Feed aggregator

3.18.109: longterm

Linux Kernel Updates - May 16, 2018 - 3:05am
Version:3.18.109 (EOL) (longterm) Released:2018-05-16 Source:linux-3.18.109.tar.xz PGP Signature:linux-3.18.109.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-3.18.109

next-20180516: linux-next

Linux Kernel Updates - May 16, 2018 - 2:59am
Version:next-20180516 (linux-next) Released:2018-05-16

[SECURITY] [DSA 4201-1] xen security update

BugTraq Latest Security Advisories - May 15, 2018 - 11:04pm

Posted by Moritz Muehlenhoff on May 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-4201-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
May 15, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2018-8897 CVE-2018-10471...
Categories:

Bugtraq: CVE-2018-10994: HTML tag injection in Signal-desktop

CVE-2018-10994: HTML tag injection in Signal-desktop
Categories:

Vuln: Symantec IntelligenceCenter CVE-2017-18268 Information Disclosure Vulnerability

Symantec IntelligenceCenter CVE-2017-18268 Information Disclosure Vulnerability
Categories:

Vuln: Symantec SSLV CVE-2017-15533 Information Disclosure Vulnerability

Symantec SSLV CVE-2017-15533 Information Disclosure Vulnerability
Categories:

CSNC-2018-003 totemomail Encryption Gateway - Cross-Site Request Forgery

BugTraq Latest Security Advisories - May 15, 2018 - 5:12am

Posted by Advisories on May 15

################################################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
################################################################################
#
# Product: totemomail Encryption Gateway
# Vendor: totemo AG
# CSNC ID: CSNC-2018-003
# CVE ID: CVE-2018-6563
# Subject: Cross-Site Request Forgery
# Risk: High
# Effect: Remotely...
Categories:

CSNC-2018-002 totemomail Encryption Gateway - JSONP hijacking

BugTraq Latest Security Advisories - May 15, 2018 - 5:11am

Posted by Advisories on May 15

################################################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
################################################################################
#
# Product: totemomail Encryption Gateway
# Vendor: totemo AG
# CSNC ID: CSNC-2018-002
# CVE ID: CVE-2018-6562
# Subject: JSONP hijacking
# Risk: High
# Effect: Remotely exploitable
#...
Categories:

Re: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet

BugTraq Latest Security Advisories - May 15, 2018 - 5:00am

Posted by SEC Consult Vulnerability Lab on May 15

The following CVE numbers have been assigned now:
XSS issue: CVE-2018-11090
Arbitrary File Upload: CVE-2018-11091
Categories:

Bugtraq: [SECURITY] [DSA 4200-1] kwallet-pam security update

[SECURITY] [DSA 4200-1] kwallet-pam security update
Categories:

Bugtraq: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet

SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet
Categories:

Bugtraq: Vulnerabilities in IBMs Flashsystems and Storwize Products

Vulnerabilities in IBMs Flashsystems and Storwize Products
Categories:

next-20180515: linux-next

Linux Kernel Updates - May 15, 2018 - 1:53am
Version:next-20180515 (linux-next) Released:2018-05-15

CVE-2018-10994: HTML tag injection in Signal-desktop

BugTraq Latest Security Advisories - May 14, 2018 - 11:14pm

Posted by Alfredo Ortega on May 14

Title: HTML tag injection in Signal-desktop

Date Published: 14-05-2018

CVE Name: CVE-2018-10994

Class: Code injection

Remotely Exploitable: Yes

Locally Exploitable: No

Vendors contacted: Signal.org

Vulnerability Description:

Signal-desktop is the standalone desktop version of the secure Signal
messenger.
This software is vulnerable to remote code execution from a malicious
contact,
by sending a specially crafted message containing HTML...
Categories:

[SECURITY] [DSA 4200-1] kwallet-pam security update

BugTraq Latest Security Advisories - May 14, 2018 - 11:10pm

Posted by Moritz Muehlenhoff on May 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4200-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
May 14, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : kwallet-pam
CVE ID : CVE-2018-10380

Fabian Vogt...
Categories: