Complete list: CVE-2018-19649, CVE-2018-19765, CVE-2018-19766,
CVE-2018-19767, CVE-2018-19768, CVE-2018-19769, CVE-2018-19770,
CVE-2018-19771, CVE-2018-19772, CVE-2018-19773, CVE-2018-19774,
CVE-2018-19775, CVE-2018-19809, CVE-2018-19810, CVE-2018-19811,
CVE-2018-19812, CVE-2018-19813, CVE-2018-198
Hi!!! playing in 2006 I have adapted the exploit to python
Not only the GET method is vulnerable to BOF (CVE-2004-2271). HEAD and POST
methods are also vulnerable. The difference is minimal, both are exploited
in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-06-1 watchOS 5.1.2
watchOS 5.1.2 is now available and addresses the following:
Airport
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to elevate privileges
Description: A type confusion is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-6 iCloud for Windows 7.9
iCloud for Windows 7.9 is now available and addresses the following:
Safari
Available for: Windows 7 and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-7 Shortcuts 2.1.2
Shortcuts 2.1.2 is now available and addresses the following:
This update has no published CVE entries. We would like to
acknowledge Micah A for their assistance.
Installation note:
Shortcuts 2.1.2 for iOS ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-5 iTunes 12.9.2 for Windows
iTunes 12.9.2 for Windows is now available and addresses the
following:
Safari
Available for: Windows 7 and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-4 Safari 12.0.2
Safari 12.0.2 is now available and addresses the following:
Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
macOS Mojave 10.14.1
Impact: Visiting a malicious website may lead to address
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-3 tvOS 12.1.1
tvOS 12.1.1 is now available and addresses the following:
Airport
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A type confu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-2 macOS Mojave 10.14.2, Security Update
2018-003 High Sierra, Security Update 2018-006 Sierra
macOS Mojave 10.14.2, Security Update 2018-003 High Sierra,
Security Update 2018-006 Sierra are now available
and addresses the followi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-1 iOS 12.1.1
iOS 12.1.1 is now available and addresses the following:
Airport
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privilege
Title: Cross-Site Scripting in Adiscon LogAnalyzer (CVE-2018-19877)
Credit: Gustavo Sorondo / http://www.cintainfinita.com
Vendor/Product: Adiscon LogAnalyzer (https://loganalyzer.adiscon.com/
https://github.com/rsyslog/loganalyzer)
Vulnerability: Cross-Site Scripting (XSS)
Vulnerable version: 4.1.
11 matches
Mail list logo