-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-21-1 watchOS 2
watchOS 2 is now available and addresses the following:
Apple Pay
Available for: Apple Watch Sport, Apple Watch,
and Apple Watch Edition
Impact: Some cards may allow a terminal to retrieve limited recent
transactio
Hi,
Jasig CAS server version 4.0.1 is prone to xss vulnerabilities
Timeline:
20.02.2015 - Vendor notified
11.05.2015 - Patches released
21.09.2015 - Bugtraq disclosure
Vulnerable version:
4.0.1
Fixed version:
4.0.2
Vulnerabilities details:
1) XSS in OpenID server
Obtain method:
Paste t
Original at:
http://securityresearch.shaftek.biz/2015/09/insufficient-parameter-sanitization-login-live-com.html
Overview
Web widgets hosted by Microsofts online login portal, login.live.com, do not
perform sufficient parameter sanitization allowing an attacker to inject
arbitrary text.
Backgr
#
#
# COMPASS SECURITY ADVISORY
# http://www.csnc.ch/en/downloads/advisories.html
#
#
#
# Product: nevisAuth [1]
# Vendor:AdNovum [2]
# CVD ID:CVE-2015-5372
# Subject:
Title: SAP Netwaver - XML External Entity Injection
Author: Lukasz Miedzinski
GPG: Public key provided in attachment
Date: 29/10/2014
CVE: CVE-2015-7241
Affected software :
===
SAP Netwear : <7.01
Vendor advisories (only for customers):
===
External ID : 851975 20
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3363-1 secur...@debian.org
https://www.debian.org/security/Luciano Bello
September 20, 2015
Hi @ll,
since Microsoft introduced the security theatre named "user account
control" with Windows Vista users cant start (another instance of)
the Windows Explorer with elevated rights any more: the "Run as
administrator" and the "Run as different user" context menu entries
only start another inst
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3362-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 18, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3361-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 18, 2015