Bugtraq: by date

PreviousPrevious period
Next periodNext

76 messages starting Feb 01 18 and ending Feb 28 18
Date index | Thread index | Author index

Thursday, 01 February

SEC Consult SA-20180201-0 :: Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range SEC Consult Vulnerability Lab
[security bulletin] MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection cyber-psrt

Monday, 05 February

[slackware-security] php (SSA:2018-034-01) Slackware Security Team
[SECURITY] [DSA 4104-1] p7zip security update Salvatore Bonaccorso
[CORE-2017-0010] - Kaspersky Secure Mail Gateway Multiple Vulnerabilities Core Security Advisories Team

Wednesday, 07 February

[SECURITY] [DSA 4105-1] mpv security update Luciano Bello
[SE-2011-01] A security issue with a Multiroom service of NC+ SAT TV platform Security Explorations
[slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) Slackware Security Team
SEC Consult SA-20180207-0 :: Multiple buffer overflow vulnerabilities in InfoZip UnZip SEC Consult Vulnerability Lab
[SECURITY] [DSA 4106-1] libtasn1-6 security update Salvatore Bonaccorso
[security bulletin] HPSBHF02981 rev.2 - HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) security-alert
[SECURITY] [DSA 4107-1] django-anymail security update Salvatore Bonaccorso

Thursday, 08 February

SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro SEC Consult Vulnerability Lab
[SECURITY] [DSA 4105-2] mpv security update Luciaon Bello
Advisory - Fisheye and Crucible - CVE-2017-16861 David Black

Friday, 09 February

[SECURITY] [DSA 4108-1] mailman security update Thijs Kinkhorst

Monday, 12 February

KL-001-2018-002 : NetEx HyperIP Authentication Bypass KoreLogic Disclosures
KL-001-2018-006 : Trend Micro IMSVA Management Portal Authentication Bypass KoreLogic Disclosures
KL-001-2018-003 : NetEx HyperIP Post-Auth Command Execution KoreLogic Disclosures
KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability KoreLogic Disclosures
[SECURITY] [DSA 4109-1] ruby-omniauth security update Luciano Bello
[SECURITY] [DSA 4111-1] libreoffice security update Moritz Muehlenhoff
KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability KoreLogic Disclosures
Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM Stefan Kanthak
[SECURITY] [DSA 4110-1] exim4 security update Salvatore Bonaccorso
CVE-2018-6892 CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow (hyp3rlinx / apparition security) apparitionsec

Tuesday, 13 February

[security bulletin] HPESBHF03819 rev.1 - HPE XP Storage using HGLM, Local Authentication Bypass security-alert
[SECURITY] [DSA 4111-2] libreoffice security update Moritz Muehlenhoff
CSNC-2017-027 Microsoft Intune - App PIN Bypass Advisories

Wednesday, 14 February

[security bulletin] MFSBGN03800 rev.1 - Micro Focus Performance Center, Remote Arbitrary Code Execution or Remote Arbitrary File Modification cyber-psrt
Defense in depth -- the Microsoft way (part 52): HTTP used to distribute (security) updates, not HTTPS Stefan Kanthak
NAT32 Build (22284) Remote Code Execution CVE-2018-6940 (hyp3rlinx / apparition security) apparitionsec
[SECURITY] [DSA 4113-1] libvorbis security update Moritz Muehlenhoff
Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM Jeffrey Walton
[SECURITY] [DSA 4112-1] xen security update Moritz Muehlenhoff
[SECURITY] [DSA 4114-1] jackson-databind security update Sebastien Delafond

Thursday, 15 February

Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF Arvind Vishwakarma
Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM Stefan Kanthak
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload Arvind Vishwakarma
[SECURITY] [DSA 4115-1] quagga security update Salvatore Bonaccorso

Friday, 16 February

[slackware-security] irssi (SSA:2018-046-01) Slackware Security Team

Monday, 19 February

Security advisory for Bugzilla 5.1.1, 5.0.3, and 4.4.12 dkl
[SECURITY] [DSA 4116-1] plasma-workspace security update Moritz Muehlenhoff
[SECURITY] [DSA 4118-1] tomcat-native security update Salvatore Bonaccorso
Kentico CMS version 9 through 11 - Arbitrary Code Execution displaymyname
[SECURITY] [DSA 4117-1] gcc-4.9 security update Moritz Muehlenhoff
Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) displaymyname
[SECURITY] [DSA 4119-1] libav security update Moritz Muehlenhoff
APPLE-SA-2018-02-19-4 watchOS 4.2.3 Apple Product Security
APPLE-SA-2018-02-19-3 tvOS 11.2.6 Apple Product Security
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update Apple Product Security
APPLE-SA-2018-02-19-1 iOS 11.2.6 Apple Product Security

Tuesday, 20 February

Multiple Persistent XSS vulnerabilities in Radiant Content Management System suparna . kachru
Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS preethiknambiar

Wednesday, 21 February

Sharutils 4.15.2 Heap-Buffer-Overflow nafiez
Sharutils 4.15.2 Heap-Buffer-Overflow nafiez
SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors SEC Consult Vulnerability Lab
DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability Defense Code
[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities Core Security Advisories Team

Thursday, 22 February

[SECURITY] [DSA 4121-1] gcc-6 security update Moritz Muehlenhoff
[SECURITY] [DSA 4120-1] linux security update Yves-Alexis Perez
[security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance cyber-psrt
Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 Justin Bull
[SECURITY] [DSA 4122-1] squid3 security update Salvatore Bonaccorso

Monday, 26 February

[SECURITY] [DSA 4123-1] drupal7 security update Moritz Muehlenhoff
CMS Made Simple 2.1.6 - Remote Code Execution displaymyname
ES2018-01 Asterisk pjsip subscribe stack corruption Sandro Gauci
ES2018-02 Asterisk pjsip sdp invalid fmtp segfault Sandro Gauci
ES2018-04 Asterisk pjsip tcp segfault Sandro Gauci
ES2018-03 Asterisk pjsip sdp invalid media format description segfault Sandro Gauci

Tuesday, 27 February

SEC Consult SA-20180227-0 :: OS command injection, arbitrary file upload & SQL injection in ClipBucket SEC Consult Vulnerability Lab
[security bulletin] HPESBHF03826 rev.1 - HPE Integrated Lights-Out 3 (iLO 3) Remote Denial of Service security-alert
[SECURITY] [DSA 4124-1] lucene-solr security update Moritz Muehlenhoff

Wednesday, 28 February

SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management SEC Consult Vulnerability Lab
Secunia Research: Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability Secunia Research
[security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities cyber-psrt
PreviousPrevious period
Next periodNext