Feed aggregator

Vuln: Cisco Elastic Services Controller CVE-2018-0130 Unauthorized Access Vulnerability

Security Focus Latest Security Advisories - February 21, 2018 - 12:00am
Cisco Elastic Services Controller CVE-2018-0130 Unauthorized Access Vulnerability
Categories:

Vuln: Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - February 21, 2018 - 12:00am
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Security Vulnerabilities
Categories:

Vuln: Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Access Bypass Vulnerabilities

Security Focus Latest Security Advisories - February 21, 2018 - 12:00am
Drupal Core DRUPAL-SA-CORE-2018-001 Multiple Access Bypass Vulnerabilities
Categories:

Vuln: Cisco Unified Communications Domain Manager CVE-2018-0124 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - February 21, 2018 - 12:00am
Cisco Unified Communications Domain Manager CVE-2018-0124 Remote Code Execution Vulnerability
Categories:

Vuln: Juniper Junos J-Web Interface CVE-2018-0001 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - February 21, 2018 - 12:00am
Juniper Junos J-Web Interface CVE-2018-0001 Remote Code Execution Vulnerability
Categories:

Vuln: Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities

Security Focus Latest Security Advisories - February 21, 2018 - 12:00am
Radiant CVE-2018-7261 Multiple HTML Injection Vulnerabilities
Categories:

Bugtraq: APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update

Security Focus Latest Security Advisories - February 20, 2018 - 11:00pm
APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update
Categories:

next-20180221: linux-next

Linux Kernel Updates - February 20, 2018 - 10:23pm
Version:next-20180221 (linux-next) Released:2018-02-21

Multiple Persistent XSS vulnerabilities in Radiant Content Management System

BugTraq Latest Security Advisories - February 20, 2018 - 7:18am

Posted by suparna . kachru on Feb 20

*1. Introduction*

Vendor : Radiant
Affected Product : Radiant CMS 1.1.4
Fixed in : NA
Vendor Website : http://radiantcms.org/
Vulnerability Type : Persistent XSS
Remote Exploitable : Yes
CVE External Identifier : CVE-2018-7261

*2. Overview*

Technical Description:

There are multiple Persistent XSS vulnerabilities in Radiant Content Management System. These vulnerabilities exists
due to...
Categories:

Bugtraq: APPLE-SA-2018-02-19-1 iOS 11.2.6

Security Focus Latest Security Advisories - February 20, 2018 - 7:00am
APPLE-SA-2018-02-19-1 iOS 11.2.6
Categories:

Vuln: phpMyAdmin CVE-2018-7260 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - February 20, 2018 - 12:00am
phpMyAdmin CVE-2018-7260 Cross Site Scripting Vulnerability
Categories:

Vuln: ABB netCADOPS Web Application CVE-2018-5477 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - February 20, 2018 - 12:00am
ABB netCADOPS Web Application CVE-2018-5477 Information Disclosure Vulnerability
Categories:

Vuln: Linux Kernel 'drivers/block/floppy.c' Local Security Bypass Vulnerability

Security Focus Latest Security Advisories - February 20, 2018 - 12:00am
Linux Kernel 'drivers/block/floppy.c' Local Security Bypass Vulnerability
Categories:

Vuln: Yab Quarx CVE-2018-7274 Multiple HTML Injection Vulnerabilities

Security Focus Latest Security Advisories - February 20, 2018 - 12:00am
Yab Quarx CVE-2018-7274 Multiple HTML Injection Vulnerabilities
Categories:

Vuln: Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability

Security Focus Latest Security Advisories - February 20, 2018 - 12:00am
Apple iOS/WatchOS/macOS/tvOS CVE-2018-4124 Denial of Service Vulnerability
Categories:

APPLE-SA-2018-02-19-1 iOS 11.2.6

BugTraq Latest Security Advisories - February 19, 2018 - 11:34pm

Posted by Apple Product Security on Feb 19

APPLE-SA-2018-02-19-1 iOS 11.2.6

iOS 11.2.6 is now available and addresses the following:

CoreText
Available for: iPhone 5s and later, iPad Air and later, and
iPod touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4124: an anonymous researcher

Installation note:

This update is available through iTunes...
Categories:

APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update

BugTraq Latest Security Advisories - February 19, 2018 - 11:30pm

Posted by Apple Product Security on Feb 19

APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update

macOS High Sierra 10.13.3 Supplemental Update is now available and
addresses the following:

CoreText
Available for: macOS High Sierra 10.13.3
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4124: an anonymous researcher

Installation note:

macOS High...
Categories:

APPLE-SA-2018-02-19-3 tvOS 11.2.6

BugTraq Latest Security Advisories - February 19, 2018 - 11:28pm

Posted by Apple Product Security on Feb 19

APPLE-SA-2018-02-19-3 tvOS 11.2.6

tvOS 11.2.6 is now available and addresses the following:

CoreText
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4124: an anonymous researcher

Installation note:

Apple TV will periodically check for software updates....
Categories:

APPLE-SA-2018-02-19-4 watchOS 4.2.3

BugTraq Latest Security Advisories - February 19, 2018 - 11:22pm

Posted by Apple Product Security on Feb 19

APPLE-SA-2018-02-19-4 watchOS 4.2.3

watchOS 4.2.3 is now available and addresses the following:

CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4124: an anonymous researcher

Installation note:

Instructions on how to update your Apple Watch software are
available at...
Categories:

[SECURITY] [DSA 4119-1] libav security update

BugTraq Latest Security Advisories - February 19, 2018 - 11:12pm

Posted by Moritz Muehlenhoff on Feb 19

-------------------------------------------------------------------------
Debian Security Advisory DSA-4119-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 19, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libav
CVE ID : CVE-2017-16803

Several security...
Categories: