bugtraq
Thread
Date
Earlier messages
Messages by Thread
On Second Thought...
alias
BugTraq Shutdown
alias
Re: BugTraq Shutdown
tommypickle
Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components
Stefan Kanthak
Local information disclosure in OpenSMTPD (CVE-2020-8793)
Qualys Security Advisory
LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)
Qualys Security Advisory
[SECURITY] [DSA 4633-1] curl security update
Alessandro Ghedini
Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)
Jamie R
[TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass
Thierry Zoller
[TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP)
Thierry Zoller
[slackware-security] proftpd (SSA:2020-051-01)
Slackware Security Team
[SECURITY] [DSA 4628-1] php7.0 security update
Moritz Muehlenhoff
Re: [SECURITY] [DSA 4628-1] php7.0 security update
Timesportsall
[SECURITY] [DSA 4629-1] python-django security update
Sebastien Delafond
[TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP)
Thierry Zoller
[TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN)
Thierry Zoller
[SECURITY] [DSA 4626-1] php7.3 security update
Moritz Muehlenhoff
[SECURITY] [DSA 4627-1] webkit2gtk security update
Moritz Muehlenhoff
[SECURITY] [DSA 4620-1] firefox-esr security update
Moritz Muehlenhoff
[SECURITY] [DSA 4621-1] openjdk-8 security update
Moritz Muehlenhoff
[slackware-security] libarchive (SSA:2020-043-01)
Slackware Security Team
[TZO-15-2020] - F-SECURE Generic Malformed Container bypass (RAR)
Thierry Zoller
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0002
Carlos Alberto Lopez Perez
CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability
Imre Rad
[SECURITY] [DSA 4624-1] evince security update
Salvatore Bonaccorso
[SECURITY] [DSA 4625-1] thunderbird security update
Moritz Muehlenhoff
[TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG)
Thierry Zoller
[TZO-11-2020] - ESET Generic Malformed Archive Bypass (BZ2 Checksum)
Thierry Zoller
[SECURITY] [DSA 4623-1] postgresql-11 security update
Moritz Muehlenhoff
[EnumJavaLibs]_ Remote Java classpath enumerator
RedTimmy Security
Web Application Firewall bypass via Bluecoat device
RedTimmy Security
[slackware-security] mozilla-firefox (SSA:2020-042-01)
Slackware Security Team
[SECURITY] [DSA 4622-1] postgresql-9.6 security update
Moritz Muehlenhoff
[slackware-security] mozilla-thunderbird (SSA:2020-042-02)
Slackware Security Team
[SECURITY] [DSA 4618-1] libexif security update
Salvatore Bonaccorso
[SECURITY] [DSA 4619-1] libxmlrpc3-java security update
Salvatore Bonaccorso
xglance-bin exploit (CVE-2014-2630)
redazione
[SECURITY] [DSA 4617-1] qtbase-opensource-src security update
Moritz Muehlenhoff
[SECURITY] [DSA 4612-1] prosody-modules security update
Moritz Muehlenhoff
[slackware-security] sudo (SSA:2020-031-01)
Slackware Security Team
[SECURITY] [DSA 4613-1] libidn2 security update
Salvatore Bonaccorso
[SECURITY] [DSA 4614-1] sudo security update
Salvatore Bonaccorso
[SECURITY] [DSA 4615-1] spamassassin security update
Salvatore Bonaccorso
[SECURITY] [DSA 4616-1] qemu security update
Moritz Muehlenhoff
Executable installers are vulnerable^WEVIL (case 58): IntelĀ® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege
Stefan Kanthak
[CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED
Stefan Kanthak
[SECURITY] [DSA 4610-1] webkit2gtk security update
Moritz Muehlenhoff
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
Apple Product Security
APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2
Apple Product Security
[SECURITY] [DSA 4611-1] opensmtpd security update
Moritz Muehlenhoff
FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch
FreeBSD Security Advisories
APPLE-SA-2020-1-28-3 watchOS 6.1.2
Apple Product Security
APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1
Apple Product Security
APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
Apple Product Security
FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc
FreeBSD Security Advisories
APPLE-SA-2020-1-28-5 Safari 13.0.5
Apple Product Security
