Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
Mail Thread Index

Mail Thread Index

Date Index

Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590, Atlassian
b2evolution CMS 6.6.0 - 6.8.10 PHP code execution, Anti Räis
CVE-2017-6094 - Genexis GAPS Access Control Vulnerability, Antoine Neuenschwander
[security bulletin] MFSBGN03793 rev.2 - Project and Portfolio Management Center, Multiple vulnerabilities, cyber-psrt
Intel CPU bug forcing page table switch during syscalls?, Pavel Machek
Re "Intel responds to security research findings", Ed Maste
[security bulletin] HPESBHF03803 rev.1 - Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance, Remote Denial of Service and Execution of Code, security-alert
[SECURITY] [DSA 4078-1] linux security update, Yves-Alexis Perez
Icyphoenix 2.2.0.105 - Multiple SQL Injection Vulnerabilities, Vulnerability Lab
SonicWall SonicOS NSA UTM Firewall - Bypass & Persistent Vulnerability, Vulnerability Lab
iJoomla com_adagency 6.0.9 - SQL Injection Vulnerabilities, Vulnerability Lab
Abyss Web Server < v2.11.6 Memory Heap Corruption (hyp3rlinx / apparitionsec), apparitionsec
Wickr Inc - App Clock & Message Deletion Glitch - Bug Bounty, Vulnerability Lab
WpJobBoard v4.4.4 - Multiple SQL Injection Vulnerabilities, Vulnerability Lab
CVE-2017-17055 Artica Web Proxy v3.06 Remote Code Execution (hyp3rlinx / ApparitionSec), apparitionsec
CVE-2017-16884 Mist Server v2.12 Unauthenticated Persistent XSS (hyp3rlinx / ApparitionSec), apparitionsec
[SECURITY] [DSA 4079-1] poppler security update, Moritz Muehlenhoff
Social Media Widget by Acurax [CSRF], Panagiotis Vagenas
- CMS Tree Page View [CSRF, Privilege Escalation], Panagiotis Vagenas
- Admin Menu Tree Page View [CSRF, Privilege Escalation], Panagiotis Vagenas
SonicWall SonicOS NSA Web Firewall - Multiple Web Vulnerabilities, Vulnerability Lab
APPLE-SA-2018-1-8-1 iOS 11.2.2, Apple Product Security
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update, Apple Product Security
APPLE-SA-2018-1-8-3 Safari 11.0.2, Apple Product Security
Response to Meltdown and Spectre, Gordon Tetlow
[SECURITY] [DSA 4081-1] php5 security update, Moritz Muehlenhoff
[SECURITY] [DSA 4080-1] php7.0 security update, Moritz Muehlenhoff
[slackware-security] irssi (SSA:2018-008-01), Slackware Security Team
CVE-2017-17485: one more way of rce in jackson-databind when defaultTyping+objects are used, Imre Rad
[SECURITY] [DSA 4082-1] linux security update, Salvatore Bonaccorso
[security bulletin] HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure., security-alert
Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637), chunibalon
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider Plugin SQL injection Security Vulnerability, DefenseCode
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin SQL injection Security Vulnerability, DefenseCode
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities, DefenseCode
WebKitGTK+ Security Advisory WSA-2018-0001, Carlos Alberto Lopez Perez
[SECURITY] [DSA 4083-1] poco security update, Sebastien Delafond
CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting, Advisories
Flash Operator Panel v2.31.03 - Command Execution Vulnerability, Vulnerability Lab
[SECURITY] [DSA 4084-1] gifsicle security update, Sebastien Delafond
Magento Commerce - SSRF & XSPA Web Vulnerability, Vulnerability Lab
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities, Vulnerability Lab
MagicSpam 2.0.13 - Insecure File Permission Vulnerability, Vulnerability Lab
- <Possible follow-ups>
- MagicSpam 2.0.13 - Insecure File Permission Vulnerability, Vulnerability Lab
Magento Connect T1 - (Claim) Persistent Vulnerability, Vulnerability Lab
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability, Vulnerability Lab
Microsoft Sharepoint 2013 - Limited Access Permission Bypass Vulnerability, Vulnerability Lab
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability, Vulnerability Lab
[security bulletin] HPESBNS03804 rev.1 - HPE NonStop Server, Local Authentication Restriction Bypass, security-alert
[SECURITY] [DSA 4085-1] xmltooling security update, Moritz Muehlenhoff
[security bulletin] HPESBHF03800 rev.1 - HPE Comware 7 MSR Routers, Remote Denial of Service and Local Elevation or Privilege, security-alert
Code execution in Kaseya VSA, Securify B.V.
Arbitrary file read in Kaseya VSA, Securify B.V.
Broken TLS certificate pinning in VTech DigiGo Kid Connect app, Summer of Pwnage
[SECURITY] [DSA 4087-1] transmission security update, Moritz Muehlenhoff
Adminer <= v4.3.1 Server Side Request Forgery, apparitionsec
Broken TLS certificate validation in VTech DigiGo browser, Summer of Pwnage
[SECURITY] [DSA 4086-1] libxml2 security update, Salvatore Bonaccorso
Seagate Media Server allows deleting of arbitrary files and folders, Summer of Pwnage
Authentication bypass in Kaseya VSA, Securify B.V.
Multiple vulnerabilities in VTech DigiGo allow browser overlay attack, Summer of Pwnage
[RT-SA-2017-013] Truncation of SAML Attributes in Shibboleth 2, RedTeam Pentesting GmbH
Zenario v7.6 CMS - SQL Injection Web Vulnerability, Vulnerability Lab
[SECURITY] [DSA 4088-1] gdk-pixbuf security update, Moritz Muehlenhoff
ADVISORY - LiveZilla - Cross-site scripting (XSS) vulnerability in knowledgebase.php - CVE-2017-15869, tim . kretschmann
[SECURITY] [DSA 4089-1] bind9 security update, Salvatore Bonaccorso
[SECURITY] [DSA 4090-1] wordpress security update, Sebastien Delafond
[slackware-security] bind (SSA:2018-017-01), Slackware Security Team
[security bulletin] HPSBGN02925 rev.3 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities, security-alert
[security bulletin] HPESBHF03805 rev.5 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure., security-alert
[security bulletin] HPESBMU03806 rev.1 - HPE IceWall Products, Multiple Remote Unauthorized Disclosure of Information, Unauthorized Modificiation, security-alert
[SECURITY] [DSA 4092-1] awstats security update, Sebastien Delafond
CVE-2017-15713: Apache Hadoop MapReduce job history server vulnerability, Jason Lowe
[SECURITY] [DSA 4093-1] openocd security update, luciano
CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities, Vulnerability Lab
Oracle JDeveloper IDE Directory Traversal CVE-2017-10273 (hyp3rlinx / apparition security), apparitionsec
Photo Vault v1.2 iOS - Insecure Authentication Vulnerability, Vulnerability Lab
Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities, Vulnerability Lab
CentOS Web Panel v0.9.8.12 - Non-Persistent Cross Site Scripting Vulnerabilities, Vulnerability Lab
Acadmic Microsoft - API Query Filter Cross Site Scripting Vulnerability, Vulnerability Lab
CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities, Vulnerability Lab
[SECURITY] [DSA 4094-1] smarty3 security update, Luciano Bello
[security bulletin] HPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure., security-alert
SEC Consult SA-20180123-0 :: XXE & Reflected XSS in Oracle Financial Services Analytical Applications, SEC Consult Vulnerability Lab
DefenseCode ThunderScan SAST Advisory: SugarCRM Community Edition Multiple SQL Injection Vulnerabilities, DefenseCode
APPLE-SA-2018-1-23-5 Safari 11.0.3, Apple Product Security
APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows, Apple Product Security
APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, Apple Product Security
APPLE-SA-2018-1-23-1 iOS 11.2.5, Apple Product Security
APPLE-SA-2018-1-23-3 watchOS 4.2.2, Apple Product Security
APPLE-SA-2018-1-23-7 iCloud for Windows 7.3, Apple Product Security
APPLE-SA-2018-1-23-4 tvOS 11.2.5, Apple Product Security
CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability, Akira Ajisaka
WebKitGTK+ Security Advisory WSA-2018-0002, Carlos Alberto Lopez Perez
[SECURITY] [DSA 4096-1] firefox-esr security update, Moritz Muehlenhoff
[SECURITY] [DSA 4095-1] gcab security update, Salvatore Bonaccorso
[slackware-security] curl (SSA:2018-024-01), Slackware Security Team
[SECURITY] [DSA 4097-1] poppler security update, Moritz Muehlenhoff
[security bulletin] HPESBHF03809 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Authentication Restriction Bypass, security-alert
[security bulletin] HPESBHF03813 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution, security-alert
[security bulletin] HPESBHF03815 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution, security-alert
[security bulletin] HPESBHF03810 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Disclosure of Information, security-alert
[security bulletin] HPESBHF03808 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution, security-alert
KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting Vulnerability, KoreLogic Disclosures
[security bulletin] HPESBHF03812 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Multiple Vulnerabilities, security-alert
[slackware-security] mozilla-thunderbird (SSA:2018-025-01), Slackware Security Team
[security bulletin] HPESBHF03811 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Multiple Vulnerabilities, security-alert
[security bulletin] HPESBHF03814 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Unauthorized Modification, security-alert
[SECURITY] [DSA 4100-1] tiff security update, Moritz Muehlenhoff
[SECURITY] [DSA 4101-1] wireshark security update, Moritz Muehlenhoff
[SECURITY] [DSA 4099-1] ffmpeg security update, Moritz Muehlenhoff
[SECURITY] [DSA 4098-1] curl security update, Alessandro Ghedini
[SYSS-2017-026] Microsoft Surface Hub Keyboard - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks, matthias . deeg
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities, Secunia Research
Defense in depth -- the Microsoft way (part 49): fun with application manifests, Stefan Kanthak
[SECURITY] [DSA 4094-2] smarty3 security update, Luciano Bello
SEC Consult SA-20180131-0 :: Multiple Vulnerabilities in Sprecher Automation SPRECON-E-C, PU-2433, SEC Consult Vulnerability Lab

Mail converted by MHonArc