Messages by Thread
-
[CORE-2018-0011] - Cisco WebEx Meetings Elevation of Privilege Vulnerability
advisories
-
Avahi 0.7 missing link-local checks in Legacy Unicast Responses cause information disclosure and makes DDoS with mDNS traffic reflection possible
Krzysztof Burghardt
-
[SECURITY] [DSA 4345-1] samba security update
Salvatore Bonaccorso
-
[SECURITY] [DSA 4344-1] roundcube security update
Salvatore Bonaccorso
-
[SECURITY] [DSA 4343-1] liblivemedia security update
Moritz Muehlenhoff
-
Cory Support v1.0 - Time-Based SQL Injection in Signin
Socket_0x03
-
[slackware-security] openssl (SSA:2018-325-01)
Slackware Security Team
-
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008
Michael Catanzaro
-
[SECURITY] [DSA 4339-2] ceph regression update
Salvatore Bonaccorso
-
SEC Consult SA-20181121-0 :: Signature Bypass / Authentication Bypass in Governikus Autent SDK
SEC Consult Vulnerability Lab
-
SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition
SEC Consult Vulnerability Lab
-
SEC Consult SA-20181114-0 :: Denial of Service in Microsoft Skype for Business
SEC Consult Vulnerability Lab
-
[SECURITY] [DSA 4341-1] mariadb-10.1 security update
Salvatore Bonaccorso
-
ACM CCS 2019 - Call for Papers
m.manulis
-
[SECURITY] [DSA 4340-1] chromium-browser security update
Michael Gilbert
-
Escalation of privilege with Intel Rapid Storage User Interface
Stefan Kanthak
-
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
Murat Aydemir
-
D-LINK Central WifiManager CWM-100 Server Side Request Forgery CVE-2018-15517
apparitionsec
-
D-LINK Central WifiManager CWM-100 Trojan File SYSTEM Privilege Escalation CVE-2018-15515
apparitionsec
-
D-LINK Central WifiManager CWM-100 FTP Server PORT Bounce Scan CVE-2018-15516
apparitionsec
-
[CVE-2018-3635] Executable installers are vulnerable^WEVIL (case 59): arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver
Stefan Kanthak
-
Remote Code Execution Vulnerability in ELBA5 Electronic Banking
Florian Bogner
-
AST-2018-010: Remote crash vulnerability DNS SRV and NAPTR lookups
Asterisk Security Team
-
AST-2018-010:
Asterisk Security Team
-
Custom Frontend Login Registration Form (WP Plugin) - Multiple XSS Vulnerabilities
Socket_0x03
-
[SECURITY] [DSA 4339-1] ceph security update
Moritz Muehlenhoff
-
[security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information
cyber-psrt
-
[security bulletin] MFSBGN03830 rev.1 - Service Manager, unauthorized disclosure of information
cyber-psrt
-
[security bulletin] MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data
cyber-psrt
-
[slackware-security] libtiff (SSA:2018-316-01)
Slackware Security Team
-
[SECURITY] [DSA 4338-1] qemu security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4337-1] thunderbird security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4336-1] ghostscript security update
Salvatore Bonaccorso
-
PeepSo v1.11.2 (WordPress Plugin) - XSS Vulnerability in Members
Socket_0x03
-
PeepSo v1.11.2 - Time-Based SQL Injection
Socket_0x03
-
NEW VMSA-2018-0027 VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
VMware Security Response Center
-
WP User Manager v2.0.8 - Time-Based SQL Injection
Socket_0x03
-
[SECURITY] [DSA 4335-1] nginx security update
Moritz Muehlenhoff
-
[security bulletin] MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution
cyber-psrt
-
[slackware-security] mariadb (SSA:2018-309-01)
Slackware Security Team
-
KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities
KoreLogic Disclosures
-
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings.