APPLE-SA-2020-1-28-4 tvOS 13.3.1
Apple Product Security
APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4
Apple Product Security
Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong)
Stefan Kanthak
LPE and RCE in OpenSMTPD (CVE-2020-7247)
Qualys Security Advisory
CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template
Gianluca Baldi
[slackware-security] mozilla-thunderbird (SSA:2020-024-01)
Slackware Security Team
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0001
Carlos Alberto Lopez Perez
[SECURITY] [DSA 4609-1] python-apt security update
Moritz Muehlenhoff
SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS
SEC Consult Vulnerability Lab
SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus
SEC Consult Vulnerability Lab
[REVIVE-SA-2020-001] Revive Adserver Vulnerability
Matteo Beccati
[SECURITY] [DSA 4608-1] tiff security update
Moritz Muehlenhoff
[SECURITY] [DSA 4607-1] openconnect security update
Salvatore Bonaccorso
Neowise CarbonFTP v1.4 Insecure Proprietary Password Encryption CVE-2020-6857
apparitionsec
Trend Micro Security 2019 (Consumer) Multiple Products Security Bypass Protected Service Tampering CVE-2019-19697
apparitionsec
Trend Micro Security (Consumer) Multiple Products Persistent Arbitrary Code Execution CVE-2019-20357
apparitionsec
[SECURITY] [DSA 4606-1] chromium security update
Michael Gilbert
[SECURITY] [DSA 4603-1] thunderbird security update
Moritz Muehlenhoff
[SECURITY] [DSA 4604-1] cacti security update
Moritz Muehlenhoff
[SECURITY] [DSA 4605-1] openjdk-11 security update
Moritz Muehlenhoff
CVE-2020-2656 - Low impact information disclosure via Solaris xlock
Marco Ivaldi
CVE-2020-2696 - Local privilege escalation via CDE dtsession
Marco Ivaldi
[SECURITY] [DSA 4602-1] xen security update
Moritz Muehlenhoff
[TZO-09-2020] - Bitdefender Malformed Archive bypass (RAR Uncompressed Size)
Thierry Zoller
[TZO-10-2020] - Bitdefender Malformed Archive bypass (RAR Compression Information)
Thierry Zoller
[slackware-security] mozilla-thunderbird (SSA:2020-010-01)
Slackware Security Team
[TZO-08-2020] Bitdefender Generic Malformed Archive Bypass (ZIP GPFLAG)
Thierry Zoller
[TZO-06-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN)
Thierry Zoller
[TZO-05-2020] Kaspersky Generic Malformed Archive Bypass (ZIP Compressed Size)
Thierry Zoller
[TZO-07-2020] Bitdefender Generic Malformed Archive Bypass (RAR HOST_OS)
Thierry Zoller
[SECURITY] [DSA 4601-1] ldm security update
Moritz Muehlenhoff
[SECURITY] [DSA 4600-1] firefox-esr security update
Moritz Muehlenhoff
[slackware-security] mozilla-firefox (SSA:2020-009-01)
Slackware Security Team
[slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
Slackware Security Team
[SECURITY] [DSA 4598-1] python-django security update
Salvatore Bonaccorso
[SECURITY] [DSA 4599-1] wordpress security update
Sebastien Delafond
[slackware-security] mozilla-firefox (SSA:2020-006-01)
Slackware Security Team
[SECURITY] [DSA 4597-1] netty security update
Salvatore Bonaccorso
[TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2)
Thierry Zoller
[RT-SA-2019-015] IceWarp: Cross-Site Scripting in Notes for Contacts
RedTeam Pentesting GmbH
[TZO-01-2020] AVIRA Generic Malformed Container bypass (ISO)
Thierry Zoller
[TZO-02-2020] Kaspersyk Generic Malformed Archive Bypass (ZIP GFlag)
Thierry Zoller
[TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information)
Thierry Zoller
[RT-SA-2019-016] IceWarp: Cross-Site Scripting in Notes
RedTeam Pentesting GmbH
Microsoft Windows .Group File / URL Field Code Execution
apparitionsec
Microsoft Exchange Server, External Service Interaction (DNS)
Alphan YAVAS
[SECURITY] [DSA 4592-1] mediawiki security update
Moritz Muehlenhoff
[SECURITY] [DSA 4593-1] freeimage security update
Moritz Muehlenhoff
[SECURITY] [DSA 4594-1] openssl1.0 security update
Moritz Muehlenhoff
[SECURITY] [DSA 4595-1] debian-lan-config security update
Moritz Muehlenhoff
[SECURITY] [DSA 4596-1] tomcat8 security update
Moritz Muehlenhoff
[SECURITY] [DSA 4591-1] cyrus-sasl2 security update
Salvatore Bonaccorso
CA20191218-01: Security Notice for CA Client Automation Agent for Windows
Kevin Kotas
[slackware-security] tigervnc (SSA:2019-354-02)
Slackware Security Team
[slackware-security] openssl (SSA:2019-354-01)
Slackware Security Team
[SECURITY] [DSA 4590-1] cyrus-imapd security update
Moritz Muehlenhoff
[slackware-security] wavpack (SSA:2019-353-01)
Slackware Security Team
Confluence Server and Data Center Security Advisory - 2019-12-18 - CVE-2019-15006
Alexander Minozhenko
Deutsche Bahn Ticket Vending Machine Windows XP - Local Kiosk Privilege Escalation Vulnerability
Vulnerability Lab
[SECURITY] [DSA 4589-1] debian-edu-config security update
Moritz Muehlenhoff
[SECURITY] [DSA 4588-1] python-ecdsa security update
Sebastien Delafond
[SECURITY] [DSA 4586-1] ruby2.5 security update
Salvatore Bonaccorso
[SECURITY] [DSA 4587-1] ruby2.3 security update
Salvatore Bonaccorso
[SECURITY] [DSA 4582-1] davical security update
Moritz Muehlenhoff
[SECURITY] [DSA 4583-1] spip security update
Moritz Muehlenhoff
[SECURITY] [DSA 4565-2] intel-microcode security update
Salvatore Bonaccorso
[SECURITY] [DSA 4584-1] spamassassin security update
Salvatore Bonaccorso
[SECURITY] [DSA 4585-1] thunderbird security update
Moritz Muehlenhoff
Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)
Qualys Security Advisory
SEC Consult SA-20191211-0 :: File Extension Spoofing in Windows Defender Antivirus
SEC Consult Vulnerability Lab
APPLE-SA-2019-12-10-2 iOS 12.4.4
Apple Product Security
APPLE-SA-2019-12-10-4 watchOS 5.3.4
Apple Product Security
APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
Apple Product Security
APPLE-SA-2019-12-10-5 tvOS 13.3
Apple Product Security
APPLE-SA-2019-12-10-6 Safari 13.0.4
Apple Product Security
APPLE-SA-2019-12-10-7 Xcode 11.3
Apple Product Security
APPLE-SA-2019-12-10-8 watchOS 6.1.1
Apple Product Security
CA20191209-01: Security Notice for CA Nolio (Release Automation)
Kevin Kotas
[SECURITY] [DSA 4581-1] git security update
Salvatore Bonaccorso
[SECURITY] [DSA 4579-1] nss security update
Moritz Muehlenhoff
[SYSS-2019-045] "Scoutnet Kalender" for WordPress - Cross-Site Scripting
simon . moser
[SECURITY] [DSA 4580-1] firefox-esr security update
Moritz Muehlenhoff
CVE-2019-17554 - Apache Olingo OData 4.0 - XML External Entity Resolution (XXE)
Advisories
External Service Interaction (DNS) on Skype for Business
Alphan YAVAS
External Service Interaction (DNS) on Skype for Business
Alphan YAVAS
Authentication vulnerabilities in OpenBSD
Qualys Security Advisory
BeeGFS Privilege Escalation (CVE-2019-15897)
john
[slackware-security] mozilla-firefox (SSA:2019-337-01)
Slackware Security Team
SEC Consult SA-20191203-0 :: Multiple vulnerabilites in Fronius Solar Inverter Series
SEC Consult Vulnerability Lab
Microsoft Windows Media Center XXE MotW Bypass (Anniversary Edition)
apparitionsec
SEC Consult SA-20191202-0 :: Multiple Critical Vulnerabilities in SALTO ProAccess SPACE
SEC Consult Vulnerability Lab
NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 Pre-Auth SQL Injection 0Day CVE-2019-19245
apparitionsec
Max Secure Anti Virus Plus v19.0.4.020 Insecure Permissions CVE-2019-19382
apparitionsec
Microsoft Excel 2016 v1901 Import Error XML External Entity Injection
apparitionsec
[SECURITY] [DSA 4577-1] haproxy security update
Sebastien Delafond
[Public Disclosure] Two Denial-of-Service vulnerabilities found in axTLS library (CVE-2019-9689 / CVE-2019-10013)
CERT
[SECURITY] [DSA 4578-1] libvpx security update
Moritz Muehlenhoff
Anhui Huami Mi Fit Android Application - Unencrypted Update Check
David Coomber
pari/gp on debian stable allow arbitrary file write
Georgi Guninski
[SECURITY] [DSA 4576-1] php-imagick security update
Salvatore Bonaccorso
SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
SEC Consult Vulnerability Lab
Re: SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
SEC Consult Vulnerability Lab
[SECURITY] [DSA 4571-2] enigmail update
Moritz Muehlenhoff
[SECURITY] [DSA 4575-1] chromium security update
Michael Gilbert
AST-2019-007: AMI user could execute system commands.
