[SECURITY] [DSA 4341-1] mariadb-10.1 security update

2018-11-19 Thread Salvatore Bonaccorso
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4341-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2018

ACM CCS 2019 - Call for Papers

2018-11-19 Thread m.manulis
= ACM CCS 2019 The 26th ACM Conference on Computer and Communications Security in London, UK, November 11-15, 2019 http://ccs2019.sigsac.org CALL FOR PAPERS = The Co

[SECURITY] [DSA 4340-1] chromium-browser security update

2018-11-19 Thread Michael Gilbert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4340-1 secur...@debian.org https://www.debian.org/security/ Michael Gilbert November 18, 2018

Escalation of privilege with Intel Rapid Storage User Interface

2018-11-19 Thread Stefan Kanthak
Hi @ll, this is the second part of Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver for Windows 10 and Windows Server 2016, version 16.0.2.1086 (Latest), released 2/21/2018, available from

Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.

2018-11-19 Thread Murat Aydemir
I. VULNERABILITY - Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API. II. CVE REFERENCE - CVE-2018-19288 III. VENDOR - https://www.manageengine.com IV. TIMELINE - 1

D-LINK Central WifiManager CWM-100 Server Side Request Forgery CVE-2018-15517

2018-11-19 Thread apparitionsec
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SERVER-SIDE-REQUEST-FORGERY.txt [+] ISR: ApparitionSec ***Greetz: indoushka | Eduardo B.*** [Vendor] us.

D-LINK Central WifiManager CWM-100 Trojan File SYSTEM Privilege Escalation CVE-2018-15515

2018-11-19 Thread apparitionsec
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SYSTEM-PRIVILEGE-ESCALATION.txt [+] ISR: ApparitionSec ***Greetz: indoushka | Eduardo B.*** [Vendor] us.

D-LINK Central WifiManager CWM-100 FTP Server PORT Bounce Scan CVE-2018-15516

2018-11-19 Thread apparitionsec
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-FTP-SERVER-PORT-BOUNCE-SCAN.txt [+] ISR: ApparitionSec ***Greetz: indoushka | Eduardo B.*** [Vendor] us.d

[CVE-2018-3635] Executable installers are vulnerable^WEVIL (case 59): arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver

2018-11-19 Thread Stefan Kanthak
Hi @ll, the executable installer of the Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver, version 15.9.0.1015 (LATEST for Windows 7), released 11/14/2017, available from via

Remote Code Execution Vulnerability in ELBA5 Electronic Banking

2018-11-19 Thread Florian Bogner
Remote Code Execution Vulnerability in ELBA5 Electronic Banking Metadata === Affected product: ELBA5 Network Installation (https://www.elba.at) CVSSv3 Score: 10.0 (https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A: