scripting Engine CVE-2018-0770 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102397
Microsoft Edge Scripting Engine CVE-2018-0769 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102396
Microsoft Edge Scripting Engine CVE-2018-0768 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102395
Microsoft Edge CVE-2018-0767 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102393
Microsoft Edge CVE-2018-0800 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102392
Microsoft Edge CVE-2018-0780 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102389
Microsoft Edge CVE-2018-0766 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102388
Microsoft Edge CVE-2018-0803 Remote Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102384
SANS News
VMware Security Advisory for V4H and V4PA desktop agent privilege escalation vulnerability -
Threatpost
Google Play Removes 22 Malicious ‘LightsOut’ Apps From Marketplace
Exploint
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC...
Cisco IOS - Remote Code Execution
Ayukov NFTP FTP Client 2.0 - Buffer Overflow (Metasploit)
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow
5.1.2018
Bugtraq
iJoomla com_adagency 6.0.9 - SQL Injection Vulnerabilities 2018-01-05
Vulnerability Lab (research vulnerability-lab com)
SonicWall SonicOS NSA UTM Firewall - Bypass & Persistent Vulnerability 2018-01-04
Vulnerability Lab (research vulnerability-lab com)
Icyphoenix 2.2.0.105 - Multiple SQL Injection Vulnerabilities 2018-01-05
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 4078-1] linux security update 2018-01-04
Yves-Alexis Perez (corsac debian org)
Re "Intel responds to security research findings" 2018-01-03
Ed Maste (emaste freebsd org)
Malware
Phishing
Vulnerebility
Microsoft Windows Kernel CVE-2018-0746 Local Information Disclosure Vulnerability
2018-01-04
http://www.securityfocus.com/bid/102365
Microsoft ChakraCore Scripting Engine CVE-2018-0818 Security Bypass Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102412
HP Moonshot Provisioning Manager Multiple Security Vulnerabilities
2018-01-03
http://www.securityfocus.com/bid/102410
Microsoft Internet Explorer and Edge CVE-2018-0772 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102409
Microsoft Internet Explorer and Edge CVE-2018-0762 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102408
Red Hat JBoss Enterprise Application Incomplete Fix Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102407
Microsoft Edge Scripting Engine CVE-2018-0758 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102405
Microsoft Edge Scripting Engine CVE-2018-0781 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102404
Microsoft Edge Scripting Engine CVE-2018-0778 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102403
Microsoft Edge Scripting Engine CVE-2018-0777 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102402
Microsoft Edge Scripting Engine CVE-2018-0776 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102401
Microsoft Edge Scripting Engine CVE-2018-0775 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102400
Microsoft Edge Scripting Engine CVE-2018-0774 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102399
Microsoft Edge Scripting Engine CVE-2018-0773 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102398
Microsoft Edge Scripting Engine CVE-2018-0770 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102397
Microsoft Edge Scripting Engine CVE-2018-0769 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102396
Microsoft Edge Scripting Engine CVE-2018-0768 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102395
Microsoft Edge CVE-2018-0767 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102393
Microsoft Edge CVE-2018-0800 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102392
Microsoft Edge CVE-2018-0780 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102389
Microsoft Edge CVE-2018-0766 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102388
Microsoft Edge CVE-2018-0803 Remote Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102384
Cisco WebEx Network Recording Player CVE-2018-0104 Remote Code Execution Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102382
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102371
Cisco WebEx Network Recording Player CVE-2018-0103 Local Buffer Overflow Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102369
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102367
Microsoft Windows Kernel CVE-2018-0747 Local Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102366
Microsoft Windows ATMFD.dll CVE-2018-0788 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102364
SANS News
Threatpost
Exploint
Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69...
gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities
Multiple CPUs - 'Spectre' Information Disclosure (PoC)
GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
4.1.2018
Bugtraq
Re "Intel responds to security research findings" 2018-01-03
Ed Maste (emaste freebsd org)
Intel CPU bug forcing page table switch during syscalls? 2018-01-03
Pavel Machek (pavel ucw cz)
[security bulletin] HPESBHF03803 rev.1 - Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance, Remote Denial of Service and Execution of Code 2018-01-03
security-alert hpe com
[security bulletin] MFSBGN03793 rev.2 - Project and Portfolio Management Center, Multiple vulnerabilities 2018-01-03
cyber-psrt microfocus com
CVE-2017-6094 - Genexis GAPS Access Control Vulnerability 2018-01-03
Antoine Neuenschwander (antoine schoggi org)
b2evolution CMS 6.6.0 - 6.8.10 PHP code execution 2018-01-02
Anti Räis (antirais gmail com)
Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590 2018-01-03
Atlassian (security atlassian com)
Malware
Phishing
Order Confirmation AppIe | 4th January 2018 |
Re: [Invoice] Thank you for | |
Vulnerebility
Microsoft Windows Kernel CVE-2018-0746 Local Information Disclosure Vulnerability
2018-01-09
http://www.securityfocus.com/bid/102365
Microsoft Edge Scripting Engine CVE-2018-0778 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102403
Microsoft Edge Scripting Engine CVE-2018-0777 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102402
Microsoft Edge Scripting Engine CVE-2018-0776 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102401
Microsoft Edge Scripting Engine CVE-2018-0775 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102400
Microsoft Edge Scripting Engine CVE-2018-0774 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102399
Microsoft Edge Scripting Engine CVE-2018-0773 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102398
Microsoft Edge Scripting Engine CVE-2018-0770 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102397
Microsoft Edge Scripting Engine CVE-2018-0769 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102396
Microsoft Edge Scripting Engine CVE-2018-0768 Remote Memory Corruption Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102395
Microsoft Edge CVE-2018-0767 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102393
Microsoft Edge CVE-2018-0800 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102392
Microsoft Edge CVE-2018-0780 Scripting Engine Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102389
Microsoft Edge CVE-2018-0766 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102388
Microsoft Edge CVE-2018-0803 Remote Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102384
Cisco WebEx Network Recording Player CVE-2018-0104 Remote Code Execution Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102382
Multiple CPU Hardwares CVE-2017-5754 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102378
Multiple CPU Hardwares CVE-2017-5715 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102376
Multiple CPU Hardwares CVE-2017-5753 Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102371
Cisco WebEx Network Recording Player CVE-2018-0103 Local Buffer Overflow Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102369
Linux Kernel 'net/netfilter/xt_TCPMSS.c' Denial of Service Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102367
Microsoft Windows Kernel CVE-2018-0747 Local Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102366
Microsoft Windows ATMFD.dll CVE-2018-0788 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102364
Microsoft Windows Kernel CVE-2018-0751 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102359
Microsoft Windows GDI Component CVE-2018-0750 Local Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102357
Microsoft Windows Server Message Block CVE-2018-0749 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102355
Microsoft Windows Kernel CVE-2018-0748 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102354
Microsoft Windows Kernel CVE-2018-0745 Local Information Disclosure Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102353
Microsoft Windows Kernel CVE-2018-0744 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102351
Microsoft Windows Subsystem for Linux CVE-2018-0743 Local Privilege Escalation Vulnerability
2018-01-03
http://www.securityfocus.com/bid/102350
SANS News
Phishing to Rural America Leads to Six-figure Wire Fraud Losses
Threatpost
MacOS LPE Exploit Gives Attackers Root Access
Exploint
Xplico - Remote Code Execution (Metasploit)
Linksys WVBR0-25 - User-Agent Command Execution (Metasploit)
EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection
EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
Kingsoft Antivirus/Internet Security 9+ - Privilege Escalation
3.1.2018
Bugtraq
b2evolution CMS 6.6.0 - 6.8.10 PHP code execution 2018-01-02
Anti Räis (antirais gmail com)
Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590 2018-01-03
Atlassian (security atlassian com)
Malware
Phishing
Vulnerebility
Huawei FusionSphere OpenStack CVE-2017-8135 Multiple Command Injection Vulnerabilities
2018-01-02
http://www.securityfocus.com/bid/102262
GNU C Library 'elf/dl-load.c ' CVE-2017-16997 Local Privilege Escalation Vulnerability
2018-01-02
http://www.securityfocus.com/bid/102228
Apple macOS 'IOHIDFamily' Component Local Privilege Escalation Vulnerability
2018-01-01
http://www.securityfocus.com/bid/102335
Webmin 'custom/run.cgi' Cross Site Scripting Vulnerability
2017-12-30
http://www.securityfocus.com/bid/102339
SANS News
Threatpost
VMware Issues 3 Critical Patches for vSphere Data Protection
Exploint
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
2.1.2018
Bugtraq
Malware
Phishing
Vulnerebility
Huawei FusionSphere OpenStack CVE-2017-8135 Multiple Command Injection Vulnerabilities
2018-01-02
http://www.securityfocus.com/bid/102262
GNU C Library 'elf/dl-load.c ' CVE-2017-16997 Local Privilege Escalation Vulnerability
2018-01-02
http://www.securityfocus.com/bid/102228
Apple macOS 'IOHIDFamily' Component Local Privilege Escalation Vulnerability
2018-01-01
http://www.securityfocus.com/bid/102335
LibTIFF CVE-2017-17973 Memory Corruption Vulnerability
2017-12-29
http://www.securityfocus.com/bid/102331
Linux Kernel 'drivers/media/usb/usbtv/usbtv-core.c' Local Denial of Service Vulnerability
2017-12-29
http://www.securityfocus.com/bid/102330
Linux Kernel 'drivers/acpi/apei/einj.c' Local Denial of Service Vulnerability
2017-12-29
http://www.securityfocus.com/bid/102327
LibTIFF CVE-2017-17942 Heap Based Buffer Overflow Vulnerability
2017-12-28
http://www.securityfocus.com/bid/102312
SANS News
Threatpost
Forever 21 Says PoS Systems Exposed Customer Data for 8 Months
Exploint
Apple macOS - IOHIDSystem Kernel Read/Write
Cambium ePMP1000 - 'get_chart' Shell via Command Injection (Metasploit)
Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit)
HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit)
1.1.2018
Bugtraq
Malware
Phishing
Dr. Samuel Tata | 28th December 2017 |
Vulnerebility
SANS News
Threatpost
Exploint
PHP Melody 2.7.1 - 'playlist' SQL Injection
D3DGear 5.00 Build 2175 - Buffer Overflow
2017
30.12.2017
Bugtraq
Malware
Phishing
Vulnerebility
LibTIFF CVE-2017-17942 Heap Based Buffer Overflow Vulnerability
2017-12-28
http://www.securityfocus.com/bid/102312
Wireshark 'epan/wslua/wslua_file.c' Denial of Service Vulnerability
2017-12-27
http://www.securityfocus.com/bid/102311
Red Hat CloudForms CVE-2017-15125 HTML Injection Vulnerability
2017-12-27
http://www.securityfocus.com/bid/102287
Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-12-25
http://www.securityfocus.com/bid/101796
SANS News
Threatpost
Leaky RootsWeb Server Exposes Some Ancestry.com User Data
Mozilla Patches Critical Bug in Thunderbird
Exploint
NetTransport 2.96L - Buffer Overflow (DEP Bypass)
27.12.2017
Bugtraq
Malware
Phishing
Vulnerebility
SANS News
What are your Security Challenges for 2018?
Threatpost
Mozilla Patches Critical Bug in Thunderbird
Exploint
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection
Sendroid < 6.5.0 - SQL Injection
Biometric Shift Employee Management System 3.0 - Local File Disclosure
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection
GetGo Download Manager 5.3.0.2712 - Buffer Overflow
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
Easy!Appointments 1.2.1 - Cross-Site Scripting
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
Sony Playstation 4 4.05 FW - Local Kernel Loader
ALLMediaServer 0.95 - Buffer Overflow
26.12.2017
Bugtraq
Malware
Phishing
Vulnerebility
Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-12-25
http://www.securityfocus.com/bid/101796
Apple iOS/tvOS/MacOS/watchOS Multiple Security Vulnerabilities
2017-12-25
http://www.securityfocus.com/bid/93054
Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-25
http://www.securityfocus.com/bid/102115
Linux Kernel CVE-2017-16996 Local Memory Corruption Vulnerability
2017-12-22
http://www.securityfocus.com/bid/102267
SANS News
Dealing with obfuscated RTF files
Threatpost
Exploint
COMTREND ADSL Router CT-5367 - Remote Code Execution
Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation
GetGo Download Manager 5.3.0.2712 - Buffer Overflow
25.12.2017
Bugtraq
Malware
Phishing
Vulnerebility
Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-25
http://www.securityfocus.com/bid/102115
Mozilla Thunderbird Prior to 52.5.2 Multiple Security Vulnerabilities
2017-12-22
http://www.securityfocus.com/bid/102258
Moxa NPort W2150A and W2250A CVE-2017-16727 Unauthorized Access Vulnerability
2017-12-21
http://www.securityfocus.com/bid/102254
SANS News
Threatpost
Huawei Router Vulnerability Used to Spread Mirai Variant
Nissan Canada Finance Notifies 1.1 Million of Data Breach
Exploint
22.12.2017
Bugtraq
Malware
Phishing
Vulnerebility
Moxa NPort W2150A and W2250A CVE-2017-16727 Unauthorized Access Vulnerability
2017-12-21
http://www.securityfocus.com/bid/102254
WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-20
http://www.securityfocus.com/bid/101274
Symantec Messaging Gateway CVE-2017-15532 Directory Traversal Vulnerability
2017-12-20
http://www.securityfocus.com/bid/102096
SANS News
I'm All Up in Your Blockchain, Pilfering Your Wallets
Threatpost
Google Play Boots 3 Fake Bitcoin Wallet Apps
Nissan Canada Finance Notifies 1.1 Million of Data Breach
Exploint
Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote...
21.12.2017
Bugtraq
Malware
Phishing
Vulnerebility
WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-20
http://www.securityfocus.com/bid/101274
Symantec Messaging Gateway CVE-2017-15532 Directory Traversal Vulnerability
2017-12-20
http://www.securityfocus.com/bid/102096
NetGain Systems Enterprise Manager CVE-2017-16607 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102219
Trend Micro Mobile Security Information Disclosure and Denial of Service Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102216
IBM RPA with Automation Anywhere CVE-2017-1751 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102217
IBM Business Process Manager CVE-2017-1494 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102218
IBM Integration Bus CVE-2017-1694 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102215
Linksys WVBR0-25 CVE-2017-17411 Remote Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102212
VideoLAN VLC 'mp4/libmp4.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102214
DotNetNuke CVE-2017-9822 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102213
IBM Maximo Asset Management CVE-2017-1558 Unspecified Open Redirect Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102211
Huawei FusionSphere OpenStack CVE-2017-8194 Router Authentication Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102209
Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102207
EMC Isilon OneFS CVE-2017-14380 Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102210
Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102208
ImageMagick CVE-2017-17682 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102202
Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102204
ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102206
ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102203
Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102200
Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102170
Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102199
Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102197
Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102201
Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102198
Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102195
Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102196
OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/100515
Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102194
Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102192
SANS News
Threatpost
CHM Help Files Deliver Brazilian Banking Trojan
Exploin
Samsung Internet Browser - SOP Bypass (Metasploit)
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
[SECURITY] [DSA 4089-1] bind9 security update 2018-01-16
Salvatore Bonaccorso (carnil debian org)
ADVISORY - LiveZilla - Cross-site scripting (XSS) vulnerability in knowledgebase.php - CVE-2017-15869 2018-01-16
tim kretschmann pallas com
[SECURITY] [DSA 4088-1] gdk-pixbuf security update 2018-01-15
Moritz Muehlenhoff (jmm debian org)
MagicSpam 2.0.13 - Insecure File Permission Vulnerability 2018-01-15
Vulnerability Lab (research vulnerability-lab com)
Zenario v7.6 CMS - SQL Injection Web Vulnerability 2018-01-15
Vulnerability Lab (research vulnerability-lab com)
[RT-SA-2017-013] Truncation of SAML Attributes in Shibboleth 2 2018-01-15
RedTeam Pentesting GmbH (release redteam-pentesting de)
Broken TLS certificate pinning in VTech DigiGo Kid Connect app 2018-01-13
Summer of Pwnage (lists securify nl)
Authentication bypass in Kaseya VSA 2018-01-13
Securify B.V. (lists securify nl)
Arbitrary file read in Kaseya VSA 2018-01-13
Securify B.V. (lists securify nl)
[SECURITY] [DSA 4087-1] transmission security update 2018-01-14
Moritz Muehlenhoff (jmm debian org)
Multiple vulnerabilities in VTech DigiGo allow browser overlay attack 2018-01-13
Summer of Pwnage (lists securify nl)
Broken TLS certificate validation in VTech DigiGo browser 2018-01-13
Summer of Pwnage (lists securify nl)
[SECURITY] [DSA 4086-1] libxml2 security update 2018-01-13
Salvatore Bonaccorso (carnil debian org)
Seagate Media Server allows deleting of arbitrary files and folders 2018-01-13
Summer of Pwnage (lists securify nl)
Adminer <= v4.3.1 Server Side Request Forgery 2018-01-14
apparitionsec gmail com
Code execution in Kaseya VSA 2018-01-13
Securify B.V. (lists securify nl)
[security bulletin] HPESBHF03800 rev.1 - HPE Comware 7 MSR Routers, Remote Denial of Service and Local Elevation or Privilege 2018-01-12
security-alert hpe com
[SECURITY] [DSA 4085-1] xmltooling security update 2018-01-12
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPESBNS03804 rev.1 - HPE NonStop Server, Local Authentication Restriction Bypass 2018-01-12
security-alert hpe com
Microsoft Sharepoint 2013 - Limited Access Permission Bypass Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 4084-1] gifsicle security update 2018-01-12
Sebastien Delafond (seb debian org)
MagicSpam 2.0.13 - Insecure File Permission Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Magento Commerce - SSRF & XSPA Web Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Magento Connect T1 - (Claim) Persistent Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability 2018-01-12
Vulnerability Lab (submit vulnerability-lab com)
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
Flash Operator Panel v2.31.03 - Command Execution Vulnerability 2018-01-12
Vulnerability Lab (research vulnerability-lab com)
CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting 2018-01-11
Advisories (advisories compass-security com)
[SECURITY] [DSA 4083-1] poco security update 2018-01-11
Sebastien Delafond (seb debian org)