Asterisk Security Team
AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
Asterisk Security Team
AST-2019-006: SIP request can change address of a SIP peer.
Asterisk Security Team
[slackware-security] bind (SSA:2019-324-01)
Slackware Security Team
[SECURITY] [DSA 4574-1] redmine security update
Moritz Muehlenhoff
[SECURITY] [DSA 4572-1] slurm-llnl security update
Moritz Muehlenhoff
[SECURITY] [DSA 4573-1] symfony security update
Moritz Muehlenhoff
[SECURITY] [DSA 4568-1] postgresql-common security update
Moritz Muehlenhoff
[SECURITY] [DSA 4569-1] ghostscript security update
Salvatore Bonaccorso
[slackware-security] Slackware 14.2 kernel (SSA:2019-320-01)
Slackware Security Team
[SECURITY] [DSA 4570-1] mosquitto security update
Salvatore Bonaccorso
[SECURITY] [DSA 4571-1] thunderbird security update
Moritz Muehlenhoff
Vulnerability Disclosure and CVE assign
Alphan YAVAS
Vulnerability Disclosure
Alphan YAVAS
[SECURITY] [DSA 4563-1] webkit2gtk security update
Moritz Muehlenhoff
[SECURITY] [DSA 4567-1] dpdk security update
Moritz Muehlenhoff
[SECURITY] [DSA 4566-1] qemu security update
Salvatore Bonaccorso
[SECURITY] [DSA 4565-1] intel-microcode security update
Salvatore Bonaccorso
FreeBSD Security Advisory FreeBSD-SA-19:25.mcepsc
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-19:26.mcu
FreeBSD Security Advisories
[SECURITY] [DSA 4564-1] linux security update
Salvatore Bonaccorso
[SECURITY] [DSA 4562-1] chromium security update
Moritz Muehlenhoff
Minor security issue in punbb with SQLite
Georgi Guninski
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006
Carlos Alberto Lopez Perez
[slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
Slackware Security Team
[SECURITY] [DSA 4561-1] fribidi security update
Salvatore Bonaccorso
Jira Service Desk Server and Jira Service Desk Data Center Security Advisory - 2019-11-06 - CVE-2019-15003, CVE-2019-15004
Alexander Minozhenko
[SECURITY] [DSA 4560-1] simplesamlphp security update
Thijs Kinkhorst
[SECURITY] [DSA 4559-1] proftpd-dfsg security update
Moritz Muehlenhoff
[SECURITY] [DSA 4558-1] webkit2gtk security update
Moritz Muehlenhoff
[slackware-security] libtiff (SSA:2019-308-01)
Slackware Security Team
[SECURITY] [DSA 4556-1] qtbase-opensource-src security update
Moritz Muehlenhoff
[SECURITY] [DSA 4557-1] libarchive security update
Moritz Muehlenhoff
APPLE-SA-2019-11-01-1 Xcode 11.2
Apple Product Security
Security Advisory for Jira Plug-in: In-App & Desktop Notification
erik . steltzner
[SECURITY] [DSA 4549-1] firefox-esr security update
Moritz Muehlenhoff
[SYSS-2019-009]: Fujitsu Wireless Keyboard Set LX390 - Missing Protection against Replay Attacks (CVE-2019-18199)
matthias . deeg
[SYSS-2019-010]: Fujitsu Wireless Keyboard Set LX390 - Missing Encryption of Sensitive Data (CWE-311) (CVE-2019-18201)
matthias . deeg
[SYSS-2019-011]: Fujitsu Wireless Keyboard Set LX390 - Keystroke Injection Vulnerability (CVE-2019-18200)
matthias . deeg
Earlier messages