-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4119-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 19, 2018
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-02-19-1 iOS 11.2.6
iOS 11.2.6 is now available and addresses the following:
CoreText
Available for: iPhone 5s and later, iPad Air and later, and
iPod touch 6th generation
Impact: Processing a maliciously crafted string may lead to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-02-19-3 tvOS 11.2.6
tvOS 11.2.6 is now available and addresses the following:
CoreText
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update
macOS High Sierra 10.13.3 Supplemental Update is now available and
addresses the following:
CoreText
Available for: macOS High Sierra 10.13.3
Impact: Processing a maliciously
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2018-02-19-4 watchOS 4.2.3
watchOS 4.2.3 is now available and addresses the following:
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4116-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 16, 2018
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4117-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 17, 2018
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4118-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 17, 2018
# Exploit Title: Kentico CMS version 9 through 11 - Arbitrary Code Execution
# Date: 17-02-2018
# Software Link: https://www.kentico.com
# Exploit Author: Keerati T.
# CVE: CVE-2018-7046
# Category: webapps
1. Description
Kentico is the only fully integrated ASP.NET CMS, E-commerce, and Online
# Exploit Title: Kentico CMS version 9 through 11 - Cross-Site Scripting
(Reflect)
# Date: 18-02-2018
# Software Link: https://www.kentico.com
# Exploit Author: Keerati T.
# CVE: CVE-2018-7205
# Category: webapps
1. Description
Kentico is the only fully integrated ASP.NET CMS, E-commerce, and
Summary
===
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:
* A CSRF vulnerability in report.cgi would allow a third-party site
to extract confidential information from a bug the victim
11 matches
Mail list logo