Bugtraq: by thread

• RSS Feed
• About List
• All Lists

Previous period

Next period

76 messages starting Feb 01 18 and ending Feb 28 18
Date index | Thread index | Author index

• SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range SEC Consult Vulnerability Lab (Feb 01)
• [security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection cyber-psrt (Feb 01)
• [slackware-security] php (SSA:2018-034-01) Slackware Security Team (Feb 05)
• [SECURITY] [DSA 4104-1] p7zip security update Salvatore Bonaccorso (Feb 05)
• [CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities Core Security Advisories Team (Feb 05)
• [SECURITY] [DSA 4105-1] mpv security update Luciano Bello (Feb 07)
• [SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform Security Explorations (Feb 07)
• [slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) Slackware Security Team (Feb 07)
• SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip SEC Consult Vulnerability Lab (Feb 07)
• [SECURITY] [DSA 4106-1] libtasn1-6 security update Salvatore Bonaccorso (Feb 07)
• [security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) security-alert (Feb 07)
• [SECURITY] [DSA 4107-1] django-anymail security update Salvatore Bonaccorso (Feb 07)
• SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro SEC Consult Vulnerability Lab (Feb 08)
• [SECURITY] [DSA 4105-2] mpv security update Luciaon Bello (Feb 08)
• Advisory - Fisheye and Crucible - CVE-2017-16861 David Black (Feb 08)
• [SECURITY] [DSA 4108-1] mailman security update Thijs Kinkhorst (Feb 09)
• KL-001-2018-002 : NetEx HyperIP Authentication Bypass KoreLogic Disclosures (Feb 12)
• KL-001-2018-006 : Trend Micro IMSVA Management Portal Authentication Bypass KoreLogic Disclosures (Feb 12)
• KL-001-2018-003 : NetEx HyperIP Post-Auth Command Execution KoreLogic Disclosures (Feb 12)
• KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability KoreLogic Disclosures (Feb 12)
• [SECURITY] [DSA 4109-1] ruby-omniauth security update Luciano Bello (Feb 12)
• [SECURITY] [DSA 4111-1] libreoffice security update Moritz Muehlenhoff (Feb 12)
• KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability KoreLogic Disclosures (Feb 12)
• Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM Stefan Kanthak (Feb 12)
  • Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM Jeffrey Walton (Feb 14)
    • Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM Stefan Kanthak (Feb 15)
• [SECURITY] [DSA 4110-1] exim4 security update Salvatore Bonaccorso (Feb 12)
• CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow (hyp3rlinx / apparition security) apparitionsec (Feb 12)
• [security bulletin] HPESBHF03819 rev.1 - HPE XP Storage using HGLM, Local Authentication Bypass security-alert (Feb 13)
• [SECURITY] [DSA 4111-2] libreoffice security update Moritz Muehlenhoff (Feb 13)
• CSNC-2017-027 Microsoft Intune - App PIN Bypass Advisories (Feb 13)
• [security bulletin] MFSBGN03800 rev.1 - Micro Focus Performance Center, Remote Arbitrary Code Execution or Remote Arbitrary File Modification cyber-psrt (Feb 14)
• Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS Stefan Kanthak (Feb 14)
• NAT32 Build (22284) Remote Code Execution CVE-2018-6940 (hyp3rlinx / apparition security) apparitionsec (Feb 14)
• [SECURITY] [DSA 4113-1] libvorbis security update Moritz Muehlenhoff (Feb 14)
• [SECURITY] [DSA 4112-1] xen security update Moritz Muehlenhoff (Feb 14)
• [SECURITY] [DSA 4114-1] jackson-databind security update Sebastien Delafond (Feb 14)
• Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF Arvind Vishwakarma (Feb 15)
• Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload Arvind Vishwakarma (Feb 15)
• [SECURITY] [DSA 4115-1] quagga security update Salvatore Bonaccorso (Feb 15)
• [slackware-security] irssi (SSA:2018-046-01) Slackware Security Team (Feb 16)
• Security advisory for Bugzilla 5.1.1, 5.0.3, and 4.4.12 dkl (Feb 19)
• [SECURITY] [DSA 4116-1] plasma-workspace security update Moritz Muehlenhoff (Feb 19)
• [SECURITY] [DSA 4118-1] tomcat-native security update Salvatore Bonaccorso (Feb 19)
• Kentico CMS version 9 through 11 - Arbitrary Code Execution displaymyname (Feb 19)
• [SECURITY] [DSA 4117-1] gcc-4.9 security update Moritz Muehlenhoff (Feb 19)
• Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) displaymyname (Feb 19)
• [SECURITY] [DSA 4119-1] libav security update Moritz Muehlenhoff (Feb 19)
• APPLE-SA-2018-02-19-4 watchOS 4.2.3 Apple Product Security (Feb 19)
• APPLE-SA-2018-02-19-3 tvOS 11.2.6 Apple Product Security (Feb 19)
• APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update Apple Product Security (Feb 19)
• APPLE-SA-2018-02-19-1 iOS 11.2.6 Apple Product Security (Feb 19)
• Multiple Persistent XSS vulnerabilities in Radiant Content Management System suparna . kachru (Feb 20)
• Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS preethiknambiar (Feb 20)
• Sharutils 4.15.2 Heap-Buffer-Overflow nafiez (Feb 21)
  • Sharutils 4.15.2 Heap-Buffer-Overflow nafiez (Feb 21)
• SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors SEC Consult Vulnerability Lab (Feb 21)
• DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability Defense Code (Feb 21)
• [CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities Core Security Advisories Team (Feb 21)
• [SECURITY] [DSA 4121-1] gcc-6 security update Moritz Muehlenhoff (Feb 22)
• [SECURITY] [DSA 4120-1] linux security update Yves-Alexis Perez (Feb 22)
• [security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance cyber-psrt (Feb 22)
• Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 Justin Bull (Feb 22)
• [SECURITY] [DSA 4122-1] squid3 security update Salvatore Bonaccorso (Feb 22)
• [SECURITY] [DSA 4123-1] drupal7 security update Moritz Muehlenhoff (Feb 26)
• CMS Made Simple 2.1.6 - Remote Code Execution displaymyname (Feb 26)
• ES2018-01 Asterisk pjsip subscribe stack corruption Sandro Gauci (Feb 26)
• ES2018-02 Asterisk pjsip sdp invalid fmtp segfault Sandro Gauci (Feb 26)
• ES2018-04 Asterisk pjsip tcp segfault Sandro Gauci (Feb 26)
• ES2018-03 Asterisk pjsip sdp invalid media format description segfault Sandro Gauci (Feb 26)
• SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket SEC Consult Vulnerability Lab (Feb 27)
• [security bulletin] HPESBHF03826 rev.1 - HPE Integrated Lights-Out 3 (iLO 3) Remote Denial of Service security-alert (Feb 27)
• [SECURITY] [DSA 4124-1] lucene-solr security update Moritz Muehlenhoff (Feb 27)
• SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management SEC Consult Vulnerability Lab (Feb 28)
• Secunia Research: Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability Secunia Research (Feb 28)
• [security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities cyber-psrt (Feb 28)

Previous period

Next period