Hakan Bayır
-
[SECURITY] [DSA 4334-1] mupdf security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4333-1] icecast2 security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4332-1] ruby2.3 security update
Salvatore Bonaccorso
-
[SECURITY] [DSA 4331-1] curl security update
Alessandro Ghedini
-
[SECURITY] [DSA 4330-1] chromium-browser security update
Michael Gilbert
-
Disclose Vulnerability
alphan yavaş
-
[slackware-security] curl (SSA:2018-304-01)
Slackware Security Team
-
October 2018 Sourcetree Advisory
Anton Black
-
OpenText Brava! Enterprise and Brava! Server Components Sensitive Data Exposure
luke . bailiff
-
Zoho ManageEngine OpManager 12.3 allows Self XSS Vulnerability
Hakan Bayır
-
Zoho ManageEngine OpManager 12.3 allows Stored XSS
Hakan Bayır
-
APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
Apple Product Security
-
APPLE-SA-2018-10-30-12 Additional information APPLE-SA-2018-10-08-2 iCloud for Windows 7.7
Apple Product Security
-
APPLE-SA-2018-10-30-9 Additional information for APPLE-SA-2018-9-24-1 macOS Mojave 10.14
Apple Product Security
-
APPLE-SA-2018-10-30-10 Additional information for APPLE-SA-2018-9-24-5 watchOS 5
Apple Product Security
-
APPLE-SA-2018-10-30-8 Additional information for APPLE-SA-2018-9-24-4 iOS 12
Apple Product Security
-
APPLE-SA-2018-10-30-11 Additional information for APPLE-SA-2018-9-24-6 tvOS 12
Apple Product Security
-
APPLE-SA-2018-10-30-13 Additional information for APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows
Apple Product Security
-
APPLE-SA-2018-10-30-6 iTunes 12.9.1
Apple Product Security
-
APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra
Apple Product Security
-
APPLE-SA-2018-10-30-7 iCloud for Windows 7.8
Apple Product Security
-
APPLE-SA-2018-10-30-5 tvOS 12.1
Apple Product Security
-
APPLE-SA-2018-10-30-4 watchOS 5.1
Apple Product Security
-
APPLE-SA-2018-10-30-3 Safari 12.0.1
Apple Product Security
-
APPLE-SA-2018-10-30-1 iOS 12.1
Apple Product Security
-
[SECURITY] [DSA 4329-1] teeworlds security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4321-2] graphicsmagick update
Moritz Muehlenhoff
-
[CORE-2018-0005] - ASRock Drivers Elevation of Privilege Vulnerabilities
SecureAuth Advisories Team
-
[SECURITY] [DSA 4328-1] xorg-server security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4327-1] thunderbird security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4326-1] openjdk-8
Moritz Muehlenhoff
-
[SECURITY] [DSA 4325-1] mosquitto security update
Sebastien Delafond
-
[SECURITY] [DSA 4324-1] firefox-esr security update
Moritz Muehlenhoff
-
[SYSS-2018-028] information leakage with Polycom VVX Phones (Skype for Business, on-premise) - CVE-2018-18566
Micha Borrmann
-
[SYSS-2018-027] missing X.509 validation with Polycom VVX Phones (Skype for Business, on-premise) - CVE-2018-18568
Micha Borrmann
-
[SYSS-2018-026] missing X.509 validation with AudioCodes IP Phones (Skype for Business, on-premise) - CVE-2018-18567
