-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-1-8-1 iOS 11.2.2
iOS 11.2.2 is now available and and addresses the following:
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Description: iOS 11.2.2 includes security improvements to Safari and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-1-8-3 Safari 11.0.2
Safari 11.0.2 is now available and and addresses the following:
Available for: OS X El Capitan 10.11.6 and macOS Sierra 10.12.6
Description: Safari 11.0.2 includes security improvements to mitigate
the effects of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update
macOS High Sierra 10.13.2 Supplemental Update is now available
and addresses the following:
Available for: macOS High Sierra 10.13.2
Description: macOS High Sierra 10.13.2
[+] Credits: John Page (aka Hyp3rlinX)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt
[+] ISR: ApparitionSec
Vendor:
===
www.articatech.com
Product:
Wickr Inc - App Clock & Message Deletion Glitch P2 - Bug Bounty
(Document) [PDF]
URL: https://www.vulnerability-lab.com/get_content.php?id=2107
Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/01/04/wickr-inc-app-clock-message-deletion-glitch
--
VULNERABILITY
* Exploit Title: Social Media Widget by Acurax [CSRF]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://www.acurax.com/
* Software Link: https://wordpress.org/plugins/acurax-social-media-widget
* Version: 3.2.5
Document Title:
===
SonicWall SonicOS NSA Web Firewall - Multiple Web Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1725
Release Date:
=
2018-01-06
Vulnerability Laboratory ID (VL-ID):
* Exploit Title: CMS Tree Page View [CSRF, Privilege Escalation]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://eskapism.se/
* Software Link: https://wordpress.org/plugins/cms-tree-page-view
* Version: 1.4
*
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4079-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 07, 2018
* Exploit Title: Admin Menu Tree Page View [CSRF, Privilege Escalation]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://eskapism.se/
* Software Link: https://wordpress.org/plugins/admin-menu-tree-page-view
*
Document Title:
===
WpJobBoard v4.4.4 - Multiple SQL Injection Vulnerabilities
References (Source):
https://www.vulnerability-lab.com/get_content.php?id=1940
Release Date:
=
2018-01-06
Vulnerability Laboratory ID (VL-ID):
[+] Credits: John Page (aka Hyp3rlinX)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MIST-SERVER-v2.12-UNAUTHENTICATED-PERSISTENT-XSS-CVE-2017-16884.txt
[+] ISR: ApparitionSec
Vendor:
=
mistserver.org
[+] Credits: John Page (aka HyP3rlinX)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/ABYSS-WEB-SERVER-MEMORY-HEAP-CORRUPTION.txt
[+] ISR: ApparitionSec
Vendor:
==
aprelium.com
Product:
===
Abyss Web
13 matches
Mail list logo