[FD] Content Injection in Amazon's FireOS [CVE-2019-7399]

[Original blog post here: https://wwws.nightwatchcybersecurity.com/2019/02/07/content-injection-in-amazon-kindles-fireos-cve-2019-7399/] SUMMARY The FireOS operating system provided by Amazon for Fire tablet devices can be injected with malicious content by an MITM attacker. An attacker can also

[FD] [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone

___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] [CVE-2019-7418, CVE-2019-7419, CVE-2019-7420, CVE-2019-7421] Cross Site Scripting in SAMSUNG X7400GX Sync Thru Web Service

___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] [CVE-2019-7417] Cross Site Scripting in Ericsson Active Library Explorer Server Version 14.3

___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] [CVE-2019-7416] Client Side URL Redirect (OTG-CLIENT-004) in OpenText Documentum Webtop 5.3 SP2

___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS Shortcuts 2.1.3 for iOS is now available and addresses the following: Shortcuts Available for: Shortcuts 2.1.2 for iOS Impact: A local user may be able to view senstive user information Description: A

[FD] APPLE-SA-2019-2-07-2 macOS Mojave 10.14.3 Supplemental Update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-2-07-2 macOS Mojave 10.14.3 Supplemental Update macOS Mojave 10.14.3 Supplemental Update is now available and addresses the following: FaceTime Available for: macOS Mojave 10.14.3 Impact: The initiator of a Group FaceTime call may be

[FD] APPLE-SA-2019-2-07-1 iOS 12.1.4

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-2-07-1 iOS 12.1.4 iOS 12.1.4 is now available and addresses the following: FaceTime Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: The initiator of a Group FaceTime call may be able to

[FD] Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702)

Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702) -- https://www.info-sec.ca/advisories/Qkr-MasterCard.html Overview "Qkr! with MasterPass is the secure and easy way to order and pay for food and drinks from you iOS device. With Qkr you can: • Discover