Micha Borrmann
-
[security bulletin] MFSBGN03827 rev.1 - Microfocus Real User Monitoring 9.4.0 BPRDownload Java Deserialization Vulnerability
cyber-psrt
-
[slackware-security] mozilla-firefox (SSA:2018-296-01)
Slackware Security Team
-
CA20181017-01: Security Notice for CA Identity Governance
Kotas, Kevin J
-
Question Answer v1.2.30 (WordPress Plugin) - Multiple XSS Vulnerabilities
Socket_0x03
-
SATE VI - Call for Participation
Delaitre, Aurelien (IntlAssoc)
-
Zoho ManageEngine OpManager 12.3 allows Unrestricted Arbitrary File Upload
Murat Aydemir
-
Pie Register v3.0.17 (WordPress Plugin) - XSS Vulnerability in Forgot-Password
Socket_0x03
-
SEC Consult SA-20181009-0 :: Remote Code Execution via XMeye P2P Cloud in Xiongmai IP Cameras, NVRs and DVRs incl. 3rd party OEM devices (CVE-2018-17915, CVE-2018-17917, CVE-2018-17919)
SEC Consult Vulnerability Lab
-
Responsive Filemanager 9.8.1 Reflected Cross Site Scripting (XSS)
yavuz atlas
-
Responsive Filemanager 9.8.1 Authentication Bypass
yavuz atlas
-
[SECURITY] [DSA 4313-1] linux security update
Salvatore Bonaccorso
-
CVE Request: Sitepress Multilingual CMS Plugin Unauthenticated Stored XSS
Rahul Pratap Singh
-
APPLE-SA-2018-10-08-2 iCloud for Windows 7.7
Apple Product Security
-
APPLE-SA-2018-10-08-1 iOS 12.0.1
Apple Product Security
-
[SECURITY] [DSA 4312-1] tinc security update
Salvatore Bonaccorso
-
[UPDATE][CVE-2018-11797] DoS vulnerability in Apache PDFBox parser
Andreas Lehmkuehler
-
[SECURITY] [DSA 4311-1] git security update
Salvatore Bonaccorso
-
[CVE-2018-11797] DoS vulnerability in Apache PDFBox parser
Andreas Lehmkuehler
-
Pie Register v3.0.15 (WordPress Plugin) - Cross-Site Scripting Vulnerability in Login
Socket_0x03
-
[SECURITY] [DSA 4310-1] firefox-esr security update
Salvatore Bonaccorso
-
[slackware-security] mozilla-firefox (SSA:2018-276-01)
Slackware Security Team
-
[SYSS-2018-024] Privilege Escalation in Verint Verba Collaboration Compliance and Quality Management Platform (CVE-2018-17872)
Micha Borrmann
-
[SYSS-2018-023] Password leakage in Verint Verba Collaboration Compliance and Quality Management Platform (CVE-2018-17871)
Micha Borrmann
-
[SECURITY] [DSA 4309-1] strongswan security update
Yves-Alexis Perez
-
SEC Consult SA-20181001-0 :: Password disclosure vulnerability & XSS in PTC ThingWorx (CVE-2018-17216, CVE-2018-17217, CVE-2018-17218)
SEC Consult Vulnerability Lab
-
Ivanti Workspace Control local privilege escalation via Named Pipe
Securify B.V.
-
Ivanti Workspace Control Application Whitelist bypass via PowerGrid /SEE command line argument
Securify B.V.
-
Ivanti Workspace Control Data Security bypass via localhost UNC path
Securify B.V.
-
Ivanti Workspace Control Application Whitelist bypass via PowerGrid /RWS command line argument
Securify B.V.
-
Stored credentials Ivanti Workspace Control can be retrieved from Registry
Securify B.V.
