Bitbucket Server security advisory 2019-05-22

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/V87JOQ . CVE ID: * CVE-2019-3397. Product: Bitbucket Server. Affected Bitbucket Server product versions: 5.13.0 <= version < 5.13.5 5.14.0 <= version < 5.14.3

[CVE-2019-11604] Quest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected Cross-Site Scripting

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION === Product:Quest KACE Systems Management Appliance Vendor URL: www.quest.com Type: Cross-Site Scripting [CWE-79] Date found: 2018-09-09 Date published: 2019-05-19 CVSSv3

[slackware-security] curl (SSA:2019-142-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] curl (SSA:2019-142-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--+

[SECURITY] [DSA 4449-1] ffmpeg security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4449-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019

[SECURITY] [DSA 4448-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4448-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019

Anviz M3 RFID Access Control security issues

Security issues have been found in the Anviz M3 RFID Access Control device when working in standalone mode connected to a TCP/IP network, that could lead to access control bypass and private informations leakage and alteration. ### Advisory information TITLE: Anviz M3 RFID Access Control