Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

55 messages starting Dec 05 18 and ending Dec 02 18
Date index | Thread index | Author index

Apple Product Security

APPLE-SA-2018-12-05-2 macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra Apple Product Security (Dec 05)
APPLE-SA-2018-12-05-3 tvOS 12.1.1 Apple Product Security (Dec 05)
APPLE-SA-2018-12-05-6 iCloud for Windows 7.9 Apple Product Security (Dec 05)
APPLE-SA-2018-12-05-5 iTunes 12.9.2 for Windows Apple Product Security (Dec 05)
APPLE-SA-2018-12-06-1 watchOS 5.1.2 Apple Product Security (Dec 06)
APPLE-SA-2018-12-05-1 iOS 12.1.1 Apple Product Security (Dec 05)
APPLE-SA-2018-12-05-4 Safari 12.0.2 Apple Product Security (Dec 05)
APPLE-SA-2018-12-05-7 Shortcuts 2.1.2 Apple Product Security (Dec 05)

Egidio Romano

[KIS-2018-01] Oracle Application Express (AnyChart) Flash-based Cross-Site Scripting Vulnerability Egidio Romano (Dec 31)
[KIS-2018-04] SugarCRM (ConnectorsController) Server-Side Request Forgery Vulnerability Egidio Romano (Dec 31)
[KIS-2018-03] SugarCRM (portal_get_related_notes) SQL Injection Vulnerability Egidio Romano (Dec 31)
[KIS-2018-02] SugarCRM (WorkFlow module) PHP Code Injection Vulnerability Egidio Romano (Dec 31)
[KIS-2018-07] SugarCRM (Web Logic Hooks module) PHP Code Injection Vulnerability Egidio Romano (Dec 31)
[KIS-2018-05] SugarCRM (SaveDropDown) PHP Code Injection Vulnerability Egidio Romano (Dec 31)
[KIS-2018-06] SugarCRM (addLabels) PHP Code Injection Vulnerability Egidio Romano (Dec 31)
[KIS-2018-08] SugarCRM (Web Logic Hooks module) Path Traversal Vulnerability Egidio Romano (Dec 31)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-18:15.bootpd FreeBSD Security Advisories (Dec 19)
FreeBSD Security Advisory FreeBSD-SA-18:14.bhyve FreeBSD Security Advisories (Dec 04)

Jeffrey Walton

Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Dec 31)

Michael Catanzaro

WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0009 Michael Catanzaro (Dec 13)

Michael Gilbert

[SECURITY] [DSA 4352-1] chromium-browser security update Michael Gilbert (Dec 09)

Moritz Muehlenhoff

[SECURITY] [DSA 4355-1] openssl1.0 security update Moritz Muehlenhoff (Dec 19)
[SECURITY] [DSA 4348-1] openssl security update Moritz Muehlenhoff (Dec 02)
[SECURITY] [DSA 4361-1] libextractor security update Moritz Muehlenhoff (Dec 30)
[SECURITY] [DSA 4349-1] tiff security update Moritz Muehlenhoff (Dec 02)
[SECURITY] [DSA 4360-1] libarchive security update Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 4359-1] wireshark security update Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 4354-1] firefox-esr security update Moritz Muehlenhoff (Dec 12)
[SECURITY] [DSA 4353-1] php7.0 security update Moritz Muehlenhoff (Dec 11)
[SECURITY] [DSA 4350-1] policykit-1 security update Moritz Muehlenhoff (Dec 06)

Murat Aydemir

Zoho ManageEngine OpManager 12.3 before Build 123237 has XSS via the domainController API. Murat Aydemir (Dec 11)
Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section Murat Aydemir (Dec 21)
Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API Murat Aydemir (Dec 17)
Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section Murat Aydemir (Dec 21)

Salvatore Bonaccorso

[SECURITY] [DSA 4351-1] libphp-phpmailer security update Salvatore Bonaccorso (Dec 09)
[SECURITY] [DSA 4356-1] netatalk security update Salvatore Bonaccorso (Dec 20)
[SECURITY] [DSA 4357-1] libapache-mod-jk security update Salvatore Bonaccorso (Dec 20)
[SECURITY] [DSA 4358-1] ruby-sanitize security update Salvatore Bonaccorso (Dec 28)
[SECURITY] [DSA 4346-2] ghostscript regression update Salvatore Bonaccorso (Dec 23)

SEC Consult Vulnerability Lab

SEC Consult SA-20181205-0 :: Inadequate cryptography implementation in Kerio Control VPN protocol SEC Consult Vulnerability Lab (Dec 05)
SEC Consult SA-20181130-0 :: Multiple Vulnerabilities in Siglent Technologies SDS 1202X-E Digital Oscilloscope SEC Consult Vulnerability Lab (Dec 02)

Secunia Research

Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities Secunia Research (Dec 17)
Secunia Research: libexif EXIF_IFD_INTEROPERABILITY / EXIF_IFD_EXIF Denial of Service Vulnerability Secunia Research (Dec 17)

security-alert

[security bulletin] MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities security-alert (Dec 31)
[security bulletin] MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access security-alert (Dec 12)
[security bulletin] MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access security-alert (Dec 19)
[security bulletin] MFSBGN03837 rev.1 - Network Node Manager i, Multiple Vulnerabilities security-alert (Dec 12)

Slackware Security Team

[slackware-security] php (SSA:2018-341-01) Slackware Security Team (Dec 09)
[slackware-security] nettle (SSA:2018-339-02) Slackware Security Team (Dec 06)
[slackware-security] netatalk (SSA:2018-355-01) Slackware Security Team (Dec 23)
[slackware-security] mozilla-firefox (SSA:2018-345-01) Slackware Security Team (Dec 12)
[slackware-security] gnutls (SSA:2018-339-01) Slackware Security Team (Dec 06)
[slackware-security] mozilla-nss (SSA:2018-337-01) Slackware Security Team (Dec 03)

Socket_0x03

Hasan MWB v1.0 - Multiple Time-Based SQL Injections Socket_0x03 (Dec 04)

wissam . bashour

CSRF Vulnerability in MicroStrategy Web application wissam . bashour (Dec 02)

Previous period

Next period