-
[SECURITY] [DSA 4308-1] linux security update
Salvatore Bonaccorso
-
e2 Security GmbH Advisory 2018-01: MensaMax Android app / Unencrypted transmission and usage of hardcoded encryption key
Stefan Pietsch
-
[SECURITY] [DSA 4307-1] python3.5 security update
Moritz Muehlenhoff
-
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0007
Michael Catanzaro
-
[SYSS-2018-014] Bestwebsoft PDF & Print - Cross-Site Scripting
Robin . Trost
-
[SECURITY] [DSA 4306-1] python2.7 security update
Moritz Muehlenhoff
-
[waraxe-2018-SA#108] - Username Disclosure in Breadcrumb NavXT Wordpress plugin
come2waraxe
-
SEC Consult SA-20180926-0 ::
SEC Consult Vulnerability Lab
-
SEC Consult SA-20180924-0 :: Multiple Vulnerabilities in Citrix StorageZones Controller
SEC Consult Vulnerability Lab
-
Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)
Qualys Security Advisory
-
tekno.Portal v0.1b - Cross-Site Scripting Vulnerability in "link.php"
Socket_0x03
-
APPLE-SA-2018-9-24-5 Additional information for APPLE-SA-2018-9-17-2 watchOS 5
Apple Product Security
-
APPLE-SA-2018-9-24-4 Additional information for APPLE-SA-2018-9-17-1 iOS 12
Apple Product Security
-
APPLE-SA-2018-9-24-6 Additional information for APPLE-SA-2018-9-17-3 tvOS 12
Apple Product Security
-
APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows
Apple Product Security
-
APPLE-SA-2018-9-24-3 Additional information for APPLE-SA-2018-9-17-4 Safari 12
Apple Product Security
-
APPLE-SA-2018-9-24-1 macOS Mojave 10.14
Apple Product Security
-
[SECURITY] [DSA 4305-1] strongswan security update
Yves-Alexis Perez
-
[SECURITY] [DSA 4303-1] okular security update
Moritz Muehlenhoff
-
[slackware-security] mozilla-firefox (SSA:2018-265-01)
Slackware Security Team
-
[SECURITY] [DSA 4304-1] firefox-esr security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4301-1] mediawiki security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4302-1] openafs security update
Salvatore Bonaccorso
-
[SECURITY] [DSA 4300-1] libarchive-zip-perl security update
Salvatore Bonaccorso
-
[slackware-security] Slackware 14.2 kernel (SSA:2018-264-01)
Slackware Security Team
-
[SYSS-2018-016] Postman - Improper Certificate Validation
ludwig . stage
-
[SECURITY] [DSA 4299-1] texlive-bin security update
Yves-Alexis Perez
-
[waraxe-2018-SA#107] - Reflected XSS in FV Flowplayer Wordpress plugin
come2waraxe
-
AST-2018-009: Remote crash vulnerability in HTTP websocket upgrade
Asterisk Security Team
-
[SECURITY] [DSA 4298-1] hylafax security update
Moritz Muehlenhoff
-
OPManager SQL Injection Vulnerability
Murat Aydemir
-
X41 D-Sec GmbH Security Advisory X41-2018-007: Multiple Vulnerabilities in mgetty
X41 D-Sec GmbH Advisories
-
X41 D-Sec GmbH Security Advisory X41-2018-008: Multiple Vulnerabilities in HylaFAX
X41 D-Sec GmbH Advisories
-
[HITB-Announce] #HITBSecConf2018PEK Call for CTF
Hafez Kamal
-
[SECURITY] [DSA 4297-1] chromium-browser security update
Michael Gilbert
-
SEC Consult SA-20180918-0 :: Remote Code Execution via PHP unserialize in Moodle open-source learning platform
SEC Consult Vulnerability Lab
-
race condition in .net core System.IO.Directory.Delete allowing deletion of entire drives
Joshua Hudson
-
APPLE-SA-2018-9-17-4 Safari 12
Apple Product Security
-
APPLE-SA-2018-9-17-5 Apple Support 2.4 for iOS
Apple Product Security
-
APPLE-SA-2018-9-17-3 tvOS 12
Apple Product Security
-
APPLE-SA-2018-9-17-1 iOS 12
Apple Product Security
-
APPLE-SA-2018-9-17-2 watchOS 5
Apple Product Security
-
[SECURITY] [DSA 4296-1] mbedtls security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4295-1] thunderbird security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4294-1] ghostscript security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4273-2] intel-microcode security update
