[FD] Local Privilege Escalation via Serv-U FTP Server

Issue: Local Privilege Escalation CVE:CVE-2018-1 Security researcher:Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version:Tested on 15.1.6.25 (current as of Dec 2018) Fixed in: 15.1.7

[FD] XSS in SSI printenv command – Apache Tomcat – CVE-2019-0221

[Original blog post here: https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/] SUMMARY Apache Tomcat had a vulnerability in its SSI implementation which could be used to achieve cross site scripting (XSS). This is only exploitable if SSI

[FD] CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication Issued: May 23, 2019 Last Updated: May 23, 2019 The Support team for CA Technologies, A Broadcom Company, is alerting customers to multiple potential risks with

[FD] [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)

Advisory ID: SYSS-2019-014 Product: LOGO! Manufacturer: Siemens Affected Version(s): LOGO! 8 (all versions) Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03 Vulnerability Type: Storing Passwords in a Recoverable Format (CWE-257) Risk Level: Medium Solution Status: Open

[FD] Anviz M3 RFID Access Control security issues

Security issues have been found in the Anviz M3 RFID Access Control device when working in standalone mode connected to a TCP/IP network, that could lead to access control bypass and private informations leakage and alteration. ### Advisory information TITLE: Anviz M3 RFID Access Control

[FD] [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)

Advisory ID: SYSS-2019-012 Product: LOGO! Manufacturer: Siemens Affected Version(s): LOGO! 8 (all versions) Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03 Vulnerability Type: Use of Hard-coded Cryptographic Key (CWE-321) Risk Level: High Solution Status: Open

[FD] APPLE-SA-2019-5-28-2 iCloud for Windows 7.12

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-5-28-2 iCloud for Windows 7.12 iCloud for Windows 7.12 is now available and addresses the following: SQLite Available for: Windows 7 and later Impact: An application may be able to gain elevated privileges Description: An input

[FD] Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7

Hello, We are informing you about the vulnerabilities we reported in Kanboard 1.2.7. Here are the details: Advisory by Netsparker Name: Reflected Cross-site Scripting in Kanboard Affected Software: Kanboard Affected Versions: 1.2.7 Homepage: https://kanboard.org/ Vulnerability: Reflected

[FD] Cross-site Scripting Vulnerabilities in VFront 0.99.5

Hello, We are informing you about the vulnerabilities we reported in VFront 0.99.5. Here are the details: Advisory by Netsparker Name: Multiple Reflected Cross-site Scripting in VFront 0.99.5 Affected Software: VFront Affected Versions: 0.99.5 Homepage: http://www.vfront.org/ Vulnerability:

[FD] APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5 iTunes for Windows 12.9.5 is now available and addresses the following: SQLite Available for: Windows 7 and later Impact: An application may be able to gain elevated privileges Description: An input