Moritz Muehlenhoff
-
[slackware-security] php (SSA:2018-257-01)
Slackware Security Team
-
[SECURITY] [DSA 4293-1] discount security update
Alessandro Ghedini
-
[slackware-security] ghostscript (SSA:2018-256-01)
Slackware Security Team
-
CVE-2018-16242 - oBike Electronic Lock Bypass
Antoine Neuenschwander
-
CVE-2017-16639 - Tor Browser Deanonymization With SMB
Filippo Cavallarin
-
Seagate Personal Cloud multiple information disclosure vulnerabilities
Summer of Pwnage
-
[SYSS-2018-015] HiScout GRC Suite < 3.1.5 - Unrestricted Upload of File with Dangerous Type
sebastian . auwaerter
-
Disclose SSRF Vulnerability
Alphan Yavaş
-
FreeBSD Security Advisory FreeBSD-SA-18:12.elf
FreeBSD Security Advisories
-
[SECURITY] [DSA 4292-1] kamailio security update
Salvatore Bonaccorso
-
[SECURITY] [DSA 4291-1] mgetty security update
Yves-Alexis Perez
-
[SECURITY] [DSA 4290-1] libextractor security update
Salvatore Bonaccorso
-
CVE-2017-16541 details: Deanonymize Tor Browser Users with Automount
Filippo Cavallarin
-
[SECURITY] [DSA 4289-1] chromium-browser security update
Michael Gilbert
-
[SECURITY] [DSA 4288-1] ghostscript security update
Moritz Muehlenhoff
-
[SECURITY] [DSA 4287-1] firefox-esr security update
Moritz Muehlenhoff
-
[CVE-2018-15876] Ajax BootModal Login Captcha Reuse
Lyderic LEFEBVRE
-
SEC Consult SA-20180906-0 :: CSV Formula Injection in DokuWiki
SEC Consult Vulnerability Lab
-
CVE-2017-17762 - XXE Vulnerability in Episerver
Jonas Lejon
-
Vulnerabilities in KONEs Group Controller (KGC)
Sebastian Neuner
-
[slackware-security] Slackware 14.2 mozilla-thunderbird (SSA:2018-249-04)
Slackware Security Team
-
[slackware-security] mozilla-firefox (SSA:2018-249-03)
Slackware Security Team
-
[slackware-security] curl (SSA:2018-249-01)
Slackware Security Team
-
[slackware-security] ghostscript (SSA:2018-249-02)
Slackware Security Team
-
[SECURITY] [DSA 4286-1] curl security update
Alessandro Ghedini
-
[SECURITY] [DSA 4285-1] sympa security update
Salvatore Bonaccorso
-
[SECURITY] [DSA 4284-1] lcms2 security update
Moritz Muehlenhoff
-
Amcrest Cameras SSL Key Reuse Across installations
jack . m . mckenna
-
[SECURITY] [DSA 4283-1] ruby-json-jwt security update
Moritz Muehlenhoff
-
Defense in depth -- the Microsoft way (part 57): installation of security updates fails on Windows Embedded POSReady 2009
Stefan Kanthak
-
[SECURITY] [DSA 4282-1] trafficserver security update
Moritz Muehlenhoff
-
CA20180829-03: Security Notice for CA Release Automation
Williams, Ken
-
CA20180829-02: Security Notice for CA Unified Infrastructure Management
Williams, Ken
-
CA20180829-01: Security Notice for CA PPM
Williams, Ken
-
[security bulletin] MFSBGN03821 rev.1 - Micro Focus Hybrid Cloud Management (HCM) containerized suite, Remote Code Execution
cyber-psrt
-
[security bulletin] MFSBGN03820 rev.1 - Micro Focus Hybrid Cloud Management (HCM) containerized suites, remote code execution
cyber-psrt
-
[security bulletin] MFSBGN03818 rev.1 - Micro Focus Operations Bridge containerized suite, Remote Code Execution
cyber-psrt
-
[security bulletin] MFSBGN03815 rev.1 - Data Center Automation Containerized (DCA) suite, remote code execution
cyber-psrt
-
[security bulletin] MFSBGN03814 rev.1 - Service Management Automation (SMA) containerized, Remote Code Execution
cyber-psrt
-
[security bulletin] MFSBGN03817 rev.1 - Operations Bridge containerized suite, Remote Code Execution
cyber-psrt
-
[security bulletin] MFSBGN03813 rev.1 - Network Operations Management (NOM) Suite CDF, Remote Code Execution
cyber-psrt
-
Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489]
research
-
[security bulletin] MFSBGN03812 rev.1 - Application Performance Management, remote cross-site tracing
cyber-psrt
-
CSNC-2018-015 - ownCloud Impersonate - Authorization Bypass
Advisories